Return-Path: <0100016b962706ee-c3b245b6-a9ad-45cb-a7a2-b9fe44dd33c3-000000@amazonses.watsen.net> X-Original-To: netconf@ietfa.amsl.com Delivered-To: netconf@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1850C12019C for ; Wed, 26 Jun 2019 16:37:52 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.897 X-Spam-Level: X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X6fwxi9NfMmy for ; Wed, 26 Jun 2019 16:37:50 -0700 (PDT) Received: from a8-88.smtp-out.amazonses.com (a8-88.smtp-out.amazonses.com [54.240.8.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 00300120164 for ; Wed, 26 Jun 2019 16:37:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=6gbrjpgwjskckoa6a5zn6fwqkn67xbtw; d=amazonses.com; t=1561592268; h=From:Message-Id:Content-Type:Mime-Version:Subject:Date:In-Reply-To:Cc:To:References:Feedback-ID; bh=XWLY242m49pkjX2LLqM5Vqdg8Pf35vS9kHaLgbHrmCE=; b=KU0dv2ce0SBWygVRxQRTlbFK9rszOpoVOt8N2r5Tx55qEKzP537NnTZ7L0bIj8xs k2IYn1DzNknWmo700c5g1lep3dI0wWNiEE6c8Lt4QZ+VYaGr3b93CMNym44bsg5aog3 l95+XO5taacvR5Gs0BI9NghDYI/AXSQTe86PK6ME= From: Kent Watsen Message-ID: <0100016b962706ee-c3b245b6-a9ad-45cb-a7a2-b9fe44dd33c3-000000@email.amazonses.com> Content-Type: multipart/alternative; boundary="Apple-Mail=_5E97E031-8771-4779-999E-F6652A25ACBB" Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\)) Date: Wed, 26 Jun 2019 23:37:48 +0000 In-Reply-To: <20190626.105608.121899679021225720.mbj@tail-f.com> Cc: "netconf@ietf.org" To: Martin Bjorklund References: <0100016b68794a39-0d934910-4b4b-4801-8d56-27f678081e93-000000@email.amazonses.com> <20190626.105608.121899679021225720.mbj@tail-f.com> X-Mailer: Apple Mail (2.3445.104.11) X-SES-Outgoing: 2019.06.26-54.240.8.88 Feedback-ID: 1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES Archived-At: Subject: Re: [netconf] latest update to crypto-types and keystore drafts X-BeenThere: netconf@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: NETCONF WG list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Jun 2019 23:37:52 -0000 --Apple-Mail=_5E97E031-8771-4779-999E-F6652A25ACBB Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii >> 2) privileged admin copies manufacturer generated key from >> to >=20 > The device could also store this key (or rather just the name) in its > factory configuration. Sure, but only if it's immutable. To be clear, users are not able to = delete the manufacturer generated key(s), at least not those use to = support the device's cryptographic identity. This is true even when = wiping the device for sale... > I don't think the public key and alg needs to go into the config. > Or in general, if the key is configured as hidden, I think it should > NOT have a public key and alg in the config (can be ensured with > "must"). However, they must be present in the operational state. Okay, but in thinking about going down that route, I'd rather use a = special enum/union type values to denote the absence of these fields = than to mark the nodes mandatory false. Personally, I think it's better = to duplicate the values into configuration as it does no harm and it = makes them easier and more consistent to work with (e.g., clients need = the public key in order to encrypt data destined to the device). = Really, I don't want any keys in , but feel that we have to = make an exception for the manufacturer-generated keys (unless, to your = comment above, we could mark them as immutable in the configuration). = [PS: in a previous life, I used per instance metadata when a node was = immutable.] >> 3) privileged admin encrypts a well-known (secret to the = organization) >> symmetric key using the public key from the manufacturer generated >> asymmetric key, and stores the result (i.e., into >> keystore. >=20 > Ok. However, if the device doesn't have a hidden > manufacturer-supplied key from step 1 (no tpm), it would be useful if > the admin could install this symmetric key so that it becomes hidden. > But that action is no longer present in the model. True, but it seems strange that a device would have the ability to store = hidden keys without itself being shipped with a hidden key. We could = add a set of RPCs to manage the life-cycle of hidden keys, but I'd = rather steer folks to using NACM in such cases, as I don't think it = makes sense to either have 1) persistent user-created operational state = or 2) persistent configuration that isn't configuration. > Or does this model *require* the device to have such a key? If no tpm > exists, then it can exist on disk? Not required. For devices that don't have hidden keys, plain old NACM = could protect the encryption-key used to protect all the other keys in = the configuration. The primary benefit would still be present, that = keys subsequently generated by the device would be protected by the = encryption key. The downside would be that the encryption key itself, = when generated, could not be protected in the same way. For such = situations, it would be recommended that this key be installed from a = known-safe connection (i.e., via an air-gapped system). >> 4) if replacing a device, load previous configuration. Since all = keys >> should be encrypted to the same symmetric key, it should load without >> error. >=20 > Before loading the previous config, the admin must do steps 2-3 on the > new device, right? Correct. To be more clear, all steps except (4) would occur on a first = device and then, when an RMA is necessary, steps (1-3) would occur on a = second device, following by step (4) to migrate the configuration from = the first device to the second device, and then the remaining steps (5+) = would be business as usual on the second device. >> [note: one issue here with the secret symmetric key itself >> being loaded again, but since it was encrypted using to old device's >> manufacturer generated asymmetric key, the logic should be able to >> handle it.] >=20 > Hmm, can you elaborate? It seems to me to be a problem; it needs to > be re-installed so that it is encrypted with the new device's public > key. What is meant is that the symmetric key would be created once on the = second device, in step (3), but because the old encrypted symmetric key = was stored in configuration (on the first device), when loading the = configuration here in step (4), it is as if the symmetric key is being = created again on the second device. But the logic on the second device = should be able to detect this anomaly (because the key would've been = encrypted by the first device's private key, and hence decryption should = fail on the second device) and thus the "duplicate" symmetric key would = be discarded. >=20 >> Runtime: >> 5) whenever a regular admin wishes to use a new key, they call the >> generate-symmetric-key or generate-asymmetric-key RPC, requesting the >> device to generate a key for them, encrypting the result using the >> secret organization key. >> 6) The RPC output returns the key value (encrypted). >> 7) The regular admin uses e.g., to store the key into >> . >>=20 >>=20 >> Use cases:=20 >> 0: normal (just NACM-protected) keys: supported. >> 1: manufacturer-generated permanently hidden keys: supported. >> 2: device-generated keys: supported. >> 3: device-generated keys in config: supported >> 4: permanently hidden keys: not recommended nor directly >> supported, but one could always encrypt a key with the >> device's public key, thus generating a key that only the >> device can decrypt, and hence effectively permenently >> hidden. >>=20 >>=20 >> Please let me know soon if you object to any aspect of this or, >> better, support it, as I need to update the remaining drafts to >> reflect these changes at some point soon. >=20 > Also, if we go this route, this draft (keystore) needs more text, and > also explain the use cases described above. Agreed. I also never documented the "generate-symmetric-key" and = "generate-asymmetric-key" RPCs... Regarding "going this route", your response thus far seems to be on the = level so, would it be fair to say that you're leaning towards thinking = that it might be okay? > Then there are some details, e.g. why do we have=20 >=20 > identity asymmetric-key-algorithm { > description > "Base identity from which all asymmetric key > encryption Algorithm."; > } >=20 > vs >=20 > identity encryption-algorithm { > description > "A base identity for encryption algorithm."; > } >=20 > Why isn't the latter called "symmetric-key-algorithm"? These identities (now enumerations) are coming from the crypto-types = module in a section maintained by my co-author from Huawei who has even = more crypto-clue than I. My guess is that this is what they're called = in IANA registries for historical reasons. > /martin Kent // contributor --Apple-Mail=_5E97E031-8771-4779-999E-F6652A25ACBB Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii

2) privileged admin = copies manufacturer generated key from
<operational> = to <running>

The device = could also store this key (or rather just the name) in its
factory configuration.

Sure, but only if it's immutable.  To be clear, = users are not able to delete the manufacturer generated key(s), at least = not those use to support the device's cryptographic identity.  This = is true even when wiping the device for sale...


I don't think the public key and alg needs to go into the = config.
Or = in general, if the key is configured as hidden, I think it should
NOT have a public key and alg in the config (can be ensured = with
"must").  However, they must be present in the = operational state.

Okay, but in thinking about going down that = route, I'd rather use a special enum/union type values to denote the = absence of these fields than to mark the nodes mandatory false. =  Personally, I think it's better to duplicate the values into = configuration as it does no harm and it makes them easier and more = consistent to work with (e.g., clients need the public key in order to = encrypt data destined to the device).  Really, I don't want any = keys in <operational>, but feel that we have to make an exception = for the manufacturer-generated keys (unless, to your comment above, we = could mark them as immutable in the configuration).  [PS: in a = previous life, I used per instance metadata when a node was = immutable.]



3) privileged admin = encrypts a well-known (secret to the organization)
symmetric= key using the public key from the manufacturer generated
asymmetric key, and stores the result (i.e., = <edit-config> into
keystore.

Ok.  However, if the device = doesn't have a hidden
manufacturer-supplied key from step = 1 (no tpm), it would be useful if
the admin could install = this symmetric key so that it becomes hidden.
But that = action is no longer present in the model.

True, but it = seems strange that a device would have the ability to store hidden keys = without itself being shipped with a hidden key.  We could add a set = of RPCs to manage the life-cycle of hidden keys, but I'd rather steer = folks to using NACM in such cases, as I don't think it makes sense to = either have 1) persistent user-created operational state or 2) = persistent configuration that isn't configuration.



Or does this model *require* the device to have = such a key?  If no tpm
exists, then it can exist on = disk?

Not = required.  For devices that don't have hidden keys, plain old NACM = could protect the encryption-key used to protect all the other keys in = the configuration.  The primary benefit would still be present, = that keys subsequently generated by the device would be protected by the = encryption key.  The downside would be that the encryption key = itself, when generated, could not be protected in the same way. =  For such situations, it would be recommended that this key be = installed from a known-safe connection (i.e., via an air-gapped = system).



4) if replacing a device, load previous configuration. =  Since all keys
should be encrypted to the same = symmetric key, it should load without
error.

Before loading the previous = config, the admin must do steps 2-3 on the
new device, = right?

Correct. =  To be more clear, all steps except (4) would occur on a first = device and then, when an RMA is necessary, steps (1-3) would occur on a = second device, following by step (4) to migrate the configuration from = the first device to the second device, and then the remaining steps (5+) = would be business as usual on the second device.



[note: one issue here with the secret symmetric = key itself
being loaded again, but since it was encrypted = using to old device's
manufacturer generated asymmetric = key, the logic should be able to
handle it.]

Hmm, can you elaborate?  It = seems to me to be a problem; it needs to
be re-installed = so that it is encrypted with the new device's public
key.

What is meant is = that the symmetric key would be created once on the second device, in = step (3), but because the old encrypted symmetric key was stored in = configuration (on the first device), when loading the configuration here = in step (4), it is as if the symmetric key is being created again on the = second device.  But the logic on the second device should be able = to detect this anomaly (because the key would've been encrypted by the = first device's private key, and hence decryption should fail on the = second device) and thus the "duplicate" symmetric key would be = discarded.




Runtime:
5) whenever a regular = admin wishes to use a new key, they call the
generate-symmetric-key or generate-asymmetric-key RPC, = requesting the
device to generate a key for them, = encrypting the result using the
secret organization = key.
6) The RPC output returns the key value = (encrypted).
7) The regular admin uses e.g., = <edit-config> to store the key into
<running>.


Use cases:
 0: normal (just = NACM-protected) keys:  supported.
 1: = manufacturer-generated permanently hidden keys: supported.
=  2: device-generated keys: supported.
 3: = device-generated keys in config: supported
 4: = permanently hidden keys: not recommended nor directly
=     supported, but one could always encrypt a key = with the
    device's public key, = thus generating a key that only the
=     device can decrypt, and hence effectively = permenently
    hidden.


Please let me know soon if you = object to any aspect of this or,
better, support it, as I = need to update the remaining drafts to
reflect these = changes at some point soon.

Also, if we go this route, this draft (keystore) needs more = text, and
also explain the use cases described above.

Agreed.   I = also never documented the "generate-symmetric-key" and = "generate-asymmetric-key" RPCs...

Regarding "going this route", your response thus = far seems to be on the level so, would it be fair to say that you're = leaning towards thinking that it might be okay?



Then there are some details, e.g. why do we = have

   identity = asymmetric-key-algorithm {
=      description
=        "Base identity from which all = asymmetric key
=         encryption = Algorithm.";
   }

vs

   identity = encryption-algorithm {
=      description
=        "A base identity for = encryption algorithm.";
   }

Why isn't the latter called = "symmetric-key-algorithm"?


These identities (now = enumerations) are coming from the crypto-types module in a section = maintained by my co-author from Huawei who has even more crypto-clue = than I.   My guess is that this is what they're called in IANA = registries for historical reasons.


/martin

Kent // = contributor

= --Apple-Mail=_5E97E031-8771-4779-999E-F6652A25ACBB--