IETF Logo Mail Archive

Re: Kathleen Moriarty's Discuss on draft-ietf-rtgwg-yang-key-chain-20: (with DISCUSS and COMMENT)

Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Wed, 26 April 2017 19:05 UTC

Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: rtgwg@ietfa.amsl.com
Delivered-To: rtgwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3CA3912946A; Wed, 26 Apr 2017 12:05:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LzpzyRbcHcb0; Wed, 26 Apr 2017 12:05:45 -0700 (PDT)
Received: from mail-pf0-x22c.google.com (mail-pf0-x22c.google.com [IPv6:2607:f8b0:400e:c00::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A8688129468; Wed, 26 Apr 2017 12:05:45 -0700 (PDT)
Received: by mail-pf0-x22c.google.com with SMTP id c198so4335273pfc.1; Wed, 26 Apr 2017 12:05:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=122BbilCOVcgUKo134UDlLE+pBKc3SCzUfIFBkXbarI=; b=qUtBapnbNuD2KSZppGhmBNl6QkRJtm1hHJxJIG7VgXki/KSvtBPBMjXOyZh7AXgZWJ zK9zLCDn6Ln3VbvIzMHNUblsYBzLuy56J+HT0lJLOiJjTn+r+7jU6cmbqF/F2pLpkFvJ IB8OoVI5SKbMTO9lxqs1PXvBk8T6T0po4Fy35n3V+dBaywAh2a5nJ+3l0X2Za2tqhV1J H51grgcEC8hJ+ywUqAA//pfUhLXb3VUY8ZZb5urtFHLNFtpw8sOclw/cDhNprr1WBhs/ 58++/bQFt5bd3nhC0fdBde6/ZM9Op2g4K9SdtSoEF6Aiz2Cmh5c2S5OKesUfZSdDT3Bl TNqA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=122BbilCOVcgUKo134UDlLE+pBKc3SCzUfIFBkXbarI=; b=IsITUArkoaAHurYFyyq2kgIE5kV1uRGdr0ChuxDUrmO3VTdLpVqq7nT0oeyupcabcJ yEMJbYfr4+wuPzMz31UrSLjbETPKD29yF+WkjiZFpIs5/5u/HF3JA8/vBbSJbokzopVm 6ADcDsqrwRPsJnOXHe/PnQMkirG66KjClTRTFrD1J7cBz8iaabIbAiEqg6eDeJIkMSEs Cdboz0lAdH7kw+nOXY9ErIJqvtIiHgwXhwSX1YD3V5HmR6HECmXAHwDQrJJBGl/mkV2j 8eQB6gOWa+jeu+GnWepTu+yDgPNGBVy80DVHCdv2oNl87AXbfeL+DgHbhuLdL1WhXWYJ qlWg==
X-Gm-Message-State: AN3rC/68tutxr0mji1/SdbGYmkKQDjO7pgIB3lLXazWvT7xkRIEGyvPp KBFDL1cwWgxvZi4nw2x2LX+EahqRhA==
X-Received: by 10.98.29.86 with SMTP id d83mr1564281pfd.68.1493233545157; Wed, 26 Apr 2017 12:05:45 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.100.185.143 with HTTP; Wed, 26 Apr 2017 12:05:04 -0700 (PDT)
In-Reply-To: <D52644AD.AB72A%acee@cisco.com>
References: <149322447211.30122.5870367500760951821.idtracker@ietfa.amsl.com> <D52644AD.AB72A%acee@cisco.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Wed, 26 Apr 2017 15:05:04 -0400
Message-ID: <CAHbuEH5___Qdcy6onpqcM=+htcW2q=ZaSP=ZS8=wAGrAgW8m6Q@mail.gmail.com>
Subject: Re: Kathleen Moriarty's Discuss on draft-ietf-rtgwg-yang-key-chain-20: (with DISCUSS and COMMENT)
To: "Acee Lindem (acee)" <acee@cisco.com>, Brian Weis <bew@cisco.com>
Cc: The IESG <iesg@ietf.org>, "rtgwg-chairs@ietf.org" <rtgwg-chairs@ietf.org>, "draft-ietf-rtgwg-yang-key-chain@ietf.org" <draft-ietf-rtgwg-yang-key-chain@ietf.org>, "rtgwg@ietf.org" <rtgwg@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtgwg/uhvNgoZ0eSDWvDIUzd_NPhif6Gw>
X-BeenThere: rtgwg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Routing Area Working Group <rtgwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtgwg/>
List-Post: <mailto:rtgwg@ietf.org>
List-Help: <mailto:rtgwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Apr 2017 19:05:47 -0000

Hi Acee,

Adding Brian since he may be able to assist since he is familiar with
other implementations with YANG modules.

On Wed, Apr 26, 2017 at 12:52 PM, Acee Lindem (acee) <acee@cisco.com> wrote:
> Kathleen,
>
> The lack of KEK specification is not a problem with the YANG key-chain
> model, it with RFC 5649 and KEK. I’d request that yourself or someone in
> the security area provide a reference or text. A primary reason KEK has
> not been widely deployed is that RFC 5649 is woefully lacking in
> operational guidance. If you can’t do this, I’ll remove the reference and
> rely on NCACM similar to the shared-secret data node in RFC 7317.

I'm not following you as to what is lacking, if you could please
expand on that it would be appreciated and then we can assist more.
RFC 3394 and RFC5649 are widely deployed according to the author.  Do
you mean deployed specific to YANG modules or something else?

Does the following guidance help:

    If you want to wrap an AES key and nothing else, use RFC 3394
    If you want to wrap an AES key and some other attributes too, use RFC 5649

I think it would be better to have the text from the -20 version in
the body of the document (rather than security considerations
section), I see it was removed in -21.  Then have the considerations
for using/not using in the security considerations section.  I think
Brian's responses help cover some of what would go into the text for
the security considerations section.

Is this the text provided what you need help with or is it something
additional for developers?  By implementors, are you referring to the
developers or operators configuring the devices?  I just want to be
sure we are clear on the problem so we can assist.

Thank you,
Kathleen

>
> Thanks
> Acee
>
> On 4/26/17, 12:34 PM, "rtgwg on behalf of Kathleen Moriarty"
> <rtgwg-bounces@ietf.org on behalf of Kathleen.Moriarty.ietf@gmail.com>
> wrote:
>
>>Kathleen Moriarty has entered the following ballot position for
>>draft-ietf-rtgwg-yang-key-chain-20: Discuss
>>
>>When responding, please keep the subject line intact and reply to all
>>email addresses included in the To and CC lines. (Feel free to cut this
>>introductory paragraph, however.)
>>
>>
>>Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
>>for more information about IESG DISCUSS and COMMENT positions.
>>
>>
>>The document, along with other ballot positions, can be found here:
>>https://datatracker.ietf.org/doc/draft-ietf-rtgwg-yang-key-chain/
>>
>>
>>
>>----------------------------------------------------------------------
>>DISCUSS:
>>----------------------------------------------------------------------
>>
>>Thanks for your work on this draft.  There is one outstanding issue from
>>the SecDir review that may require some updated text to resolve.  It
>>seems use of the key wrap method in RFC5649 requires more guidance for
>>implementations to use it with this YANG module.  It's good to know that
>>this is in use for other modules, so having a clear reference either to
>>another draft or the text being in this draft for later reference would
>>be helpful.
>>
>>In looking at this text within the draft, I think it would be better to
>>pull the text out of the Security Considerations section and into an
>>earlier section of the draft.  It's better to introduce this prior to
>>enumerating security considerations for the draft since this something
>>that would be implemented.  Then security considerations should mention
>>the considerations of using this option versus just what's in NACM.
>>
>>You have the text:
>>
>>  When configured, the key-strings can be encrypted using the AES Key
>>   Wrap algorithm [AES-KEY-WRAP].  The AES key-encryption key (KEK) is
>>   not included in the YANG model and must be set or derived
>>independent
>>   of key-chain configuration.  When AES key-encryption is used, the
>>   hex-key-string feature is also required since the encrypted keys
>>will
>>   contain characters that are not representable in the YANG string
>>   built-in type [YANG].  AES key-encryption MAY be used for added key
>>   security in situations where the NETCONF Access Control Mode is not
>>   available.
>>
>>I think it's pretty straightforward after looking at RFC5649, but maybe
>>more text would be helpful to clarify for implementers.  This might mean
>>more text from 5649 on what gets placed in the YANG data model where you
>>have already allocated for this or including an example.
>>
>>
>>----------------------------------------------------------------------
>>COMMENT:
>>----------------------------------------------------------------------
>>
>>Thank you for working through the SecDir review and making the suggested
>>updates.
>>
>>Since the following text int he Security Considerations section is a
>>recommendation, IMO it would be better to drop "or otherwise obfuscated"
>>from the sentence as encrypting the keys really should be the
>>recommendation.  Can we make this update?
>>
>>   It is RECOMMENDED that keys be encrypted or otherwise obfuscated
>>when
>>   stored internally on a network device supporting this specification.
>>
>>If obfuscation is what happens more often in practice, maybe mention this
>>as a fallback from the recommendation, but not make them sound
>>equivalent?
>>
>>
>>_______________________________________________
>>rtgwg mailing list
>>rtgwg@ietf.org
>>https://www.ietf.org/mailman/listinfo/rtgwg
>



-- 

Best regards,
Kathleen

v2.23.0 | Report a Bug | By Email