Re: [netconf] ietf crypto types - permanently hidden

Kent Watsen <kent+ietf@watsen.net> Thu, 02 May 2019 00:34 UTC

Return-Path: <0100016a75f6a814-773436bf-9706-443a-b59e-3c5747566859-000000@amazonses.watsen.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 468F8120089 for <netconf@ietfa.amsl.com>; Wed, 1 May 2019 17:34:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b5vMsQ0N17cf for <netconf@ietfa.amsl.com>; Wed, 1 May 2019 17:34:21 -0700 (PDT)
Received: from a8-31.smtp-out.amazonses.com (a8-31.smtp-out.amazonses.com [54.240.8.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8263812006B for <netconf@ietf.org>; Wed, 1 May 2019 17:34:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=6gbrjpgwjskckoa6a5zn6fwqkn67xbtw; d=amazonses.com; t=1556757260; h=From:Message-Id:Content-Type:Mime-Version:Subject:Date:In-Reply-To:Cc:To:References:Feedback-ID; bh=EU21l/2xKfQtRzRY4FHOfzTVI5WALk2pjwVnwEbX2GI=; b=YN0Qf3d1G1KGz6Rz2OdZuQiqvXGSbcZFpB2cB++EfdXYOd5J4Rbgv91Lj8s2DJKN +//3FXb5pRvnt9bMJWXFc4gjyg5+qPhC7EZWY9Gco++ss4898iBr5wDRa36qaU9Od9A WbvJPzaw33DbCh4Kfqic2pOM0COU3CSg7unIkS8I=
From: Kent Watsen <kent+ietf@watsen.net>
Message-ID: <0100016a75f6a814-773436bf-9706-443a-b59e-3c5747566859-000000@email.amazonses.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_039D6799-5356-4AAA-A7F0-FD82F2A2D78F"
Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
Date: Thu, 2 May 2019 00:34:20 +0000
In-Reply-To: <CABCOCHS=mETbXUNm4pC45HPLtLu-r6QfX6xQAWCGxb7jfR19_w@mail.gmail.com>
Cc: "Rob Wilton (rwilton)" <rwilton@cisco.com>, "netconf@ietf.org" <netconf@ietf.org>
To: Andy Bierman <andy@yumaworks.com>
References: <0100016a69e36565-37279712-e5de-4c48-9a8a-7397d54c11b3-000000@email.amazonses.com> <VI1PR07MB47353B20AF138B5B8B702285833A0@VI1PR07MB4735.eurprd07.prod.outlook.com> <0100016a6e2130be-ee556dd0-e993-459f-be28-65fe1f74ece8-000000@email.amazonses.com> <20190430.144930.844252169549242587.mbj@tail-f.com> <0100016a6f64a438-50e97747-d12b-429b-8147-8bf6ed82bdac-000000@email.amazonses.com> <acef56d17fc64102ae24bb8fcb8c828d@XCH-RCD-007.cisco.com> <CABCOCHS=mETbXUNm4pC45HPLtLu-r6QfX6xQAWCGxb7jfR19_w@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.102.3)
X-SES-Outgoing: 2019.05.02-54.240.8.31
Feedback-ID: 1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/Vt1lCKkv_xAQ-B9MeNyJeDXW2Cw>
Subject: Re: [netconf] ietf crypto types - permanently hidden
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 May 2019 00:34:23 -0000

> The document-oriented configuration came from a requirement identified
> at the IAB Network Management Workshop (way back when).
> It is critical for rebooting, swapping out a defective device, etc.


Regarding the document-model concern, here is a line of thinking that may help this discussion:

We recently removed the "cannot be backed-up language" because there may be a way for a device to backup a permanently hidden key, even when protected by a TPM.

Specifically, a TPM (I don't know about other crypto processors) is able to encrypt TPM-protected keys (using yet another TPM-protected key called the storage root key, SRK), thus the key (albeit encrypted) CAN be backed up, but it CAN ONLY be restored on the device having the originating TPM.

Thus, instead of using the enum "permanently-hidden", the value of the *encrypted* key could be safely provided.

Perhaps we could model the 'private-key' value after iana-crypt-hash and prefix the base64-encoded binary private key value with some special (not legal base64) value indicating that the key is 1) encrypted and 2) can only be restored on the originating device.  Ideally, the prefix identifies the device (or, better, the crypto processor), lest there is any confusion.

As for "swapping out a defective device", the above idea doesn't support that workflow, but I think that the inability to do a full RMA is given with the meaning of a "permanently-hiddden" key already and, anyone that creates such a key does so with that understanding.   What it does support, though, is the full restoration of the device after a hard-drive replacement (or reformat) using a standard "configuration" document, which seems better than what we have now with the "permanently-hidden" enum.



> The "server created config" problem could be viewed as an access control problem.
> There are proprietary YANG extensions that implement this approach.

I don't understand, can you provide examples?



Kent // contributor