IETF Logo Mail Archive

Re: [Anima] [Ace] Proposing document draft-amsuess-ace-brski-ace-00

Michael Richardson <mcr+ietf@sandelman.ca> Thu, 20 July 2023 18:35 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 00E71C151062; Thu, 20 Jul 2023 11:35:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sandelman.ca
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v14Vo1nmkjxF; Thu, 20 Jul 2023 11:35:18 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 90D1DC14CE42; Thu, 20 Jul 2023 11:35:11 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id E248B38990; Thu, 20 Jul 2023 14:35:10 -0400 (EDT)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id lGz8l-HB1EC0; Thu, 20 Jul 2023 14:35:10 -0400 (EDT)
Received: from sandelman.ca (unknown [IPv6:2607:f0b0:f:2:40a:34ff:fe10:f571]) by tuna.sandelman.ca (Postfix) with ESMTP id E9EC63898F; Thu, 20 Jul 2023 14:35:09 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sandelman.ca; s=mail; t=1689878109; bh=wt5Gdo7IZGbmfM6xzxkB+HtY0ZI8K4GM1n1+4xc2s98=; h=From:To:Subject:In-Reply-To:References:Date:From; b=OOTMhN/8K5a/oSrnua6sG9jzDm4zOMoHw/d2Ea5z/DUgzuDZMVMckmR3ZDGP3AE8p iLe2TFpRLCQIXiU0GI7uUF27v5HH9Rx4HhXgJ+kSxsDqgvdtjxbaa8kLZev2rlqjHZ rJjZqTq3S9xRaUyCCJfvx6yxPt96Y+ssHjxIvAgO1x0i6jQDGiuZYyIWcKlPnDAep2 /bAA9C1c9t5gUqdMR9HMaXcbXFxiDkC1n1JmfgV0Qe/0hX6qB4i9UQ8DN2N8iv/pOi a51IowCGmkG6gEW3b4mgK+nMsxPBPbkLt547pu/cn0CNCnrFaFUk88gZ7jrp56EXYu i35qD0Lqjd8hQ==
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id D28576B; Thu, 20 Jul 2023 14:35:09 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Christian =?iso-8859-1?Q?Ams=FCss?= <christian@amsuess.com>, ace@ietf.org, anima@ietf.org
In-Reply-To: <ZLlQEeeDhjSFgi5B@hephaistos.amsuess.com>
References: <ZK8TLhCiiR/lR1Bc@hephaistos.amsuess.com> <25968.1689198750@localhost> <ZLlQEeeDhjSFgi5B@hephaistos.amsuess.com>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 27.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Thu, 20 Jul 2023 14:35:09 -0400
Message-ID: <23437.1689878109@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/dRFJFYnUxk2h9fm1Uzpn0uAzKFA>
Subject: Re: [Anima] [Ace] Proposing document draft-amsuess-ace-brski-ace-00
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jul 2023 18:35:24 -0000

Christian Amsüss <christian@amsuess.com> wrote:
    > On Wed, Jul 12, 2023 at 05:52:30PM -0400, Michael Richardson wrote:
    >> IN section 1.1, without having given a picture of what you are doing
    >> you start to say: "The alternative to this constraint is to declare
    >> this a blob" and this is really distracting to understanding what you
    >> *ARE* doing.

    > I think it's important, when limiting a reader's options, to point them
    > at what else they could do. I've created issue [1] for the time being
    > to not lose this, for I want to both resolve it for smooth reading and
    > keep all the pointers around.

All I'm saying is that it's an objection/diversion of thought essentially mid-sentence.
I'm not saying to remove it, I'm saying that is seriously distracts the reader.

    > [1]: https://gitlab.com/chrysn/brski-ace/-/issues/1

    >> "the pledge initiates EDHOC to the lake-authz.arpa anycast address,
    >> sending an encrypted identifier for its MASA (party W) in EAD_1."
    >>
    >> This sounds like it's a new thing, but I think it's just the
    >> lake-authz step one, right?

    > It is; a wording enhancement will be in the editor's copy soon.

Good.

    > If this is pursued in its YANG form (even partially), then I suppose
    > that the draft would only serve as a staging ground for the extra YANG
    > statements, with hopes to be sufficiently mature in time to be merged
    > into constrained-voucher before the batch is through. (No clue how
    > realistic that is right now).

Basically what I get from OPSAWG's publication of YANG modules is that they
go into a new RFC, with *JUST* the YANG module and when we need to revise the
YANG in anyway, a new RFC is published.
For instance https://datatracker.ietf.org/doc/rfc9418/ and RFC9417.

    >> My impression is that you don't really want the *MANUFACTURER*
    >> (authorized) to send down some ACE keying material.  That is, Volvo
    >> shouldn't be sending your car a key to open your building garage door,
    >> rather, your building owner should be.
    >>
    >> So, augmenting the voucher, which comes from the Manufacuter (MASA,
    >> aka W) to your pledge is wrong.  You want the ACE Authorization
    >> Server, aka V, to actually send the right keys.
    >>
    >> I think that either you want to use the new V/W relationship that
    >> EDHOC, lake-authz setup to send the keys in message 4, or you want to
    >> do a new FETCH on some some new resource to get them.

    > My hope has been that like with BRSKI where a domain CA public key can
    > be shipped right with the voucher, so I hoped to replicate the same
    > slimness here. IIUC, a device can use BRSKI to enroll DTLS credentials
    > without the need to do GETs to the registrar's /crts and the /s(r)en
    > interactions.

So draft-ietf-anima-constrained-voucher, has some optimizations that can
sometimes let the pledge skip the /crts, but why is that interaction so expensive?
Note that in lake-authz, the voucher isn't actually sent, rather just the
signature on what we expected to see in the voucher.... so extensions to the
voucher would be difficult to do.

    > Revisiting what cBRSKI can do, maybe I was wrong, and only the /crts
    > (and not the /s(r)en) part has an equivalence in BRSKI. Is that an
    > equivalence (between /crts and pinned-domain-cert)? And if so: Why can
    > the registrar not take a certificate request in the PVR and send the
    > result of /sen on to the pledge through the RVR?

So if I understand you, you'd like to avoid additional round trips by
stacking the certificate request with the PVR.   BRSKI-PRM does *exactly*
that, because in the store-and-forward ("DTN") nature of PRM, round trips
involve people walking up/down stairs.

In PRM we assume HTTP(S), and TCP and networks without much in the way of
challenge.  So transfering a few tens of kilobytes shouldn't be a concern,
and of course it will take multiple TCP segments.

In a challenged network I don't understand making any step of the transaction
bigger than 1200, or even close to that, rather than just doing a second
transaction.  Block mode seems less reliable from a state machine point of
view than a second transaction.

    > Or did I get things so wrong that everything in the voucher was only to
    > establish the first secure connection, and getting /crts etc is a
    > necessary next step anyway?

Yes, in general, that's the case.
https://www.sandelman.ca/SSW/talks/brski/brski-animation.pdf
slide 117.  Screencasts linked from https://brski.org/brski-impls.html

    > But then, looking at CoJP-over-authz, how does the pledge learn any
    > further keys and identities? Would it follow up the message_3 CoJP
    > request and the CoJP response with more requests in the same OSCORE
    > context that est-oscore requests (to get a DTLS context), or the next
    > version of this document's exchange? That'd mean that party V needs to
    > serve both as a JRC and DTLS/OSCORE data -- nothing I'd rule out, just
    > something that wouldn't have been apparent to me from the documents
    > I've read so far.

Why would you need a DTLS context?
I would think it would be okay to use the OSCORE context directly.
There are some elements here where I worry that we need some signaling from
Registrar to Pledge as to which flavour of onboarding is supported and/or
pledge is expected to do.  I think this will be a problem, but it's a problem
I welcome.

    > PS. It may make sense to meet on IETF117 hallways and chat on this some
    > more. It's too narrow a topic for a side meeting, but if there is
    > anyone else who may join in, we may want to pick a time for when and
    > where to chat. (I'm only there remotely this time).

pick a "morning" in gather.town.
I'm also remote.  Maybe Wednesday before ANIMA.

--
Michael Richardson <mcr+IETF@sandelman.ca>   . o O ( IPv6 IøT consulting )
           Sandelman Software Works Inc, Ottawa and Worldwide

v2.23.0 | Report a Bug | By Email