Re: [Gen-art] Gen-ART last call review of draft-ietf-mile-rfc6046-bis-05

[Brian Trammell <trammell@tik.ee.ethz.ch>]

Hi, Peter, Alexey, all,

On Jan 19, 2012, at 8:34 PM, Peter Saint-Andre wrote:

> On 1/19/12 10:32 AM, Alexey Melnikov wrote:
>> Hi Brian,
>> 
>> On 19/01/2012 09:48, Brian Trammell wrote:
>>> On Jan 18, 2012, at 7:01 PM, Alexey Melnikov wrote:
>>>> On 18/01/2012 17:43, Alexey Melnikov wrote:
>>>>> Hi Brian,
>>>>> 
>>>>> On 18/01/2012 16:16, Brian Trammell wrote:
>>>>>> On Jan 18, 2012, at 3:38 PM, Alexey Melnikov wrote:
>>>>>> 
>>>>>> Actually, since the binding between RID and a PKI is better defined
>>>>>> in rfc6045-bis, 6046-bis now refers to it, as follows:
>>>>>> 
>>>>>>    Each RID system SHOULD authenticate its peers via a PKI as
>>>>>> detailed
>>>>>>    in Section 9.3 of [I-D.ietf-mile-rfc6045-bis].
>>>>>> 
>>>>>> Would this address the concern?
>>>>> Let me check.
>>>> So the text in rfc6045bis seems to suggest that all server
>>>> certificates will be verified based on some prior arrangement. Is my
>>>> understanding correct?
>>> Yes; in essence, a RID consortium is "closed".
>> I think that this approach is unwise, because this wouldn't scale. But
>> if nobody else see a problem with this, I will let it go.
> 
> I have a problem with it.
> 
> Version -05 said:
> 
>   Each RID consortium SHOULD use a trusted public key infrastructure
>   (PKI) to manage identities for RID systems participating in TLS
>   connections.  At minimum, each RID system MUST trust a set of X.509
>   Issuer identities ("Certificate Authorities") [RFC5280] to directly
>   authenticate RID system peers with which it is willing to exchange
>   information, and/or a specific white list of X.509 Subject identities
>   of RID system peers.
> 
>   RID systems MUST provide for the verification of the identity of a
>   RID system peer presenting a valid and trusted certificate, by
>   verifying the fully-qualified domain name and service name from the
>   DNS SRV record, if available, against that stored in the certificate,
>   as in Section 6 of [RFC6125].
> 
> In version -06, that was replaced with:
> 
>   Each RID system SHOULD authenticate its peers via a PKI as detailed
>   in Section 9.3 of [I-D.ietf-mile-rfc6045-bis].
> 
> As far as I can see, a RID system is not the same as a RID consortium.
> Even if every RID system is a member of such a consortium, it seems like
> a bad idea to leave the authentication rules up to the consortium,
> without providing any sort of guidance. Version -05 at least pointed to
> RFC 6125. Since 6046bis is the HTTPS/TLS binding only, it might be more
> appropriate to point to RFC 2818 here instead of RFC 6125, but I think
> we need to say *something* about how authentication works (matching of
> endpoint identities and such) instead of hoping that consortia get the
> security right.


Okay; how about the following (including Alexey's comments from the previous review, and pointing more specifically to 6125)

    <t>RID systems MUST verify the identity of their peers against that stored
    in the certificate presented, as in section 6 of <xref target="rfc6125"/>.
    As RID systems are identified not by URI and RID does not use DNS SRV
    records, they are identified solely by their DNS Domain Names; see Section
    6.4 of <xref target="rfc6125"/>. General information on the use of PKI
    with RID systems is detailed in Section 9.3 of <xref
    target="I-D.ietf-mile-rfc6045-bis"/>.</t>

Cheers,

Brian