[cicm] CICM Channels and GSS (was Re: IETF Working Group Charter on Common Interface to Cryptographic Modules (CICM))
Nico Williams <nico@cryptonector.com> Fri, 24 June 2011 00:07 UTC
Return-Path: <nico@cryptonector.com>
X-Original-To: cicm@ietfa.amsl.com
Delivered-To: cicm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68A9711E80D8 for <cicm@ietfa.amsl.com>; Thu, 23 Jun 2011 17:07:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.841
X-Spam-Level:
X-Spam-Status: No, score=-2.841 tagged_above=-999 required=5 tests=[AWL=-0.864, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZhmqNTM21JkV for <cicm@ietfa.amsl.com>; Thu, 23 Jun 2011 17:07:56 -0700 (PDT)
Received: from homiemail-a70.g.dreamhost.com (caiajhbdcagg.dreamhost.com [208.97.132.66]) by ietfa.amsl.com (Postfix) with ESMTP id 9C4CB11E8086 for <cicm@ietf.org>; Thu, 23 Jun 2011 17:07:56 -0700 (PDT)
Received: from homiemail-a70.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a70.g.dreamhost.com (Postfix) with ESMTP id 3FED2768059 for <cicm@ietf.org>; Thu, 23 Jun 2011 17:07:56 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; c=nofws; d=cryptonector.com; h=mime-version :date:message-id:subject:from:to:cc:content-type: content-transfer-encoding; q=dns; s=cryptonector.com; b=GwjAvTq6 PtzZw7kgA/8tvD04h1r89/9tqRx5jWzURGtKKzIK6XRczq6ON9A9tBDqf02I2JON 5ZKOpbIOgc7ZcqKWQPSOpGEBn44xHHMzVTD4QaxXgAU971Ua1xYeervlRUTwsNpU uVnH+pzOf2zPjQFoZ2Fg9of0Qe8vZLbK64Y=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:date:message-id:subject:from:to:cc:content-type: content-transfer-encoding; s=cryptonector.com; bh=qeJS4YpaCub+/o 0NtJ2rwFcPkYk=; b=JawPifvR34BVuU3FR8F0ANId8ZrSJaJVm+iaEr7qMFPzug hsymi5JonhABDN0VghJex1k0shwvukWZDrUe45J2iMw2oMqFp1SCrom1U8Cm98lW d2QroFg7Cif8hkIPuUxhAWGMlYz414KEYg+sdEhXhCcRus5eNY6OpzyN6Zoho=
Received: from mail-pw0-f44.google.com (mail-pw0-f44.google.com [209.85.160.44]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a70.g.dreamhost.com (Postfix) with ESMTPSA id 23A98768058 for <cicm@ietf.org>; Thu, 23 Jun 2011 17:07:56 -0700 (PDT)
Received: by pwj5 with SMTP id 5so1637783pwj.31 for <cicm@ietf.org>; Thu, 23 Jun 2011 17:07:55 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.68.17.103 with SMTP id n7mr1405615pbd.73.1308874075717; Thu, 23 Jun 2011 17:07:55 -0700 (PDT)
Received: by 10.68.41.167 with HTTP; Thu, 23 Jun 2011 17:07:55 -0700 (PDT)
Date: Thu, 23 Jun 2011 19:07:55 -0500
Message-ID: <BANLkTikstTXmqyiuWtZCFwe1JSwKAX2_-A@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: "Novikov, Lev" <lnovikov@mitre.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Cc: Crypto discussion list <cryptography@randombit.net>, "CICM Discussion List (cicm@ietf.org)" <cicm@ietf.org>
Subject: [cicm] CICM Channels and GSS (was Re: IETF Working Group Charter on Common Interface to Cryptographic Modules (CICM))
X-BeenThere: cicm@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: CICM Discussion List <cicm@ietf.org>
List-Id: CICM Discussion List <cicm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cicm>, <mailto:cicm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/cicm>
List-Post: <mailto:cicm@ietf.org>
List-Help: <mailto:cicm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cicm>, <mailto:cicm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jun 2011 00:07:57 -0000
On Tue, Jun 21, 2011 at 2:19 PM, Novikov, Lev <lnovikov@mitre.org> wrote: > Cross-posted on <cicm@ietf.org>. > This is a discussion that started on the Cryptography mailing list: > http://lists.randombit.net/pipermail/cryptography/2011-June/000940.html > > NOTE: You need to be a member to post on either list. > RandomBit: http://lists.randombit.net/mailman/listinfo/cryptography > IETF: https://www.ietf.org/mailman/listinfo/cicm I suggest that you allow posts by non-subscribers who are subscribers of any IETF lists -- I cannot subscribe to every IETF list. > On 2011-06-21 14:25, Nico Williams wrote: >> Even so, what value does this add over, any of the APIs and frameworks >> we already have? >> >> If the issue is ensuring that you are able to login to tokens, why not >> add suitable extensions to the GSS-API (basically a single function)? > > The issue is much broader. > > For example, here's a quote from RFC 2743 (GSS-API v2.1): >> The client generates a data message and passes it to GSS_Wrap(). >> GSS_Wrap() performs data origin authentication, data integrity, and >> (optionally) confidentiality processing on the message and >> encapsulates the result into output_message, indicating >> GSS_S_COMPLETE status. The client sends the output_message to the >> server. > > This makes sense for many devices and environments. However, high > assurance environments are more varied. For example, you may have two > processes that control (in a mutually exclusive manner) the channel > creation and negotiation (a Controller in CICM-speak) and the data flow > on the channel (Stream). Nothing stops you from building an application that has several sub-channels built on existing technologies. I'd be happy with you specifying such a protocol as long as it is on top of existing secure channel technology, or, as long as you show why that just won't do (I'm open to that possibility). (I could also end up on the rough side of consensus, but I'd rather make CICM palatable to a larger audience.) Also, you can structure privilege separation with only one channel. And you can bind multiple authentications into one channel (for an example of this see RPCSEC_GSSv3[0]). You'll want to make sure that you cover why such alternatives are not appropriate. > Another example: > In existing APIs, you can perform two operations by applying each > operation in sequence on the plaintext (e.g., encrypt and sign). Not in the GSS-API. GSS wrap tokens cover both, confidentiality (optional) and integrity protection automatically for you; no need to think about how to do authenticated encryption. > However, high assurance module often support atomic "hybrid" operations > which cannot be accomplished with existing APIs when the data that is > provided to the module does not return back to the calling program. Do you mean AE and/or AEAD cipher modes? The GSS-API most certainly precludes neither (see above). > I understand the desire to avoid creating new APIs when there are so > many existing ones (surely one of them should do the trick!?). However, > the feedback from users and vendors is that the underlying logical > models of their devices is sufficiently different (and varied) from what > existing APIs assume that it is difficult to retrofit their concepts and Some of the experts you need are in the KITTEN WG. I'm sure KITTEN WG participants will be happy to talk to you about these issues, or to put you in contact with other KITTEN WG participants. We have been *adding* to the GSS-API to make it meet our needs. Surely you might consider the same approach? > requirements into those APIs. Among other reasons, this is why there is > such a proliferation of proprietary APIs in these environments (which CICM > is trying to unify, abstract, and standardize). Whereas I suspect that proprietary APIs proliferate due to either a) a vendor's desire to keep their APIs proprietary, b) accidental ignorance of existing alternatives. In this case it seems I have to educate myself as to your needs, but I'm not sure that you and/or other CICM proponents are really up to date on the GSS-API. I don't mean that you should be an expert in the GSS-API before setting out to build something like CICM, but it would be good to make sure that CICM, or parts of it, are not predicated on misconceptions about existing APIs. [0] http://tools.ietf.org/html/draft-ietf-nfsv4-rpcsec-gssv3-00 Nico --
- [cicm] CICM Channels and GSS (was Re: IETF Workin… Nico Williams
- Re: [cicm] CICM Channels and GSS (was Re: IETF Wo… Novikov, Lev
- Re: [cicm] CICM Channels and GSS (was Re: IETF Wo… Nico Williams