IETF Logo Mail Archive

Re: [netconf] crypto-types fallback strategy

Kent Watsen <kent+ietf@watsen.net> Tue, 08 October 2019 00:12 UTC

Return-Path: <0100016da8b59883-9c9c21fa-5030-4dd5-867e-5e33bf7b379d-000000@amazonses.watsen.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E0B1D120025 for <netconf@ietfa.amsl.com>; Mon, 7 Oct 2019 17:12:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VJ6IqvFJzoni for <netconf@ietfa.amsl.com>; Mon, 7 Oct 2019 17:12:18 -0700 (PDT)
Received: from a8-31.smtp-out.amazonses.com (a8-31.smtp-out.amazonses.com [54.240.8.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BB9EF120019 for <netconf@ietf.org>; Mon, 7 Oct 2019 17:12:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=6gbrjpgwjskckoa6a5zn6fwqkn67xbtw; d=amazonses.com; t=1570493536; h=From:Message-Id:Content-Type:Mime-Version:Subject:Date:In-Reply-To:Cc:To:References:Feedback-ID; bh=pDRRa0q1SXTiTlCAhqu0Ta+ruINrr3fLDa8JShiruw8=; b=IP1K2pfIUeeB7R+Y4hNgSxJzGen8l1IY+04ews6xs0lbmMHOAuzlayLWDqce5vuv bvrrAjZuWGZzuT13eBvFXfhutomJyk7B/UtW0aChuTtOYLCKXXuv0pYKFao67JjxMWE nBzSWX3J3iJwrURhV//maC7YX6EqqgKOm9vgUOm4=
From: Kent Watsen <kent+ietf@watsen.net>
Message-ID: <0100016da8b59883-9c9c21fa-5030-4dd5-867e-5e33bf7b379d-000000@email.amazonses.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_39C32504-4753-4D5D-A795-7C8C91D74062"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Tue, 08 Oct 2019 00:12:16 +0000
In-Reply-To: <0100016d8834e6b1-d2301e8e-89e5-4fb1-ae58-057e82c4cf7f-000000@email.amazonses.com>
Cc: "netconf@ietf.org" <netconf@ietf.org>
To: tom petch <ietfc@btconnect.com>
References: <0100016d455c6145-844c669e-8f31-4203-a827-7368d33cdee4-000000@email.amazonses.com> <MN2PR11MB4366E914816F6C3D9515A31DB5890@MN2PR11MB4366.namprd11.prod.outlook.com> <0100016d7325f06e-00613ab7-413c-4d97-972c-858cf4886b65-000000@email.amazonses.com> <20190927.170902.142773301948727896.mbj@tail-f.com> <MN2PR11MB4366C30CE4650421CE915840B5810@MN2PR11MB4366.namprd11.prod.outlook.com> <20190927174623.jhvpudof6yfs2m4k@anna.jacobs.jacobs-university.de> <0100016d84c0c469-e57fd7aa-dcba-4079-9b37-22720f7a4500-000000@email.amazonses.com> <02f501d57846$e29a3b20$4001a8c0@gateway.2wire.net> <0100016d8834e6b1-d2301e8e-89e5-4fb1-ae58-057e82c4cf7f-000000@email.amazonses.com>
X-Mailer: Apple Mail (2.3445.104.11)
X-SES-Outgoing: 2019.10.08-54.240.8.31
Feedback-ID: 1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/i7xW1X832RmWcUimnWljFGWbUG4>
Subject: Re: [netconf] crypto-types fallback strategy
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Oct 2019 00:12:20 -0000


> To put an end to this email, recall above it was said that the secondary goal is to pass an "algorithm" parameter into the 'generate-symmetric-key' and 'generate-asymmetric-key' actions (what kind of key to generate, right?).   Most of the above regards the key formats (not algorithms, though the OneSymmetricKey and OneAsymmetricKey structs do self-identify their algorithms).   I don't have an answer for this yet, but maybe we can mimic some aspect of the above for it?
> 
> Comments?


Answering myself here.  Having identities for "key formats" is useful and maybe helpfully decouples things, but how to support the actions remains open and yet critical to support.

Other than the "IANA registry" based proposal I gave Sep 27th (which I still think is pretty good), I don't see any other way to do this other than by going half-way back towards the old identity approach.  By "halfway", I mean to say that it doesn't define all the algorithm types, just the subset needed for our immediate needs.  So, either in addition or as a replacement to the identities for key formats, I think we should do the following:

   In ietf-crypto-types:

	   // define base identities so they can be referenced by groupings
	   identity asymmetric-key-algorithm;
	   identity symmetric-key-algorithm;
	   identity hash-algorithm;

   In ietf-asymmetric-key-algs.yang:

	    identity foo { base "asymmetric-key-algorithm" }
            ...
    
   In ietf-symmetric-key-algs.yang

	    identity bar { base "symmetric-key-algorithm" }
            ...

   In ietf-hash-algs.yang

	    identity baz { base "hash-algorithm" }
            ...


The three new modules can also be defined in the crypto-types draft, but by putting each algorithm-type into a distinct module, and by only defining a minimum number of algorithm types (there were many more before), it gets closer to what Rich wants, some modularity and no grand-unified solution.  On the downside, servers would have to implement more than one module and it we continue to need some config-false list of algorithms supported by the server (i.e., implementing the module != supporting all identities in the module).

Thoughts?  Is this something everyone can get behind? Do you think we should continue to have an identity for the "key format", or combine it with the definition of the "algorithm" node?


PS: Tom, I think this email answers your "big picture" question.

Kent // contributor

v2.23.0 | Report a Bug | By Email