Re: [ipwave] wish list for CAs for vehicular networks

William Whyte <wwhyte@qti.qualcomm.com> Mon, 26 April 2021 15:03 UTC

Return-Path: <wwhyte@qti.qualcomm.com>
X-Original-To: its@ietfa.amsl.com
Delivered-To: its@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4A3A63A22FF for <its@ietfa.amsl.com>; Mon, 26 Apr 2021 08:03:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=qti.qualcomm.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g4UHy0W0odf3 for <its@ietfa.amsl.com>; Mon, 26 Apr 2021 08:03:29 -0700 (PDT)
Received: from esa.hc3962-90.iphmx.com (esa.hc3962-90.iphmx.com [216.71.142.165]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B34523A2300 for <its@ietf.org>; Mon, 26 Apr 2021 08:03:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=qti.qualcomm.com; i=@qti.qualcomm.com; q=dns/txt; s=qccesdkim1; t=1619449409; x=1620054209; h=from:to:cc:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version:subject; bh=LPKRfZYXCf4TxQ6VPO/xlEvhcvkS/66wxv1+YywOYpA=; b=qTsiE+imheyvpERuPjYICGuk0KvZwPRRY6FgZUcHu2uApzWQVC+Mq/sR AEl9lpCycYcpXxwU1q0qvUdJ7q36bSKuAq6cOO4JUGXKTdvFThizZ7lT+ gm/QlwsNcibVqBxbtzh55QHY80JSfMUYBrpP6JydNSRahEinDP58Qqj9+ Y=;
IronPort-SDR: 3CFjrYxBDzgsmDPUldj4GqLeDRacIBJ5gCx9Z0SbVzYFWrTQIShEPcr00mNM9aFuz0Rt8+17G3 pDn1gl+e1+D6Ajr6ZxR28Hn+g0rTp77W/L/AxlCbYdNjuMxbMlxI15cgVTtYWi93T0W8EKcIJ1 toGSsOr9UY5I8wXEWhp5uHAGPykZ+0+0qwfSjdMWmlL1Y22sX+57cp0L1oi+HZeGn+bUTfI1FX J7zWr3QsBs3OiHaFQEXZWhRY3ZPju+ys6ZIi5yR0q6xK/kB0oXoHvQ4kZupqT5A4lXC32WTwzA tcE=
X-IronPort-RemoteIP: 104.47.55.103
X-IronPort-MID: 21838
X-IronPort-Reputation: None
X-IronPort-Listener: OutgoingMail
X-IronPort-SenderGroup: RELAY_O365
X-IronPort-MailFlowPolicy: $RELAYED
Thread-Topic: Re: [ipwave] wish list for CAs for vehicular networks
Received: from mail-mw2nam10lp2103.outbound.protection.outlook.com (HELO NAM10-MW2-obe.outbound.protection.outlook.com) ([104.47.55.103]) by ob1.hc3962-90.iphmx.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Apr 2021 15:03:28 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PmTI4Lm8lyBesQ3GhW3T27Jf4nAogEv5MrZzrdlhE5amilrNkIWadJT0j9rf1bT18he7PbjF/OFbmex5PaEurk1YyXjaYvwfyb/iIjghagHHmn0Hx7xPLTJID2JJ/Bko8q0b7lb2YnwseBnVUvANII5f6LRaP0DsLZso7hukhJdT0W0T4acwIGBDRztwFCedB4QU8FCWqdGSdgT0NeBckQYUGJIknJJTt1BrAUmJ2PZwKSuTZy5AXq2rMvx8aKzgchWOuxVsKdcLNjtgR74QA3K2MtJ6QWI69DgavVfNmPQhkKhY0FNNytjnZgmfz+tnPqkQjKqWTZie1eIS+fg0mA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LPKRfZYXCf4TxQ6VPO/xlEvhcvkS/66wxv1+YywOYpA=; b=efEm+Kr2Xba/JIBGO4TUIpnfDXdGp3r010YzyQ5nxV89CIohrIs9y9Qzc4UFq6w/8hBiFNR0y9d71PF6whmv3eGmfEpMtPG5vCazuleYR9xx4353cj3c+wBCRFFrTaEYQTgAVGVYr2s0llaEKc1DKFw+vIoZkTNsMhW/19i1pBOey+mf84aFE5+vCcFCyYq3pECafRPYJKEjBbCCBJmrE7DhOUupUNOeseMWrFfu8pauOH2vTxSNhuC8boQNR0gvi2kYhTRDRKuPRfyUgjaMI5RFn3nynNl8NfBZI/BvfaEZ23aJsST4tvA6YNw2DMpltfD98fl+1nQpZQUenCk5NQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=qti.qualcomm.com; dmarc=pass action=none header.from=qti.qualcomm.com; dkim=pass header.d=qti.qualcomm.com; arc=none
Received: from MN2PR02MB6591.namprd02.prod.outlook.com (2603:10b6:208:15f::17) by MN2PR02MB5775.namprd02.prod.outlook.com (2603:10b6:208:119::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.25; Mon, 26 Apr 2021 15:03:24 +0000
Received: from MN2PR02MB6591.namprd02.prod.outlook.com ([fe80::8178:7533:16e:f843]) by MN2PR02MB6591.namprd02.prod.outlook.com ([fe80::8178:7533:16e:f843%7]) with mapi id 15.20.4065.026; Mon, 26 Apr 2021 15:03:23 +0000
From: William Whyte <wwhyte@qti.qualcomm.com>
To: Alexandre Petrescu <alexandre.petrescu@gmail.com>, Mounira MSAHLI <msahli1717@gmail.com>
CC: "its@ietf.org" <its@ietf.org>
Thread-Index: AQHXN4+awWhPVRb0MkmmKa9bu5nfd6rAy02AgAEpIACAAxV9AIABmA0AgAA2IICAAAjfIIAACX0AgAAAvtA=
Date: Mon, 26 Apr 2021 15:03:23 +0000
Message-ID: <MN2PR02MB6591E532393FDA922B65570BF2429@MN2PR02MB6591.namprd02.prod.outlook.com>
References: <acc0f475-7f7b-bfbe-1099-913f0cef4de6@gmail.com> <01d601d731e3$140e2ed0$3c2a8c70$@eurecom.fr> <0600020f-b6ca-4d6d-2499-817586bc3548@gmail.com> <CAMEeBw9eaPBRT26BqqmXdEpqFzSTGt8w46wmexfg7ax4aRP-pQ@mail.gmail.com> <CAA2OGZCntE+FUtzKwxrsH7i_q70jjZuPoUjRG7cYmEVRHFJU8g@mail.gmail.com> <19dce5f5-8dca-55c2-4d46-bb83046562ab@gmail.com> <1ec103fe-7a50-cb2c-0763-30cc6362bf13@gmail.com> <e822da34-84df-bce0-6497-479ed1016898@gmail.com> <CAA2OGZA5-xr-mo7u7rtJvApu3XwFJLfmZsTz2Q=+RAxG=Rac6Q@mail.gmail.com> <f75e41a0-a86a-fa44-1183-28fcb0f626d9@gmail.com> <CAA2OGZDyBi1y48Smm1eA0Ogn78L_ck0-mTin+hMyzL9RUN1tJw@mail.gmail.com> <fc4cf84a-45ec-bc69-140a-998970a95b1c@gmail.com> <CAA2OGZA7i7dDU+6dv8RobT5TKFTkqxJ-PvbVYcCa=N9Xf2n4rg@mail.gmail.com> <MN2PR02MB6591ADE2799245EEFF7F7D1DF2429@MN2PR02MB6591.namprd02.prod.outlook.com> <2c4e66a9-526a-1d6e-fff8-b8eee2091111@gmail.com>
In-Reply-To: <2c4e66a9-526a-1d6e-fff8-b8eee2091111@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: gmail.com; dkim=none (message not signed) header.d=none; gmail.com; dmarc=none action=none header.from=qti.qualcomm.com;
x-originating-ip: [173.48.177.63]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 64ac8a23-d579-44d6-5fff-08d908c47046
x-ms-traffictypediagnostic: MN2PR02MB5775:
x-microsoft-antispam-prvs: <MN2PR02MB57751A5C26C980BEBA034384F2429@MN2PR02MB5775.namprd02.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: e2XHlTjoMHmDE31BlRTOqm8eOcm0HjyCioTDtQdx2wwYpQDRRMRy71mTg5JLAXkinXnV3Jj6NimA4QIjBr4bc4E7iGL9xqWXo7cTnPu+uqJuEiwjYiP0HgfnKyDOcc/eTS890nImS2HxBdVUoDp8Icvb4TxrBUEPs0GeDHgkf87pKpoo2JUXvTC5kggaJz4UOOowIJq21F3/k0via3T/+/2kZa9+MKM/qsMfvKv5D0hMqayAo+PNzv0bEOPV4ZWmj+zIB3dea5cjLUzPPlenPOn9WQ67jJl97E904phwF2fk3Sd9QwWBMuXGKYkDpNG9frd6qoXKlb2mo6sHEyPgX+K1R3ZULJP3/sPxUkSdEljLmF5mQTSuuWH6Cci1SvnwN63lv25aY7aThAFZ36Ew3fe2ElSOENFi5gPZK5FIzx7y2/79/7C3AyABOPjCGdc/sUPb7xFCSjwxH//sk3A4eGUJAidZU7Dc6kfq4PqPnr3vS4RJhZKikRfXzL+ttMdG00go1LWpeuxSlfWcL7kURMInHsB1sKag2RN1JU5AKJ8KeSbpUb6frOcOVfSGXg1a9a1Edu9EO3nGhj+4es3BpTOZD+foUMiMwjS3pt01cXA=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR02MB6591.namprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(136003)(376002)(366004)(396003)(39860400002)(110136005)(83380400001)(76116006)(4326008)(66946007)(122000001)(5660300002)(186003)(8676002)(7696005)(26005)(478600001)(53546011)(33656002)(6506007)(38100700002)(55016002)(86362001)(66446008)(66476007)(64756008)(71200400001)(316002)(52536014)(66556008)(9686003)(66574015)(8936002)(2906002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: =?utf-8?B?UUZQWFl6QkkyeFovOTdHWVdxOFFtNHFJUVpsbU14aGtKa0hQc0hLZmNMKzFR?= =?utf-8?B?NVoxcmFVU0srTGNmQmljdnBaYVR2Tk9sVGUvL0dwLzFFc3V3RHNoVEY4VFB3?= =?utf-8?B?aXJMM0ViV2VmRWt1MmZpc0xGbGFwZElobjRxdVRuQnY3VU10Mm14VlYrSUJB?= =?utf-8?B?RktwclJoWFlLbml2MXdmR0grUVA4SGFMK2Y2UGp1dURYS2ZuUjRhR3FyQi9k?= =?utf-8?B?bWFwQ3gyeWF5aXhPWjRkMmpTYjhGZnZHa0oxRGx3Yllqc3VrZzVnN3VvMU5v?= =?utf-8?B?WlRQcHRjUURJN3JrL0VPRjBiemRXb0d1dFREVHVCNHlnRVZLekFWWmhaNmtY?= =?utf-8?B?TlVjeWVXaEpUdjZMYzZjZWYrYnZsR05USzJKbWh6Vld1dlF2bVk1MlE3M08x?= =?utf-8?B?UTVsNmhtMGlicCtlL05abWZZL0FjWGZNUmtOUFl4cTZNVnFYSHdCUHZtVkFW?= =?utf-8?B?aVRFR0FDZHh0Yms5NlNlMFNBVHAwSksyVnFNWk9GU3dxWjd1NFZsc3FUTGpm?= =?utf-8?B?QzNzU08xVm1vZ1lkWWJxdDJNU0VwRnNsVkNEdXZ0R0ViRHNvaUhTRHJHKzly?= =?utf-8?B?TnNKMXNURFlxN2JFTFQzUkQzcFlRUVhSbWozOVdlakZhankxMko0SnpQeUpi?= =?utf-8?B?MTVLTG1HVWd2NWdQcnFlQXhWc0o1aFFkeXdtNjY0VDk5dnl1akpHQ0IwSlZE?= =?utf-8?B?ajJNS0dFOGM0Nzd3Q1BKRERibHNiME9qYzV3QUtRYW10QzVVdkJJWGNPSmNU?= =?utf-8?B?L3E5ZEx5bFFlYnEzM0NTdjR6cUJKMnpiZllCZU94SHhpQ1JDeFd0dGRCbHdl?= =?utf-8?B?TFpucmRPTmxPNWxJT3dhZXVmVC9OWnVnckxXMHVoNi9tcDBJd2dqcnAvU3ph?= =?utf-8?B?ZHRFVHJUTHRqR1hNWmxHTWhZTlpNbnhDbE9iQ1FiK1ZnVkloRVg1M202bVhZ?= =?utf-8?B?d1JrbXBSQStEckdwSXR2Nm9OcCtjRVdEMUMxZ3QzK0RiSTdkeG81WXdOaUo3?= =?utf-8?B?cnBROWdjdERiNytzYzJXZnRZbTlyMFBiQVNEVVByNDNMZ0ZkZUpYcS9VMU5a?= =?utf-8?B?TTRZbVZBZUUweHFNdjNFbDFtWXRkZ0xzMlR4YmlCMVR3VG9RRkVlUmRDdldv?= =?utf-8?B?d093ZWU2NmpXZzh3cWFlV3R5VmFxeENORDZ2TXJsL3A1WUc5UmZ0VzJBbGQ1?= =?utf-8?B?K25LV3BVajFlTkpwYkl0b01xU2d6ODRJbnd3ZENRZ3NBU2FoN29OME1ZclhF?= =?utf-8?B?Qlc4Q0g3Z0h5aFZqZlZuSFQxbmVvVks4dFBOV3MvNFdCZU9QMXg0VFZBeXRB?= =?utf-8?B?N0JxcGIwUWpTUDdMN0laREloTC9TaG50Y2U1eXFBWGFrM3REMnA2WjdyUk9o?= =?utf-8?B?MFp1VEpHODE1ME8wWWZGK0QyYXcrZWdxcWNLNCt5eklkUnpkSFJOdHdudWNj?= =?utf-8?B?Rjk4RnZCeTdHNEN6YnJGYnFBSUhhZWloUTl6dWdGSlBGWkxERys4em12aDh2?= =?utf-8?B?L2tLZEVFSm54blpaSkpZSHdOSXdBYU43dGd6WDFZbkhvbG9valRaeWlpaU5M?= =?utf-8?B?QjRKU0J4NXRLd0xtc00vVjFyZWhqeVRtNGU0WW9GMEsxODBEREZyc3AyQUR6?= =?utf-8?B?ZG1wZ2NvcTl5WkE4LzE3anVOWXRUTXRvSUtlbDhOSGtJYTgxTkJocUw5VklT?= =?utf-8?B?bGp3MzhvOUxzdVFieU9uOVVidkk0dXdWYkE1eWwxcXpkSkhMZk03cXlQY29m?= =?utf-8?Q?y0r6T9hj12qV5j3y5iRER+HSj9a1hOBZmCo2vSo?=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: qti.qualcomm.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR02MB6591.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 64ac8a23-d579-44d6-5fff-08d908c47046
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Apr 2021 15:03:23.8574 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 98e9ba89-e1a1-4e38-9007-8bdabc25de1d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: NbVmwW+ZWXneZDGlpesAstLT4kPG8vVpSyxba4AIHXsoQ4Ry1T8bysEqd9Ujj4om8namAvIbo1+yHFFroulDvQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR02MB5775
Archived-At: <https://mailarchive.ietf.org/arch/msg/its/m7hHQASa55gxSdFM2ehKsTInJhM>
Subject: Re: [ipwave] wish list for CAs for vehicular networks
X-BeenThere: its@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IPWAVE - IP Wireless Access in Vehicular Environments WG at IETF <its.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/its>, <mailto:its-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/its/>
List-Post: <mailto:its@ietf.org>
List-Help: <mailto:its-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/its>, <mailto:its-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Apr 2021 15:03:34 -0000

The IMPORT statement imports the 1609.2 ASN.1, but ETSI has permissions to republish it.

>> It is because one cant talk about text in I-Ds if we do not know the
contents of the documents that they refer to (if these are closed).

"available for a price" is not the same as closed, and IETF policy does not consider documents closed if they are publicly available for a price.

Cheers,

William

-----Original Message-----
From: Alexandre Petrescu <alexandre.petrescu@gmail.com> 
Sent: Monday, April 26, 2021 11:00 AM
To: William Whyte <wwhyte@qti.qualcomm.com>om>; Mounira MSAHLI <msahli1717@gmail.com>
Cc: its@ietf.org
Subject: [EXT] Re: [ipwave] wish list for CAs for vehicular networks



Le 26/04/2021 à 16:29, William Whyte a écrit :
>>> - the specs of CA must be implementable independently of other 
>>> paying
> sources such as (some) from IEEE or ISO.  For example, the ETSI ITS 
> spec that IMPORTS 1609.2 does not qualify because in the end it is 
> paying.  But the X.509 in RFC 5280 does not rely on other paying 
> documents in order to implement (I think?).
> 
>>> William could answer you this question better than me because it 
>>> was
> already asked by ETSI.
> 
> Yes, 1609.2 needs to be purchased from IEEE. ETSI has reproduced the 
> ASN.1 (with permission from IEEE) but there are some subtleties of 
> implementation and how the crypto operations are carried out that 
> aren’t captured in the ASN.1 alone.
> 
> I’d note that Alex’s preference for standards to be freely available 
> if they are to be referenced by IETF is a reasonable point of view,

Thanks, but I did not really say that.

I said that if one wants to implement the ETSI TS 103 097 whose grammar
is free of access one still needs to pay IEEE for the 1609.2 grammar
because of that 'IMPORT' statement present in the former.  That is
between ETSI and IEEE.

I was not talking about RFCs and IETF.

But for RFCs it is clear as well: if one wants to implement an RFC one
must have full specifications fully at hand and for no price.  One would
need to pay the pipe to access it (i.e. the ISP), the computer to
program, the coffee, but not the document itself.


> but it’s not IETF policy; IETF policy allows non-free standards to
> be referenced.

Probably.  I would need to check which policy one means more precisely.

But it is clear to me that IETF would not put out an RFC which needs
other closed documents in order to be implemented.

It is because one cant talk about text in I-Ds if we do not know the
contents of the documents that they refer to (if these are closed).

Alex

> 
> Cheers,
> 
> William
> 
> *From:* its <its-bounces@ietf.org> *On Behalf Of * Mounira MSAHLI 
> *Sent:* Monday, April 26, 2021 9:54 AM *To:* Alexandre Petrescu 
> <alexandre.petrescu@gmail.com> *Cc:* its@ietf.org *Subject:* [EXT] 
> Re: [ipwave] wish list for CAs for vehicular networks
> 
> Can you comment on this wish list?
> 
> Wish list for CAs for vehicular networks
> 
>>> - the CA must be reachable on IPv6, and their website too.
> 
> Could you please mention why not IPv4 ?
> 
> - the specs of CAs for vehicular networks must be available on IPv6 
> (e.g. on an IPv6 website, FTP directory, or GIT shared space).
> 
> You mean certificate policy. I have the same question. You are 
> specifying the IP protocol for the PKI website. I agree that
> document must be published and available to PKI users but why IPV6 ?
> 
> - the specs of CA must be implementable independently of other paying
> sources such as (some) from IEEE or ISO.  For example, the ETSI ITS
> spec that IMPORTS 1609.2 does not qualify because in the end it is
> paying.  But the X.509 in RFC 5280 does not rely on other paying
> documents in order to implement (I think?).
> 
> William could answer you this question better than me because it was 
> already asked by ETSI.
> 
> - the CA must offer OCSP reachability on IPv6.
> 
> I find that all recommandations are related to the use of IPv6 not 
> really the
> 
> security or privacy in C-ITS. By analogy with what you are 
> suggesting, I think  that you would prefer to use IPv6 for the
> upload of log and download of updates and all V2I communications not
> only V2PKI connexion.
> 
> Mounira
>