Re: [netconf] Supported algorithms lists

Kent Watsen <> Mon, 17 February 2020 23:15 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id C2905120048 for <>; Mon, 17 Feb 2020 15:15:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Rq0rARl9vadl for <>; Mon, 17 Feb 2020 15:15:13 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 7D889120041 for <>; Mon, 17 Feb 2020 15:15:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=6gbrjpgwjskckoa6a5zn6fwqkn67xbtw;; t=1581981312; h=From:Message-Id:Content-Type:Mime-Version:Subject:Date:In-Reply-To:Cc:To:References:Feedback-ID; bh=7bRDAFoqXFbvwUod0M6BXy15BNtA2Q8bsNFOAo8fTSY=; b=agyzXwRbc1Be9JHaJwt/jVFys38OPczK77V3qkNoIKZ1lygnaP0nmrIcrjxhmHyk 4PAc/CLST0OHs8mvUHR1NsB84ZERPWlUaqwCrpOWwGn7M6RK5rAApcKQYb3FqNZcZ1F CLLtqUk+u3nFg4syedueqAg8KYmnVFeSSeVyWhN4=
From: Kent Watsen <>
Message-ID: <>
Content-Type: multipart/alternative; boundary="Apple-Mail=_979A536D-B036-4302-92F0-CC02C5B98B7C"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Mon, 17 Feb 2020 23:15:12 +0000
In-Reply-To: <>
Cc: "" <>
To: "Salz, Rich" <>
References: <> <> <>
X-Mailer: Apple Mail (2.3445.104.11)
X-SES-Outgoing: 2020.02.17-
Archived-At: <>
Subject: Re: [netconf] Supported algorithms lists
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 17 Feb 2020 23:15:17 -0000


TL;RD;, I’m back to thinking that the RPCs are best.

See below for an addendum.

Kent  // contributor

> On Feb 13, 2020, at 8:06 PM, Kent Watsen <> wrote:
> Hi Rich,  good to see you’re keeping us honest here ;)
>>> it suggests a 3rd idea, which is to have an RPC that takes an XPath (to a key) and returns the list of supported algorithms for that key.
>> I could be confused, but I don't know if this is a good idea.  Suppose I have an RSA keypair; would I expect to get back every TLS 1.2 ciphersuite name that has RSA in it?  There are around 30.  And for TLS 1.3, where the identity is broken out separately from the bulk encryption -- the so-called "a la carte" approach -- it becomes rather difficult.
> That’s not quite what I had envisioned, but you may be onto something nonetheless.
> Regarding the proposed idea, first note that the intent is that the desire to know what algorithms are supported is mostly to either 1) ask the device to generate and key or 2) know what kind of key could be generated offline and subsequently loaded onto the device.  In either case, it’s not so much that you *have* an RSA keypair, but that you wish to generate a one.
> To give a concrete example, assume the data model illustrated by tree diagram here: <>.  The RPC might be:
>  <rpc message-id="101"
>      xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
>      <get-supported-algorithms xmlns="urn:ietf:params:xml:ns:yang:ietf-crypto-types>
>        <schema-path>
>           /restconf-server/listen/endpoint/transport/https/tls-server-parameters/server-identty/...
>        </schema-path>
>      </get-supported-algorithms>
>    </rpc>
> So it’s clear that the intent that the key is intended for TLS (not SSH).  That said, and to your point, it doesn’t indicate if for TLS 1.2 or 1.3 and, worse, if the path instead references a keystore path (e.g., /keystore/asymmetric-keys/asymmetic-key/…), it’s not even clear that the key is intended for TLS or SSH…

Regarding the algorithms being protocol sensitive (e.g., 1.2 vs 1.3), in lieu of not finding a way to do this in CLI, this appears to be a non-issue.

Regarding XPaths pointing to keys in Keystore, we need only declare them as unsupported (i.e., an error should be returned).  While the key MAY be configured to Keystore, the important part is to know where it is *used* (i.e., the XPath would be to a leafref pointing to the Keystore elsewhere in the configuration, per the original response above).

Note that misconfigurations are still possible.  For instance, someone could point a leafref to an already created yet incompatible key in the keystore.  It is expected that errors arising from such incompatibilities would be detected when the configuration is applied/committed.

PS: I’m preparing a multi-draft update that will include this idea (and every other discussed since IETF 106).  This update will most likely be used for the first WGLC on the three foundational client-server suite of drafts (i.e., crypto-types, keystore, and truststore).  So, if any objections, please shout out now.

Kent // contributor

> In contrast, the current/planned/old approach described in my previous message, whereby there would be a list per protocol (TLS vs SSH), also did not take into account protocol versions (1.2 vs 1.3).  So, if this is an issue, we have no proposal addressing it yet...
> How does OpenSSL CLI support this?  Looking at `openssl ciphers`, I see that it’s possible to specific protocol versions (i.e., 1.2, 1.3, etc.).   But, in the end, these are cipher suites (e.g., ECDHE-RSA-AES128-GCM-SHA256), not just the algorithm (RSA) and definitely not indicating supported key lengths (presumable all RSA key lengths are supported?)...
> It would help if we could identify the CLI-equivalent for all this…
> PS: both the SSH and TLS client-server draft create mapping tables between the protocol-specific cipher-suite names and to the algorithm names in crypto-types.  For instance, here are the mapping tables for TLS: <>.
> PPS: I’m beginning to think that we might be better giving up on having any RPC to ask the server to generate keys or indicate which algorithms are supported, punting all this complexity to some future revision.  That said, it would be best is we could get something passable working now, if possible...
> Thanks,
> Kent. // contributor
> _______________________________________________
> netconf mailing list