Re: [core] Bootstrap in draft-ohba-core-eap-based-bootstrapping and draft-garcia-core-security
Behcet Sarikaya <behcetsarikaya@yahoo.com> Tue, 12 July 2011 19:26 UTC
Return-Path: <behcetsarikaya@yahoo.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E742B21F8CFF for <core@ietfa.amsl.com>; Tue, 12 Jul 2011 12:26:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.694
X-Spam-Level:
X-Spam-Status: No, score=-1.694 tagged_above=-999 required=5 tests=[AWL=0.905, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kEXwB7OpH07r for <core@ietfa.amsl.com>; Tue, 12 Jul 2011 12:25:59 -0700 (PDT)
Received: from nm27-vm1.bullet.mail.sp2.yahoo.com (nm27-vm1.bullet.mail.sp2.yahoo.com [98.139.91.233]) by ietfa.amsl.com (Postfix) with SMTP id B2F4221F8C4A for <core@ietf.org>; Tue, 12 Jul 2011 12:25:59 -0700 (PDT)
Received: from [98.139.91.67] by nm27.bullet.mail.sp2.yahoo.com with NNFMP; 12 Jul 2011 19:25:57 -0000
Received: from [98.139.91.44] by tm7.bullet.mail.sp2.yahoo.com with NNFMP; 12 Jul 2011 19:25:57 -0000
Received: from [127.0.0.1] by omp1044.mail.sp2.yahoo.com with NNFMP; 12 Jul 2011 19:25:57 -0000
X-Yahoo-Newman-Property: ymail-5
X-Yahoo-Newman-Id: 199381.48263.bm@omp1044.mail.sp2.yahoo.com
Received: (qmail 63504 invoked by uid 60001); 12 Jul 2011 19:25:56 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1310498756; bh=yU2DpjhTs9iN4MBlNVYwmNrOr0AxHVDwYrq2tKPoDnQ=; h=X-YMail-OSG:Received:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=YGOoYzvk7bZ92YwZnq7ftI1Zk7RSvkLJB43KlZmAkkUKpaiyzVmPHVA2kbtZyrSOVhryBq2xtp4aKUR/RQ3BGYr8XRjHBdwKPF2+Tvg++nk0R5v06hLjeMpKZTjgxjTOcl3lOZbKH7lb8hudtu3tTTm5oDZUUGjqAv6rXH+n1tc=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=cRRl+lp45ZX+R8460ybJY3dgVoHIi4YwDdpUjDMltWyEGSRUAg1a5sHiDUUKk6F/8hu8yIYnSBcxG7gR5doCSUWi3OAAt454AhQYYFtUK6l6Dex7DHB9EOFmhPkyxisOmMKzYmOXOBrQ79JSEdBkHLLmh4XhVklC+BJffm/jKiE=;
X-YMail-OSG: Yv63RBEVM1lZnKTAFIITQyQLbHFmYrRevqq_TGan_vFsw9Y j8Qqb..u2Sv369oElf48mmHnDhhE5HzayyQqnZefRa.NPtEBcS3rvkS766Jh fmlZnDVN6jDr0kXDslRN_nCzn9oLkeAfsazCOvIBB_Ide1vd1jjHOynXAi3G _SV7zXria733YmbV3b2yAyQvfX6gZUYsPoCYo4lzZEbHWNCDXNpQdDIW73Jb bpBcD2iXDSvtlpGGWgvZZA0yF5httdBZuYSB9K6wS3rEsWOGrPyYkQ0.G9v7 Ug.TyZMXaZg4DUZmaKFWQR5mfUq7oqfHIq84EpjSDulPZVHDe1wnf.auLPtf WBJklbsTzZlZ3Tsu0CvvtD24omkhieB9CDPzgQThTyGavex8RXCrUy.gYnWc PZqhhuPAc50Tl_QUwsJ4Ck46tJahoe1g44EKileC4v4_ljysM0PwKCCY_CzF .EUs2TiMrUXtFsx7PTUHCtZ9nTqSVyodbCt6LuvLHgSJziAs45fbgmHWDTX. F3oP1
Received: from [50.58.7.243] by web111406.mail.gq1.yahoo.com via HTTP; Tue, 12 Jul 2011 12:25:55 PDT
X-Mailer: YahooMailRC/572 YahooMailWebService/0.8.112.307740
References: <1310490517.84307.YahooMailRC@web111403.mail.gq1.yahoo.com> <96EBDFA8-7693-4A46-BA3A-6085A790B1DF@gmx.net>
Message-ID: <1310498755.53153.YahooMailRC@web111406.mail.gq1.yahoo.com>
Date: Tue, 12 Jul 2011 12:25:55 -0700
From: Behcet Sarikaya <behcetsarikaya@yahoo.com>
To: core <core@ietf.org>
In-Reply-To: <96EBDFA8-7693-4A46-BA3A-6085A790B1DF@gmx.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Subject: Re: [core] Bootstrap in draft-ohba-core-eap-based-bootstrapping and draft-garcia-core-security
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Behcet Sarikaya <sarikaya@ieee.org>
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/core>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Jul 2011 19:26:04 -0000
Hi Hannes (Kelly and Rene who replied to me only), Let me clarify. I checked the Wiki page, it is about what I talked, i.e. bootstrapping your PC. I am OK with it. In Core WG drafts, draft-ohba is about "bootstrapping" CoAP applications, establishing a secure channel between the CoAP client and CoAP server. As such it assumes a secure IP communication which is what we cover in draft-sarikaya. I think that establishing a secure channel between the CoAP client and CoAP server should not be called bootstrapping. OTOH, draft-garcia is totally chaotic about "bootstrapping". In Section 3 it talks about trust bootstrapping between nodes of different vendors. Then it talks about bootstrapping phase/procedures. Later on they mention the bootstrapping of security keys. Section 5.2 Bootstrapping of a Security Domain In Section 5.2.2 it tries to give a definition to bootstrapping. My suggestions are: for draft-ohba: please do not use bootstrapping, otherwise your draft is clear enough. for draft-garcia: This draft talks about so many things. In most places, what it refers to as bootstrapping and the description match what is covered in the original document which is draft-sarikaya. I suggest removing all those sections about bootstrapping because they are mostly repeating what we already had. Stay with whatever remains and see if it is worth to have such a document. Regards, Behcet > Hi Behcet, > > I agree with you that the term "bootstrapping" is not very helpful. > > There are three cases: > > a) Key Distribution and Key Derivation > > Here an existing keying material is used to derive other keying material or to >use securely distribute keying material. > > draft-ohba-core-eap-based-bootstrapping and > > b) Bootstrapping (in terms of operating systems procedures) > > See description in http://en.wikipedia.org/wiki/Bootstrapping_%28computing%29 > > draft-garcia-core-security seems to refer to this aspect, I believe. > > c) Establishing initial keying material in a leap of faith style. > > Example: Bluetooth pairing protocol > http://tools.ietf.org/html/draft-pritikin-ttimodel-01 also discusses these >aspects. > > Here the terms used are imprinting, pairing, enrollment, and introduction are >used to describe > > > Ciao > Hannes > > On Jul 12, 2011, at 8:08 PM, Behcet Sarikaya wrote: > > > Hi all, > > It seems that the word bootstrapping has been used and overused in so many > > drafts (including draft-ohba-core-eap-based-bootstrapping and > > draft-garcia-core-security) and I suggest that we clarify this. > > > > Colin had a draft on > > Initial Configuration of Resource-Constrained Devices > > called draft-oflynn-6lowapp-bootstrapping submitted on Jan. 2010 in which he > > > defined bootstrapping ashow to initially configure the network. > > > > Later on we continued this work on where Colin left > > indraft-sarikaya-core-sbootstrapping. > > > > I think that the definition Colin gave to bootstrapping is the right one. It > > > matches with the historical use of bootstrapping in computers: you bootstrap > > > your computer to initially configure it by a physical action (pressing a >button) > > > which loads a small record to the memory which when executed bootstraps >(brings > > > the whole OS to the memory) the system. > > > > Regards, > > > > Behcet > > _______________________________________________ > > core mailing list > > core@ietf.org > > https://www.ietf.org/mailman/listinfo/core > >
- [core] Bootstrap in draft-ohba-core-eap-based-boo… Behcet Sarikaya
- Re: [core] Bootstrap in draft-ohba-core-eap-based… Hannes Tschofenig
- Re: [core] Bootstrap in draft-ohba-core-eap-based… Behcet Sarikaya
- Re: [core] Bootstrap in draft-ohba-core-eap-based… Yoshihiro Ohba
- Re: [core] Bootstrap in draft-ohba-core-eap-based… Hannes Tschofenig
- Re: [core] Bootstrap in draft-ohba-core-eap-based… Behcet Sarikaya
- Re: [core] Bootstrap in draft-ohba-core-eap-based… Hannes Tschofenig
- Re: [core] Bootstrap in draft-ohba-core-eap-based… Yoshihiro Ohba