[KEYPROV] Transaction-based Key Provisioning/Management
"Anders Rundgren" <anders.rundgren@telia.com> Sat, 03 July 2010 09:30 UTC
Return-Path: <anders.rundgren@telia.com>
X-Original-To: keyprov@core3.amsl.com
Delivered-To: keyprov@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix)
with ESMTP id 520A43A6982 for <keyprov@core3.amsl.com>;
Sat, 3 Jul 2010 02:30:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=0 tagged_above=-999 required=5 tests=[BAYES_60=1,
RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L5W3ffVhZFQx for
<keyprov@core3.amsl.com>; Sat, 3 Jul 2010 02:30:38 -0700 (PDT)
Received: from smtp-out12.han.skanova.net (smtp-out12.han.skanova.net
[195.67.226.212]) by core3.amsl.com (Postfix) with ESMTP id 1756F3A698A for
<keyprov@ietf.org>; Sat, 3 Jul 2010 02:30:38 -0700 (PDT)
Received: from AndersPC (81.232.45.215) by smtp-out12.han.skanova.net
(8.5.114) (authenticated as u36408181) id 4BC6CFA701724E28 for
keyprov@ietf.org; Sat, 3 Jul 2010 11:30:49 +0200
Message-ID: <A1B663CCF12248219BABBAE128AA02B5@AndersPC>
From: "Anders Rundgren" <anders.rundgren@telia.com>
To: "KEYPROV" <keyprov@ietf.org>
Date: Sat, 3 Jul 2010 11:31:53 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Windows Mail 6.0.6000.20661
X-MimeOLE: Produced By Microsoft MimeOLE V6.0.6000.16669
Subject: [KEYPROV] Transaction-based Key Provisioning/Management
X-BeenThere: keyprov@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Provisioning of Symmetric Keys \(keyprov\)" <keyprov.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/keyprov>,
<mailto:keyprov-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/keyprov>
List-Post: <mailto:keyprov@ietf.org>
List-Help: <mailto:keyprov-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/keyprov>,
<mailto:keyprov-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Jul 2010 09:30:40 -0000
For any possible new ventures in this space it might be interesting to know
that the latest SKS Specification and Reference Implementation has been
updated to support fully "atomic" (transaction-based) key provisioning and
management which in practical terms means that:
1. Unless you get a power fail exactly during the <100 ms "commit" phase you
will never end-up with a half-provisioned or broken key container.
2. SKS can provide a *cryptographically verifiable proof* to the issuer that
the *entire* provisioning session was carried out "as requested".
First I was worried that deferring a lot of operations including pretty advanced
management dittos to "closeProvisiongSession" would be difficult but the
Reference Token implementation showed that this is actually piece of cake.
Well, it does though assume that you have megabytes of Flash storage
available, 64K RAM, as well as a speedy 32-bit processor but I consider
that reasonable since this is the state of consumer electronics these days.
This have strengthened my belief that there indeed is a point creating a specific
"Provisioning API" while leaving PKCS #11, JCE, and CryptoAPI intact
and supporting a "User API".
Although my intent was never to create new tokens, it turned out as a *necessity*.
Lucky for me, embedded systems were my first encounter with computer
technology so I had some (albeit *extremely dated*) experience to build on :-|
Anders Rundgren
http://webpki.org/auth-token-4-the-cloud.html
- [KEYPROV] Transaction-based Key Provisioning/Mana… Anders Rundgren