IETF Logo Mail Archive

RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus-mib-14

Russ Housley <housley@vigilsec.com> Sat, 25 September 2004 20:33 UTC

Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA16007 for <ipcdn-archive@ietf.org>; Sat, 25 Sep 2004 16:33:45 -0400 (EDT)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CBJM6-0000wM-FU for ipcdn-archive@ietf.org; Sat, 25 Sep 2004 16:41:18 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CBJCv-0002jW-KM; Sat, 25 Sep 2004 16:31:49 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CAyjr-0000aJ-Bu for ipcdn@megatron.ietf.org; Fri, 24 Sep 2004 18:40:27 -0400
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA28385 for <ipcdn@ietf.org>; Fri, 24 Sep 2004 18:40:24 -0400 (EDT)
Received: from woodstock.binhost.com ([144.202.240.3]) by ietf-mx.ietf.org with smtp (Exim 4.33) id 1CAyqw-0006pV-E3 for ipcdn@ietf.org; Fri, 24 Sep 2004 18:47:46 -0400
Received: (qmail 1825 invoked by uid 0); 24 Sep 2004 22:40:18 -0000
Received: from unknown (HELO Russ-Laptop.vigilsec.com) (141.156.180.219) by woodstock.binhost.com with SMTP; 24 Sep 2004 22:40:18 -0000
Message-Id: <6.1.2.0.2.20040924183709.05501fe0@mail.binhost.com>
X-Sender: housley@mail.binhost.com
X-Mailer: QUALCOMM Windows Eudora Version 6.1.2.0
Date: Fri, 24 Sep 2004 18:41:28 -0400
To: Jean-Francois Mule <jf.mule@cablelabs.com>, "Steven M. Bellovin" <smb@research.att.com>, bwijnen@lucent.com, ipcdn@ietf.org
From: Russ Housley <housley@vigilsec.com>
Subject: RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus-mib-14
In-Reply-To: <CD6CE349CFD30D40BF5E13B3E0D8480406A38F@srvxchg.cablelabs.c om>
References: <CD6CE349CFD30D40BF5E13B3E0D8480406A38F@srvxchg.cablelabs.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Spam-Score: 0.2 (/)
X-Scan-Signature: 6d95a152022472c7d6cdf886a0424dc6
X-Mailman-Approved-At: Sat, 25 Sep 2004 16:31:48 -0400
Cc: Eduardo Cardona <e.cardona@cablelabs.com>, Greg White <g.white@cablelabs.com>, Oscar Marcia <o.marcia@cablelabs.com>, "Richard Woundy @ Comcast" <Richard_woundy@cable.comcast.com>, Eric Rosenfeld <e.rosenfeld@cablelabs.com>
X-BeenThere: ipcdn@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IP over Cable Data Network <ipcdn.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipcdn>, <mailto:ipcdn-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ipcdn@ietf.org>
List-Help: <mailto:ipcdn-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipcdn>, <mailto:ipcdn-request@ietf.org?subject=subscribe>
Sender: ipcdn-bounces@ietf.org
Errors-To: ipcdn-bounces@ietf.org
X-Spam-Score: 0.2 (/)
X-Scan-Signature: 2857c5c041d6c02d7181d602c22822c8

Jean-Francois:

>--- 1. Syntax of docsBpi2CmPublicKey and range limitations:
>    Per Eduardo and Rich's responses, the current object syntax of
>docsBpi2CmPublicKey is justified by the fact that DOCSIS BPI+ specifies
>a public modulus of 3 or 65537.
>Eduardo wrote:
> >  DOCSIS uses a subset of moduli values that matches the sizes
> > described by the MIB object.
>
>Rich added:
> > In general I am sure this is true, but for DOCSIS BPI+, a
> > specific public modulus is specified: 65537.
> >
> > Per
> > <http://www.cablemodem.com/downloads/specs/BPI+_I11-040407.pdf> >, 
> section 4.2.2.4 and elsewhere: "PKCS #1 v2.0 states that
> > the RSA public exponent may be standardized in specific
> > applications, and the document suggests values of 3 or 65537
> > (F4). Baseline Privacy Plus standardizes on F4 for a public
> > exponent and employs a 1024-bit modulus (Baseline Privacy
> > employed a 768-bit modulus)." Also see sections 7.5 and 7.6,
> > for example.
>
>Proposed resolution:
>   Even with the above justification, we (Rich and I) do not have any
>objection changing the syntax to not restrict the possible ranges in the
>MIB module. To allow the use of PCKS 4096 bits moduli, we (Eduardo,
>Oscar and I) would like to define the max limit to something like 524.
>The proposal is:
>
>    a) change the SYNTAX
>replace
><  docsBpi2CmPublicKey     OBJECT-TYPE
><       SYNTAX             OCTET STRING (SIZE (74|106|140|204|270))
>with
> >  docsBpi2CmPublicKey     OBJECT-TYPE
> >      SYNTAX             OCTET STRING (SIZE 0..524)
>
>    b) for existing 1.1 and 2.0 implementations, in the compliance
>statement, an OBJECT clause to say that DOCSIS 1.1 and 2.0 devices are
>not required to support any key with a size greater than 270.
>
>This proposal should suffice to address the comment: it adds flexibility
>in the generic object definition, yet reflects the reality of the
>underlying docsis 1.1 and 2.0 implementations and allow us to add a new
>compliance statement later for newer implementations without changing
>the mib definition. If this is not sufficient, let us know.

This is fine with me.

>--- 2. Lack of strong encryption & authentication mechanism in DOCSIS
>BPI+
>    The second comment raised by you both (Russ and Steve) is the lack of
>strong encryption & authentication mechanism in DOCSIS BPI+ and
>subsequently in the IPCDN DOCSIS BPI+ MIB module.
>    While the current DOCSIS specifications do not support any additional
>algorithms (and therefore, the underlying protocols supported by this
>MIB may not allow additional algorithm to be negotiated and used), we
>believe it is ok to add a couple of stronger encryption/auth algorithms
>for future use. Vendors may opt to support these additional algorithms
>and future DOCSIS specs may consider these for inclusion - TBD. In any
>case, today's implementations should reject any values outside the range
>allowed in docsis per standard error handling procedures so we don't see
>a pb with adding some better algo there.
>
>    Based on some input from Oscar Marcia, our chief security architect
>at CableLabs, Eric Rosenfeld, and Eduardo Cardona, we would like to
>propose that we add the following algorithms as optional to support:
>
>  Symmetric encryption:
>  AES (AES128CbcMode, AES256CbcMode), 3DES, DES
>  ^^^ new addition, optional to support

You need to specify a mode for 3DES too.  It will probably be CBC like the 
rest of the algorithms you support.

>  Public-key algorithms:
>  RSA (768, 1024, 2048, 3072 -bit key)

Okay.

>  Data integrity algorithms:
>  SHA-1, SHA-256, MD5
>  ^ new addition, optional to support

I expected HMAC-SHA-1.  This can be truncated as is done in IPsec.  Look at 
the HMAC-SHA1-96 definition for an example.

MD5 is certainly not a good thing to add at this point.

>  On the data integrity, as Eric and Oscar pointed out, please note that
>the MAC level protocol DOCSIS only support encryption today.
>Authentication is used on the key management messages and all DOCSIS
>Dynamic Service Flow DSA, DSC, and DSD exchanges, but the actual data
>transport security only uses encryption. So proposing authentication
>algorithms is a clear stretch based on the current protocol and
>implementations. That said, we would be ok with adding a couple for
>potential future use.
>
>
>   We would also like to add some text in the compliance statement of the
>MIB to specify what algs are mandatory to support for DOCSIS 1.1 and 2.0
>to eliminate any potential confusions.

Okay.

Russ 


_______________________________________________
IPCDN mailing list
IPCDN@ietf.org
https://www1.ietf.org/mailman/listinfo/ipcdn

v2.23.0 | Report a Bug | By Email