[KEYPROV] Privacy Enabled Provisioning
Anders Rundgren <anders.rundgren@telia.com> Thu, 02 June 2011 08:06 UTC
Return-Path: <anders.rundgren@telia.com>
X-Original-To: keyprov@ietfa.amsl.com
Delivered-To: keyprov@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6627FE076E for <keyprov@ietfa.amsl.com>; Thu, 2 Jun 2011 01:06:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yktLUiV6vY2v for <keyprov@ietfa.amsl.com>; Thu, 2 Jun 2011 01:06:39 -0700 (PDT)
Received: from smtp-out12.han.skanova.net (smtp-out12.han.skanova.net [195.67.226.212]) by ietfa.amsl.com (Postfix) with ESMTP id 66795E06F1 for <keyprov@ietf.org>; Thu, 2 Jun 2011 01:06:39 -0700 (PDT)
Received: from [192.168.0.200] (81.232.44.37) by smtp-out12.han.skanova.net (8.5.133) (authenticated as u36408181) id 4D65154401D27DE8 for keyprov@ietf.org; Thu, 2 Jun 2011 10:06:37 +0200
Message-ID: <4DE74478.1090109@telia.com>
Date: Thu, 02 Jun 2011 10:06:16 +0200
From: Anders Rundgren <anders.rundgren@telia.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.17) Gecko/20110414 Thunderbird/3.1.10
MIME-Version: 1.0
To: keyprov@ietf.org
X-Enigmail-Version: 1.1.1
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: [KEYPROV] Privacy Enabled Provisioning
X-BeenThere: keyprov@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Provisioning of Symmetric Keys \(keyprov\)" <keyprov.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/keyprov>, <mailto:keyprov-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/keyprov>
List-Post: <mailto:keyprov@ietf.org>
List-Help: <mailto:keyprov-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/keyprov>, <mailto:keyprov-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Jun 2011 08:06:40 -0000
F.Y.I. As some of you know I'm since way back working with a "TPMish" token and associated provisioning protocol that is intended to support mass-markets like: http://www.google.com/wallet There are strong motives for innovation in this space since the state of credential provisioning is technically at least 10 years behind the rest of mobile/PC ecosystem: http://webpki.org/papers/keygen2/KG-vs-KG2.pdf Anyway, the starting point was addressing the high-value market where strong authentication is already in use and where privacy aspects (w.r.t. to device identity NB), are secondary. In fact, the original E2ES (End-to-End Security) scheme tries to emulate the methods used for card issuance while moving the "production" out on the web. Since the most important thing of all for a standard-to-be, namely adoption, could be hampered by a scheme leaking device identity (during provisioning), I have recently upgraded the system to support a fully anonymous provisioning mode. Because anonymous relations probably do not constitute of high-value, elaborate methods like DAA (Direct Anonymous Attestation), were (after careful consideration), rejected as they could stifle acceptance in spite of their merits. It seems that anonymity has more applications in three-party relations like payments and "I'm over 18" scenarios. In the revised scheme the issuer requests a specific mode and it is the user that in the case of E2ES mode will have to decide if he/she wants to share device identity with the issuer. Somewhat surprising the PEP (Privacy Enabled Provisioning) mode affected less than 1% of the code in the token as well as in the protocol. - Anders http://webpki.org/auth-token-4-the-cloud.html
- [KEYPROV] Privacy Enabled Provisioning Anders Rundgren