Re: [Secret] Follow up on Michael's Comments
Michael Richardson <mcr+ietf@sandelman.ca> Sat, 05 March 2022 17:06 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: secret@ietfa.amsl.com
Delivered-To: secret@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 392D13A0874 for <secret@ietfa.amsl.com>; Sat, 5 Mar 2022 09:06:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sandelman.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HKXGuNEvEgZr for <secret@ietfa.amsl.com>; Sat, 5 Mar 2022 09:06:50 -0800 (PST)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 666D03A0877 for <secret@ietf.org>; Sat, 5 Mar 2022 09:06:49 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id 9D17E38C26; Sat, 5 Mar 2022 12:15:59 -0500 (EST)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id zFSPvPv2L49P; Sat, 5 Mar 2022 12:15:58 -0500 (EST)
Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id EF64738C22; Sat, 5 Mar 2022 12:15:57 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sandelman.ca; s=mail; t=1646500557; bh=zcgdZMNJGEtRovh7ujNm+QSvvIXAShx33jmjYvNBR94=; h=From:To:Subject:In-Reply-To:References:Date:From; b=aZ3bCgFC8Pke/+aLfmVAbaN+Wd9TFs3NBdxIcL21RSf4HyWLlipZqbEfFRu+SGhmo ZTbKZmGTT35Z8e5VR/mGOVvrdqnEJSUeZHzTH3Bjwsd1lfN8avDRa6wt1fOSiYfINP Rkn2tH3SI5C6SpBwgyrWsOEl/IP5YRGNHEupgbZtQYWqXGHYc2JzqT+Z43YicKj+ed Evbi1whjqILmfyzOk8reTk4TQrSqAju/yHfW/jG3tv48Gk7eT10mOATtEVVjI8MkoW NWkJC3bjDrZvdgYXVd+FR9hwy9MFq7VeeuPcI9XBCdMzuJ3ebHG9a+ARCTF/b9hbNs FLFm6FnIzDmjg==
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id F409A1D3; Sat, 5 Mar 2022 12:06:45 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Matthew Byington <mbyington@apple.com>, secret@ietf.org
In-Reply-To: <E527F102-93E5-439B-836B-695039E6E416@apple.com>
References: <E527F102-93E5-439B-836B-695039E6E416@apple.com>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Sat, 05 Mar 2022 12:06:45 -0500
Message-ID: <23028.1646500005@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secret/g2inE06YAM1mgrf-efGcm1CpwZU>
Subject: Re: [Secret] Follow up on Michael's Comments
X-BeenThere: secret@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Credential Transfer <secret.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secret>, <mailto:secret-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secret/>
List-Post: <mailto:secret@ietf.org>
List-Help: <mailto:secret-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secret>, <mailto:secret-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Mar 2022 17:06:55 -0000
Please know that I'm not hostile to this work occuring. I just don't want to confuse people about the goals. (Although I really don't like the choice of BOF name) I'm please to learn that there are protocols like SCP03, and that they handle delegation. This is sorely missing in what people see today iin IoT. I'd love to have an overview talk at IOTOPS about SCP03 and the CCC automotive credential protocol. Matthew Byington <mbyington@apple.com> wrote: > An example of an asymmetric credential would be digital car key > credentials adhering to the CCC standard, or asymmetric credentials > used in Home or MFH (multi-family home) that adhere to the ISO18013 > open standard. Could you please cite the specific CCC document involved? ISO18013 is not publically available. > In _no_ circumstance shall a private key, nor a symmetric secret key, > ever, ever be transferred to anyone else. ... > In these cases, to your point, the third party would absolutely have to > issue the credential for the intended recipient. So, how are we involved at all? > The transfer protocol that we endeavor to standardize would simply facilitate that. What would we be transfering, in a symmetric key case, where HID has to issue the credential? > I don’t want to get into the solutioning here too much (let’s save that > for the WG) but you can almost think about it like: > 1) Sender (with existing provisioned credential from remote credential > authority) asks the RCA for a “bearer token” While one can implement Bearer Tokens as indexes into database (instead of a key that decrypts something like a Kerberos Ticket), by their nature, they have all the privacy implications of symmetric keys. > 2) RCA issues bearer token (could be a signed piece of data, could be a > UUID, etc) and on their backend, ties that to the access rights/levels > specific to a subset of what the sender has, based on the sender’s > existing rights and the sender’s desired rights for the recipient > 3) The RCA returns this BT to the sender. > 4) The sender sends this BT to the receiver thru the transfer protocol we’d define in the WG > 5) The recipient calls the credential authority and “redeems” this for > a valid provisioned credential with key material completely separate > from the sender’s. This sure sounds a lot like OAUTH2 to me :-) Perhaps it would all work better if we explicitely used the terminology from OAUTH2. > The security of (5) is well-established today with protocols like JCOP > platform running on a device, SCP03 (secure channel protocol > encryption) etc etc that exist on most mobile devices today. That is > completely out of the scope of the transfer work flow. Okay, then I think that we need some high-level explanation of these protocols. I'd like to see the charter reference them with "such as..." -- Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
- [Secret] Follow up on Michael's Comments Matthew Byington
- Re: [Secret] Follow up on Michael's Comments Matthew Byington
- Re: [Secret] Follow up on Michael's Comments Michael Richardson
- Re: [Secret] Follow up on Michael's Comments Matthew Byington