[lamps] New Liaison Statement, "IETF Liaison Statement to ISO/TC 154 about ISO 14533-4"

Liaison Statement Management Tool <statements@ietf.org> Mon, 12 April 2021 16:40 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Liaison Statement Management Tool <statements@ietf.org>
To: zhangjf@cnis.ac.cn
Cc: "Roman D. Danyliw" <rdd@cert.org>, LAMPS <spasm@ietf.org>, Russ Housley <housley@vigilsec.com>, The IAB <iab@iab.org>, The IAB Chair <iab-chair@iab.org>, The IAB Executive Director <execd@iab.org>, Tim Hollebeek <tim.hollebeek@digicert.com>, mathew@iso.org
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <161824562568.19369.10537109748862886790@ietfa.amsl.com>
Date: Mon, 12 Apr 2021 09:40:25 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/6ybXzAx0Ds_vyj7xE5dk4iGbk94>
Subject: [lamps] New Liaison Statement, "IETF Liaison Statement to ISO/TC 154 about ISO 14533-4"

Title: IETF Liaison Statement to ISO/TC 154 about ISO 14533-4
Submission Date: 2021-04-12
URL of the IETF Web page: https://datatracker.ietf.org/liaison/1730/

From: =?utf-8?q?Mirja_K=C3=BChlewind?= <ietf@kuehlewind.net>
To: zhangjf@cnis.ac.cn
Cc: The IAB Executive Director <execd@iab.org>,The IAB Chair <iab-chair@iab.org>,The IAB <iab@iab.org>, LAMPS <spasm@ietf.org>, Roman D. Danyliw <rdd@cert.org>, Russ Housley <housley@vigilsec.com>, Tim Hollebeek <tim.hollebeek@digicert.com>, mathew@iso.org
Response Contacts: The IAB Chair <iab-chair@iab.org>,The IAB Executive Director <execd@iab.org>
Technical Contacts: 
Purpose: In response

Referenced liaison: Framework and Requirements for Layer 1 Virtual Private Networks (https://datatracker.ietf.org/liaison/187/)

Body: Dear ISO/TC 154, dear Mr Jianfang Zhang,

The Internet Architecture Board (IAB), which is handling the liaison management of the IETF, would like to make sure that you are aware of the recent work by the at IETF LAMPS Working group (https://datatracker.ietf.org/wg/lamps/about/).  The LAMPS WG is responsible for updates to IETF documents related to public key infrastructure (PKI), including the Online Certificate Status Protocol (OCSP). OCSP is specified in RFC 6960 (https://www.rfc-editor.org/rfc/rfc6960.txt).  As part of the work of the LAMPS Working Group, RFC 8954 (https://www.rfc-editor.org/rfc/rfc8954.txt) was published as an update to RFC 6960, which limits the size of the OCSP Nonce extension to 32 octets to make the OCSP transactions more secure.  The OCSP Nonce is a randomly generated value that cryptographically binds a request and a response to prevent replay attacks.

The IAB has been notified that RFC 8954 may conflict with the way OCSP Nonce extension is used in ISO 14533-4.  We are writing to share that concern.  We understand that ISO 14533-4 places a non-random value in the OCSP Nonce that is larger than 32 octets.  This new size limitation may also impact other work by ISO/TC 154 that we are not aware of.

We had a discussion about the use case in the LAMPS Working Group recently. Based on how the OCSP nonce extension is used in the industry, it was recommended that a new OCSP extension should be used for the purpose of capturing OCSP response for long term validation of the signed documents.
We recognize that the IETF does not have a liaison relationship with ISO/TC 154; however, the IETF LAMPS Working Group would like to work with you to resolve this incompatibility in the best possible way.  If the establishment of a liaison relationship between the IETF and ISO/TC 154, then the IAB will coordinate the arrangement.

Thank you for your attention in this matter.

On behalf of the IAB,
Mirja Kühlewind (IAB Chair)
Attachments:

No document has been attached

[lamps] New Liaison Statement, "IETF Liaison Stat… Liaison Statement Management Tool