IETF Logo Mail Archive

Re: [netconf] Comments on crypto types presentation

"Joe Clarke (jclarke)" <jclarke@cisco.com> Tue, 07 April 2020 10:26 UTC

Return-Path: <jclarke@cisco.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DAD753A1A9A for <netconf@ietfa.amsl.com>; Tue, 7 Apr 2020 03:26:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.599
X-Spam-Level:
X-Spam-Status: No, score=-9.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=kaJzyz15; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=oNdlqNg7
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PxC0Q4FDn53P for <netconf@ietfa.amsl.com>; Tue, 7 Apr 2020 03:26:33 -0700 (PDT)
Received: from alln-iport-8.cisco.com (alln-iport-8.cisco.com [173.37.142.95]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 17F233A1A9B for <netconf@ietf.org>; Tue, 7 Apr 2020 03:26:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=6499; q=dns/txt; s=iport; t=1586255193; x=1587464793; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=BUCzD9bJkOYKmzdQ/Vdou7Ja39PofIvgAwgCt3LrCG0=; b=kaJzyz15NEwjzfM+lLoNkG7pOQ1nm7B8EhEzzmzrl9XQYLtvCG7wYI7j OLsJSBphigpCGtDehshxp0Fy9726m7e0FOsLKAlu5j+1X39rAjn1Z7JZP 47XYY95wy0AkCOf7bVoMzKvpzyfIxph5MIk85MrFc8nJ+EuuqCjauYF4C o=;
IronPort-PHdr: 9a23:V+8XPBLijZONd4zL7dmcpTVXNCE6p7X5OBIU4ZM7irVIN76u5InmIFeBvad2lFGcW4Ld5roEkOfQv636EU04qZea+DFnEtRXUgMdz8AfngguGsmAXE/wKPfwbCESF8VZX1gj9Ha+YgBY
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0DfAQDBVIxe/49dJa1mARoBAQEBAQEBBQEBAREBAQMDAQEBgXuBVFAFbFggBAsqhByDRQOKZ4I6JZNAhGGCUgNUCgEBAQwBARgBDAgCBAEBg39FAheBbiQ4EwIDAQELAQEFAQEBAgEFBG2FVgyFcAEBAQEDAQEQER0BASwLAQ8CAQgEEQEpAwICAiULFBECBA4FIoMEAYF+TQMuAQ6kdQKBOYhidYEygn8BAQWBMwKBEIJ8GIINAwaBOIpvgUQagUE/gTgMEIJNPoJnAQECAYFKFy6CZTKCLJELhgWaIAqCPYdyjz4dnAeYYY9KgzgCBAIEBQIOAQEFgWkigVdwFTsqAYI+PhIYDZEig3OFFIVBdAKBJ44rAQE
X-IronPort-AV: E=Sophos;i="5.72,353,1580774400"; d="scan'208,217";a="472534427"
Received: from rcdn-core-7.cisco.com ([173.37.93.143]) by alln-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 07 Apr 2020 10:26:32 +0000
Received: from XCH-RCD-002.cisco.com (xch-rcd-002.cisco.com [173.37.102.12]) by rcdn-core-7.cisco.com (8.15.2/8.15.2) with ESMTPS id 037AQVRn000392 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 7 Apr 2020 10:26:32 GMT
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by XCH-RCD-002.cisco.com (173.37.102.12) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 7 Apr 2020 05:26:31 -0500
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 7 Apr 2020 05:26:31 -0500
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Tue, 7 Apr 2020 05:26:31 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RkdKQycbFMwbawLdHfAHf6ue/GHXW9PqGwODS2FFALvWvrQmeFKqR7QhbXib2796sm3KOJ8olKrgtL4GJIDL2a2i6fC4ij013tnsKA17At9QObI6J+J+C5jUTAHv73GQKYBeYxB4HgBNT0FysWoIYtJHhE9WqKggZyvF5Pw0EAYdzClPe5HfnHpj8bURZqDbpZVP2erothF1lSpx7lM0dvKbXb7EJGyfqXUV50gukL/x4U50NJ7QEV4Sy9DxgdNpNw90dNi6Tc6cARmtJ35v47/KxAKzz5S/4tXZoE9qY54OMVuvK6y/j5QYQJ8NZftOr03XtFo/nBo8PvNL2GQUMw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BUCzD9bJkOYKmzdQ/Vdou7Ja39PofIvgAwgCt3LrCG0=; b=G1udcf2QnqPXHvW1wqDhyWwG3fOl6h6PYBZSJMmZra7xz14xZTF6REx7RtRV46XeqhJIm/FL8en+F6PfmgNTlq4LzXyRkN5BeqR7Wqiga7uh1yKCLD6KWRCccJZggRm510fyxVzQ9/x9iKKe3zo1ScraZdQeOufWZHtVeGpyv+c9nQ+eqFQEnFY2WXS4Mw3sL3TUirfLMN8NIW9Rm5Km0dgB79HJJHJ+ZQtd6vUwVoAQZbca7VYu+yZynF93r/LRKCsYrK2ZGK/4B8/g0hxtPmW4S/HD0tnJePEb5FC7n/7qjuxv65GgaiXkV/+9VftVSlOGbmzhQEKWZR2uQXO61g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BUCzD9bJkOYKmzdQ/Vdou7Ja39PofIvgAwgCt3LrCG0=; b=oNdlqNg7sRDbOx+s8eJJIuSeKIiJyEuO+QKxdCJGhTaK4apAcGa/u6aC+8Ca66ORw4rLmU/ehif5otoav3bmmxMzsVodbooCPHZc8VfC6Yr3LPcHMWZ1pB59+iTSQcu5cR33BUlBvnSkkeIQJcy15bmwUlqnPoBDau+f6OjW8/M=
Received: from BN6PR11MB1667.namprd11.prod.outlook.com (2603:10b6:405:e::12) by BN6PR11MB1268.namprd11.prod.outlook.com (2603:10b6:404:47::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2878.15; Tue, 7 Apr 2020 10:26:30 +0000
Received: from BN6PR11MB1667.namprd11.prod.outlook.com ([fe80::9dc8:a67:89cd:a2d2]) by BN6PR11MB1667.namprd11.prod.outlook.com ([fe80::9dc8:a67:89cd:a2d2%12]) with mapi id 15.20.2878.021; Tue, 7 Apr 2020 10:26:30 +0000
From: "Joe Clarke (jclarke)" <jclarke@cisco.com>
To: tom petch <ietfc@btconnect.com>
CC: "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: Comments on crypto types presentation
Thread-Index: AQHWDCEhdGhVupCWjEWnQjV3FzGLbqhtYsYAgAAS94A=
Date: Tue, 07 Apr 2020 10:26:30 +0000
Message-ID: <7466EE9D-9200-41A6-8C9C-F2C1BD6815DB@cisco.com>
References: <DBB45843-C6AC-476E-93CD-2631A2573F3B@cisco.com> <DB7PR07MB56572BB9083A426E2B567DBCA0C30@DB7PR07MB5657.eurprd07.prod.outlook.com>
In-Reply-To: <DB7PR07MB56572BB9083A426E2B567DBCA0C30@DB7PR07MB5657.eurprd07.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3608.80.23.2.2)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=jclarke@cisco.com;
x-originating-ip: [2600:1700:b00:b239:c150:826f:4fe8:9555]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 86b80102-7fee-4885-c03e-08d7dade2312
x-ms-traffictypediagnostic: BN6PR11MB1268:
x-microsoft-antispam-prvs: <BN6PR11MB1268AF0984A25019C783187EB8C30@BN6PR11MB1268.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 036614DD9C
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN6PR11MB1667.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(10009020)(4636009)(136003)(366004)(346002)(396003)(376002)(39860400002)(81156014)(33656002)(6512007)(6506007)(5660300002)(966005)(4326008)(296002)(316002)(86362001)(53546011)(91956017)(478600001)(2616005)(36756003)(6916009)(186003)(81166006)(2906002)(8676002)(66446008)(8936002)(6486002)(76116006)(66476007)(66556008)(64756008)(71200400001)(66946007); DIR:OUT; SFP:1101;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: bIi1QdgeiW8aDZLN5nOyuMsgFFoBiMSSt9UK8Y6/oTYHrmFlT6CiYMcrWc11OoA4F1VuZNwB9p4d6TLeD3Ew8vdwVD8HzVVNAF9wmI+KYZfibZfLYEtYzTqxNqvttFKr2S+wlUM+KJm5b+hvkpGwp7B4sKuTy49fEupoU8g5LjkUqn2b/wVZxT4X97xU/kdwWXeW5nS+rLe3chZMfwilvxRCmQZBio4p3R/f8sC6TUZYoM+GEcm79muRcapIFn8f2/DFxnCznA3pW0oycZ1uv7vrs5IRqINDrFEFjC4qCLfsgl+93UKWZqo5oY7N8ptcwHWKa7w0A8/ys2aolFP1CvA5ViykcgsSeiFswT1w1ihGNwQEBOfJMudURWl6rjuLrJSPSkyKhIkAf+CL57ydzjCLi/QOT6n2IdIe+d8dPBzSLVX0EuzkT+TK1tb55tKH/TvrwD3inhVbAoORwUjsuzrZppjQ+GgE4S2DvDRaEDhvrAWC2MRT/EcnwE26rUt/W7MQ1hy2sPVf3V/3DbtG4w==
x-ms-exchange-antispam-messagedata: TtJnf4U1rpZ88ba1pReYSNPGZW6HZblbEwuprNdEUk4B3aCSanVm4RnOu2vk2yt5BW1sTuPD7u7q6a9ejIicYQAwhyTeJnim/d0R20jQen7w/MT/l9oiRaCOFhBjvFsrdLka/KbFGZBIZKJdKpv9BpAX5NvnkOsvilRmwkuv5QZGw+cOdNrxKkeWWL4BLqbxOlXlqGBFjEtyT3Noho3Mig==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_7466EE9D920041A68C9CF2C1BD6815DBciscocom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 86b80102-7fee-4885-c03e-08d7dade2312
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Apr 2020 10:26:30.0781 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: JyNdXYzD74TjGtPen7A22NlVPzfbUkt94eU5uZhsl3l1su0fqep7pVVvWwjaU5gA5cJ6SGfz5J4MdOeW2SJc2A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR11MB1268
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.12, xch-rcd-002.cisco.com
X-Outbound-Node: rcdn-core-7.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/VENinJrZLrRIaBdlEJpXYF0cqW0>
Subject: Re: [netconf] Comments on crypto types presentation
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Apr 2020 10:26:35 -0000


On Apr 7, 2020, at 05:18, tom petch <ietfc@btconnect.com<mailto:ietfc@btconnect.com>> wrote:

Joe

Could you clarify for the benefit of those on the mailing list what is

Sorry.  See slides 6-8 in Kent’s “Status and Issues for the ‘Client-Server’ Suite of Drafts at https://datatracker.ietf.org/meeting/interim-2020-netconf-01/session/netconf.

1. Define as much as possible into crypto-types
2. Define everything in protocol-specific layers
3. Fold trying to enable servers to generate keys

Joe

1
2
3
....?
Tom Petch

________________________________________
From: netconf <netconf-bounces@ietf.org<mailto:netconf-bounces@ietf.org>> on behalf of Joe Clarke (jclarke) <jclarke=40cisco.com@dmarc.ietf.org<mailto:jclarke=40cisco.com@dmarc.ietf.org>>
Sent: 06 April 2020 15:39

Since we are running short on time at the VI, I want to register some comments on the list.

* I ultimately like option #3 to progress the base client-server work and see if the key gen feature is desired down the road (enough to pick it back up).

* Second, I prefer option #2 for the reasons discussed as well as because of the comment Jason raised that I think the identityref approach makes sense.

Joe
_______________________________________________
netconf mailing list
netconf@ietf.org<mailto:netconf@ietf.org>
https://www.ietf.org/mailman/listinfo/netconf

v2.23.0 | Report a Bug | By Email