Re: Kathleen Moriarty's Discuss on draft-ietf-rtgwg-yang-key-chain-20: (with DISCUSS and COMMENT)
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Wed, 26 April 2017 19:36 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: rtgwg@ietfa.amsl.com
Delivered-To: rtgwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 35C5312ECED; Wed, 26 Apr 2017 12:36:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BsB1cJM85Sht; Wed, 26 Apr 2017 12:36:51 -0700 (PDT)
Received: from mail-pf0-x22a.google.com (mail-pf0-x22a.google.com [IPv6:2607:f8b0:400e:c00::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 01ADD129450; Wed, 26 Apr 2017 12:36:51 -0700 (PDT)
Received: by mail-pf0-x22a.google.com with SMTP id c198so4678415pfc.1; Wed, 26 Apr 2017 12:36:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=xiaWtI2o23HIADVS+l+3Nffw1FhZNF/xOw+p7awquUg=; b=jVzxdqdJdQ+ievrFf05VSKzUIaJ5lPY4qtxI3FcLw9fnzD/1R6NpOxyM78Pk71uYVU I8mP0Lu/HppuDQawyHdglYBjqHeHfH8g9UxLjEsPK3bebz4Mz22VAmz4m+rv5ZO7eG7i YIkEbCI7DMWd0yTYSu0hWykl50Eb01S+MTaAtRZCKhYxJCq/76dTuxebu2MVHfJiX4v6 U5q+tLN/D5kSN9L9dgOjAX1vqkPUPC4dhDj56y6UTYI9nlC7v0hBAfpYCP+ot+i8060P Y82IfEsr7UIUodOnRNfwWSDWwhAlo9Fo24Od2be74t+CONtrPUl9Gb2vXM+KKAIV0x65 Qe/A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=xiaWtI2o23HIADVS+l+3Nffw1FhZNF/xOw+p7awquUg=; b=by1p39GmscN5TDDwjqZTjh8q3Cpcyfy0t/djZAlzXOya+L/PSNEGDfhYVPNRFT474s ftnh7nDtplER5GIkkVp26/kYI5PmLenvxBQWodaf9Erju0WztnJqwuKEh+GBEDbmK/2A xND1/ppab78k02XsfY61L4ogvMRK1R+aH2bxiyYTqot20p0dx4Z8MKxjBvqJ5D1L7qla hpb4bG96JLir4P1Y3TySqDKm2XmwvP8DZvzqfLbT257U+4UWosRhf5OXkhnkCajkI3nN xVI1RV23eTV+uOlIAvy5+LdRGKySTmBBRu6kVsceej2H9FKzFRP1+02URWDtAeBhYfLN GPBA==
X-Gm-Message-State: AN3rC/4BlGIXulwI0vMr9qt8SPlfiogeq8044VjjHm1aQcUFsj9vNTer N5kux3Wz3f5YrIUqyzy3OU+UPKcD0w==
X-Received: by 10.99.2.9 with SMTP id 9mr1517031pgc.69.1493235410554; Wed, 26 Apr 2017 12:36:50 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.100.185.143 with HTTP; Wed, 26 Apr 2017 12:36:10 -0700 (PDT)
In-Reply-To: <f366eb05-b82c-123e-d0ca-8701fe16a469@nostrum.com>
References: <149322447211.30122.5870367500760951821.idtracker@ietfa.amsl.com> <f366eb05-b82c-123e-d0ca-8701fe16a469@nostrum.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Wed, 26 Apr 2017 15:36:10 -0400
Message-ID: <CAHbuEH5vDjZ5tSt=314Dquju7N26XSOqQPNjV=jO6D8Xn7QVdQ@mail.gmail.com>
Subject: Re: Kathleen Moriarty's Discuss on draft-ietf-rtgwg-yang-key-chain-20: (with DISCUSS and COMMENT)
To: Adam Roach <adam@nostrum.com>
Cc: The IESG <iesg@ietf.org>, Jeff Tantsura <jefftant.ietf@gmail.com>, rtgwg-chairs@ietf.org, draft-ietf-rtgwg-yang-key-chain@ietf.org, rtgwg@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtgwg/ZXOXiz4jqx1T2iz1dhkuKlZqd3Y>
X-BeenThere: rtgwg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Routing Area Working Group <rtgwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtgwg/>
List-Post: <mailto:rtgwg@ietf.org>
List-Help: <mailto:rtgwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Apr 2017 19:36:52 -0000
On Wed, Apr 26, 2017 at 2:42 PM, Adam Roach <adam@nostrum.com> wrote: > On 4/26/17 11:34 AM, Kathleen Moriarty wrote: >> >> Since the following text int he Security Considerations section is a >> recommendation, IMO it would be better to drop "or otherwise obfuscated" >> from the sentence as encrypting the keys really should be the >> recommendation. Can we make this update? >> >> It is RECOMMENDED that keys be encrypted or otherwise obfuscated >> when >> stored internally on a network device supporting this specification. >> >> If obfuscation is what happens more often in practice, maybe mention this >> as a fallback from the recommendation, but not make them sound >> equivalent? > > > > To be clear -- the current guidance from the security area is to perform > this kind of encryption, where you have encrypted material living > side-by-side with the key necessary to decrypt it? We are talking about using a key encrypting key (KEK) and storing that, not storing the raw key next to the encrypted data as far as I can tell. Additionally, I haven't seen a discussion on the hardware this is expected to run on. Some implementations of KEK solutions use dedicated hardware for the KEK and require authentication for access to the key, hence preventing generic access and side-by-side storage of the KEK's protected key, and encrypted data. I'd rather see a KEK used than just a key stored in any case. Are you arguing for not using any encryption at all? For YANG modules, couldn't the application via NETCONF/RESTCONF accessing the module provide the credentials to access the key protected by the KEK? Some implementations could store the KEK in dedicated hardware as well. In this way, storing the KEK and data together is not the same as storing a key right next to the data it is protecting. Use of a KEK is better then not encrypting and can be done well. Am I missing something? Was there something implementation specific that has the raw key stored with the encrypted data? Thanks, Kathleen > > /a > -- Best regards, Kathleen
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Acee Lindem (acee)
- Kathleen Moriarty's Discuss on draft-ietf-rtgwg-y… Kathleen Moriarty
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Kathleen Moriarty
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Adam Roach
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Acee Lindem (acee)
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Adam Roach
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Kathleen Moriarty
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Acee Lindem (acee)
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Kathleen Moriarty
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Adam Roach
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Kathleen Moriarty
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Brian Weis (bew)
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Alia Atlas
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Alia Atlas
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Adam Roach
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Kathleen Moriarty
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Kathleen Moriarty
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Eric Rescorla
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Alia Atlas
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Adam Roach
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Acee Lindem (acee)
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Acee Lindem (acee)
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Alia Atlas
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Eric Rescorla
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Acee Lindem (acee)
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Alia Atlas
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Kathleen Moriarty
- Re: Kathleen Moriarty's Discuss on draft-ietf-rtg… Kathleen Moriarty