[Iot-onboarding] Fwd: [Anima] Benjamin Kaduk's Yes on draft-ietf-anima-bootstrapping-keyinfra-40: (with COMMENT)

Eliot Lear <lear@cisco.com> Fri, 03 April 2020 06:50 UTC

Return-Path: <lear@cisco.com>
X-Original-To: iot-onboarding@ietfa.amsl.com
Delivered-To: iot-onboarding@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 93AA03A10CB for <iot-onboarding@ietfa.amsl.com>; Thu, 2 Apr 2020 23:50:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.6
X-Spam-Status: No, score=-9.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id ZdCTHz3PCWFn for <iot-onboarding@ietfa.amsl.com>; Thu, 2 Apr 2020 23:50:06 -0700 (PDT)
Received: from aer-iport-2.cisco.com (aer-iport-2.cisco.com []) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 81B693A10C7 for <iot-onboarding@ietf.org>; Thu, 2 Apr 2020 23:50:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=23269; q=dns/txt; s=iport; t=1585896605; x=1587106205; h=from:mime-version:subject:message-id:references:to:date; bh=y8B9CqJpDcNs5ipN2q16W5nHU5I+dRFkOq6o7YpJjdU=; b=Tx4D48YBmj6xNTbTM6foKzJ3V2VSQC3sXVgT5Fg7L/bPgq71V1PPE84L oyAjaz0p8j8tzxd+Rk9ueD/V81FBbnMtIfUK9hvyzwQj9uumXPEVw01WU alZLymOfzR+XgXt6RLorUDqKBjvZVF5MKgr73+wHEA3UQHoqyyumTDxRs k=;
X-IronPort-AV: E=Sophos; i="5.72,338,1580774400"; d="scan'208,217"; a="25017328"
Received: from aer-iport-nat.cisco.com (HELO aer-core-2.cisco.com) ([]) by aer-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 03 Apr 2020 06:50:03 +0000
Received: from ams3-vpn-dhcp3624.cisco.com (ams3-vpn-dhcp3624.cisco.com []) by aer-core-2.cisco.com (8.15.2/8.15.2) with ESMTPS id 0336o0PF027029 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 3 Apr 2020 06:50:02 GMT
From: Eliot Lear <lear@cisco.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_C61EF863-9EAB-45FE-B302-569CED916FD5"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.\))
Message-Id: <54C56CF7-A339-44F1-BDD3-9E477CB121B7@cisco.com>
References: <158587897464.26434.15420396933429472759@ietfa.amsl.com>
To: "ietf-interest(mailer list)" <ietf-interest@cisco.com>, max pritikin <pritikin@cisco.com>, iot-onboarding@ietf.org, "Chris Steck (csteck)" <csteck@cisco.com>, "Wouter van der Beek (wovander)" <wovander@cisco.com>, "Anthony Grieco (agrieco)" <agrieco@cisco.com>, Panos Kampanakis <pkampana@cisco.com>, "Michael Shannon (mshannon)" <mshannon@cisco.com>, "Russ Gyurek (rgyurek)" <rgyurek@cisco.com>
Date: Fri, 3 Apr 2020 08:49:59 +0200
X-Mailer: Apple Mail (2.3608.
X-Auto-Response-Suppress: DR, OOF, AutoReply
X-Outbound-SMTP-Client:, ams3-vpn-dhcp3624.cisco.com
X-Outbound-Node: aer-core-2.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/iot-onboarding/1qW_5qnFZoytwtgsCW9Iwn65HmY>
Subject: [Iot-onboarding] Fwd: [Anima] Benjamin Kaduk's Yes on draft-ietf-anima-bootstrapping-keyinfra-40: (with COMMENT)
X-BeenThere: iot-onboarding@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of IoT onboarding mechanisms <iot-onboarding.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/iot-onboarding>, <mailto:iot-onboarding-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/iot-onboarding/>
List-Post: <mailto:iot-onboarding@ietf.org>
List-Help: <mailto:iot-onboarding-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/iot-onboarding>, <mailto:iot-onboarding-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Apr 2020 06:50:09 -0000

Dear Max,

It has taken quite a while, but I want to congratulate you and your coauthors, particularly Michael Richardson.  With Ben Kaduk’s “YES” vote, we can now expect to see an approval announcement issued from the IETF Secretariat for BRSKI.  This is a very novel use of existing technology that took approximately six years to reach this point, and has been adapted by a number of companies as a means to onboard IoT devices.  In putting forward your ideas, you not only demonstrated innovation, but also the need for follow-up work.  I hope you will continue to engage in such areas as early discovery and registration of the MASA, offline use cases, and the latter part of the development cycle.

As you can see below, there are small nits remaining, but I suspect these will be covered during AUTH48 or as a quick revision just prior to the approval announcement.

Best wishes,


> Begin forwarded message:
> From: Benjamin Kaduk via Datatracker <noreply@ietf.org>
> Subject: [Anima] Benjamin Kaduk's Yes on draft-ietf-anima-bootstrapping-keyinfra-40: (with COMMENT)
> Date: 3 April 2020 at 03:56:14 CEST
> To: "The IESG" <iesg@ietf.org>
> Cc: draft-ietf-anima-bootstrapping-keyinfra@ietf.org, anima-chairs@ietf.org, anima@ietf.org, tte+ietf@cs.fau.de
> Reply-To: Benjamin Kaduk <kaduk@mit.edu>
> Benjamin Kaduk has entered the following ballot position for
> draft-ietf-anima-bootstrapping-keyinfra-40: Yes
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-anima-bootstrapping-keyinfra/
> ----------------------------------------------------------------------
> ----------------------------------------------------------------------
> Thanks for putting in all the work to get this over the finish line!
> I did a final read-through before entering my YES, which produced some
> non-blocking comments.
> Section 5.1
>   The signatures in the certificate MUST be validated even if a signing
> nit: just "signature" singular?
> Section 5.2
>   assertion:  The pledge indicates support for the mechanism described
>      in this document, by putting the value "proximity" in the voucher-
>      request, and MUST include the "proximity-registrar-cert" field
>      (below).
> Sorry if I asked this already, but is the "MUST include" only when the
> "proximity" assertion is used?  The current text could be read that it
> applies always.
> Section 5.4
> It's too bad we can't mention SCRAM in addition to Basic and Digest, but I
> guess that ship has sailed.
> Section 5.5
>   The voucher media type "application/voucher-cms+json" is defined in
>   [RFC8366] and is also used for the registrar voucher-request.  It is
>   a JSON document that has been signed using a CMS structure.  The
>   registrar MUST sign the registrar voucher-request.
>   [...]
>   [...]
>   [...]
>   MASA impementations SHOULD anticipate future media types but of
>   course will simply fail the request if those types are not yet known.
> I think these two paragraphs were originally next to each other but with the
> large amount of intervening text it seems like the transition could be
> improved.
> Section 5.5.2
>   A certificate chain is extracted from the Registrar's signed CMS
>   container.  This chain may be as short as a single End-Entity
> (I guess technically the CMS structure is an unordered set of certificates,
> not a chain, but we're using it as a chain so I don't mind this usage.)
>   The MASA MAY use the highest certificate from the certificate chain
>   that it received from the Registrar, as determined by MASA policy.  A
> "highest certificate" is not a particularly common usage; "farthest in the
> chain from the end entity" might be more conventional.
> Section 5.5.3
>   As described in Section 5.5.2, the MASA has extracted Registrar's
>   domain CA.  This is used to validate the CMS signature ([RFC5652]) on
>   the voucher-request.
>   Normal PKIX revocation checking is assumed during voucher-request
>   signature validation.  This CA certificate MAY have Certificate
>   Revocation List distribution points, or Online Certificate Status
>   Protocol (OCSP) information ([RFC6960]).  If they are present, the
> We could maybe wordsmith this a bit to only cover the case when the
> pinned-domain-cert is a CA cert (vs. end entity).
> Section 5.5.4
> This section mentions that checking for the presence of id-kp-cmcRA in the
> registrar's cert protects the domain in some cases, but that protection is
> probably weakend in cases when the pinned-domain-cert is not the domain's
> root CA.  That said, the failure mode is not catastrophic, since the
> registrar still has to authenticate to the MASA somehow, and the MASA logic
> can account for the different cases.
> Section 5.6
>   correct registrar, the pledge MUST NOT follow more than one
>   redirection (3xx code) to another web origins.  EST supports
> s/web origins/web origin/
> Section 5.6.1
> missing close parenthesis for "(according to local policy[...]"
> Section 5.8.2
>   The domainID is determined from the certificate chain associated with
>   the pinned-domain-cert and is used to update the audit-log.
> Is it determined from the "chain associated with" or just the
> "pinned-domain-cert" itself?
> Section 7.1
>   Join Proxy:  Provides proxy functionalities but is not involved in
>      security considerations.
> The Join Proxy is not involved in crypto, as noted here, but could drop or
> delay traffic.
> Section 7.3
>       X.509 IDevID factory installed credential.  New Entities without
>       an X.509 IDevID credential MAY form the Section 5.2 request using
>       the Section 5.5 format to ensure the pledge's serial number
>       information is provided to the registrar (this includes the
>       IDevID AuthorityKeyIdentifier value, which would be statically
>       configured on the pledge.)  The pledge MAY refuse to provide a
> It's not entirely clear to me why "(this includes the IDevID
> AuthorityKeyIdentifier value" holds (it's not in the idevid-issuer, I
> think), but if it's clear to others that's fine.
> Section 9.1.1
>   full sales channel integration where Domain Owners need to be
>   positively identified by TLS Client Certicate pinned, or HTTP
> I'm not sure if this was intended to be "by a pinned TLS Client Certificate" or
> "by the pinned-domain-cert".
> Section 10.3
> It looks like the second paragraph may be an editing remnant (copy of text
> being modified in the first paragraph).
> Section
> I guess the vouchers created by an attacker with access to the MASA signing
> key would not necessarily be in the audit log, which is probably worth
> mentioning.
> Appendix B
>   Discovery of registrar MAY also be performed with DNS-based service
>   discovery by searching for the service "_brski-
>   registrar._tcp.<domain>".  In this case the domain "example.com" is
>   discovered as described in [RFC6763] section 11 (Appendix A.2
>   suggests the use of DHCP parameters).
> Is there a mismatch between "<domain>" and "example.com"?
> _______________________________________________
> Anima mailing list
> Anima@ietf.org
> https://www.ietf.org/mailman/listinfo/anima