Re: [ipwave] RFC8902 - TLS with ITS Certificates, EXPERIMENTAL, and the one PKI and one Internet

Russ Housley <housley@vigilsec.com> Thu, 15 April 2021 14:02 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: its@ietfa.amsl.com
Delivered-To: its@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC1A43A210F for <its@ietfa.amsl.com>; Thu, 15 Apr 2021 07:02:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 14WOiuzlowxc for <its@ietfa.amsl.com>; Thu, 15 Apr 2021 07:02:44 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0C6F03A041D for <its@ietf.org>; Thu, 15 Apr 2021 07:02:44 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 0E2C5300B7E for <its@ietf.org>; Thu, 15 Apr 2021 10:02:41 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id Lq452Jeas475 for <its@ietf.org>; Thu, 15 Apr 2021 10:02:38 -0400 (EDT)
Received: from a860b60074bd.fios-router.home (pool-141-156-161-153.washdc.fios.verizon.net [141.156.161.153]) by mail.smeinc.net (Postfix) with ESMTPSA id 4EE61300B35; Thu, 15 Apr 2021 10:02:38 -0400 (EDT)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.17\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <02b401d731ed$b4ec3c70$1ec4b550$@eurecom.fr>
Date: Thu, 15 Apr 2021 10:02:39 -0400
Cc: IPWAVE WG <its@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <13C8EED2-C9D4-4DEB-86E7-9057612243E5@vigilsec.com>
References: <acc0f475-7f7b-bfbe-1099-913f0cef4de6@gmail.com> <01d601d731e3$140e2ed0$3c2a8c70$@eurecom.fr> <A4088CEC-DD21-40C0-8998-FE4715FA59DC@vigilsec.com> <02b401d731ed$b4ec3c70$1ec4b550$@eurecom.fr>
To: =?utf-8?B?SsOpcsO0bWUgSMOkcnJp?= <Jerome.Haerri@eurecom.fr>
X-Mailer: Apple Mail (2.3445.104.17)
Archived-At: <https://mailarchive.ietf.org/arch/msg/its/g55NCrs1wKATT5GX8CSluL4DGiY>
Subject: Re: [ipwave] RFC8902 - TLS with ITS Certificates, EXPERIMENTAL, and the one PKI and one Internet
X-BeenThere: its@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IPWAVE - IP Wireless Access in Vehicular Environments WG at IETF <its.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/its>, <mailto:its-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/its/>
List-Post: <mailto:its@ietf.org>
List-Help: <mailto:its-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/its>, <mailto:its-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Apr 2021 14:02:49 -0000

Carlos and I have observed very low energy in the IPWAVE WG for quite some time.  Our expectation is that the WG will be closed once the last document in the publication process becomes an Informational RFC.  See https://datatracker.ietf.org/group/ipwave/documents/

Russ


> On Apr 15, 2021, at 7:51 AM, Jérôme Härri <Jerome.Haerri@eurecom.fr> wrote:
> 
> Dear Russ,
> 
> I see. Actually, my reply was not related to IETF activities but more on general terms. 
> 
> I could not participate to IETF 104, so I will need to read more about it. In  my personal opinion, it remains good if IPWAVE provides a guideline on how to secure IP vehicular communication, including interoperability between systems (although I have at that time limited resources to actively contribute to this), as several options are on the table and we need to guarantee the trust chain, even considering different protocol or standards being used.
> 
> Thanks,
> 
> BR,
> 
> Jérôme
> 
> -----Original Message-----
> From: Russ Housley <housley@vigilsec.com> 
> Sent: Thursday, 15 April 2021 13:46
> To: Jérôme Härri <Jerome.Haerri@eurecom.fr>fr>; Alexandre Petrescu <alexandre.petrescu@gmail.com>
> Cc: IPWAVE WG <its@ietf.org>
> Subject: Re: [ipwave] RFC8902 - TLS with ITS Certificates, EXPERIMENTAL, and the one PKI and one Internet
> 
> Alex and Jérôme:
> 
> First, the IETF did not publish RFC 8902.  That went through the independent stream.
> 
> Second, this was briefed to the TLS WG and the IPWAVE WG.  The presentation to IPWAVE was at IETF 104.  The minutes say, in part:
> 
>  WW introduces TLS authentication using certificates in the format
>  defined in ETSI ITS and IEEE WAVE.  The objective is to enable
>  client/server authentication these certificates.  TLS WG has no
>  interest, so WW proposes the work in IPWAVE WG.
> 
> The IPWAVE WG also did not have an interest in this work.  So, it it not at all surprising that the people that are using the ETSI ITS and IEEE WAVE certificates took another path.
> 
> Russ
> 
> 
>> On Apr 15, 2021, at 6:35 AM, Jérôme Härri <Jerome.Haerri@eurecom.fr> wrote:
>> 
>> Dear Alex,
>> 
>> Thanks. Indeed such discrepancies is particularly an issue when it 
>> comes to merging wireless and wired (V2I). For example, you send a 
>> DENM over 5G reaching a MEC. It will remove the ETSI KPI and do 
>> something on its own (not fully sure what exactly), or if you use MQTT 
>> type of interaction, where it is even less clear (what a broker will 
>> do on a DENM sent over JSON is not fully clear to keep track of any kind of security/data integrity...
>> 
>> For that matter, there was one effort from C-ROAD to develop something 
>> called 'Facilities' PKI, saying that the ITS KPI are at facilities 
>> layer and no longer at geonet. The advantage is that at least now, you 
>> do not need to remove the KPI when moving and exchanging DENM (or 
>> else) in backend. But I am not sure of the current status or even if this WI is actually active.
>> 
>> Now, I do not fully agree with you with the equivalence of the 
>> internet KPI and ITS KPI. Indeed, the principle is the same, but in 
>> the test you mention, the trust chain is not guaranteed (you edit your 
>> own root-CA for the purpose of the tests, but for example in one of our cross-border deployment (e.g.
>> DE-FR), this solution does not work, as a German car will not 
>> recognize the CA from a French root-CA. So, the key issue I see is not 
>> really (or only) on security but on Trust. The ITS KPI is one option, 
>> there might be others, but 'open ssl' strategies still face the trust-chain issue.
>> 
>> Best Regards,
>> 
>> Jérôme
>> 
>> -----Original Message-----
>> From: its <its-bounces@ietf.org> On Behalf Of Alexandre Petrescu
>> Sent: Thursday, 15 April 2021 12:20
>> To: IPWAVE WG <its@ietf.org>
>> Subject: [ipwave] RFC8902 - TLS with ITS Certificates, EXPERIMENTAL, 
>> and the one PKI and one Internet
>> 
>> Hi, IPWAVErs,
>> 
>> A colleague pointed me to this recently issued RFC 8902 about TLS with 
>> ITS Certificates.
>> 
>> This RFC is of an EXPERIMENTAL Category.
>> 
>> It might be in agreement with other IEEE standards such as 1609.2.
>> 
>> But I must say that I think it further deepens the discrepancy between 
>> what is PKI in the Internet and what is the closed PKI for ITS.  That 
>> is a discrepancy that exists for a long time, and I must share that - 
>> IMHO
>> - I am surprised that the IETF issues an RFC that further promotes 
>> such a discrepancy.
>> 
>> This discrepancy is the following: in a few trials I participated, and 
>> some about I heard of, people use normal PKI with openssl and normal 
>> certificates in cars, over IP, on cellular links like 4G.  They work 
>> fine.  The CA is a local CA (not a commercial CA), but the concept 
>> _is_ compatible with normal CAs.  These dont use the ETSI ITS-specific 
>> certificates, neither the 1609.2 certificates.
>> 
>> I think there are more such trial deployments using local (but 
>> standard, openssl PKIs and certificates) than there are trials using 
>> ETSI ITS certificates or 1609.2 certificates.  The reason is because 
>> the former is all open source software and freely accessible 
>> standards, whereas
>> 1609.2 are closed documents and ETSI ITS certificate software is not 
>> integrated in mainline software like openssl.
>> 
>> There are many easily accessible CAs (Certificate Authorities) that 
>> are integrated in the Internet and in main web browsers, whereas the 
>> ITS-specific CAs are closed, hard to access and the certificate are 
>> expensive.  Many strong oppinions maintain that it should stay that way:
>> cars PKI different than Internet PKI.
>> 
>> There should be one Internet, and that means one trust, and one PKI.
>> 
>> Everything else should not be done at IETF, I think; hence my comment 
>> about this particular RFC.
>> 
>> That is my humble oppinion.
>> 
>> I would like to hear other oppinions?  Maybe I miss something...
>> 
>> Alex
>> 
>> _______________________________________________
>> its mailing list
>> its@ietf.org
>> https://www.ietf.org/mailman/listinfo/its
>> 
>> _______________________________________________
>> its mailing list
>> its@ietf.org
>> https://www.ietf.org/mailman/listinfo/its
> 
> 
> _______________________________________________
> its mailing list
> its@ietf.org
> https://www.ietf.org/mailman/listinfo/its