IETF Logo Mail Archive

Re: [lamps] Murray Kucherawy's No Objection on draft-ietf-lamps-lightweight-cmp-profile-18: (with COMMENT)

"Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com> Mon, 09 January 2023 16:07 UTC

Return-Path: <hendrik.brockhaus@siemens.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 02272C13A04A; Mon, 9 Jan 2023 08:07:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=siemens.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VXqS2yCvjxry; Mon, 9 Jan 2023 08:07:52 -0800 (PST)
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-db5eur01on2074.outbound.protection.outlook.com [40.107.15.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 956D6C153CBB; Mon, 9 Jan 2023 08:07:51 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=b1FEF07bKaZ1gjjhyImbEKIumWzxwltQbrAfzCxenxasoMRiqsKJBvLohKAGIkYW+oWQJ5MugyDukfPkMME8jH5cKSIBnWmsr8eMxaCYyB8sBcmA3j4MDhPNLcoBP6Sh8Rt863wfrQpWta7LElNvtOhIA8RX4AywMPvPDpTAVLI1rYNpz5MF652S1CvbTrkGCMuF+5tLGTMgptbNfnBPEqINU8vA6/Y32xHQE8yO+qqGpcc4jnSLs4dqSbZbHkHX8z17Wl6G1EPeIg3WhVEOAoCW5h/m11HskuuN1slw08tkuqJcjEly6HIqSIhPmZc2+RveQeS/hLtaOSMD6GR78g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=A4KwpXsKuVeXeth7+o6L0miEI8bHEgJmnsiOTGV/WSg=; b=BE6yyS8SAqgKYkGHraQBH24FtRJHfsT23ms79YPgnLSQXTBGlOeUpy2hyjMvoihvkV+2+VXt4BitvAfbnRV9YYVw44L9Qaxwav7G8vULeet6Rxfvdxfy6IiNQNkZa0eq30wxUPqta2fHU1vDstkv81TbfoQVKVPeyfTw0jIxH6JOYgEjd+Gmq1lWS7kHfd+TmuqPf8sTQhH63hHjFbURhlZkzyX6qppka/TdyxkJU5ZZqzlp9K2IJEm9O/Aru92yDZoO8h7B18+Rk7AoqosrkeNs3nR2aSCzU+PBKaUTLXDrx4NWoUNw8XkjKmkWO4Nyi8kXPkLRw+ax9d05pwB9FQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=A4KwpXsKuVeXeth7+o6L0miEI8bHEgJmnsiOTGV/WSg=; b=LSPv5mU0B6N2Lf309FMBSZABH6mkBRuZNM62tNbsaJdQAsarh80vOqZqvIARE7xxAGXv+PJWgi1bqnqRCwfH6Gdx5LIYzMgZ8ave+DVAxGmGKHbV1vv4IwJH/cZ9EsOtv1ByRrQ2esYjKFkjnDKbSCXS4vbup59VhXTVtVJxLZlItXyg7hWedO9zlITs7g1okG940LonPfjWRkL1S7BswhaX1kQy/r2rASxzrlr1c0ekXP8US+fgnKBEhQn1MeO/6lKAQMa9cM8wLQ6prFGpiFtNUuxweJyTXO22H7gugCnpR1pKb7l8S6aRtRGcjj9wCnx/gkFqjImR/Be8eZcTIA==
Received: from GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:7d::8) by VI1PR10MB7714.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:800:1ca::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5986.18; Mon, 9 Jan 2023 16:07:46 +0000
Received: from GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM ([fe80::cfed:9a7f:2568:206b]) by GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM ([fe80::cfed:9a7f:2568:206b%6]) with mapi id 15.20.5986.018; Mon, 9 Jan 2023 16:07:45 +0000
From: "Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com>
To: Murray Kucherawy <superuser@gmail.com>, Roman Danyliw <rdd@cert.org>, The IESG <iesg@ietf.org>
CC: "draft-ietf-lamps-lightweight-cmp-profile@ietf.org" <draft-ietf-lamps-lightweight-cmp-profile@ietf.org>, "lamps-chairs@ietf.org" <lamps-chairs@ietf.org>, "spasm@ietf.org" <spasm@ietf.org>, "housley@vigilsec.com" <housley@vigilsec.com>
Thread-Topic: Murray Kucherawy's No Objection on draft-ietf-lamps-lightweight-cmp-profile-18: (with COMMENT)
Thread-Index: AQHZDrZyEaQM8z4lNU+Qq6PTqKsiz65tDJpAgClWxEA=
Date: Mon, 09 Jan 2023 16:07:45 +0000
Message-ID: <GV2PR10MB6210DFE1B688E410B8E1869FFEFE9@GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM>
References: <167091047171.45635.975609146244768236@ietfa.amsl.com> <GV2PR10MB62106D9F748CEA4BA9EA638EFEE09@GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM>
In-Reply-To: <GV2PR10MB62106D9F748CEA4BA9EA638EFEE09@GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Enabled=true; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SetDate=2023-01-09T16:07:44Z; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Method=Standard; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Name=restricted; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ActionId=a03c6fac-a769-475b-9355-26d3871b0d5a; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ContentBits=0
document_confidentiality: Restricted
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: GV2PR10MB6210:EE_|VI1PR10MB7714:EE_
x-ms-office365-filtering-correlation-id: 8ad36b5d-6ef0-4fc3-ea2f-08daf25ba552
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: vK2WhoUSkurzm3OZcZ+CyP+dY7a6jTuizGtue/Qu69fFYnNryTq/IateX81CcOARV92FLBB1LLL53AmC39xh5ccBESs/g4uE1BLXmUNPqKv5Ru8K23RszK87bNo254TRay5dhfIb96GecIVx18FVqfK2khHd49Dvqd2JKtYB+1JEm03ciZ3GSAF6puGpgx6DsnQoYwC5GUcMmQRz89DpgF8QWrWFrj7bjaJCpbu1JcCVIjffY1+1zjKSZ6Yg2K+VOcoXyq25EL24LnINU5aJZQLA/zBD+KzJUFRDcOJcPMdIVgkpUyn9sXC/bp+E+gyc5s0+coB8NMvftN7gfhGO6hpRE9QN7uw7JErrC5tSyFFPOSEVx0L5gOIj3af+LsRhw9dRI0wLqDAmhksrhEr91+MyeZU270APYWOKJii9D9jFV05EfV4C2CHWs4cakasWJyk6Vf/ZrMDDEUnWhq80EmrPIKx1sgkG5K0s4spNm4/RRzE7C17PCUcm0UZa8/QUmujsJINL3MzmbSDCTh/4r+Jq/OFbWrhLXG0znYtpcl8tGnAKa5t3PAcUmeK7iopL4lFe+KI0AeS1aOM89MkUqj8COIUM4o7awDJYMq7Aw4W6Ck/CdYCdSmIHQHATzmKKYxumHJusEMtNbj9yRb8107SHMLN9THYbUcfZw43bMRbKxLBzVUq69ENhwADjXbvf2oLW1XDzD8pbxGvYqVKL4w==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230022)(4636009)(346002)(396003)(136003)(39860400002)(376002)(366004)(451199015)(41300700001)(54906003)(110136005)(316002)(64756008)(66946007)(66446008)(66476007)(4326008)(66556008)(76116006)(8676002)(86362001)(38070700005)(122000001)(38100700002)(82960400001)(5660300002)(8936002)(52536014)(83380400001)(33656002)(55016003)(2906002)(66899015)(6506007)(71200400001)(7696005)(186003)(26005)(9686003)(478600001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: qWLtmYh0PeJB6PpBEDOxhIaifsqnCNxr6w2ntuiVyAhz1gF627TLbXsB3LmEb6rX7epO4vWkVUVsqD6ZsAlbFj/LhtBuw6fE2gD0iWZ5XSJX3goRyqcBSyFewfe0mAfBFeTNkrW7BHz2zCYHmhDovne4+aA+XrECvYlLRNvRsOzAhL9JyGEidTL6P+10AwTQYNIjVWd/LE6BajnXX3pYGbejyQA4ZPMFGuVatGzPH6YF2Ld7ADQ7JMeB3NgVOwhbUXlqxrZIvc5/5mPUVnr4AVjH1IO/znKcb2ym74Owcf+jVs7GuqFHJI0bdawaflwOEiECc6RUjXI40obtwQzqP/avC3uDOHmSDWI2rWTYB5qVWlIzA8kTHDYVoMFYowRxOfMNjoY2e+S6PNrTP31jIUJUIGWKLKbyystABOo3duPEvMUVtZzSuOnlAsDVtiCi67iw3uN+MwFw7io1uJk70DMRAH7bCjmWHPvxuuuhmA3W9qVkze0yzbrkZ/JY2s9MZFo3G9sR3sS78pg13x+Z0r+zw0nGCDwaaoLWpMhlui0T6VmrH7MeyhEFrii34fDgb4ltRvK6WYLynWMghZ9FqP2W6lUvyTbV+b8XIPC7CbcG+5OGCvNfjUrLh/dkyEVv68amSY2jL7TTvUhxoGuxuoRlSQQIbrmFOTPKal/qutdunXMCfX2yWKlLJYn0ghA396MUe+FEcUhkfZU2yiuUc4Wkktag6LaNfca7Nh3sekUdEytcVuMmYubDWHPZry3KGqAjy5BbK5zNDU/2TWWjynzAa1iqjYjR1/NVLgUrO5rjHDUSdsm7qWagvmN/TupNiHhyL+0k7GX9WWsDG08TrM650CuuG5eVeGzD36J+2QH6Y652s70fLBbukXZFOiasJYVoUy2t4nAgg5hor7OxPohlPLopKzL3z2mALRpu5q6IU/yY4aOuy7vsl37JBJgkjDAyb+dULcR5bvwqZgzwPXWBjgXkpp0C3feZE1jds/HppAHj7GA3niynqjQIzzXvYQyN0c6L/Yswz3KlHb1uA34xkhCASULiHgyjBJbaL8R31BmtVDLtl59tTMauZyjPEo92d0oszcdFLrOInZ7GAeWZ+f9nz4p6YnQtcSM1PtuQ3msRgw9DZR9Xda4mihUDb2fyxJcqI5+uv+heZS5BLza0KKgKKhUT13KQFLtjI4zhidRerui2srar4R7z0ZVGnZlJwFe6H7+bSmz2Dav9LiZMCPibq5HwyH7UDk7VI/26UyGUqlUZ4tmQpZXKBsKat8u5fGDkGTjpIfABrAl5IoODMkNS6R3dwsthrGVGScxswj6LhBHvY9hF3h++kDGoOxVswLHkJQiU1EN/vp9wA9bfd+QxXa78fnqyLpIKo7HsQ0VAlVXJz/34+gJ+S3o29dyltTlt5wufRgntmFY8P6nUHRDIy+XfvMCRzGvx8Aewme0iaBNnfiOXMVnTf6jBgWJmWT8k4EGFp/28O6LTDxok8vCcYvnK9WjEeu6AELfdxAeNs8lOeC7hopTiXPLd7fHg44AY0B4PSsC9mzr6wgpupDR6mrsbCsssfMJKj4zQ5RAB2u391ZFh0qsITuybGeLkIKhUqQj4YfyzbAsGSw==
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 8ad36b5d-6ef0-4fc3-ea2f-08daf25ba552
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Jan 2023 16:07:45.5341 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: VSBCiBbpa08rT5RLH14kajZfLELFoLIuuSrxCeuo8HJROzqJXr2l6BYV90sh/TG3MNuTM+qlsGidTcmSjfvgohnIpco2s5/FQD5Q+7nnGzQ=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR10MB7714
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/b7UoG3sUay9nP9uQk9GeaoDqIWM>
Subject: Re: [lamps] Murray Kucherawy's No Objection on draft-ietf-lamps-lightweight-cmp-profile-18: (with COMMENT)
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Jan 2023 16:07:57 -0000

Murray

Last week the co-authors and I managed to align on how to address your
comments. Please see our proposal for an updated version of the draft below.
I hope these generic changes sufficiently addresses your comment
sufficiently. Changing the entire document instead, will be a mayor effort.

@Roman, I hope these changes are appropriate after IESG review. If you have
any concerns, please let me know.

Hendrik

> Von: Spasm <spasm-bounces@ietf.org> Im Auftrag von Brockhaus, Hendrik
> 
> Murray
> 
> Thank you for your review and for your comments.
> I will need to discuss your generic comment on the usage of SHOULD with the
> co-authors and will come back to you with a response.
> Maybe the scope of the document must be explained a bit more. This profile on
> the one hand intends to reduce the flexibility of CMP to the generic needs of
> automated certificate management of machine end entities. On the other hand,
> it is still a framework that is supposed to be further profiled by those having a
> specific use case or scenario in mind, for example like by 3GPP/ETSI or UNISIG.
> Therefore, there is still some freedom to serve the needs of the final target
> environment.
> 
> Hendrik
> 
> > Von: Murray Kucherawy via Datatracker <noreply@ietf.org>
> >
> > ----------------------------------------------------------------------
> > COMMENT:
> > ----------------------------------------------------------------------
> >
> > Section 1.7 uses a SHOULD NOT before that expression is defined in Section 1.9.

[HB] I will move former Section 1.9 to position 1.2.
Doing this I will also switch the order of Sections 1.5 and 1.6.

> >
> > The bulk of the SHOULDs in this document would benefit from review and possible
> > tuning.  SHOULD presents a choice for the implementer; it would be helpful to
> > include with that choice some guidance about when one might legitimately
> > deviate from what's stated.  If SHOULD is being used as "you really oughta do
> > this, but you don't really have to and things will interoperate just fine", it
> > doesn't deserve SHOULD; if what you mean is "yes you have to do this from now
> > on, but we're retaining backward compatibility here" then it should say that
> > explicitly.  In other cases, I wonder if you don't really mean MUST.
> >
> > For instance, in 3.1, you have this:
> >
> >     -- SHOULD contain a name representing the originator of the
> >     --   message; otherwise, the NULL-DN (a zero-length
> >     --   SEQUENCE OF RelativeDistinguishedNames) MUST be used
> >
> > Looks great; I have no wiggle room.  Then you have this:
> >
> >     -- SHOULD be the subject of the CMP protection certificate, i.e.,
> >     --   the certificate corresponding to the private key used to
> >     --   sign the message
> >
> > Well, what if I don't do that?  Does anything break?  Can I just put whatever
> > in there and everything still works?  If nothing breaks, why isn't this "MAY"
> > or something that doesn't use a BCP 14 keyword?  If something breaks, why
> > isn't
> > this a MUST?
> >
> > In 3.4:
> >
> > "Each EE SHOULD know its own identity to fill the sender field."
> >
> > What happens if I don't?  And what interoperability aspect fails if I don't
> > know my own identity?  Should this be better expressed as "Each EE SHOULD
> > fill
> > the sender field with its own identity?"  Why isn't that a MUST?
> >
> > The two SHOULDs at the bottom of 3.5 seem suspect too.  Since you're giving
> > me
> > a choice, I'm within specifications to consider the input valid if all of those
> > tests fail.  Is that what's intended?
> >
> > I'm not going to get into any of them past the bottom of Section 3, but
> > hopefully you can see what I'm getting at.  I would typically DISCUSS this
> > pattern, but since I'm so late to the party, I'll leave it to Roman to decide
> > how much this observation weighs on the strength of the document.
> >

[HB] Regarding the usage of "SHOULD" I will add two paragraphs.

To former Section 1.9 / new Section 1.2:
OLD
1.9.  Convention and Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in BCP
   14 [RFC2119] [RFC8174] when, and only when, they appear in all
   capitals, as shown here.

   The key word "PROHIBITED" is to be interpreted to mean that the
   respective ASN.1 field SHALL NOT be present or used.

NEW
1.2.  Conventions and Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in BCP
   14 [RFC2119] [RFC8174] when, and only when, they appear in all
   capitals, as shown here.

   The key word "PROHIBITED" is to be interpreted to mean that the
   respective ASN.1 field SHALL NOT be present or used.

   The key words "SHOULD", "SHOULD NOT", "RECOMMENDED", and "NOT
   RECOMMENDED" are used to provide guidance in case further reduction of
   choices are required.  They are also used to indicate specific options where
   interoperability to existing CMP profiles is affected or where there is room for
   further tailoring to more concrete application areas, which may be described in
   separate documents.

Additionally, I will add a paragraph to former Section 1.7 / new Section 1.8:
OLD
1.7.  Scope of this Document

   To minimize ambiguity and complexity through needless variety, this
   document specifies exhaustive requirements for generating PKI
   management messages on the sender side.  On the other hand, it gives
   only minimal requirements on checks by the receiving side and how to
   handle error cases.

NEW
1.8.  Scope of this Document

   This profile on the one hand intends to reduce the flexibility of CMP to
    the generic needs of automated certificate management of machine
   end entities.  On the other hand, it offers a variety of PKI management
   operations and options relevant for industrial use cases.  Therefore, it is
   still a framework that supports further profiling by those addressing a
   specific use case or scenario, e.g., 3GPP/ETSI or UNISIG.  As stated in
   Section 1.2, the key words "SHOULD", "SHOULD NOT",
   "RECOMMENDED", and "NOT RECOMMENDED" are also used where
   there is room for further tailoring of this profile. This still enables
   stricter profiling to the needs of concrete application areas.  Such
   profiling may change a "SHOULD" to a "MUST" or to a "MAY".

   To minimize ambiguity and complexity through needless variety, this
   document specifies exhaustive requirements for generating PKI
   management messages on the sender side.  On the other hand, it gives
   only minimal requirements on checks by the receiving side and how to
   handle error cases.

v2.23.0 | Report a Bug | By Email