IETF Logo Mail Archive

Re: [ipwave] wish list for CAs for vehicular networks

William Whyte <wwhyte@qti.qualcomm.com> Mon, 26 April 2021 14:29 UTC

Return-Path: <wwhyte@qti.qualcomm.com>
X-Original-To: its@ietfa.amsl.com
Delivered-To: its@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6EEC43A21F9 for <its@ietfa.amsl.com>; Mon, 26 Apr 2021 07:29:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=qti.qualcomm.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8BZYFEXuhpQr for <its@ietfa.amsl.com>; Mon, 26 Apr 2021 07:29:20 -0700 (PDT)
Received: from esa.hc3962-90.iphmx.com (esa.hc3962-90.iphmx.com [216.71.140.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E08DB3A21DF for <its@ietf.org>; Mon, 26 Apr 2021 07:29:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=qti.qualcomm.com; i=@qti.qualcomm.com; q=dns/txt; s=qccesdkim1; t=1619447358; x=1620052158; h=from:to:cc:date:message-id:references:in-reply-to: mime-version:subject; bh=VNKj5kZW+lyzy/mUdb1KFFjliB915qEpA1qodcZynDo=; b=IV3Piv6n2B5S8CJitdA3wwazhTOuuzgb/KNoSH1BTcs6Fe4RhDdqDYja 6kV49K4ptJRRANmdnG/np4v+Zp8C4RsiajiODslrMTvv8BvTuCDTPee7Q /Aidbjq/EIH1rEGzlVCpD1pCjSeN2tXUebzj02yZyNU12yVnG3nFtBpZj U=;
IronPort-SDR: PQHjTxUpWegQsudhF60B9udBJFVXaCK0fVnnNzVLj4oB/an32/YPjhzr4vywgNf2wotWQyhgFo kvvIq+27164qml/j+/H2sQPKpG3N4E8pppvsRnjMvlpVXFyjspcmTIbYqCGZ9QfdYJB3pi2eR5 IGNpA1/y5FGxkphXFVPjuwQq6pJtFdL2lCLMu+Jl5BnegeJ7oeWpC3Z6yY5AkPlZI2YRl++Ny1 y8EWBQcWhLVpZ+xV4YuYTq7KpHKC6KYh953DuWxeCOV8lr+E/E9P2uQ3nirIeZVJMKzuHX7V0s 59I=
X-IronPort-RemoteIP: 104.47.56.175
X-IronPort-MID: 21739
X-IronPort-Reputation: None
X-IronPort-Listener: OutgoingMail
X-IronPort-SenderGroup: RELAY_O365
X-IronPort-MailFlowPolicy: $RELAYED
Thread-Topic: Re: [ipwave] wish list for CAs for vehicular networks
Received: from mail-co1nam11lp2175.outbound.protection.outlook.com (HELO NAM11-CO1-obe.outbound.protection.outlook.com) ([104.47.56.175]) by ob1.hc3962-90.iphmx.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Apr 2021 14:29:17 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=F2F9oJcDn6O2JR7p1tGzIgJO9bvFWG2QE5d8dEaMASRswADQ/yKefR+YSNZj+V7IFkFSe6c8sBU1QWUlUj23XvsrC+EQD1TDQST6E7X7zAk/MzcReVFWcdxE9Uih8QK3ZaGT0YzC96V3RtvAB25zQ3xbGlDu0HYPy88Q8UMf9gWZviNyY0ioV1hcuvG5NnOACjZa/ft2QiG5DxNMoJkssUOqHGs5OpLqRMZLut3fauofVW2s9UMwLueNDs7e2RfiVPojw7Yv4zXXKGRGho8z8bVIyE+7TCY0q/IRR66EnbuvehHeNcd1EWO9IqSZhdqCg9UjW5OmpOVGAnb3naF1zw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VNKj5kZW+lyzy/mUdb1KFFjliB915qEpA1qodcZynDo=; b=gZYmlUkEemPbByQ1ejyADfjxrTthZBJ7HXmPne+PAbTyPsjzUPoIczfbsw9V5jgRUaXU+xFuLUTv45hSk1t8AcrqCnBPEmxe/qZlU91VVdbfFAbkcYH3X3p9xcdQnVDRCVJFPgyEy5dMuAopBRa9Ir6bXNNQZOqgeKpWOoTJQTD9lY5d1M1/WreZLsBzAagD8JRIuV2CsX6FoplQFkVd42+EvLxtToNNiykpjk2BgqBUCnVgy6iCDBmUC95Y8UPgGh/4kpTeVHk2bNWT2AJBpmTuw/dayVprjZNm6kfSKuwhohI6RvTOtz18YQeN6aCEQfi7bV4euE4s+pqAZTuqvw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=qti.qualcomm.com; dmarc=pass action=none header.from=qti.qualcomm.com; dkim=pass header.d=qti.qualcomm.com; arc=none
Received: from MN2PR02MB6591.namprd02.prod.outlook.com (2603:10b6:208:15f::17) by MN2PR02MB5837.namprd02.prod.outlook.com (2603:10b6:208:114::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.23; Mon, 26 Apr 2021 14:29:15 +0000
Received: from MN2PR02MB6591.namprd02.prod.outlook.com ([fe80::8178:7533:16e:f843]) by MN2PR02MB6591.namprd02.prod.outlook.com ([fe80::8178:7533:16e:f843%7]) with mapi id 15.20.4065.026; Mon, 26 Apr 2021 14:29:15 +0000
From: William Whyte <wwhyte@qti.qualcomm.com>
To: Mounira MSAHLI <msahli1717@gmail.com>, Alexandre Petrescu <alexandre.petrescu@gmail.com>
CC: "its@ietf.org" <its@ietf.org>
Thread-Index: AQHXN4+awWhPVRb0MkmmKa9bu5nfd6rAy02AgAEpIACAAxV9AIABmA0AgAA2IICAAAjfIA==
Date: Mon, 26 Apr 2021 14:29:15 +0000
Message-ID: <MN2PR02MB6591ADE2799245EEFF7F7D1DF2429@MN2PR02MB6591.namprd02.prod.outlook.com>
References: <acc0f475-7f7b-bfbe-1099-913f0cef4de6@gmail.com> <01d601d731e3$140e2ed0$3c2a8c70$@eurecom.fr> <0600020f-b6ca-4d6d-2499-817586bc3548@gmail.com> <CAMEeBw9eaPBRT26BqqmXdEpqFzSTGt8w46wmexfg7ax4aRP-pQ@mail.gmail.com> <CAA2OGZCntE+FUtzKwxrsH7i_q70jjZuPoUjRG7cYmEVRHFJU8g@mail.gmail.com> <19dce5f5-8dca-55c2-4d46-bb83046562ab@gmail.com> <1ec103fe-7a50-cb2c-0763-30cc6362bf13@gmail.com> <e822da34-84df-bce0-6497-479ed1016898@gmail.com> <CAA2OGZA5-xr-mo7u7rtJvApu3XwFJLfmZsTz2Q=+RAxG=Rac6Q@mail.gmail.com> <f75e41a0-a86a-fa44-1183-28fcb0f626d9@gmail.com> <CAA2OGZDyBi1y48Smm1eA0Ogn78L_ck0-mTin+hMyzL9RUN1tJw@mail.gmail.com> <fc4cf84a-45ec-bc69-140a-998970a95b1c@gmail.com> <CAA2OGZA7i7dDU+6dv8RobT5TKFTkqxJ-PvbVYcCa=N9Xf2n4rg@mail.gmail.com>
In-Reply-To: <CAA2OGZA7i7dDU+6dv8RobT5TKFTkqxJ-PvbVYcCa=N9Xf2n4rg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: gmail.com; dkim=none (message not signed) header.d=none; gmail.com; dmarc=none action=none header.from=qti.qualcomm.com;
x-originating-ip: [173.48.177.63]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: fa24131f-508d-402f-6319-08d908bfab7e
x-ms-traffictypediagnostic: MN2PR02MB5837:
x-microsoft-antispam-prvs: <MN2PR02MB583731F3CE1969817DBA0E7EF2429@MN2PR02MB5837.namprd02.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: AWkfguNSIfpqyJTSeBcmbUQqAGpnjnRmoiR2L3XxI5mA+xZyKR+gsDTyKNph4d5WS2v6nMtBb74HefTzB8N26Fi1+W3d5OTbQ33LAxdAIgRRup4HAvAzWf316CUhH8I5xzeCamcTIQZeD/uGr3dz3u1v+gF+/gyu1Gv8ntECeQdfhLcj3VCMVGLR6sLs48LcrepiUrJ79FAkdtMpg+aorli4abbj7xhzN2U9Ry6tGfADqPmgC6ge7VgCVX0g63D5ZrKL9PDiE3UYSDPNE7OuktVkk7mIey8xZzeLGwJwafrDXLPwP4vDM96QikKYoJtWJLgSf83C0zOm3SSizS6Dq6U0ePSr5G4IoYsEbtVVSKMZzr2tq099SGiafZr5ykSmZhWbqft7b2MOI9s0+Unk2lNBZ7OQDl/DxOOCpRwLyDsNipr7l54F7769ZKGtUHuk+VaergrnKnnMJaDPALjVCx+ol04yiDx7TDVnl9H6jO2JPSBla7c5kX/YVsMBZjjfYR6SUQbNOOchcyfwmNXVKpFScBpeaC+pKbUsDaiS2EQg25o8C4MebNMjQYi08adIvypqDkrIzwg33xqAIcDIuDvfSea8XzSfIf4Q//g8sRE=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR02MB6591.namprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(396003)(136003)(39860400002)(376002)(366004)(66946007)(76116006)(9686003)(33656002)(478600001)(2906002)(122000001)(5660300002)(186003)(110136005)(8936002)(6506007)(53546011)(66476007)(66446008)(7696005)(4326008)(8676002)(64756008)(66556008)(55016002)(83380400001)(26005)(52536014)(71200400001)(86362001)(316002)(38100700002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: 9EHktLuSew03N0j51FlwuvTpGbJMDBl1P5Wz4J4ArZpOlyf9WxC3oHJh5hkBI7V+XvD724KMPD38442NTPhnqHNK2E3FZqcml4oyPyXjaQrbmpT5pNqcwv5KlGnHLKwXOjNJVcBHYe29ksRaOFIn1XFNhp3PkObXPERjjSW8dcyxd0EMxBub3bwLTPhjU33Xaa0VN3t4Ta01CFv4kYQ68LlMxzAGYtr7UIkjC+rmhuJPNgi6K8ORO2XAe5OhtJqITzTUEkoMXxKmFqGvPjHCacSvFkMOAM0bu3n3Dm6vHcHVZoYgNJ3wN9kQkoB4Ik6wBje8I40zovKyPNDQkAKjv8b4KfVPfMNntO6/lMW5UTYMC2EU/jQq4qz//DEcsdsB8GIAZhqSJq08brErxEIIL4A1Gv1OZS7f4gDiFJIFIQ2DrhD/kH6WrOnnK3F++3lr/+ioEhg4J8Hzj2/9g+NvSJjup+uSUqvTYs0cNip2Sf8ErhxK2TGZkZa5xM9POc0FwVhy+g58JS/2zEKIkJUgPTCsym8GLbnqIf6EoGA7NJ8KqTccp941Ol66zZGCPjsMg3FPwz2rdvp/y7tSZHvfep2UF+Yshu1QLcUwA20Sf9YDJH6xwP6jwLw7V1ZPkF6g1POPbZL3vz+H16Xyoe2Y76bzgQTXRthPl19iRhIfZoHstOY2zJdPdNU0VcU56wUyuRZTYHnENIfw9nhwxHbpvu/oW0fJG7rpa+qs9dzWvSG+cNSSuH6YC6YPQYPAkj3OLmjnncrPqtTMbaS9ApHxXTZbnpUtRncCANGTZWQdGsbrJoJF0yI55Iw6EZDOXa8vZ0/fZ/Wn6YgZpvELJzLWoG974vzMMnu54U3HixU4FXl4dX4sGBSahUtvtVjMmu40T4fAOMhkV0cXgnKrnpzkVKeBfN1iHTclbeLeniSs5h3y6wEBaPYtoqiKvxb34JvhK+4MwFizz73295kTFz8f/X3TZ1dZJeQ2LtxpCZ1S0U0UuhjH2gw7hTG6tHm+eBuN9zh1nkr15vDRlNVGVkoBJwTyhApr6sQLG9vbAgpIwcP/RgDdhUajzZt6LpdIqvyiUNdjgAMo1eMPkC0fXQlMV+QeWdidsDINoiO8Wftw6r1NUoDY6EFY1QmWTK6fH9gltp4M9/SobGU3wOa9/gX9v3728+ioEhhAi0gNdfDqwHlLtvDB0OuO4Qoou5v12E+D/xl3TgWl3COkEUNuOAQimJjrwzTLGWQ2OYzoakc50B5BIFhFhs/lUVy7sWBLpc8YKTvDEtVUui7j5J3oOCjMhYBu4QbgIQzqQ60mrpPZl7irr0NvbydMrP0nbsxdBagz
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_MN2PR02MB6591ADE2799245EEFF7F7D1DF2429MN2PR02MB6591namp_"
MIME-Version: 1.0
X-OriginatorOrg: qti.qualcomm.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR02MB6591.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: fa24131f-508d-402f-6319-08d908bfab7e
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Apr 2021 14:29:15.7085 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 98e9ba89-e1a1-4e38-9007-8bdabc25de1d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: isY02HMPOhjFkbPUNNrUgW9o1XHb85YbqVZbGFXG+mnNFOCTbIMASAZ6CCLoE/H715VSFw3EXK5tENxOP4MzyQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR02MB5837
Archived-At: <https://mailarchive.ietf.org/arch/msg/its/WHqmOO9EM_5RVHPA58oSHBcVu1U>
Subject: Re: [ipwave] wish list for CAs for vehicular networks
X-BeenThere: its@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IPWAVE - IP Wireless Access in Vehicular Environments WG at IETF <its.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/its>, <mailto:its-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/its/>
List-Post: <mailto:its@ietf.org>
List-Help: <mailto:its-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/its>, <mailto:its-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Apr 2021 14:29:31 -0000

>> - the specs of CA must be implementable independently of other paying
   sources such as (some) from IEEE or ISO.  For example, the ETSI ITS
   spec that IMPORTS 1609.2 does not qualify because in the end it is
   paying.  But the X.509 in RFC 5280 does not rely on other paying
   documents in order to implement (I think?).

>> William could answer you this question better than me because it was already asked by ETSI.

Yes, 1609.2 needs to be purchased from IEEE. ETSI has reproduced the ASN.1 (with permission from IEEE) but there are some subtleties of implementation and how the crypto operations are carried out that aren’t captured in the ASN.1 alone.

I’d note that Alex’s preference for standards to be freely available if they are to be referenced by IETF is a reasonable point of view, but it’s not IETF policy; IETF policy allows non-free standards to be referenced.

Cheers,

William


From: its <its-bounces@ietf.org> On Behalf Of Mounira MSAHLI
Sent: Monday, April 26, 2021 9:54 AM
To: Alexandre Petrescu <alexandre.petrescu@gmail.com>
Cc: its@ietf.org
Subject: [EXT] Re: [ipwave] wish list for CAs for vehicular networks

Can you comment on this wish list?

Wish list for CAs for vehicular networks

>> - the CA must be reachable on IPv6, and their website too.
        Could you please mention why not IPv4 ?

- the specs of CAs for vehicular networks must be available on IPv6
   (e.g. on an IPv6 website, FTP directory, or GIT shared space).

You mean certificate policy. I have the same question. You are specifying the IP protocol for the PKI website. I agree that document must be published and available to PKI users but why IPV6 ?

- the specs of CA must be implementable independently of other paying
   sources such as (some) from IEEE or ISO.  For example, the ETSI ITS
   spec that IMPORTS 1609.2 does not qualify because in the end it is
   paying.  But the X.509 in RFC 5280 does not rely on other paying
   documents in order to implement (I think?).

William could answer you this question better than me because it was already asked by ETSI.

- the CA must offer OCSP reachability on IPv6.

I find that all recommandations are related to the use of IPv6 not really the
security or privacy in C-ITS. By analogy with what you are suggesting, I think  that you would prefer to use IPv6 for the upload of log and download of updates and all V2I communications not only V2PKI connexion.


Mounira

v2.23.0 | Report a Bug | By Email