Re: [secdir] secdir review of draft-ietf-lmap-information-model-17
Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> Sun, 12 March 2017 11:51 UTC
Return-Path: <j.schoenwaelder@jacobs-university.de>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4835F1293EB; Sun, 12 Mar 2017 04:51:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eXD2OuKZKW0I; Sun, 12 Mar 2017 04:51:58 -0700 (PDT)
Received: from atlas3.jacobs-university.de (atlas3.jacobs-university.de [212.201.44.18]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EC824128DF6; Sun, 12 Mar 2017 04:51:57 -0700 (PDT)
Received: from localhost (demetrius5.irc-it.jacobs-university.de [10.70.0.222]) by atlas3.jacobs-university.de (Postfix) with ESMTP id B27B5700; Sun, 12 Mar 2017 12:51:56 +0100 (CET)
X-Virus-Scanned: amavisd-new at jacobs-university.de
Received: from atlas3.jacobs-university.de ([10.70.0.205]) by localhost (demetrius5.jacobs-university.de [10.70.0.222]) (amavisd-new, port 10030) with ESMTP id nfFOhxeJc-OG; Sun, 12 Mar 2017 12:51:54 +0100 (CET)
Received: from hermes.jacobs-university.de (hermes.jacobs-university.de [212.201.44.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hermes.jacobs-university.de", Issuer "Jacobs University CA - G01" (verified OK)) by atlas3.jacobs-university.de (Postfix) with ESMTPS; Sun, 12 Mar 2017 12:51:56 +0100 (CET)
Received: from localhost (demetrius1.jacobs-university.de [212.201.44.46]) by hermes.jacobs-university.de (Postfix) with ESMTP id 3804520038; Sun, 12 Mar 2017 12:51:56 +0100 (CET)
X-Virus-Scanned: amavisd-new at jacobs-university.de
Received: from hermes.jacobs-university.de ([212.201.44.23]) by localhost (demetrius1.jacobs-university.de [212.201.44.32]) (amavisd-new, port 10024) with ESMTP id mH_N5N2E_gwJ; Sun, 12 Mar 2017 12:51:55 +0100 (CET)
Received: from elstar.local (elstar.jacobs.jacobs-university.de [10.50.231.133]) by hermes.jacobs-university.de (Postfix) with ESMTP id A807B20036; Sun, 12 Mar 2017 12:51:55 +0100 (CET)
Received: by elstar.local (Postfix, from userid 501) id B5C263EB7364; Sun, 12 Mar 2017 12:52:00 +0100 (CET)
Date: Sun, 12 Mar 2017 12:52:00 +0100
From: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
To: Leif Johansson <leifj@sunet.se>
Message-ID: <20170312115200.GD50035@elstar.local>
Mail-Followup-To: Leif Johansson <leifj@sunet.se>, "secdir@ietf.org" <secdir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, draft-ietf-lmap-information-model.all@ietf.org
References: <f9524559-f516-eb58-f989-8c333daba9cf@sunet.se>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <f9524559-f516-eb58-f989-8c333daba9cf@sunet.se>
User-Agent: Mutt/1.6.0 (2016-04-01)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/0nyXdJcRRw6O6wo9m-9aBLX-dMA>
Cc: draft-ietf-lmap-information-model.all@ietf.org, "iesg@ietf.org" <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] secdir review of draft-ietf-lmap-information-model-17
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Mar 2017 11:51:59 -0000
On Thu, Mar 09, 2017 at 05:06:00PM +0100, Leif Johansson wrote:
>
> Reviewer: Leif Johansson
> Review result: Has issues
>
> I have reviewed this document as part of the security directorate's
> ongoing effort to review all IETF documents being processed by the
> IESG. These comments were written primarily for the benefit of the
> security area directors. Document editors and WG chairs should treat
> these comments just like any other last call comments.
>
> Review:
>
> Section 3.8 begins "A Channel defines a bi-directional communication
> channel". First of all it is probably a good idea avoid using the
> term you're defining in the definition.
I can s/channel/mechanism/ to avoid the usage of channel while
defining Channel (not sure it adds clarity though).
> Also in the text a Channel is described as a URL with the cert or CA
> of the endpoint but in the channel object definition there is only a
> reference to the credentials which I understood to be the client authn
> credential and not the server identity.
>
> This leads me to a larger issue (which may be answered in another LMAP
> document for all I know): what is the authentication model for LMAP?
> Specifically, does LMAP assume the standard Web PKI for channel end-
> points? If not, then you probably need to specify how to validate the
> server cert which may lead you to want to represent a private CA (say)
> in the channel object. In any case the authentication model should be
> referenced from the Security Considerations section and clearly match
> the information model for channels.
This being an information model, we aim at staying away from being too
specific. The information model is mapped today to a YANG data model
(IETF) and a data model for TR-69 (BBF). The YANG data model may be
accessed today via NETCONF or RESTCONF. There may be other protocols
in the future. RESTCONF runs over HTTP/TLS, NETCONF runs by default
over SSH (which supportes a number of authentication mechanisms),
NETCONF may also run over TLS. In other words, the concrete details
how authentication is done is specific to the protocols used to access
instantiations of specific data models. This is why we talk about
rather opaque credentials in the definition of ma-channel-obj and
section 2 "Notation" says:
credentials An opaque type representing credentials needed by a
cryptographic mechanism to secure communication. Data
models must expand this opaque type as needed and
required by the security protocols utilized.
/js
--
Juergen Schoenwaelder Jacobs University Bremen gGmbH
Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany
Fax: +49 421 200 3103 <http://www.jacobs-university.de/>
- [secdir] secdir review of draft-ietf-lmap-informa… Leif Johansson
- Re: [secdir] secdir review of draft-ietf-lmap-inf… Juergen Schoenwaelder
- Re: [secdir] secdir review of draft-ietf-lmap-inf… Leif Johansson