IETF Logo Mail Archive

Re: [netconf] crypto-types fallback strategy

Kent Watsen <kent+ietf@watsen.net> Tue, 01 October 2019 00:38 UTC

Return-Path: <0100016d84c0c469-e57fd7aa-dcba-4079-9b37-22720f7a4500-000000@amazonses.watsen.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 719BC1200A1 for <netconf@ietfa.amsl.com>; Mon, 30 Sep 2019 17:38:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HbEZZBYjqHFl for <netconf@ietfa.amsl.com>; Mon, 30 Sep 2019 17:38:10 -0700 (PDT)
Received: from a8-88.smtp-out.amazonses.com (a8-88.smtp-out.amazonses.com [54.240.8.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32315120077 for <netconf@ietf.org>; Mon, 30 Sep 2019 17:38:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=6gbrjpgwjskckoa6a5zn6fwqkn67xbtw; d=amazonses.com; t=1569890288; h=From:Message-Id:Content-Type:Mime-Version:Subject:Date:In-Reply-To:Cc:To:References:Feedback-ID; bh=ask/BE/TZiI9g5gnH6GvXcxhZvmJEoif05t4snDmG/U=; b=hTUVA5qf/RTyWe9J8+gUvSbJkEbmUjftS94y49xDbgK8rxeKz3hU7qZQP31azNIg RTTsyZtphqIpTo1SGEjaizl96SxZU8N012Gn5OUkQwXZLVnJgY0E70e7ARg/uL/dSFq tGGpwAhXo4nmUS6FPQrhZmVCWWFuSKE31hMEAaMM=
From: Kent Watsen <kent+ietf@watsen.net>
Message-ID: <0100016d84c0c469-e57fd7aa-dcba-4079-9b37-22720f7a4500-000000@email.amazonses.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_F25F3B44-DFA2-4A15-9E8A-5C34ADC4EF10"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Tue, 01 Oct 2019 00:38:08 +0000
In-Reply-To: <20190927174623.jhvpudof6yfs2m4k@anna.jacobs.jacobs-university.de>
Cc: "Rob Wilton (rwilton)" <rwilton@cisco.com>, Martin Bjorklund <mbj@tail-f.com>, "wang.haiguang.shieldlab@huawei.com" <wang.haiguang.shieldlab@huawei.com>, "netconf@ietf.org" <netconf@ietf.org>, "rifaat.ietf@gmail.com" <rifaat.ietf@gmail.com>
To: Juergen Schoenwaelder <J.Schoenwaelder@jacobs-university.de>
References: <0100016d455c6145-844c669e-8f31-4203-a827-7368d33cdee4-000000@email.amazonses.com> <MN2PR11MB4366E914816F6C3D9515A31DB5890@MN2PR11MB4366.namprd11.prod.outlook.com> <0100016d7325f06e-00613ab7-413c-4d97-972c-858cf4886b65-000000@email.amazonses.com> <20190927.170902.142773301948727896.mbj@tail-f.com> <MN2PR11MB4366C30CE4650421CE915840B5810@MN2PR11MB4366.namprd11.prod.outlook.com> <20190927174623.jhvpudof6yfs2m4k@anna.jacobs.jacobs-university.de>
X-Mailer: Apple Mail (2.3445.104.11)
X-SES-Outgoing: 2019.10.01-54.240.8.88
Feedback-ID: 1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/AQMmzzA4a83kGA_Awtd8WOAKtHA>
Subject: Re: [netconf] crypto-types fallback strategy
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Oct 2019 00:38:13 -0000


> On Sep 27, 2019, at 1:46 PM, Schönwälder, Jürgen <J.Schoenwaelder@jacobs-university.de> wrote:
> 
> On Fri, Sep 27, 2019 at 03:53:51PM +0000, Rob Wilton (rwilton) wrote:
>> I basically agree with what Martin is saying.
> 
> So do I.

Hmmm...


>> Either one YANG module containing all of the crypto identities, or a few YANG modules as previously suggested.
> 
> It may make sense to split by security protocol.

That would go some towards addressing Rich's concern.  Presumably we would have one module each for SSH  and TLS algorithms.  That said, to Rich's concern, there is a constant churn with them.  This churn concerns two activities:  the removal and addition of algorithms.  Both occur at protocol-version boundaries and, perhaps, other times as well.  This suggests to me that we could further refine the identities by protocol version, something like this:

In ietf-crypto-types:

    identity base-alg {}
    identity tls-alg { base "base-alg" }
    identity ssh-alg { base "base-alg" }

In ietf-tls-1.1-types:

    identity tls-1.1-alg { base "ct:tls-alg" }
    <a bunch of tls-1.1 identities here>

In ietf-tls-1.2-types:

    identity tls-1.2-alg { base "ct:tls-alg" }
    <a bunch of tls-1.2 identities here>

etc.

Updates only to the specific module would be needed.   The updates would only need to support new algorithms (not to remove support for legacy algorithms), as a different mechanism can be used for a server to advertise which algorithms it actually supports (on a more granular level).

One issue not addressed is defining the identities for the algorithms used to encrypt other keys in the keystore.   At least, neither SSH or TLS are involved.  However, both the keystore and TLS use "ASN.1" and so, somehow, the keystore may be encrypting with "TLS" (really ASN.1) keys already... (requires more analysis)


>> If advertising the specific identities is important, then a per identity if-feature could be used, although I'm not entirely sure that one feature per identity is really a great option either, but I think that this would be better than one per module.
> 
> Why not instead have a config false list of algorithms supported? Once
> we have solved this problem generically, this list may get deprecated.

I like this idea, but it means that ietf-crypto-types, where this config false list would be defined, presumably, would then have protocol accessible nodes and, to the point, may be odd for a "types" module to define.   Thoughts?  - a "config false" list okay?


Rich, does any of this line of thinking address your concern?  - or maybe you liked more my previous idea of using IANA registries?

Kent // contributor

v2.23.0 | Report a Bug | By Email