IETF Logo Mail Archive

Re: [Anima] Adam Roach's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)

"Joel M. Halpern" <jmh@joelhalpern.com> Mon, 15 July 2019 21:42 UTC

Return-Path: <jmh@joelhalpern.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 662BD120194 for <anima@ietfa.amsl.com>; Mon, 15 Jul 2019 14:42:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=joelhalpern.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id USazyEvUFW8H for <anima@ietfa.amsl.com>; Mon, 15 Jul 2019 14:42:54 -0700 (PDT)
Received: from maila2.tigertech.net (maila2.tigertech.net [208.80.4.152]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 462C6120228 for <anima@ietf.org>; Mon, 15 Jul 2019 14:42:54 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by maila2.tigertech.net (Postfix) with ESMTP id 45ncTB1Swfz15Ky8; Mon, 15 Jul 2019 14:42:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=joelhalpern.com; s=2.tigertech; t=1563226974; bh=viEMeihZgTE4vNuYW6KVyyhXjTaQbc8kztpB+IZSVhU=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=mSK6MTmlsDc3YzCdmesWjVfT5xPobIrC0W4JcpmpP5tPVDfJSyEuzkFRlPCETHuq+ g+McuTMX5C3EGz0z1FSGb7zi0/l4DHWN2jk/biDs0S/RMVvyzB8/NdzFP7eudTJf3m ehrCzVjSjZKhBE0z4LTLWZNzTpyGJv9QTFElDZlM=
X-Virus-Scanned: Debian amavisd-new at maila2.tigertech.net
Received: from [172.20.7.244] (209-255-163-147.ip.mcleodusa.net [209.255.163.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by maila2.tigertech.net (Postfix) with ESMTPSA id 45ncT93Rh8z15Kx3; Mon, 15 Jul 2019 14:42:53 -0700 (PDT)
To: Eliot Lear <lear@cisco.com>
Cc: anima@ietf.org, Adam Roach <adam@nostrum.com>
References: <156282703648.15280.17739830959261983790.idtracker@ietfa.amsl.com> <17580.1562874933@localhost> <ACEB4033-707F-47AF-B58A-5227B444BEAB@cisco.com> <E2DA8D30-805E-478D-925D-534C04A0727F@cisco.com> <8869.1563140002@dooku.sandelman.ca> <cedc515e-22ab-94a9-e6ef-c55b345687ba@joelhalpern.com> <376eee31-0264-38a8-1d32-901bb1a0671b@gmail.com> <9e341730-dc47-8860-47d4-6421ab04d0dc@nostrum.com>
From: "Joel M. Halpern" <jmh@joelhalpern.com>
Message-ID: <6ecdae7f-4fb7-d9fc-f19f-bf742c6fe83c@joelhalpern.com>
Date: Mon, 15 Jul 2019 17:42:50 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0
MIME-Version: 1.0
In-Reply-To: <9e341730-dc47-8860-47d4-6421ab04d0dc@nostrum.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/gXkNM6-o7HOrYb5cSNm1EhmgDA0>
Subject: Re: [Anima] Adam Roach's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jul 2019 21:43:03 -0000

I would probably go a step further than Adam.  Protecting the device so 
a thief can not use it in the thiefs' own network seems to me to be 
something that we should not be trying to achieve.  An active non-goal. 
It is not our problem.  And trying to achieve it has the implications 
that lead to this whole discussion about the original manufacturer 
controlling who can resell / re-buy the device.  While manufacturers may 
like that, it does not seem to be something we should get involved in. 
At all.

Yours,
Joel

On 7/15/2019 5:10 PM, Adam Roach wrote:
> On 7/15/19 3:38 PM, Brian E Carpenter wrote:
>> On 15-Jul-19 16:45, Joel M. Halpern wrote:
>>> I presume I am missing something basic.
>>> I have tried to follow this discussion, as it seems to be about a
>>> critical aspect of whether the BRSKI work is acceptable.
>>>
>>> I have assumed that what we needed is the ability for a buyer, who has
>>> physical possession of the device, and possibly some simple (non
>>> cryptographic) credentials provided by the seller to force the device to
>>> reset what it thinks it is part of, and to emit in some accessible form
>>> the information the buyer needs to be able to make this device part of
>>> his network, using his authentication servers, etc.
>> Yes, but *not* a solution that works if the device is stolen.
> 
> 
> I'm actually a little ambivalent with respect to this use case. For the 
> kind of devices that the document purports to be targeting, I would 
> imagine that theft is in the range of parts-per-thousand (or lower) as 
> compared to things like post-bankruptcy liquidation. If you can fix the 
> first without ruining the second, great.
> 
> /a
>

v2.23.0 | Report a Bug | By Email