Re: [cicm] [cryptography] IETF Working Group Charter on Common Interface to Cryptographic Modules (CICM)
"Novikov, Lev" <lnovikov@mitre.org> Tue, 21 June 2011 19:20 UTC
Return-Path: <lnovikov@mitre.org>
X-Original-To: cicm@ietfa.amsl.com
Delivered-To: cicm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EAC0E1F0C46 for <cicm@ietfa.amsl.com>; Tue, 21 Jun 2011 12:20:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yS7vwmi5zvsM for <cicm@ietfa.amsl.com>; Tue, 21 Jun 2011 12:20:15 -0700 (PDT)
Received: from smtpksrv1.mitre.org (smtpksrv1.mitre.org [198.49.146.77]) by ietfa.amsl.com (Postfix) with ESMTP id 54FEF1F0C38 for <cicm@ietf.org>; Tue, 21 Jun 2011 12:20:15 -0700 (PDT)
Received: from smtpksrv1.mitre.org (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id 6F24821B11EA; Tue, 21 Jun 2011 15:20:14 -0400 (EDT)
Received: from imchub1.MITRE.ORG (imchub1.mitre.org [129.83.29.73]) by smtpksrv1.mitre.org (Postfix) with ESMTP id 6A62021B0EF3; Tue, 21 Jun 2011 15:20:14 -0400 (EDT)
Received: from IMCMBX3.MITRE.ORG ([129.83.29.206]) by imchub1.MITRE.ORG ([129.83.29.73]) with mapi; Tue, 21 Jun 2011 15:20:14 -0400
From: "Novikov, Lev" <lnovikov@mitre.org>
To: Crypto discussion list <cryptography@randombit.net>
Date: Tue, 21 Jun 2011 15:19:08 -0400
Thread-Topic: [cryptography] IETF Working Group Charter on Common Interface to Cryptographic Modules (CICM)
Thread-Index: AcwwQH0fiSh6ngwjSyi7APC2FyIeoQAAF8Yw
Message-ID: <F9AB58FA72BAE7449E7723791F6993ED062C94D3AF@IMCMBX3.MITRE.ORG>
References: <BANLkTikZYibqv=F+7-uwmGq-F9PmwuxE5w@mail.gmail.com> <BANLkTim1NpU6Hnt=QPNWCqvMBx9SvnKhuw@mail.gmail.com> <F9AB58FA72BAE7449E7723791F6993ED062C94D343@IMCMBX3.MITRE.ORG> <BANLkTinZAP=ZL+mqiZE43fXCpNPiqP8qKg@mail.gmail.com>
In-Reply-To: <BANLkTinZAP=ZL+mqiZE43fXCpNPiqP8qKg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Cc: Nico Williams <nico@cryptonector.com>, "CICM Discussion List (cicm@ietf.org)" <cicm@ietf.org>
Subject: Re: [cicm] [cryptography] IETF Working Group Charter on Common Interface to Cryptographic Modules (CICM)
X-BeenThere: cicm@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: CICM Discussion List <cicm@ietf.org>
List-Id: CICM Discussion List <cicm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cicm>, <mailto:cicm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/cicm>
List-Post: <mailto:cicm@ietf.org>
List-Help: <mailto:cicm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cicm>, <mailto:cicm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jun 2011 19:20:17 -0000
Cross-posted on <cicm@ietf.org>. This is a discussion that started on the Cryptography mailing list: http://lists.randombit.net/pipermail/cryptography/2011-June/000940.html NOTE: You need to be a member to post on either list. RandomBit: http://lists.randombit.net/mailman/listinfo/cryptography IETF: https://www.ietf.org/mailman/listinfo/cicm Nico, On 2011-06-21 14:25, Nico Williams wrote: > Even so, what value does this add over, any of the APIs and frameworks > we already have? > > If the issue is ensuring that you are able to login to tokens, why not > add suitable extensions to the GSS-API (basically a single function)? The issue is much broader. For example, here's a quote from RFC 2743 (GSS-API v2.1): > The client generates a data message and passes it to GSS_Wrap(). > GSS_Wrap() performs data origin authentication, data integrity, and > (optionally) confidentiality processing on the message and > encapsulates the result into output_message, indicating > GSS_S_COMPLETE status. The client sends the output_message to the > server. This makes sense for many devices and environments. However, high assurance environments are more varied. For example, you may have two processes that control (in a mutually exclusive manner) the channel creation and negotiation (a Controller in CICM-speak) and the data flow on the channel (Stream). Another example: In existing APIs, you can perform two operations by applying each operation in sequence on the plaintext (e.g., encrypt and sign). However, high assurance module often support atomic "hybrid" operations which cannot be accomplished with existing APIs when the data that is provided to the module does not return back to the calling program. I understand the desire to avoid creating new APIs when there are so many existing ones (surely one of them should do the trick!?). However, the feedback from users and vendors is that the underlying logical models of their devices is sufficiently different (and varied) from what existing APIs assume that it is difficult to retrofit their concepts and requirements into those APIs. Among other reasons, this is why there is such a proliferation of proprietary APIs in these environments (which CICM is trying to unify, abstract, and standardize). Lev
- Re: [cicm] [cryptography] IETF Working Group Char… Novikov, Lev