Re: [ipwave] wish list for CAs for vehicular networks
Mounira MSAHLI <msahli1717@gmail.com> Thu, 22 April 2021 17:30 UTC
Return-Path: <msahli1717@gmail.com>
X-Original-To: its@ietfa.amsl.com
Delivered-To: its@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0CEB33A0E29 for <its@ietfa.amsl.com>; Thu, 22 Apr 2021 10:30:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.845
X-Spam-Level:
X-Spam-Status: No, score=-1.845 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5OOm7w6HsNtJ for <its@ietfa.amsl.com>; Thu, 22 Apr 2021 10:30:53 -0700 (PDT)
Received: from mail-qv1-xf2b.google.com (mail-qv1-xf2b.google.com [IPv6:2607:f8b0:4864:20::f2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A99D03A0E26 for <its@ietf.org>; Thu, 22 Apr 2021 10:30:52 -0700 (PDT)
Received: by mail-qv1-xf2b.google.com with SMTP id er3so13897652qvb.6 for <its@ietf.org>; Thu, 22 Apr 2021 10:30:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=m/GFU5McYVE5zzpOSUdl9vPyfK07ieSp+SDABWUujCc=; b=CiDYmYskrcfI0r20MbKyPQ5k00xQh9cuvVr8PhZs++aPr16a2QlR4y/eixyvwgBokC RiGP0STEqzaGwH8y7EqY4vKg4fqH5n9aIn4xJ7r+GlbZKCMaYKPcwluZOlTXvLVS2eo/ sQg3oJkVKLKign+Vjm+ImhAQ3UB57tSdloamQzL+zB22JHmGny4+qIsPObtTXwxk+6g4 hySmpuKJrh2ejNA6SCsQPe+oOVu1o+aOPk/wFuCh9bGRms83DwoNNq9q4b5UcKjn5dko mVkwJxCvlGa/Iup1lz+gBx81JOjhtkYdeOKd+Q1W0woKJdigwmGtistT9w9AMvnZFb8E 59AA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=m/GFU5McYVE5zzpOSUdl9vPyfK07ieSp+SDABWUujCc=; b=i2EDpIGNv6WZaJHcG9z5CMrklHAJ9vr2ZJ1ObYYPrsig5m50Qt5Y7a75mTk4eKjZBR VU5p289dJx30YpmKn9ab33DJ1L//3kC4FAoXeO5ZQgxSgMD46XnfAut/db3VCxPIXjQ5 nys1Eiy4i4FxlWMyjfQ4PdCQwzWxZvErqMp276Nmxbk4mIfdOH5XZ6bJRFlo0RFNfcRw j/l0hGlZxP+36Nf9BPrQ7r3rIhyfibRV3gp/X96XxS++8MQqWfMOadVdlqJvIbB1lEYb s9TX1H/MWhPudHIFaxNZ+Afn341g/m9haLFxjgj9fpxCctEzQsRMt7yrgTWbbTmFyFrZ 8XVg==
X-Gm-Message-State: AOAM530jcJzrpPVb8fUHtH9CYBWuxMcfoEfqJWoCCD3Vl5BpJ9IMQE5u p5mhJKPTAnbY5XSnFhJ1PigdI7adA9z6EypcmLuY/PkuDBw=
X-Google-Smtp-Source: ABdhPJziFZBCKnl/ZvZBP7nJLHC5G5jrN09iCjimpwT+VZYdRKSADAjYZrSyijIoJszdoihEgy3E/ZWoQXPTHTA+fXA=
X-Received: by 2002:a05:6214:504:: with SMTP id v4mr4543967qvw.4.1619112650552; Thu, 22 Apr 2021 10:30:50 -0700 (PDT)
MIME-Version: 1.0
References: <acc0f475-7f7b-bfbe-1099-913f0cef4de6@gmail.com> <01d601d731e3$140e2ed0$3c2a8c70$@eurecom.fr> <0600020f-b6ca-4d6d-2499-817586bc3548@gmail.com> <CAMEeBw9eaPBRT26BqqmXdEpqFzSTGt8w46wmexfg7ax4aRP-pQ@mail.gmail.com> <CAA2OGZCntE+FUtzKwxrsH7i_q70jjZuPoUjRG7cYmEVRHFJU8g@mail.gmail.com> <19dce5f5-8dca-55c2-4d46-bb83046562ab@gmail.com> <1ec103fe-7a50-cb2c-0763-30cc6362bf13@gmail.com> <e822da34-84df-bce0-6497-479ed1016898@gmail.com>
In-Reply-To: <e822da34-84df-bce0-6497-479ed1016898@gmail.com>
From: Mounira MSAHLI <msahli1717@gmail.com>
Date: Thu, 22 Apr 2021 19:30:39 +0200
Message-ID: <CAA2OGZA5-xr-mo7u7rtJvApu3XwFJLfmZsTz2Q=+RAxG=Rac6Q@mail.gmail.com>
To: Alexandre Petrescu <alexandre.petrescu@gmail.com>
Cc: its@ietf.org
Content-Type: multipart/alternative; boundary="00000000000063397d05c0930abe"
Archived-At: <https://mailarchive.ietf.org/arch/msg/its/K9lqweWV-Ivd0wb5WMrsitD3obw>
Subject: Re: [ipwave] wish list for CAs for vehicular networks
X-BeenThere: its@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IPWAVE - IP Wireless Access in Vehicular Environments WG at IETF <its.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/its>, <mailto:its-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/its/>
List-Post: <mailto:its@ietf.org>
List-Help: <mailto:its-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/its>, <mailto:its-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Apr 2021 17:30:58 -0000
>> - must express their requirements to vehicular networks in terms of capabilities of certificates. For example, a CA may agree to sign only a number of certs (1000?) per vehicle, but no more. Or might suggest new fields in these X.509 certs that they are ready to confirm (to certify). I think the number of used pseudonym certificates depends on the strategy change of pseudonyms implemented in C-ITS station to avoid tracking and to ensure privacy >> - must sign and offer almost for free certificates for vehicular networks. It's not because the car industry makes much money that a lot has to be wasted on artificial costs. The way for CA to make money should be different than direct charging the vehicular industry. The EU commission is providing a PKI for member states who are not deploying C-ITS PKI, I think for free. >> Maybe we can write a brief Internet Draft about wishes about security, Internet, and Intelligent Transportation Systems. You mean ethical aspects ? Kind Regards Mounira Le jeu. 22 avr. 2021 à 17:52, Alexandre Petrescu < alexandre.petrescu@gmail.com> a écrit : > In private I was suggested a few improvements about 'commodity' > browsers, CABForum and federations of CAs; so here is the new wish list: > > Wish list for CAs for vehicular networks > > - must be reachable on IPv6, and their website too. > - must be present built-in in commodity web browsers, and open source > because that guarantees trust built at large scale and helps spot the > bugs quickly for the benefit of all. > - must express their requirements to vehicular networks in terms of > capabilities of certificates. For example, a CA may agree to sign > only a number of certs (1000?) per vehicle, but no more. Or might > suggest new fields in these X.509 certs that they are ready to confirm > (to certify). > - must sign and offer almost for free certificates for vehicular > networks. It's not because the car industry makes much money that a > lot has to be wasted on artificial costs. The way for CA to make > money should be different than direct charging the vehicular industry. > > - there might be possibilities of considering new web browsers (other > than the 'commodity'). > - maybe a relationship with IOTOPS WG of IETF could be considered. > - the CABForum outside of IETF might be considered (but unreachable on > IPv6, currently). > - maybe new federations of CAs could be considered, in which the > vehicular industries might built their own world, but that should not > be a path towards seggregating away from the Internet trust. > > - must contribute to make Internet better, and not seggregate the > vehicular networks from the Internet. > > Please comment on this wish list. > > Maybe we can write a brief Internet Draft about wishes about security, > Internet, and Intelligent Transportation Systems. > > Alex > > > Le 21/04/2021 à 19:43, Alexandre Petrescu a écrit : > > This is my list of requirements for CAs for vehicular networks: - > > must be reachable on IPv6, and their website too. - must be present > > built-in in open source web browsers. - must express their > > requirements to vehicular networks in terms of capabilities of > > certificates. For example, a CA may agree to sign only a number of > > certs (1000?) per vehicle, but no more. Or might suggest new fields > > in these X.509 certs that they are ready to confirm (to certify). - > > must sign and offer almost for free certificates for vehicular > > networks. It's not because the car industry makes much money that a > > lot has to be wasted on artificial costs. The way for CA to make > > money should be different than direct charging the vehicular > > industry. - must contribute to make Internet better, and not > > seggregate the vehicular networks from the Internet. > > > > And this below is our dicussion that helped me frame these > > requirements, and I thank you for the discussion. > > > > Le 20/04/2021 à 11:51, Alexandre Petrescu a écrit : [...] > > > >>> - Scoop@F http://www.scoop.developpement-durable.gouv.fr/ > >>> <http://www.scoop.developpement-durable.gouv.fr/> : > > > > This is not reachable on IPv6. > > > >>> > >>> > >>> which is about deploying 3000 cars + 2000 km of roads > >>> > >>> > >>> - InterCor https://intercor-project.eu/ > >>> <https://intercor-project.eu/>, > > > > This is not reachable on IPv6. > > > > > >>> > >>> - C-Roads Platform https://www.c-roads.eu/platform.html > >>> <https://www.c-roads.eu/platform.html> > > > > This is not reachable on IPv6. > > > > > >>> > >>> > >>> InterCor and C-Roads are about harmonising C-ITS specifications > >>> in Europe > >>> > >>> > >>> - INDID > >>> > https://www.c-roads.eu/pilots/core-members/france/Partner/project/show/indid.html > >>> > >>> > >>> > >>> < > https://www.c-roads.eu/pilots/core-members/france/Partner/project/show/indid.html > >. > >>> > >>> > >>> > >>> > >>> > >>> > >>> All these projects are using ETSI TS 103 097 certificates, which > >>> is a profile of 1609.2 to secure C-ITS messages: > >> > >> But there are also other projects funded by the EU in the same > >> domain (connected automated mobility with self-driving cars) and > >> where more open certificates are being used, with more open source > >> software. > >> > >>> > >>> > https://ec.europa.eu/transport/sites/transport/files/c-its_certificate_policy_release_1.pdf > >>> > > > > > > This is reachable on IPv6. > > > >>> > >>> > >>> < > https://ec.europa.eu/transport/sites/transport/files/c-its_certificate_policy_release_1.pdf > > > >>> > >>> > >>> > >>> > >>> > >>> As mentioned by Jerome, one use case of the RFC 8902 could be to > >>> sign CAM and DENM messages on facilities layer and not geonet as > >>> specified in ETSI. > >> > >> Yes, but has that been done? HAs someone put CAM messages on IP on > >> a 4G link and signed with 1609.2 certificates? I think not. > >> > >> It would be good if it worked, but it would need the CAs to know > >> these certifiicate formats, and the CAs would need to be known in > >> common browsers. > >> > >>> Yes, in projects dealing with C-ITS security interoperability, we > >>> use MQTT to exchange C-ITS messages between many countries to > >>> ensure continuity of service when vehicle is crossing borders. > >> > >> Ok, good to know. > >> > >>> > >>> > >>> We could also use the RFC for Vehicle-To-Internet simply to > >>> upload log of vehicle for example etc… > >> > >> Yes, but what CA would be put in the server of that log? Would > >> that CA be a self-made CA with openssl (or other open source > >> software), or would it be a widely known CA like the CAs present in > >> firefox, for example? > >> > >> My guess is that you assume a self-made CAs, and I agree with it > >> for experimentation. > >> > >> But for deployment there would be a need for the existing CAs in > >> the browsers to implement these 1609.2 certs. And they are paying. > >> I doubt it could work. > >> > >>> > >>> > >>> > >>>>> The reason is because the former is all open source software > >>>>> and freely accessible standards, whereas 1609.2 are closed > >>>>> documents and ETSI ITS certificate software is not integrated > >>>>> in mainline software like openssl. > >>> > >>> > >>> There's a java implementation of 1609.2/103 097 here: > >>> https://github.com/pvendil/c2c-common > >>> <https://github.com/pvendil/c2c-common>. I already used it. > > > > This is not reachable on IPv6. Several people who contributed to > > IETF also asked github support to put it on IPv6. There is no answer > > since some time now. > > > > I would suggest the person who maintains that java implementation of > > 1609.2 to put it on another server that is reachable on IPv6. Or > > otherwise to ask too, like the others have, github.com to be on > > IPv6. > > > > > >> Yes, but the spec is paying. That does inspire seriousness but > >> might inspire risk for the confidence. > >> > >>> > >>> > >>>>> ITS-specific CAs are closed, hard to access and the > >>>>> certificate are > >>> > >>> expensive. hard to access and the certificate are expensive. > >>> > >>> > >>> you can get certificates from > >>> https://www.ghsiss.com/v2x-certificates/ > >>> <https://www.ghsiss.com/v2x-certificates/> > > > > This is not reachable on IPv6. And ISS CA (Integrated Security > > Services) is not in my browser either. > > > > In comparison, Microsec might provide certificates in bilateral > > agreements that might cost less, or almost 0. And Microsec is > > reachable on IPv, and is in my browser. > > > > There is also the Let's Encrypt CA that is reachable on IPv6. I > > think they might offer certificates free of charge too. > > > > These kinds of CAs (Microsec and Let's Encrypt) are good candidates > > to whom to propose interoperability for vehicular networks on IPv6. > > > > There might be other such CAs? > > > > So, the question is whether Microsec and Let's Encrypt (who are on > > IPv6 and offer somehow very cheap or almost free certificates), offer > > compliance with RFC 8902? If yes, is it with ITS Certificates > > (1609.2) or with X.509 certificates? > > > > Alex > > > >> > >> Thanks for the pointer, I did not know ghsiss. Are they paying > >> certificates? > >> > >> Recently I worked with Microsec and they might also propose > >> certificates for cheaper (free), if it is for evaluation, or for > >> academia, or similar. And Microsec CA _is_ present in the > >> browsers. But can Microsec sign these 1609.2 certificates and still > >> not ask me (end user) to pay for the certificates? > >> > >> Another thing to consider is whether or not ghsiss (and Microsec > >> for that matter) are reachable on IPv6. That is also a make kor > >> break condition of use. It is worth trying. > >> > >> Thanks for the message. > >> > >> Alex > >> > >>> > >>> > >>> > >>>>> In my personal opinion, it remains good if IPWAVE provides > >>>>> a guideline on how to secure IP vehicular communication, > >>>>> including interoperability between systems (although I have > >>>>> at that time limited resources to actively contribute to > >>>>> this), as several options are on the table and we need to > >>>>> guarantee the trust chain, even considering different > >>>>> protocol or standards being used. > >>> > >>> > >>> I’m also interested to work on security interoperability in C-ITS > >>> and we could add: > >>> > >>> > >>> - Misbehaving in vehicular network > >>> > >>> - Revocation management > >>> > >>> - Pseudonym management/change to avoid tracking and to ensure > >>> privacy > >>> > >>> > >>> Thank you Russ for your time on this RFC and for your valuable > >>> review. > >>> > >>> > >>> > >>> Kind regards > >>> > >>> Mounira > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> ---------- Forwarded message --------- De : *Alexandre Petrescu* > >>> <alexandre.petrescu@gmail.com > >>> <mailto:alexandre.petrescu@gmail.com>> Date: jeu. 15 avr. 2021 à > >>> 22:44 Subject: Re: [ipwave] RFC8902 - TLS with ITS Certificates, > >>> EXPERIMENTAL, and the one PKI and one Internet To: Jérôme Härri > >>> <Jerome.Haerri@eurecom.fr <mailto:Jerome.Haerri@eurecom.fr>>, > >>> IPWAVE WG <its@ietf.org <mailto:its@ietf.org>> > >>> > >>> > >>> > >>> > >>> Le 15/04/2021 à 12:35, Jérôme Härri a écrit : > >>>> Dear Alex, > >>>> > >>>> Thanks. Indeed such discrepancies is particularly an issue when > >>>> it comes to merging wireless and wired (V2I). For example, you > >>>> send a DENM over 5G reaching a MEC. It will remove the ETSI KPI > >>>> and do something on its own (not fully sure what exactly), or > >>>> if you use MQTT type of interaction, where it is even less > >>>> clear (what a broker will do on a DENM sent over JSON is not > >>>> fully clear to keep track of any kind of security/data > >>>> integrity... > >>>> > >>>> For that matter, there was one effort from C-ROAD to develop > >>>> something called 'Facilities' PKI, saying that the ITS KPI are > >>>> at facilities layer and no longer at geonet. The advantage is > >>>> that at least now, you do not need to remove the KPI when > >>>> moving and exchanging DENM (or else) in backend. But I am not > >>>> sure of the current status or even if this WI is actually > >>>> active. > >>>> > >>>> Now, I do not fully agree with you with the equivalence of the > >>>> internet KPI and ITS KPI. Indeed, the principle is the same, > >>>> but in the test you mention, the trust chain is not guaranteed > >>>> (you edit your own root-CA for the purpose of the tests, but > >>>> for example in one of our cross-border deployment (e.g. DE-FR), > >>>> this solution does not work, as a German car will not recognize > >>>> the CA from a French root-CA. So, the key issue I see is not > >>>> really (or only) on security but on Trust. The ITS KPI is one > >>>> option, there might be others, but 'open ssl' strategies still > >>>> face the trust-chain issue. > >>> > >>> Jérôme, > >>> > >>> I agree with you. > >>> > >>> In the discussion above I think you meant 'PKI' throughout > >>> (Public Key Infrastructure), and not 'KPI' (Key Performance > >>> Indicator). > >>> > >>> That said, the question you formulate about how a car-to-server > >>> MQTT interaction on IP would be authenticated by certificates > >>> that are verified by CAs that are absent from normal browsers, or > >>> how the CAs that are present in normal browsers would help > >>> authenticating CAM messages sent on IP - is a very relevant > >>> question. > >>> > >>> Alex > >>>> > >>>> Best Regards, > >>>> > >>>> Jérôme > >>>> > >>>> -----Original Message----- From: its <its-bounces@ietf.org > >>> <mailto:its-bounces@ietf.org>> On Behalf > >>>> Of Alexandre Petrescu Sent: Thursday, 15 April 2021 12:20 To: > >>>> IPWAVE WG <its@ietf.org <mailto:its@ietf.org>> Subject: > >>>> [ipwave] RFC8902 > >>> - TLS with ITS > >>>> Certificates, EXPERIMENTAL, and the one PKI and one Internet > >>>> > >>>> Hi, IPWAVErs, > >>>> > >>>> A colleague pointed me to this recently issued RFC 8902 about > >>>> TLS with ITS Certificates. > >>>> > >>>> This RFC is of an EXPERIMENTAL Category. > >>>> > >>>> It might be in agreement with other IEEE standards such as > >>>> 1609.2. > >>>> > >>>> But I must say that I think it further deepens the discrepancy > >>>> between what is PKI in the Internet and what is the closed PKI > >>>> for ITS. That is a discrepancy that exists for a long time, > >>>> and I must share that - IMHO - I am surprised that the IETF > >>>> issues an RFC that further promotes such a discrepancy. > >>>> > >>>> This discrepancy is the following: in a few trials I > >>>> participated, and some about I heard of, people use normal PKI > >>>> with openssl and normal certificates in cars, over IP, on > >>>> cellular links like 4G. They work fine. The CA is a local CA > >>>> (not a commercial CA), but the concept _is_ compatible with > >>>> normal CAs. These dont use the ETSI ITS-specific certificates, > >>>> neither the 1609.2 certificates. > >>>> > >>>> I think there are more such trial deployments using local (but > >>>> standard, openssl PKIs and certificates) than there are > >>>> trials using ETSI ITS certificates or 1609.2 certificates. The > >>>> reason is because the former is all open source software and > >>>> freely accessible standards, whereas 1609.2 are closed > >>>> documents and ETSI ITS certificate software is not integrated > >>>> in mainline software like openssl. > >>>> > >>>> There are many easily accessible CAs (Certificate Authorities) > >>>> that are integrated in the Internet and in main web browsers, > >>>> whereas the ITS-specific CAs are closed, hard to access and > >>>> the certificate are expensive. Many strong oppinions maintain > >>>> that it should stay that way: cars PKI different than Internet > >>>> PKI. > >>>> > >>>> There should be one Internet, and that means one trust, and > >>>> one PKI. > >>>> > >>>> Everything else should not be done at IETF, I think; hence my > >>>> comment about this particular RFC. > >>>> > >>>> That is my humble oppinion. > >>>> > >>>> I would like to hear other oppinions? Maybe I miss > >>>> something... > >>>> > >>>> Alex > >>>> > >>>> _______________________________________________ its mailing > >>>> list its@ietf.org <mailto:its@ietf.org> > >>> https://www.ietf.org/mailman/listinfo/its > >>> <https://www.ietf.org/mailman/listinfo/its> > >>>> > >>>> _______________________________________________ its mailing > >>>> list its@ietf.org <mailto:its@ietf.org> > >>> https://www.ietf.org/mailman/listinfo/its > >>> <https://www.ietf.org/mailman/listinfo/its> > >>>> > >>> > >>> _______________________________________________ its mailing list > >>> its@ietf.org <mailto:its@ietf.org> > >>> https://www.ietf.org/mailman/listinfo/its > >>> <https://www.ietf.org/mailman/listinfo/its> > >>> > >>> > >>> _______________________________________________ its mailing list > >>> its@ietf.org https://www.ietf.org/mailman/listinfo/its > >>> > >> > >> _______________________________________________ its mailing list > >> its@ietf.org https://www.ietf.org/mailman/listinfo/its > > > > _______________________________________________ its mailing list > > its@ietf.org https://www.ietf.org/mailman/listinfo/its > > _______________________________________________ > its mailing list > its@ietf.org > https://www.ietf.org/mailman/listinfo/its >
- [ipwave] RFC8902 - TLS with ITS Certificates, EXP… Alexandre Petrescu
- Re: [ipwave] RFC8902 - TLS with ITS Certificates,… Jérôme Härri
- Re: [ipwave] RFC8902 - TLS with ITS Certificates,… Russ Housley
- Re: [ipwave] RFC8902 - TLS with ITS Certificates,… Jérôme Härri
- Re: [ipwave] RFC8902 - TLS with ITS Certificates,… Russ Housley
- Re: [ipwave] RFC8902 - TLS with ITS Certificates,… Alexandre Petrescu
- Re: [ipwave] RFC8902 - TLS with ITS Certificates,… Mounira MSAHLI
- Re: [ipwave] RFC8902 - TLS with ITS Certificates,… Alexandre Petrescu
- Re: [ipwave] requirements for CAs for vehicular n… Alexandre Petrescu
- Re: [ipwave] wish list for CAs for vehicular netw… Alexandre Petrescu
- Re: [ipwave] RFC8902 - TLS with ITS Certificates,… Mounira MSAHLI
- Re: [ipwave] RFC8902 - TLS with ITS Certificates,… Mounira MSAHLI
- Re: [ipwave] wish list for CAs for vehicular netw… Mounira MSAHLI
- Re: [ipwave] RFC8902 - TLS with ITS Certificates,… Alexandre Petrescu
- Re: [ipwave] RFC8902 - TLS with ITS Certificates,… Alexandre Petrescu
- Re: [ipwave] wish list for CAs for vehicular netw… Alexandre Petrescu
- Re: [ipwave] RFC8902 - TLS with ITS Certificates,… Alexandre Petrescu
- Re: [ipwave] RFC8902 - TLS with ITS Certificates,… Mounira MSAHLI
- Re: [ipwave] wish list for CAs for vehicular netw… Mounira MSAHLI
- Re: [ipwave] RFC8902 - TLS with ITS Certificates,… Alexandre Petrescu
- Re: [ipwave] wish list for CAs for vehicular netw… Alexandre Petrescu
- Re: [ipwave] wish list for CAs for vehicular netw… Mounira MSAHLI
- Re: [ipwave] RFC8902 - TLS with ITS Certificates,… Mounira MSAHLI
- Re: [ipwave] RFC8902 - TLS with ITS Certificates,… William Whyte
- Re: [ipwave] wish list for CAs for vehicular netw… William Whyte
- Re: [ipwave] wish list for CAs for vehicular netw… Alexandre Petrescu
- Re: [ipwave] RFC8902 - TLS with ITS Certificates,… Alexandre Petrescu
- Re: [ipwave] wish list for CAs for vehicular netw… William Whyte
- Re: [ipwave] wish list for CAs for vehicular netw… Alexandre Petrescu
- Re: [ipwave] RFC8902 - TLS with ITS Certificates,… Alexandre Petrescu
- Re: [ipwave] permission Alexandre Petrescu
- Re: [ipwave] permission Jérôme Härri
- Re: [ipwave] permission Alexandre Petrescu