IETF Logo Mail Archive

Re: [netconf] crypto-types fallback strategy

"Rob Wilton (rwilton)" <rwilton@cisco.com> Fri, 13 September 2019 08:48 UTC

Return-Path: <rwilton@cisco.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18C46120233 for <netconf@ietfa.amsl.com>; Fri, 13 Sep 2019 01:48:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.499
X-Spam-Level:
X-Spam-Status: No, score=-14.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=SulUrJn1; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=YS0Uso5R
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oLalrz-iu5z6 for <netconf@ietfa.amsl.com>; Fri, 13 Sep 2019 01:48:16 -0700 (PDT)
Received: from alln-iport-4.cisco.com (alln-iport-4.cisco.com [173.37.142.91]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D4461200B9 for <netconf@ietf.org>; Fri, 13 Sep 2019 01:48:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=41653; q=dns/txt; s=iport; t=1568364496; x=1569574096; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=2cvqMa3LBrz+f0nfbBhA4aZFA8Cq6CApZLEsU++LOuM=; b=SulUrJn1X+tuTujdzmIf92g7kbst/X1axejU1Vdl6YcXI8uI3iWEfavc v3KLISRot9TmrwEYGmhp8bZWhyA12WJYjZqe3aApHCSBgPo1xL41dbbuJ PGQNqGqvhutF94tnPXZ5dntPhBfelm3xUikXp2wrbbmxSORHTR0iGZXSb Y=;
IronPort-PHdr: 9a23:QzBY8RHSYtid57xHLEUoXJ1GYnJ96bzpIg4Y7IYmgLtSc6Oluo7vJ1Hb+e4z1A3SRYuO7fVChqKWqK3mVWEaqbe5+HEZON0pNVcejNkO2QkpAcqLE0r+eeT1bigmG8JqX15+9Hb9Ok9QS47z
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AdAACaV3td/51dJa1cChoBAQEBAQIBAQEBBwIBAQEBgVQEAQEBAQsBgRUvJCwDbVYgBAsqCodeA4prglyJZYkjhGiBLoEkA1QJAQEBDAEBJQgCAQGEPwKCXyM1CA4CAwkBAQQBAQECAQYEbYUuDIVKAQEBAQMSGxMBASkOAQ8CAQgRBAEBIQENIREdCAIEAQ0FCBMHgwGBHU0DHQECDJ8nAoE4iGGCJYJ9AQEFgTIBAwICg1INC4IWAwaBNAGKNIElAR0YgUA/gRFGgkw+ghoiJQIDgTMVGCuDEIImjGCIASSXBUEKgiGHAYIOh2iEG5kKjX+IBIIGjmQCBAIEBQIOAQEFgVQBNYFYcBWDJ4FKeAwXg0+FFIU/c4EpjVwBgSIBAQ
X-IronPort-AV: E=Sophos;i="5.64,500,1559520000"; d="scan'208,217";a="325486959"
Received: from rcdn-core-6.cisco.com ([173.37.93.157]) by alln-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 13 Sep 2019 08:48:09 +0000
Received: from XCH-ALN-014.cisco.com (xch-aln-014.cisco.com [173.36.7.24]) by rcdn-core-6.cisco.com (8.15.2/8.15.2) with ESMTPS id x8D8m9wN004272 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 13 Sep 2019 08:48:09 GMT
Received: from xhs-rtp-002.cisco.com (64.101.210.229) by XCH-ALN-014.cisco.com (173.36.7.24) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 13 Sep 2019 03:48:08 -0500
Received: from xhs-aln-002.cisco.com (173.37.135.119) by xhs-rtp-002.cisco.com (64.101.210.229) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 13 Sep 2019 04:48:07 -0400
Received: from NAM03-CO1-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-002.cisco.com (173.37.135.119) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Fri, 13 Sep 2019 03:48:07 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WINcarN04QGgtGEQBq0ZN6C3yTNCsHBAGxvS4XHIQS3Fz69Xklf0aK/Ha9IITlAgCHqh+i5U8HDiIP7m4urmubkazUZdy3TNf9M12Oj+iHTABP3+ihwMD4jmqcAXUmYhfZgZc/n7O7a0lB4HFOgOvXsmO+QuBFMUFUMBkAKA/Uk6Pt+29sSUevPqxGYzynl7pPGKWHeXXYbhB4+exw4TjJMiGedPESlqu4318x6BhH2fxtYjuXGpLPa4m4rDrjBW5t1SC4PA/1XV0TmKawTAF8O5pU+5Qsj9+FNK052eix80A1qHRNYrA8dP+/z0s/jFZcFtwqDib1NeiRalqfO7Bg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6+jh4e6R0IGhfdIgvMK4MjJRh7NHNrytfFI8UX8UJLU=; b=hVvyaEDd7j8wh3HCmUbMCtY+kqIXiQFXuJiOq76/IP5FLpoLbd1rgcYeu2sUtg3tbVKQlSsoHXGpsXmYHEiqgQLzQQ+lAVAZHHtQr+jXb06WM0FWF0hqWEh8ILHaPgrXj4A7qHoHYQSGEn1tV5muxZTB3fDAcRsm1oLxFRHQWV0z480ik25SBaugfDZ9+yhJNF+qnGXOnxiAi/3QDfxgZHdO89GDeSkeE3rblsnQ9R4OUTvenpk/hMIDeaCvlYSyZRhdgWM6mHq+x+1HGQFXLWemcx4fl8i3RIrRX0NSQyVEBsz1JylhDN7DD/e6TCzqKYn8UiI4Cze6tusHsbKi+w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6+jh4e6R0IGhfdIgvMK4MjJRh7NHNrytfFI8UX8UJLU=; b=YS0Uso5RBj1Dy48hfOlDwJrFwWYibj+rpDkhOsBJYg6qZuyZWr1ViqHdu1ZPLu/8mO/3r5BGKm3qp0HEi83ZGYeiyeNnpF/kp3NenMF+Tm6e5OJv/aKjLMRx8AJiZp6D7N54xo0Ma3qZew53TKQVg1Usl6CRfpe/WEsIuWW9WbI=
Received: from MN2PR11MB4366.namprd11.prod.outlook.com (52.135.38.209) by MN2PR11MB4013.namprd11.prod.outlook.com (10.255.181.154) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.21; Fri, 13 Sep 2019 08:48:05 +0000
Received: from MN2PR11MB4366.namprd11.prod.outlook.com ([fe80::6db3:f4c:467b:30f6]) by MN2PR11MB4366.namprd11.prod.outlook.com ([fe80::6db3:f4c:467b:30f6%7]) with mapi id 15.20.2263.021; Fri, 13 Sep 2019 08:48:05 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: Kent Watsen <kent+ietf@watsen.net>, "netconf@ietf.org" <netconf@ietf.org>
CC: Russ Housley <housley@vigilsec.com>, Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>, Sean Turner <sean@sn3rd.com>
Thread-Topic: [netconf] crypto-types fallback strategy
Thread-Index: AQHVaNxVu0aQE+n/K0iPwVgOy8FH/KcpQIdQ
Date: Fri, 13 Sep 2019 08:48:05 +0000
Message-ID: <MN2PR11MB4366AE6CF9E03B15EBEA3A39B5B30@MN2PR11MB4366.namprd11.prod.outlook.com>
References: <0100016d21ee2101-fb4f3288-1975-4a7d-a499-cb42ff8d9e14-000000@email.amazonses.com>
In-Reply-To: <0100016d21ee2101-fb4f3288-1975-4a7d-a499-cb42ff8d9e14-000000@email.amazonses.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=rwilton@cisco.com;
x-originating-ip: [173.38.220.61]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: d366cc4a-f018-4d58-72b1-08d73827182a
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600166)(711020)(4605104)(1401327)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:MN2PR11MB4013;
x-ms-traffictypediagnostic: MN2PR11MB4013:
x-ms-exchange-purlcount: 3
x-microsoft-antispam-prvs: <MN2PR11MB401379D2E39490E0A4D14E26B5B30@MN2PR11MB4013.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0159AC2B97
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(396003)(376002)(136003)(39860400002)(346002)(366004)(54094003)(51444003)(189003)(199004)(966005)(33656002)(71200400001)(71190400001)(6506007)(64756008)(66556008)(66476007)(66946007)(7696005)(102836004)(76176011)(99286004)(53546011)(5660300002)(6246003)(790700001)(66446008)(478600001)(229853002)(14454004)(2906002)(6306002)(54896002)(6116002)(3846002)(9686003)(236005)(55016002)(86362001)(6436002)(486006)(53936002)(66066001)(7736002)(74316002)(52536014)(4326008)(25786009)(256004)(14444005)(8936002)(81166006)(81156014)(26005)(316002)(54906003)(110136005)(8676002)(446003)(11346002)(76116006)(186003)(606006)(9326002)(2501003)(476003); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB4013; H:MN2PR11MB4366.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 5O6QXi+U3PkPtjbu3+oFWXx9cyJw4wvf3S3KiCzx/AiA2kbkXrWrPhUb7f624OntNaTojoSpNpNfSBAdAdEW1lWoVxnwze6shaPjmxnZ41NvOzZj/T6xwYEs30enWKirXv4JAj77zj05PkgAxgIouscY0zk2nHmwx3Zt5kSvH/b4ziyVl6/eryMtxE4pF/HETK54OMOSIIkvua6uWk8gzQ4R4Uc+h9CvvXtelZLPm7HbPFodDgPyK02/cEIZNaRBHeQ9XQ0WsZItl7wLnU1IpOMJJGdjxBfqXmTQvQOoHLfMDmcqisf9cvZU6lxVL/E8AcXpwwzr6u5BBCBy9mL/cIAs/+svwrGoAB78z9YD8+c2Q0wzyAzhYXNp7f0GP5HooKNOZjOUFahxJ0/ZPae9SWiSxX4E/cU4MofMl20uH84=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_MN2PR11MB4366AE6CF9E03B15EBEA3A39B5B30MN2PR11MB4366namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: d366cc4a-f018-4d58-72b1-08d73827182a
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Sep 2019 08:48:05.4770 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: V0FyAfnPuYMJV3sk6qzef4A3MOS+k/++K3xeKXPhlSauvDIFqhAaklGB/xdeD5CNg+MsYJ5sIcLjha1K26dMQw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4013
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.24, xch-aln-014.cisco.com
X-Outbound-Node: rcdn-core-6.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/1hNV2m-csTTcX1ApuzIWCj5qSB8>
Subject: Re: [netconf] crypto-types fallback strategy
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Sep 2019 08:48:20 -0000

Hi Kent,

I feel that this is outside my area of expertise, and hence I have a slight concern that my comments may needless derail a discussion rather than provide useful input.

But I have three comments:


  1.  I think that using a numerical OID to identify crypto algorithms doesn't seem like a great choice.  Seeing a config file say something like "rsaEncryption" instead of some OID string seems to be much more human friendly.  And as Martin says, using the OID name has no guarantees of being unique.


  1.  I wonder if changing from identifiers to enums was a mistake.  If we were to use YANG identifiers then we wouldn't need to define them all now, and they wouldn't all need to be defined in the same YANG module.  In fact, if we were to go back to using identifiers then perhaps NETCONF should restrict itself to only defining the identifiers that we actually need now, and leave the rest to the security folks to figure out, probably as separate modules defining the extra identifiers that they need, or as a bis version of the crypto-types draft if required.



  1.  I'm not sure that I understand why we would always want to always use ASN.1 to describe the keys for all algorithms.  Could we just leave the algorithm identities to define what format they use?   If we were to go back to using identities when we could have the choice of using multiple inheritance and then have a separate set of identities to allow the key formats to be defined.  Note, I have no objection to ASN.1 being used for some/most the keys if that is the right encoding.

Hopefully the comments are useful, apologies if they are not!

Thanks,
Rob



From: netconf <netconf-bounces@ietf.org> On Behalf Of Kent Watsen
Sent: 11 September 2019 21:05
To: netconf@ietf.org
Cc: Russ Housley <housley@vigilsec.com>; Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>; Sean Turner <sean@sn3rd.com>
Subject: [netconf] crypto-types fallback strategy

[warning: wide-screen needed]

Folks,

It seems that there is little appetite to pursue a solution that entails defining many algorithm identifiers/enumerations in YANG.

In Montreal, I presented a "fallback" strategy (see slide 9 here: https://datatracker.ietf.org/meeting/105/materials/slides-105-netconf-client-server-suite-of-drafts-00) that sought to leverage ASN.1 structures (that are heavily used by TLS) as much as possible and, in particular, rather than crypto-types defining many algorithms, the YANG module instead uses existing OIDs (ASN.1 object identifiers) to identify the algorithms and ASN.1 structures to encode them.

Testing, I've determined that:

1) `openssl genrsa -out rsa_private_key.pem 2048` creates an RSAPrivateKey (from rfc3447)
     - this is a raw key; there is no OID identifying the structure, or attributes indicating how it should be used.

2) `openssl rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem` creates a SubjectPublicKeyInfo (from rfc5280)
     - the "algorithm" field is "rsaEncryption" (thus indicating how the key is expected to be used)
     - the "parameters" field is NULL (which for some reason is actually the value b'\x05\x00')
     - the "subjectPublicKey" field is an RSAPublicKey (from rfc5480)

3) `openssl ecparam -genkey -name prime256v1 -out ec_private_key.pem` creates an ECPrivateKey (from rfc5915)
      - this is a raw key; there is no OID identifying the structure, or attributes indicating how it should be used.

4) `openssl ec -in ec_private_key.pem -pubout -out ec_public_key.pem` creates a SubjectPublicKeyInfo (from rfc5280)
     - the "algorithm" field is "id_ecPublicKey" (but, unlike rsaEncryption, this doesn't seem to indicate how the key should be used)
     - the "parameters" field is a ECParameters (from rfc5480) and (for me) contains 'namedCurve' being an OID containing value "secp256r1"
     - the "subjectPublicKey" field is an ECPoint (from rfc5480), which contains the value of a point on the curve.


I've been discussing all this offline with security experts (especially wrt all these ASN.1 structures) Russ Housley and Sean Turner (CC-ed) for about a week now.  I now feel the need to get some WG feedback before proceeding much further...

Here are some options:

OPTION A
========
- Continue pursuing the solution in the draft as is - a holistic mapping of many algorithm identifiers (more than needed for our use).
- Note that everyone that showed interest before haven't been heard from in awhile.

OPTION B
========
- move towards a fallback strategy (two variants are proposed below)
- both variations share the following common attributes:
    a) remove all the crypto-algorithm enumerations from the YANG module (~70% of the lines)
    b) use ASN.1 structures to encode symmetric and asymmetric key, both unencrypted and encrypted.
    c) figure out a plan for SSH later (the risk level is pretty low, e.g., I've seen code to key SSH keys from TLS keys)

Okay, so now for the two variants:  B1 and B2...



OPTION B1  (use raw/native keys)
----------------------------------------------
PROs: mostly supported by OpenSSL command line (see commands 1-4 above) [missing: commands illustrating key-encryption]
CONs: private keys have no way to declare their intended use (encrypt vs sign) or modes (CBS vs GCM).  some usage information could be stored in the public key.  no key usage information stored for symmetric keys.

module: ietf-keystore
     +--rw keystore
        +--rw asymmetric-keys
        |  +--rw asymmetric-key* [name]
        |     +--rw name                                  arbitrary user-set value
        |     +--rw algorithm                             <---- this becomes an OID (e.g., "rsaEncryption")
        |     +--rw public-key                            <---- this becomes SubjectPublicKeyInfo ASN.1 structure
        |     +--rw (private-key-type)
        |        +--:(private-key)
        |        |  +--rw private-key?                   <---- this becomes a raw ASN.1 key (e.g., RSAPrivateKey, ECPrivateKey)
        |        +--:(encrypted-private-key)
        |           +--rw encrypted-private-key
        |              +--rw (key-type)
        |              |  +--:(symmetric-key-ref)
        |              |  |  +--rw symmetric-key-ref?     leafref // ref to another key in keystore
        |              |  +--:(asymmetric-key-ref)
        |              |     +--rw asymmetric-key-ref?    leafref // ref to another key in keystore
        |              +--rw value?                       <--- this becomes an CMS EncryptedData structure containing an OneAsymmetricKey (from rfc5958)
        |
        +--rw symmetric-keys
           +--rw symmetric-key* [name]
              +--rw name                                  // arbitrary user-set value
              +--rw algorithm                            <---- TBD, mostly likely an AlgID value from rfc7210
              +--rw (key-type)
                 +--:(key)
                 |  +--rw key?                              <---- this becomes an OctetString (ASN.1 structure)
                 +--:(encrypted-key)
                    +--rw encrypted-key
                       +--rw (key-type)
                       |  +--:(symmetric-key-ref)
                       |  |  +--rw symmetric-key-ref?      // leafref to another key in keystore
                       |  +--:(asymmetric-key-ref)
                       |     +--rw asymmetric-key-ref?    // leafref to another key in keystore
                       +--rw value?                        <---- this becomes an CMS EncryptedData structure containing an OneSymmetricKey (from rfc6031)


OPTION B2  (use OneSymmetricKey and OneAsymmetricKey)
------------------------------------------------------------------------------------
PROs: private keys can declare their intended use (encrypt vs sign) and modes (CBS vs GCM)
CONs: not supported by OpenSSL command line (but are by languages, e.g., Python)

module: ietf-keystore
     +--rw keystore
        +--rw asymmetric-keys
        |  +--rw asymmetric-key* [name]
        |     +--rw name                                   // arbitrary user-set value
        |     +--rw algorithm                             <---- this could be deleted, or set to the same OID as in B1
        |     +--rw public-key                            <---- SubjectPublicKeyInfo ASN.1 structure  (same as in B1)
        |     +--rw (private-key-type)
        |        +--:(private-key)
        |        |  +--rw private-key?                   <---- this becomes a ASN.1 OneAsymmetricKey (from rfc5958)
        |        +--:(encrypted-private-key)
        |           +--rw encrypted-private-key
        |              +--rw (key-type)
        |              |  +--:(symmetric-key-ref)
        |              |  |  +--rw symmetric-key-ref?      // leafref to another key in keystore
        |              |  +--:(asymmetric-key-ref)
        |              |     +--rw asymmetric-key-ref?    // leafref to another key in keystore
        |              +--rw value?                         <---- CMS EncryptedData ASN.1 structure (same as in B1)
        |
        +--rw symmetric-keys
           +--rw symmetric-key* [name]
              +--rw name                                  arbitrary user-set value
              +--rw algorithm                            <---- this could be deleted, or set to the same AlgID value from B1
              +--rw (key-type)
                 +--:(key)
                 |  +--rw key?                              <---- this becomes a ASN.1 OneSymmetricKey (from rfc6031)
                 +--:(encrypted-key)
                    +--rw encrypted-key
                       +--rw (key-type)
                       |  +--:(symmetric-key-ref)
                       |  |  +--rw symmetric-key-ref?     leafref to another key in keystore
                       |  +--:(asymmetric-key-ref)
                       |     +--rw asymmetric-key-ref?    leafref to another key in keystore
                       +--rw value?                        <---  CMS EncryptedData ASN.1 structure (same as in B1)




In summary:
    - B1 is easier to support unencrypted keys, but fails to support some things important to some security folks (not me).
    - B1 complexity to support encrypted keys is TBD (I'm told OpenSSL command line can do it, but have yet to verify)
    - B2 is preferred by crypto folks, but lack an OpenSSL command line will thwart the development of simple scripts.
    - NC/RC are programmatic APIs, so complexity shouldn't be driving factor, though it may affect solution adoption.


Thoughts?

Kent // co-author

v2.23.0 | Report a Bug | By Email