Re: [netconf] type for a PSK's "id" node?
Henk Birkholz <henk.birkholz@sit.fraunhofer.de> Tue, 28 July 2020 09:46 UTC
Return-Path: <henk.birkholz@sit.fraunhofer.de>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C003C3A09FD for <netconf@ietfa.amsl.com>; Tue, 28 Jul 2020 02:46:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.92
X-Spam-Level:
X-Spam-Status: No, score=-1.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h9gCPgmaBN1J for <netconf@ietfa.amsl.com>; Tue, 28 Jul 2020 02:46:16 -0700 (PDT)
Received: from mail-edgeKA24.fraunhofer.de (mail-edgeka24.fraunhofer.de [153.96.1.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 258753A09FC for <netconf@ietf.org>; Tue, 28 Jul 2020 02:46:14 -0700 (PDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A2FRBQBZ8h9f/xoBYJlXCYEJhGOBMwqEKpEgnAwLAQEBAQEBAQEBBgEBIwoCBAEBAoRKAoIfASQ4EwIQAQEGAQEBAQEGBAIChkUMg1OBAwEBAQEBAQEBAQEBAQEBAQEBAQEWAkNVEgEeAQEBAQIBIw8BBUEFCwkCGAICJgICRxAGDQEHAQGDIgGCXB8FC5MDmwR2gTKFUoNOgToGgQ4qhkaGNw+BTD+BOA+CWj6CXAEBAgGBMBSDLoJgBJJiomgpB4FagQiBCAQLh0GRDAUKHoJ7iUmEfgaOIZxFlGwCBAIJAhWBaoF7TSRPgmpPFwINlyOFRHICNQIGAQcBAQMJfI5rAYEQAQE
X-IPAS-Result: A2FRBQBZ8h9f/xoBYJlXCYEJhGOBMwqEKpEgnAwLAQEBAQEBAQEBBgEBIwoCBAEBAoRKAoIfASQ4EwIQAQEGAQEBAQEGBAIChkUMg1OBAwEBAQEBAQEBAQEBAQEBAQEBAQEWAkNVEgEeAQEBAQIBIw8BBUEFCwkCGAICJgICRxAGDQEHAQGDIgGCXB8FC5MDmwR2gTKFUoNOgToGgQ4qhkaGNw+BTD+BOA+CWj6CXAEBAgGBMBSDLoJgBJJiomgpB4FagQiBCAQLh0GRDAUKHoJ7iUmEfgaOIZxFlGwCBAIJAhWBaoF7TSRPgmpPFwINlyOFRHICNQIGAQcBAQMJfI5rAYEQAQE
X-IronPort-AV: E=Sophos;i="5.75,406,1589234400"; d="scan'208";a="23226684"
Received: from mail-mtaka26.fraunhofer.de ([153.96.1.26]) by mail-edgeKA24.fraunhofer.de with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 28 Jul 2020 11:46:12 +0200
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0A7BgB28x9f/1lIDI1XCR4BAQsSDECDdG9XMCwKhCqRH5wMCwEDAQEBAQEGAQEjCgIEAQGETAKCHQIkOBMCEAEBBQEBAQIBBgRthVwMhXEBAQEDASMPAQVBBQsJAhgCAiYCAkcQBg0BBwEBgyIBglwkC5MEmwR2gTKFUoNQgToGgQ4qhkaGNw+BTD+BOA+CWj6CXAEBAgGBMBSDLoJgBJJiomgpB4FagQiBCAQLh0GRDAUKHoJ7iUmEfgaOIZxFlGwCBAIJAhWBaiOBV00kT4JqTxcCDZcjhURBMQI1AgYBBwEBAwl8jmsBgRABAQ
X-IronPort-AV: E=Sophos;i="5.75,406,1589234400"; d="scan'208";a="87317238"
Received: from mailext.sit.fraunhofer.de ([141.12.72.89]) by mail-mtaKA26.fraunhofer.de with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 28 Jul 2020 11:46:09 +0200
Received: from mail.sit.fraunhofer.de (mail.sit.fraunhofer.de [141.12.84.171]) by mailext.sit.fraunhofer.de (8.15.2/8.15.2/Debian-10) with ESMTPS id 06S9k81M032499 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA256 bits=128 verify=NOT); Tue, 28 Jul 2020 11:46:08 +0200
Received: from [192.168.16.50] (79.206.156.41) by mail.sit.fraunhofer.de (141.12.84.171) with Microsoft SMTP Server (TLS) id 14.3.487.0; Tue, 28 Jul 2020 11:46:03 +0200
To: Kent Watsen <kent+ietf@watsen.net>
CC: "netconf@ietf.org" <netconf@ietf.org>
References: <0100017371d59ad5-c8aa5683-34d7-4e76-b521-8482f67e33e4-000000@email.amazonses.com>
From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
Message-ID: <ca17d2d9-67ef-154a-fed9-c29960d863d2@sit.fraunhofer.de>
Date: Tue, 28 Jul 2020 11:46:02 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0
MIME-Version: 1.0
In-Reply-To: <0100017371d59ad5-c8aa5683-34d7-4e76-b521-8482f67e33e4-000000@email.amazonses.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Originating-IP: [79.206.156.41]
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/p9gn6uaYgoBzx0N0dy8u2Ryx-gg>
Subject: Re: [netconf] type for a PSK's "id" node?
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jul 2020 09:46:19 -0000
Hi all, this might be pretty much "just in time", but let me elaborate a bit here: After re-exploring the source of PSK Identity (hints), I arrived at PSK Identity Encoding again: > https://tools.ietf.org/html/rfc4279#section-5.1 If that is the PSK "id" that you are looking for, that always involves a conversion to UTF8 encoded bytestrings. If that is interoperable with the type string here, that is fine, I'd say. Interoperability already is a rather painful compromise here in (D)TLS. Please take care to adhere to the encoding guidance, therefore. I am not sure, if you want to cover identity hints, too: > https://tools.ietf.org/html/rfc4279#section-5.2 Viele Grüße, Henk On 21.07.20 16:44, Kent Watsen wrote: > Hi Henk, > > I’m trying to close a couple issues on list before the meeting... > > Below you’ll note the "is this the right type?” comment. Currently the > “id” node is type “string”, what type is used by TLS? > > > case*psk*{ > if-feature*psk-auth*; > container*psk*{ > description > "Specifies the server identity using a PSK (pre-shared > or pairwise-symmetric key)."; > uses*ks:local-or-keystore-symmetric-key-grouping*{ > augment"local-or-keystore/local/local-definition"{ > if-feature"ks:local-definitions-supported"; > description > "Adds an 'id' value when the PSK is used by TLS."; > leaf*id*{ > typestring; // FIXME: is this the right type? > description > "The key id used in the TLS protocol for PSKs."; > } > } > } > } > } > > > K. > >
- [netconf] type for a PSK's "id" node? Kent Watsen
- Re: [netconf] type for a PSK's "id" node? Henk Birkholz