Re: [Anima] Homogeneous vs. heterogeneous trust domains (Re: What elements of IETF ANIMA can be used for I2NSF?)
"Michael Behringer (mbehring)" <mbehring@cisco.com> Tue, 28 October 2014 10:57 UTC
Return-Path: <mbehring@cisco.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2CBE11A1B86 for <anima@ietfa.amsl.com>; Tue, 28 Oct 2014 03:57:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l9NS4zBcOKZx for <anima@ietfa.amsl.com>; Tue, 28 Oct 2014 03:57:40 -0700 (PDT)
Received: from alln-iport-2.cisco.com (alln-iport-2.cisco.com [173.37.142.89]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A5E0C1A1B8A for <anima@ietf.org>; Tue, 28 Oct 2014 03:57:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3131; q=dns/txt; s=iport; t=1414493860; x=1415703460; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=bQOr8Um7mDyRJBbwEEfqAuN6FwjWlg/QvCxwW+IMwOA=; b=f+OAmbo+WULb7U1ajBl48nJxe45We5pH0CwkTT33xNuO7UhXx0sB5rKh DDDrPiMvJiqcAoZ0HmjSFC1j0cNL7cMcBleasobzWLVQXXefPXXoPvnhd EeqhlWJvoFaJ2HYGsa6m8pwo0CqTAkqO6nPuWdIYh19fJyi0h5lUxEfNY A=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgkFAFl1T1StJA2J/2dsb2JhbABcgw6BLATVfgKBHRYBfYQCAQEBBDo6BQwEAgEIEQQBAQEKFAUEByERFAkIAgQBDQUIE4gRAxLETw2GOAEBAQEBAQEBAQEBAQEBAQEBAQEBAReOToIJMQcGgyeBHgEEkgeJSZFihl2CNIFEbAGBR4EDAQEB
X-IronPort-AV: E=Sophos;i="5.04,802,1406592000"; d="scan'208";a="90985088"
Received: from alln-core-4.cisco.com ([173.36.13.137]) by alln-iport-2.cisco.com with ESMTP; 28 Oct 2014 10:57:39 +0000
Received: from xhc-rcd-x13.cisco.com (xhc-rcd-x13.cisco.com [173.37.183.87]) by alln-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id s9SAvdL7018614 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 28 Oct 2014 10:57:39 GMT
Received: from xmb-rcd-x14.cisco.com ([169.254.4.159]) by xhc-rcd-x13.cisco.com ([173.37.183.87]) with mapi id 14.03.0195.001; Tue, 28 Oct 2014 05:57:39 -0500
From: "Michael Behringer (mbehring)" <mbehring@cisco.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>, Brian E Carpenter <brian.e.carpenter@gmail.com>
Thread-Topic: [Anima] Homogeneous vs. heterogeneous trust domains (Re: What elements of IETF ANIMA can be used for I2NSF?)
Thread-Index: AQHP7vl5rqomTnVCSkOSUuYStXVkopw+uR0AgAS8OYCAAAyGgIAAFXcAgACegAD///AFAA==
Date: Tue, 28 Oct 2014 10:57:39 +0000
Message-ID: <3AA7118E69D7CD4BA3ECD5716BAF28DF21C9DAAA@xmb-rcd-x14.cisco.com>
References: <4A95BA014132FF49AE685FAB4B9F17F645E2074F@dfweml701-chm> <54495813.4050703@gmail.com> <54495A00.4000302@gmail.com> <54499D7E.4060007@gmail.com> <20141027004833.GA4665@cisco.com> <12570.1414373603@sandelman.ca> <544DB2E4.5020808@gmail.com> <17335.1414412250@sandelman.ca>
In-Reply-To: <17335.1414412250@sandelman.ca>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.61.173.215]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/anima/ivh08X1tQvEoNIh9d5KSkNdwoms
Cc: "anima@ietf.org" <anima@ietf.org>
Subject: Re: [Anima] Homogeneous vs. heterogeneous trust domains (Re: What elements of IETF ANIMA can be used for I2NSF?)
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Oct 2014 10:57:42 -0000
Toerless summed it up nicely. Inside a domain (for example, an enterprise network), you want a single trust domain. The owner of that enterprise network wants all those devices under one trust anchor. (Of course he can create sub-domains, or several domains). Before they form part of a single domain, devices come from various vendors, or are imprinted in various ways. In that part there are many trust domains. As Brian points out, some domains will accept a call home functions, others will not. Bottom line: We need a process which gets devices from various origins and trust domains, and various ways to initialise them to a single trust domain, for example an enterprise network. draft-pritikin-bootstrapping-keyinfrastructures tries to explain what this process could look like. Michael [typing this offline on a plane - apologies I don't respond to the latest message] > -----Original Message----- > From: Anima [mailto:anima-bounces@ietf.org] On Behalf Of Michael > Richardson > Sent: 27 October 2014 13:18 > To: Brian E Carpenter > Cc: anima@ietf.org > Subject: Re: [Anima] Homogeneous vs. heterogeneous trust domains (Re: > What elements of IETF ANIMA can be used for I2NSF?) > > > Brian E Carpenter <brian.e.carpenter@gmail.com> wrote: > >> Toerless Eckert <eckert@cisco.com> wrote: > I hope you are both right > >> but talk about different stages. > >> > >> > We want common trust anchors for the running autonomic network > and > > >> those ultimately should be defined by the owner of the network. But > > >> during enrollment of devices into that owners network, the > >> manufacturer > installed certificate and trust-points in the > >> to-be-enrolled devices > will differ by vendor. > >> > >> Yes from me. This is the critical part that we (an SDO) has to get > >> right. > > > That might be the way to do it. But another way is that when an > > operator receives a new box, the box goes to a central place to have a > > locally generated key pair and certificate installed, before going to > > the warehouse for a later truck roll. I don't think we can exclude that > > solution for a highly paranoid operator, who wants absolutely no > > traffic about the enrollment to go outside. I think we need to keep > > both options open. > > I don't see this as two options. It's one. > > All that you've said is that the operator did the initial imprinting in > the warehouse rather than in the field. If all boxes in the field have been > imprinted in this way, then there are no additional trust issues. > If some have been installed this way, and some have not, perhaps there are > bridge CAs needed to enable to the imprinted boxes to trust the "stock" > machines. > > Why do you think that this is two ways? Maybe I'm missing something. > > > > > > -- > Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works > -= IPv6 IoT consulting =- > >
- [Anima] What elements of IETF ANIMA can be used f… Linda Dunbar
- Re: [Anima] What elements of IETF ANIMA can be us… Brian E Carpenter
- [Anima] Homogeneous vs. heterogeneous trust domai… Rene Struik
- Re: [Anima] Homogeneous vs. heterogeneous trust d… Brian E Carpenter
- Re: [Anima] Homogeneous vs. heterogeneous trust d… Toerless Eckert
- Re: [Anima] Homogeneous vs. heterogeneous trust d… Michael Richardson
- Re: [Anima] Homogeneous vs. heterogeneous trust d… Brian E Carpenter
- Re: [Anima] Homogeneous vs. heterogeneous trust d… Michael Richardson
- Re: [Anima] Homogeneous vs. heterogeneous trust d… Brian E Carpenter
- Re: [Anima] Homogeneous vs. heterogeneous trust d… Michael Richardson
- Re: [Anima] Homogeneous vs. heterogeneous trust d… Michael Behringer (mbehring)
- Re: [Anima] Homogeneous vs. heterogeneous trust d… Michael Richardson