IETF Logo Mail Archive

Re: [Secdispatch] [lamps] IDevID considerations document to secdispatch

"Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com> Mon, 29 June 2020 07:10 UTC

Return-Path: <hendrik.brockhaus@siemens.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18C773A090B; Mon, 29 Jun 2020 00:10:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=siemens.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rYlzGpBxBwCD; Mon, 29 Jun 2020 00:10:30 -0700 (PDT)
Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-eopbgr20041.outbound.protection.outlook.com [40.107.2.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A2F583A0901; Mon, 29 Jun 2020 00:10:29 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RY4OZy3nVh6P/zGRu4jlT+qbCmu6EjjnOAilbHDYt8Fia8wjo2yb9jjhxNuJ0YJyrL8YiYmH37cGZ5GC/ISNraOFK7GVtzhdDUQBoje53oZh+4+VLKzcF2JktxBb5CBSNwAdRJZlJykKsQVKz1R1KyXmhzZcVDchcNaNETb/YnGjED/LelSaUAqgvCIsF1k3J2kLb5OzFAmiZeskWOA/cfONmpRgwoEqzVTC+rG2q2S2FzMkV/btM49QjalZ+GNkyBy+bqCEmRZuM5jb75JVh4PA4yN9e1pz/m2ogcN77eH7cCEMSePl4etGKNp5FtMKAZne41NHrMr2kQSw7gJQKA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NUlRfvsB1SVaR2prfoPgY+Lp4bj7Oa1+QL8+1/vft+o=; b=GBlY2p/itzBWmgYGMm33b82yxmvNHF0gs78ChsTHqmivOAhNvtZEO3PlT25+fbm35sTWtZrsRcEkvOtpk9W8FfBm3v54kyNckinfiIZvR7hBBfnrjXi/oWilbv6ApRJkkM42IuVjNHKir0II4EUPFXAFIDapnec4zG0ZmRmkGA2b8pYmjdoi72J3GYh/4r4flr4eh1+ARz+FY8Fzut70d12V+GwrI2+HI0wXwwSJ8I24hviuFpSKfJdPFep0GNo8kOrE405ydp4uzseAxjBZ8y4pTyXrt276XH/Xs5dr8c4WO0v+npeb6W/WrA+Gi6n/E1bPXynGgc9kZchDvFzI7Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.onmicrosoft.com; s=selector1-siemens-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NUlRfvsB1SVaR2prfoPgY+Lp4bj7Oa1+QL8+1/vft+o=; b=aginh0f0nBBP2VjgPEGUT6P64O03R4GL92HBc0oWHw69ZjJzFc+4VKlcNaNuWdOjsfy6KmaFbXHIwr46PgNZuxpcc1KSJSAhxoO2F5ojsUbUOiUOZEMUyCb5dL+5fqxRjN9C6aldnHO0AclZ3T7xxK5Z8xKSBdhCh336o5SAXQE=
Received: from AM0PR10MB2402.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:e2::32) by AM0PR10MB2868.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:15d::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3131.23; Mon, 29 Jun 2020 06:54:36 +0000
Received: from AM0PR10MB2402.EURPRD10.PROD.OUTLOOK.COM ([fe80::ccfa:a7d4:79ed:c39a]) by AM0PR10MB2402.EURPRD10.PROD.OUTLOOK.COM ([fe80::ccfa:a7d4:79ed:c39a%4]) with mapi id 15.20.3131.026; Mon, 29 Jun 2020 06:54:36 +0000
From: "Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>, "secdispatch@ietf.org" <secdispatch@ietf.org>
CC: "spasm@ietf.org" <spasm@ietf.org>, Tomas Gustavsson <tomas.gustavsson@primekey.com>
Thread-Topic: [lamps] IDevID considerations document to secdispatch
Thread-Index: AQHWP8N6k88ddaiq9U6Bs/QsBzthBajTsr2AgAV/EICAFWp0gIAApgFA
Date: Mon, 29 Jun 2020 06:54:36 +0000
Message-ID: <AM0PR10MB2402FCE1BA25F3AB06F52282FE6E0@AM0PR10MB2402.EURPRD10.PROD.OUTLOOK.COM>
References: <159176190855.9169.7350787463977998504@ietfa.amsl.com> <10463.1591763623@localhost> <13107.1591804306@localhost> <f7cdd360-7ab7-28f6-86b9-9f8c4ae04aaf@primekey.com> <5843.1591897975@localhost> <092308c1-dc44-4989-e3a5-1a248a3c361e@primekey.com> <20595.1593377487@localhost>
In-Reply-To: <20595.1593377487@localhost>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-document-confidentiality: NotClassified
authentication-results: sandelman.ca; dkim=none (message not signed) header.d=none;sandelman.ca; dmarc=none action=none header.from=siemens.com;
x-originating-ip: [165.225.26.241]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 6ebdf368-d81c-44cf-825b-08d81bf94936
x-ms-traffictypediagnostic: AM0PR10MB2868:
x-microsoft-antispam-prvs: <AM0PR10MB2868F6872ADB7D04331FF91FFE6E0@AM0PR10MB2868.EURPRD10.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 044968D9E1
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: NLeahZ2/whU/GoG8u9mMqLZg5Tg8cVHwmu4Xhfn6CZhYFTCh6otAweVe8epZyaftk+bBrP27yO1WkyMVjgRonS7X1QI3HEMjUA4izFUF6ASiFgW/oNqax3ZjWEuxauiirJp4cBv/AyEF4C4v4qhEHgk3OeXfkhRPHRnRxCeKfK+O9UXEOjB9NdmbBYMccGDrZsC3RDMiIa0IgWsbEvwZa0CAmu4/MlmyPDLpF3Kdul9M87aVHiR5poy64HRSQLrrNDuJLrKmqgCW0abT1HQ40NvihzF/wCAZjvP3QaC/pM4/69teRS0w5+so0g62lqBKF+rxATLzDwFq8mPKSrq54A==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR10MB2402.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(376002)(39860400002)(346002)(396003)(136003)(366004)(54906003)(26005)(55236004)(478600001)(71200400001)(83380400001)(33656002)(86362001)(316002)(55016002)(9686003)(64756008)(66446008)(6506007)(2906002)(110136005)(66946007)(76116006)(7696005)(66476007)(4326008)(66556008)(186003)(8936002)(52536014)(8676002)(5660300002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: qTbLbRLWV/kWib1nMpL+TxiMMMTwBLKy9Jw4gj57BXXdq06cVSd932vCTx+F868SumMMSD5EUBXI85ko5Xu3XvAHY7uVkVO+NMvcOwksfqYBR937d+bkGilKovQ8NK2QmjYSo4v/CAqhGsW0utp/4rPp1UJ270zXuCyXbmFzZFt2rYN+dn3tdDpt0AdX1iTTOidTBt/LcmSX8DbGAmA0TkINDLXOkBKC+eykWkmY1wUECvN7XB6azHbwaoAW+SiswNPl6MU72s7uPkIit4zx/OwXA21jrdzMUFNGdEC5bElxkugh/+qGZTSY9o4iMP3CkzzK9RfaXupm3OHSSwX3FWYHzSvy0CcsOKrCggITBEwY2bLrA7dW5w/4NWD/BdlyAt7Kjg0zOEVJmF1+Rb0YezLn9CKN3B+ci+zXgqql5UN2dPYSdw2vG3cjo0ovWWiNnFqqNao5WGB3Fz9JgQNA1duP7ZVgi8Eaw3CMNVXiRidibTXI5LaNzfBPi9WvXGJB
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM0PR10MB2402.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 6ebdf368-d81c-44cf-825b-08d81bf94936
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Jun 2020 06:54:36.1051 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: /SlIaUEOPx2SGR4HjppWc6VqOQqVTABlhV/toYGHFqeuuSIT2mKrSqVNZEZBxFkEZdPpdJjIaCDgimIBQFoToBa8jgoBrEmlHbkl4Ir+NDQ=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR10MB2868
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/QaL5G1PhpZL6YMFWOY2502S_oQw>
Subject: Re: [Secdispatch] [lamps] IDevID considerations document to secdispatch
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Jun 2020 07:10:31 -0000

Richard

> 
> In particular, the self-generated (_invivo_) key suffers because the device
> needs to do a write/read operation from the infrastructure.  That involves the
> highest possible latency for interaction with the CA and therefore would slow
> the assembly line the most.

We make use of the key-pair generated on the fly on the device and do not see major delay on the manufacturing line due to CA communication.
Finally it is a question of how you arrange your manufacturing procedures. If you experience delay due to waiting for the certificate delivery, you can do other meaningful things in the meantime.

> 
> The invitro and shared-secret methods allows the infrastructure to generate a
> few keys in advance (and get them signed, assigning DN-serialNumber at the
> same time), and then injecting that key via JTAG at the same time as the
> firmware.  This overlaps the CA interaction with other steps.
> 

Finally this method puts higher security burden on the manufacturing infrastructure to securely handle the pre-generated key pairs. This is why I do not like it, but sometimes it is needed.

-- Hendrik

v2.23.0 | Report a Bug | By Email