Re: [Iotops] OPC UA FLC and TLS

Christer Holmberg <christer.holmberg@ericsson.com> Tue, 03 August 2021 20:02 UTC

From: Christer Holmberg <christer.holmberg@ericsson.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>, Eliot Lear <lear@lear.ch>, "iotops@ietf.org" <iotops@ietf.org>
Thread-Topic: [Iotops] OPC UA FLC and TLS
Thread-Index: AdeEa2bLnohQow63Tf29sTDrh4zlBAABzJEAAA2Y6gAA/kkAQA==
Date: Tue, 3 Aug 2021 20:02:00 +0000
Message-ID: <HE1PR07MB4441B83EC401C00F6B75490A93F09@HE1PR07MB4441.eurprd07.prod.outlook.com>
References: <HE1PR07MB4441973D24954117AFB6804693EB9@HE1PR07MB4441.eurprd07.prod.outlook.com> <1dd35348-c00c-ba43-1876-dced553218a4@lear.ch> <14062.1627583936@localhost>
In-Reply-To: <14062.1627583936@localhost>
Accept-Language: en-US
Content-Language: en-US
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?utf-8?B?REZIVHA0MC9iaTdiNXRIZUxVQjdXTHhjNGFUQzd4c2NhT0QzMytnNm1FeUNM?= =?utf-8?B?STNQUWZEekljOXpLT3RvMGkyTGVVWE9IeWFCNERyZjlZWmt5QjdaVXZIN3ND?= =?utf-8?B?SUpWU09PcUtFK044Ym85NzZ6cElxbUxoN1ZENUNsd2JFREttcVRWblNqckRW?= =?utf-8?B?MzdsSzZMWXBwOStFOGlBSmlWRXA3TTNsTDJqTkRXQXo1M1FxdDhYV2F5bU9l?= =?utf-8?B?TUErTUZUV0ljd3ppWElHWS9OalBTam9uV2xEWHU5WTkxemgzV25VeG5sQUJ5?= =?utf-8?B?WUN3MEwvS3FOeFlGTXJmWmYwS1FxbVNNOC82QUVnR0h2emEyZkN4amVJbVZt?= =?utf-8?B?dWtQQ2Z1K2FWcFVNQnh6dlcwQllJWEhvQUhCdHJGclRFVVFhR3U4b282bUll?= =?utf-8?B?Q0lVWGxuQU1nVDY0OWs2UnJESHh5SzBXNVFvM2hxV1A5ZVhJdjRBa3FzeXp1?= =?utf-8?B?UENFY1ZVSXpWUTNRQkE5Snk0TkpUZExmU0ZtajM3TmxlZXlIeXBVY0VweXZO?= =?utf-8?B?WklyNCtic1NrYU1jODhZVjAyZzlvK2JkUGNCN1Nac0NOQ2pid0F4aG9UZXhQ?= =?utf-8?B?NWtQcVh5dlVhVGNhMjFwQWV4VUJPdjZzRjdZN1oyUWIrZ0UrTjVxaWhFNFls?= =?utf-8?B?NnhFa0VudzE5ZzRkWkwwckZSbDd2Nyt1N1loa1dVVlNmbmRsSFcvZEVIOHdR?= =?utf-8?B?UUdrWVFML2lSWmhpMCtQQzV5S1h6OUtra0VZdXYzbjgvc2NUb3RxZU5HejVK?= =?utf-8?B?MlBqNGQwTE5uU3oyczdzbm5MVmJlNUZ0MVVVaHdQRDV4R0lOUSsyc3dvdWpF?= =?utf-8?B?b3pFNnc1SjRtMGlwUjZReSsrZnZPUm8rQWkybk5JNE1wTnVXOEl1VXF1dUZG?= =?utf-8?B?a0dUZ2tXK1JiWCtRM3FVbjh6U0JjbG5JVTUyaXRJbVViL0g4Nm03a0lqNENV?= =?utf-8?B?bW8yYkI4UG41aXl5OFhidzBidFRvbFluVXNWcUVOSGlkNUorYWh0SHR5cEMv?= =?utf-8?B?d3BYNzJSRTJOT2FjSWlQaHlJTGJBTlZyRTU4Nm14SlhNZ0UwclZnRmdqNllY?= =?utf-8?B?Q2czM1FRU1BTT080eUlXdzM4TE8zK1RTaURnQnJYMG5JcFFYa2s0aHRKcVJw?= =?utf-8?B?OWlOVnI2S1k3Tzd5QlBFUXYwbUVEekw0VnZrcVNFZ2d5b0VrTEJ6U2VTOGFY?= =?utf-8?B?a21aSVlrTWRSSzdKVjhuNnFmWXpxN1FySFlnMkMwVnM0cDlHelRZSTFIa1Qv?= =?utf-8?B?TXNlTmRDYzJ4dDB5dXdvS3dpQ2Z5ZlZpWGhPRGdPSlV6R0xZRExVcjJENFpu?= =?utf-8?B?RExiQ3dGNFJJUDEwSXVES3Y0dGc0RmNaTmxubXVJaTBtaHVYNXpURHFCZTFR?= =?utf-8?B?NXYzN3lhZkJrNGdOU1lmMWVHQ1VuOEFPT3E1KzVUYU1PZzBjQ0x0UXlUOWN0?= =?utf-8?B?WllZbERwR2FFZ3ovY3NMdS9OdkRYUUJPSitGeWJ4WFR3RFBLVllUV2NYNktK?= =?utf-8?B?SkV1bkxuaStDWUR0bldKc0pwd0NTZURQZ05DRnp3WVBvQ0t3aS9ZbmVjL2FG?= =?utf-8?B?bWRsc0d1K3VKNWhGQ2psdGdRNkhUUjZKSnlBMXE4NmFYMDVyRGYvbEl5K21v?= =?utf-8?B?d3AxV0o0YVdMblhVclozQ1BNY0FZaTVORmd1aks3NFI4U2tSaUFBRXMzaHhK?= =?utf-8?B?K0dEcmVFM01FSlg3NnliR3FNVlRrLzlZS080aWp5OU1KZlpCNEd5cmFraVYv?= =?utf-8?Q?YJe4vPxqstWRHwxCWgHL6juEaU0o75fJqa7faD7?=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR07MB4441.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ca0f50d7-7226-4657-cf1d-08d956b98e9d
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Aug 2021 20:02:01.0141 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: iQddoEeaz68KLwHIAGM5KETjdoebm7Jp9N2PepgwDsXqFlK296vGpOhwik8UALx9qR4MkhYAfJmlSgwmqj3QCZKV+UX3BNPSIgSqNRWZuqY=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0702MB3771
Archived-At: <https://mailarchive.ietf.org/arch/msg/iotops/6izNOIyhW9-kyTF8VbcMO7mGx4M>
Subject: Re: [Iotops] OPC UA FLC and TLS
X-BeenThere: iotops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IOT Operations <iotops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/iotops>, <mailto:iotops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/iotops/>
List-Post: <mailto:iotops@ietf.org>
List-Help: <mailto:iotops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/iotops>, <mailto:iotops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Aug 2021 20:02:09 -0000

Hi,

>>> When I watched the YouTube video from them iotops session someone claimed
>>> that OPC UA FLC “re-invented” TLS. What was meant by that?
>>>
>> That was my mistake.  Other organizations (not OPC UA) have reinvented TLS,
>> but OPC UA is just out of date, so far as I can tell.[1]
>
> My understanding is that OPC UA has a legacy DCOM based system that uses RSA signature for authentication, but is not related to TLS/SSL/etc.
> But that they use TLS and DTLS (1.3 even) in the latest specifications.

The original OPC protocol, referred to as "classic OPC", is based on DCOM. OPC UA is not bound to some specific OS/platform/technology, and you can use other algorithms than RSA. 

Regards,

Christer

[Iotops] OPC UA FLC and TLS Christer Holmberg
Re: [Iotops] OPC UA FLC and TLS Eliot Lear
Re: [Iotops] OPC UA FLC and TLS Michael Richardson
Re: [Iotops] OPC UA FLC and TLS Christer Holmberg