IETF Logo Mail Archive

Re: [ipwave] RFC8902 - TLS with ITS Certificates, EXPERIMENTAL, and the one PKI and one Internet

Mounira MSAHLI <msahli1717@gmail.com> Thu, 22 April 2021 15:53 UTC

Return-Path: <msahli1717@gmail.com>
X-Original-To: its@ietfa.amsl.com
Delivered-To: its@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD4573A15AF for <its@ietfa.amsl.com>; Thu, 22 Apr 2021 08:53:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.846
X-Spam-Level:
X-Spam-Status: No, score=-1.846 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GhPHCGd8k41G for <its@ietfa.amsl.com>; Thu, 22 Apr 2021 08:53:01 -0700 (PDT)
Received: from mail-qv1-xf32.google.com (mail-qv1-xf32.google.com [IPv6:2607:f8b0:4864:20::f32]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B3DC83A15DA for <its@ietf.org>; Thu, 22 Apr 2021 08:53:00 -0700 (PDT)
Received: by mail-qv1-xf32.google.com with SMTP id dp18so17608081qvb.5 for <its@ietf.org>; Thu, 22 Apr 2021 08:53:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=M6yYKzkC5P8dDB9W4vj1N9FnmgWnD+ltCTvkjoHRwi8=; b=hgc+k46moqogVwEX09izzfYY5cAkbvDw5bfcl3+h1J7e5WhW5ZMz6qTzstS4C3Hray SUNGHx97sm9igmO9fN1lHkoyb5FYjVrsDxSEwLIcDUxzVkECjgs6ZKprR9nhAC7heWuD r4LcfFik94CQuvB+MaoaCzbnRtwV3lSBdepEkp5ltC3HcfpNesZI405cOpmFYKfRx0K+ CzWXPo1ve7J4OdYmuJF1HMHz6uMb6Lnsb5JwSOfmzTi+zhrv3WJIC1T3w9liN5VpX4bE XedOWh1dv/0RqtkwVIPvtYK7zr5dICVoayHvcpat0GelsLYP7OdMJ9qyYMkI+a9iDFj1 WaBQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=M6yYKzkC5P8dDB9W4vj1N9FnmgWnD+ltCTvkjoHRwi8=; b=sV8B8trr4uALhmq7/Hb6sigPii9iyQeRYTuHZ37+H816AzfHZZL6ceDdMzCEhknEJ4 JG5ydnYdEB0rTMshTLat+5VmrwwNZfRFNGeolM1g1Gi4lo6v7n1U9piAwJKyGPPQyo9T e1AdMr6yPa6R+931BbW8J9VkJJUI2WcRPzsPjnu72YoXXxszb50mUnXZCQ0VWEDDYoyb 80r7L2XpB5OHYjPKyhi5NswYQWefU2MEJgESsFulrDs3GW4MUpr+aVYiuWBEfNRFaG7q iw8ZOmeXd/wrTef29/9uaQe6OVpxgq/y9QDhBXuqUV948F7SqnDfUQvm9RACOne9dusI hiqQ==
X-Gm-Message-State: AOAM530I5+24CUydineV0ZfSMV6BC8Yst2JodUTbL1XtQkMt0NSzyU1M vbbMkODbNMlIn5wJyC/Hsne+VRS2Anb6ELCGEeo=
X-Google-Smtp-Source: ABdhPJyzcOlCGOP/SOqBdXgMtcmV5+FsXkU+VzD7XgzWfp5Y7EOKnORzUX/QZIrDcdjn2c2LtgJwaZrdiAIRhD9EmO8=
X-Received: by 2002:a0c:9e0f:: with SMTP id p15mr4286408qve.27.1619106778552; Thu, 22 Apr 2021 08:52:58 -0700 (PDT)
MIME-Version: 1.0
References: <acc0f475-7f7b-bfbe-1099-913f0cef4de6@gmail.com> <01d601d731e3$140e2ed0$3c2a8c70$@eurecom.fr> <0600020f-b6ca-4d6d-2499-817586bc3548@gmail.com> <CAMEeBw9eaPBRT26BqqmXdEpqFzSTGt8w46wmexfg7ax4aRP-pQ@mail.gmail.com> <CAA2OGZCntE+FUtzKwxrsH7i_q70jjZuPoUjRG7cYmEVRHFJU8g@mail.gmail.com> <19dce5f5-8dca-55c2-4d46-bb83046562ab@gmail.com> <CAA2OGZDzWjQkSkn7W3bNC-w8ANk3Do-OdUwpZn9SK3na9afRpA@mail.gmail.com>
In-Reply-To: <CAA2OGZDzWjQkSkn7W3bNC-w8ANk3Do-OdUwpZn9SK3na9afRpA@mail.gmail.com>
From: Mounira MSAHLI <msahli1717@gmail.com>
Date: Thu, 22 Apr 2021 17:52:47 +0200
Message-ID: <CAA2OGZAt+8araN_X_hMdZSpEaNmEZbrXUag8uhR5HALDgUqP4w@mail.gmail.com>
To: Alexandre Petrescu <alexandre.petrescu@gmail.com>, its@ietf.org
Content-Type: multipart/alternative; boundary="000000000000639ba805c091ac5a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/its/wkD_vDshpqMUQda12WlkPuRUJNk>
Subject: Re: [ipwave] RFC8902 - TLS with ITS Certificates, EXPERIMENTAL, and the one PKI and one Internet
X-BeenThere: its@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IPWAVE - IP Wireless Access in Vehicular Environments WG at IETF <its.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/its>, <mailto:its-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/its/>
List-Post: <mailto:its@ietf.org>
List-Help: <mailto:its-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/its>, <mailto:its-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Apr 2021 15:53:07 -0000

>
>
>
> Hi Alex,
>
>
> >> But there are also other projects funded by the EU in the same domain
> (connected automated mobility with self-driving cars) and where more open
> certificates are being used, with more open source software.
>
>
> We are 19 member states in C-ROADS Platform. I did co-chair of TF1 C-Roads
> platform in 2018, dealing with security aspects and its interoperability in
> C-ITS. The common certificate data structure standard is ETSI TS 103 097 (
> version 1.3.1 which is a profile of 1609.2).
>
>
>
> >> Yes, but has that been done?  HAs someone put CAM messages on IP on a
> 4G
>
> link and signed with 1609.2 certificates?  I think not.
>
>
> Why not? I did not get the point of the common browsers but it was tested
> on hybrid communication ITS-G5 and 5G
>
>
>
> >> Yes, but what CA would be put in the server of that log?  Would that CA
>
> be a self-made CA with openssl (or other open source software), or would
>
> it be a widely known CA like the CAs present in firefox, for example?
>
>
> My guess is that you assume a self-made CAs, and I agree with it for
>
> experimentation.
>
>
> >> But for deployment there would be a need for the existing CAs in the
>
> browsers to implement these 1609.2 certs.  And they are paying.  I doubt
>
> it could work.
>
>
> The case of TLS Client Using the ITS Certificate and TLS Server Uses the
> X.509 Certificate is already covered by the RFC 8902.
>
>
> >> Recently I worked with Microsec and they might also propose
> certificates
>
> for cheaper (free), if it is for evaluation, or for academia, or
>
> similar.  And Microsec CA _is_ present in the browsers.  But can
>
> Microsec sign these 1609.2 certificates and still not ask me (end user)
>
> to pay for the certificates?
>
>
> I find that Microsec cert are compliant to standards below:
>
>   IEEE Std 1609.2 (IEEE Standard for Wireless Access in Vehicular
> Environments);
>
> • ETSI TS 102 940 (ITS-S security (PKI) architecture and application
> groups);
>
> • ETSI TS 102 941 (Trust and Privacy Management)
>
> ETSI TS 103 097 (Certificate and message structure definitions for C2CPKI).
>
>
> So if you have end user micros cert, you can use it to sign C-ITS
> messages.
>
>
> >> And Microsec CA _is_ present in the browsers
>
>
> You mean the certificate authority. You want to sign CAM with certificate
> authority ?
>
>
> I did not get the point could you clarify more please.
>
>
>
> >> http://www.scoop.developpement-durable.gouv.fr/> :
>
>
> >> This is not reachable on IPv6.
>
>
> You mean the web page of the project or the PKI of the project ?
>
> Scoop + Intercor projects are already finished in December 2019.
>
>
>
> Any way the business model of C-ITS PKI, in all mentioned project is SaaS.
> If you want to get access to this service via IPv6, you can ask the PKI.
>
>
>
> Best Regards
>
> Mounira
>
> Le mar. 20 avr. 2021 à 11:51, Alexandre Petrescu <
> alexandre.petrescu@gmail.com> a écrit :
>
>> Hi, Mounira,
>>
>> Le 16/04/2021 à 14:13, Mounira MSAHLI a écrit :
>> >
>> > Dear all, Dear Russ, Dear Jerome, Dear Alex,
>> >
>> >
>> >
>> > I’m sorry for the delay. I would like to provide some
>> > clarificationsconcerning:
>> >
>> >
>> >
>> >>> This discrepancy is the following: in a few trials I
>> >>> participated, and
>> >
>> > some about I heard of, people use normal PKI with openssl and normal
>> >
>> > certificates in cars, over IP, on cellular links like 4G.  They work
>> >
>> > fine.
>> >
>> >
>> > But, I want to highlight that the European commission are  funding
>> > several Cooperative ITS (C-ITS) deployment projects such as:
>> >
>> >
>> > - Scoop@F http://www.scoop.developpement-durable.gouv.fr/
>> > <http://www.scoop.developpement-durable.gouv.fr/> :
>> >
>> >
>> > which is about deploying 3000 cars + 2000 km of roads
>> >
>> >
>> > - InterCor https://intercor-project.eu/
>> > <https://intercor-project.eu/>,
>> >
>> > - C-Roads Platform https://www.c-roads.eu/platform.html
>> > <https://www.c-roads.eu/platform.html>
>> >
>> >
>> > InterCor and C-Roads are about harmonising C-ITS specifications in
>> > Europe
>> >
>> >
>> > - INDID
>> >
>> https://www.c-roads.eu/pilots/core-members/france/Partner/project/show/indid.html
>> >
>> > <
>> https://www.c-roads.eu/pilots/core-members/france/Partner/project/show/indid.html
>> >.
>> >
>> >
>> >
>> >
>> > All these projects are using ETSI TS 103 097 certificates, which is a
>> >  profile of 1609.2 to secure C-ITS messages:
>>
>> But there are also other projects funded by the EU in the same domain
>> (connected automated mobility with self-driving cars) and where more
>> open certificates are being used, with more open source software.
>>
>> >
>> >
>> https://ec.europa.eu/transport/sites/transport/files/c-its_certificate_policy_release_1.pdf
>> >
>> > <
>> https://ec.europa.eu/transport/sites/transport/files/c-its_certificate_policy_release_1.pdf
>> >
>> >
>> >
>> >
>> > As mentioned by Jerome, one use case of the RFC 8902 could be to sign
>> >  CAM and DENM messages on facilities layer and not geonet as
>> > specified in ETSI.
>>
>> Yes, but has that been done?  HAs someone put CAM messages on IP on a 4G
>> link and signed with 1609.2 certificates?  I think not.
>>
>> It would be good if it worked, but it would need the CAs to know these
>> certifiicate formats, and the CAs would need to be known in common
>> browsers.
>>
>> > Yes, in projects dealing with C-ITS security
>> > interoperability, we use MQTT to exchange C-ITS messages between many
>> > countries to ensure continuity of service when vehicle is crossing
>> > borders.
>>
>> Ok, good to know.
>>
>> >
>> >
>> > We could also use the RFC for Vehicle-To-Internet simply to upload
>> > log of vehicle for example etc…
>>
>> Yes, but what CA would be put in the server of that log?  Would that CA
>> be a self-made CA with openssl (or other open source software), or would
>> it be a widely known CA like the CAs present in firefox, for example?
>>
>> My guess is that you assume a self-made CAs, and I agree with it for
>> experimentation.
>>
>> But for deployment there would be a need for the existing CAs in the
>> browsers to implement these 1609.2 certs.  And they are paying.  I doubt
>> it could work.
>>
>> >
>> >
>> >
>> >>> The reason is because the former is all open source software and
>> >>> freely accessible standards, whereas  1609.2 are closed documents
>> >>> and ETSI ITS certificate software is not integrated in mainline
>> >>> software like openssl.
>> >
>> >
>> > There's a java implementation of 1609.2/103 097 here:
>> > https://github.com/pvendil/c2c-common
>> > <https://github.com/pvendil/c2c-common>. I already used it.
>>
>> Yes, but the spec is paying.  That does inspire seriousness but might
>> inspire risk for the confidence.
>>
>> >
>> >
>> >>> ITS-specific CAs are closed, hard to access and the certificate
>> >>> are
>> >
>> > expensive.  hard to access and the certificate are expensive.
>> >
>> >
>> > you can get certificates from
>> > https://www.ghsiss.com/v2x-certificates/
>> > <https://www.ghsiss.com/v2x-certificates/>
>>
>> Thanks for the pointer, I did not know ghsiss.  Are they paying
>> certificates?
>>
>> Recently I worked with Microsec and they might also propose certificates
>> for cheaper (free), if it is for evaluation, or for academia, or
>> similar.  And Microsec CA _is_ present in the browsers.  But can
>> Microsec sign these 1609.2 certificates and still not ask me (end user)
>> to pay for the certificates?
>>
>> Another thing to consider is whether or not ghsiss (and Microsec for
>> that matter) are reachable on IPv6.  That is also a make kor break
>> condition of use.  It is worth trying.
>>
>> Thanks for the message.
>>
>> Alex
>>
>> >
>> >
>> >
>> >>> In  my personal opinion, it remains good if IPWAVE provides a
>> >>> guideline on how to secure IP vehicular communication, including
>> >>> interoperability between systems (although I have at that time
>> >>> limited resources to actively contribute to this), as several
>> >>> options are on the table and we need to guarantee the trust
>> >>> chain, even considering different protocol or standards being
>> >>> used.
>> >
>> >
>> > I’m also interested to work on security interoperability in C-ITS and
>> > we could add:
>> >
>> >
>> > - Misbehaving in vehicular network
>> >
>> > - Revocation management
>> >
>> > - Pseudonym management/change to avoid tracking and to ensure
>> > privacy
>> >
>> >
>> > Thank you Russ for your time on this RFC and for your valuable
>> > review.
>> >
>> >
>> >
>> > Kind regards
>> >
>> > Mounira
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> > ---------- Forwarded message --------- De : *Alexandre Petrescu*
>> > <alexandre.petrescu@gmail.com <mailto:alexandre.petrescu@gmail.com>>
>> > Date: jeu. 15 avr. 2021 à 22:44 Subject: Re: [ipwave] RFC8902 - TLS
>> > with ITS Certificates, EXPERIMENTAL, and the one PKI and one
>> > Internet To: Jérôme Härri <Jerome.Haerri@eurecom.fr
>> > <mailto:Jerome.Haerri@eurecom.fr>>, IPWAVE WG <its@ietf.org
>> > <mailto:its@ietf.org>>
>> >
>> >
>> >
>> >
>> > Le 15/04/2021 à 12:35, Jérôme Härri a écrit :
>> >> Dear Alex,
>> >>
>> >> Thanks. Indeed such discrepancies is particularly an issue when it
>> >> comes to merging wireless and wired (V2I). For example, you send a
>> >> DENM over 5G reaching a MEC. It will remove the ETSI KPI and do
>> >> something on its own (not fully sure what exactly), or if you use
>> >> MQTT type of interaction, where it is even less clear (what a
>> >> broker will do on a DENM sent over JSON is not fully clear to keep
>> >> track of any kind of security/data integrity...
>> >>
>> >> For that matter, there was one effort from C-ROAD to develop
>> >> something called 'Facilities' PKI, saying that the ITS KPI are at
>> >> facilities layer and no longer at geonet. The advantage is that at
>> >> least now, you do not need to remove the KPI when moving and
>> >> exchanging DENM (or else) in backend. But I am not sure of the
>> >> current status or even if this WI is actually active.
>> >>
>> >> Now, I do not fully agree with you with the equivalence of the
>> >> internet KPI and ITS KPI. Indeed, the principle is the same, but
>> >> in the test you mention, the trust chain is not guaranteed (you
>> >> edit your own root-CA for the purpose of the tests, but for example
>> >> in one of our cross-border deployment (e.g. DE-FR), this solution
>> >> does not work, as a German car will not recognize the CA from a
>> >> French root-CA. So, the key issue I see is not really (or only) on
>> >> security but on Trust. The ITS KPI is one option, there might be
>> >> others, but 'open ssl' strategies still face the trust-chain
>> >> issue.
>> >
>> > Jérôme,
>> >
>> > I agree with you.
>> >
>> > In the discussion above I think you meant 'PKI' throughout (Public
>> > Key Infrastructure), and not 'KPI' (Key Performance Indicator).
>> >
>> > That said, the question you formulate about how a car-to-server MQTT
>> > interaction on IP would be authenticated by certificates that are
>> > verified by CAs that are absent from normal browsers, or how the CAs
>> > that are present in normal browsers would help authenticating CAM
>> > messages sent on IP - is a very relevant question.
>> >
>> > Alex
>> >>
>> >> Best Regards,
>> >>
>> >> Jérôme
>> >>
>> >> -----Original Message----- From: its <its-bounces@ietf.org
>> > <mailto:its-bounces@ietf.org>> On Behalf
>> >> Of Alexandre Petrescu Sent: Thursday, 15 April 2021 12:20 To:
>> >> IPWAVE WG <its@ietf.org <mailto:its@ietf.org>> Subject: [ipwave]
>> >> RFC8902
>> > - TLS with ITS
>> >> Certificates, EXPERIMENTAL, and the one PKI and one Internet
>> >>
>> >> Hi, IPWAVErs,
>> >>
>> >> A colleague pointed me to this recently issued RFC 8902 about TLS
>> >> with ITS Certificates.
>> >>
>> >> This RFC is of an EXPERIMENTAL Category.
>> >>
>> >> It might be in agreement with other IEEE standards such as 1609.2.
>> >>
>> >> But I must say that I think it further deepens the discrepancy
>> >> between what is PKI in the Internet and what is the closed PKI for
>> >> ITS.  That is a discrepancy that exists for a long time, and I
>> >> must share that - IMHO - I am surprised that the IETF issues an RFC
>> >> that further promotes such a discrepancy.
>> >>
>> >> This discrepancy is the following: in a few trials I participated,
>> >> and some about I heard of, people use normal PKI with openssl and
>> >> normal certificates in cars, over IP, on cellular links like 4G.
>> >> They work fine.  The CA is a local CA (not a commercial CA), but
>> >> the concept _is_ compatible with normal CAs.  These dont use the
>> >> ETSI ITS-specific certificates, neither the 1609.2 certificates.
>> >>
>> >> I think there are more such trial deployments using local (but
>> >> standard, openssl PKIs and certificates) than there are trials
>> >> using ETSI ITS certificates or 1609.2 certificates.  The reason is
>> >> because the former is all open source software and freely
>> >> accessible standards, whereas 1609.2 are closed documents and ETSI
>> >> ITS certificate software is not integrated in mainline software
>> >> like openssl.
>> >>
>> >> There are many easily accessible CAs (Certificate Authorities)
>> >> that are integrated in the Internet and in main web browsers,
>> >> whereas the ITS-specific CAs are closed, hard to access and the
>> >> certificate are expensive.  Many strong oppinions maintain that it
>> >> should stay that way: cars PKI different than Internet PKI.
>> >>
>> >> There should be one Internet, and that means one trust, and one
>> >> PKI.
>> >>
>> >> Everything else should not be done at IETF, I think; hence my
>> >> comment about this particular RFC.
>> >>
>> >> That is my humble oppinion.
>> >>
>> >> I would like to hear other oppinions?  Maybe I miss something...
>> >>
>> >> Alex
>> >>
>> >> _______________________________________________ its mailing list
>> >> its@ietf.org <mailto:its@ietf.org>
>> > https://www.ietf.org/mailman/listinfo/its
>> > <https://www.ietf.org/mailman/listinfo/its>
>> >>
>> >> _______________________________________________ its mailing list
>> >> its@ietf.org <mailto:its@ietf.org>
>> > https://www.ietf.org/mailman/listinfo/its
>> > <https://www.ietf.org/mailman/listinfo/its>
>> >>
>> >
>> > _______________________________________________ its mailing list
>> > its@ietf.org <mailto:its@ietf.org>
>> > https://www.ietf.org/mailman/listinfo/its
>> > <https://www.ietf.org/mailman/listinfo/its>
>> >
>> >
>> > _______________________________________________ its mailing list
>> > its@ietf.org https://www.ietf.org/mailman/listinfo/its
>> >
>>
>> _______________________________________________
>> its mailing list
>> its@ietf.org
>> https://www.ietf.org/mailman/listinfo/its
>>
>

v2.23.0 | Report a Bug | By Email