Re: [lamps] I-D Action: draft-ietf-lamps-lightweight-cmp-profile-03.txt
"Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com> Fri, 02 October 2020 15:52 UTC
Return-Path: <hendrik.brockhaus@siemens.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A2383A16D8 for <spasm@ietfa.amsl.com>; Fri, 2 Oct 2020 08:52:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=siemens.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ytmWq4sS3O40 for <spasm@ietfa.amsl.com>; Fri, 2 Oct 2020 08:52:33 -0700 (PDT)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60043.outbound.protection.outlook.com [40.107.6.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EE2FB3A16AC for <spasm@ietf.org>; Fri, 2 Oct 2020 08:52:25 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RD5w0WrQ9FL0+y8Hsv5EmaPQ8/tVYEbve+ea0SFAJNJY/49slidmANDdvKNhwMjz6wu29LcMFlXANxmTX13huqnjJd5V5LbUHgkzk4iNwwO+mLhDTaMbENILAEbw3Rn0vabBO4lrBP1bIiFTxawYg/ROBMfF5HSXBggTciQPaor/f+mMBnGZT11FHzl++MK6GTL/Z4qtK15Q2nlrU83bs35gtHtB0gd8yxsNZwdYqlYt9DblcEjYcAap06NEq1+8QSR4gtQzZPKnWrLl7l0nJ/YoCT6KCSVLloHCSzsniWSJ6fEgxmgcrJxXwpxUv8Sus2H/Y9fQlhQKbCn3n5++Pg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6fZaA3TdaeL/j89bkLqNDf/GVtZjpHI5G85qHHlGxVc=; b=jH8icI9/QqckbjS8XR/GHE7KeAQwmhOtjyXkmeFQnC5/yfryemV53aXLhx3E+oMd0dk2k6Q6bWfRqL8+TxY0yTeOfD2qz+LX5hAI/L8LUmvC8fLtfnRi8SGbh4IGLJGdaSAcR0enmeSijxbmRin3bZwQScH5Tt2yxF7NuAzHgVfCQcERcw+JpaFdsrY/teW+hg8WCEYnjWEnFj7XmlQ/iPnYPavv5BJ0UIMPc6AEkSj4kGL+wxBGWmYHio2LPFROh7HNHu8+DnQf/3BfJS4wCP23dKIcW1mAaj9yHvD5Tl4DDZVBjjKgZZz7s0wkd/8WShFjOu2l7/Rb3onLYT7Ptg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.onmicrosoft.com; s=selector1-siemens-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6fZaA3TdaeL/j89bkLqNDf/GVtZjpHI5G85qHHlGxVc=; b=ihGlEv2Ze7BpSSMsBVrTM4zvV0Oy2PHA3mO2k6lYZRIU2x1dNMnDi/HO3TDkL6iDynjJyA/ptlCHchvZH3VQy4Jv9eFJGYZlSblZ+L101WHM3VRvOQXg2QjDGPzNbn2J5a9wDCkfZeCSWPpHVvH6KEFWI245UO+OT1QeJYDCAX0=
Received: from AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:dd::17) by AM0PR10MB2786.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:130::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3412.25; Fri, 2 Oct 2020 15:52:23 +0000
Received: from AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM ([fe80::815c:e3e3:e2be:5eed]) by AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM ([fe80::815c:e3e3:e2be:5eed%6]) with mapi id 15.20.3433.036; Fri, 2 Oct 2020 15:52:23 +0000
From: "Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com>
To: "spasm@ietf.org" <spasm@ietf.org>
CC: "david.von.oheimb@siemens.com" <david.von.oheimb@siemens.com>, "steffen.fries@siemens.com" <steffen.fries@siemens.com>
Thread-Topic: [lamps] I-D Action: draft-ietf-lamps-lightweight-cmp-profile-03.txt
Thread-Index: AQHWmNNWnbL7EtmFBUGOF+agTTnczamEdV4Q
Content-Class:
Date: Fri, 02 Oct 2020 15:52:22 +0000
Message-ID: <AM0PR10MB24180AD6DE87961C374B4344FE310@AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM>
References: <160165356292.22875.7230909280600077627@ietfa.amsl.com>
In-Reply-To: <160165356292.22875.7230909280600077627@ietfa.amsl.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Enabled=true; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SetDate=2020-10-02T15:52:21Z; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Method=Standard; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Name=restricted-default; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ActionId=3129672a-60de-4fd0-90c3-676ed4e06fe9; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ContentBits=0
document_confidentiality: Restricted
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=siemens.com;
x-originating-ip: [165.225.200.158]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 90211ddc-6b37-4280-71e7-08d866eb2717
x-ms-traffictypediagnostic: AM0PR10MB2786:
x-ld-processed: 38ae3bcd-9579-4fd4-adda-b42e1495d55a,ExtAddr
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <AM0PR10MB27864E611629FD6661AB75E3FE310@AM0PR10MB2786.EURPRD10.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 279EQu4SWoze7nNqJOYSRlFyGzr7S3TXFhfUd/908RX8F/a5mGiA7NbEynCaBtyLBv40IqX+f2IH+0OQVt0b/HoiTIPBdmLB/IzGhD+xNT1t5CpvYfgnVr3E3Ce2loG94kL3ElAcnjiJIqO5X/bz0Qq5gTCFK2OCu03e/U0naBBzQAb8+iYyppgl4pVGZHNAuMr2/69EgRDc+XYhuU3rHiM1wnG0FcfenqUvmE189KdXzV4EwOjeHnDeWzygePQ3DM6VtuDynQ5quqky/0R+Riec2uvnDz65URpZHCLvJyGCbADtEQcs68erUGOuUMfY0MWpUZcHQrluIsrlkYAhfWffiTHtj+DK8rncZy1rgXszVfyToXTfQ50M+Lkilq5QpCmo1G3k9sy5h5jr3IU7KsYLpQlSkQZofgTSUq5lI1LwBFdc9eSTdO2Ycbn93POX
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(396003)(346002)(376002)(39860400002)(366004)(136003)(76116006)(107886003)(6916009)(26005)(8676002)(64756008)(9686003)(55236004)(54906003)(52536014)(4326008)(2906002)(66946007)(55016002)(33656002)(83080400001)(5660300002)(66476007)(8936002)(71200400001)(86362001)(66556008)(66446008)(966005)(7696005)(66574015)(316002)(186003)(6506007)(478600001)(45080400002)(83380400001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: ihD2p5/0UHX85ZKlQG+lecj9WpuU76hflLgK3TYhubeeohLyPqvcg6/MvQePt7dCWoDVwMIJqsWdrpRIKRrm/YmEnc42yPi2VXSmevmPQSI45WjmGzKwgqGZb1osKt4nRo5fKfS3FGljREnA7lYGhnMPOuJXbTz6pw2oNaJdenY14AcU5xUIVtk/3TYGIgZ7/Gk+7Cc1Vcw+vNs947RS9VC4kAuSPkHwex0rU3cSags44KZdZwuqCllRJ2Lrd7LxK3aRiTbLUJH+oiO8yTaRoNpAfq2wRpls6ySlwuiPuMM/soMNIHwWYc8/71FxEO0FrLXdNXnVhQzLjI+pknDC+8EcQPHn8rbiFgI2PzLdcypEzv2dXozIa5fHWLGpRUhRwy7mZwaMUkOUO4gGZvZhg+vPC58SEuA+3GlyCLDw5bdhIgxe4t5VzSndeRbGkY8Z29lseuX2fUlLj31AzmCCSVGMr6CpBU62rYkxANhurwc6TO+PgpeK2bUUByIdqcoxgwyWySztjQAAFOxxrU7E+x8fOl9fMCnjybtAvGZjp80UhkydSee04CtTKxwkM4iNgsMDTvvbJa96qnCV6Ba98QNOwiHwgy+pcGHsgigEyQ/UIuFsl33qi0CcK1vAmKwQIdp+T+UYXe9BD7XscsDt7w==
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 90211ddc-6b37-4280-71e7-08d866eb2717
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Oct 2020 15:52:23.0141 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: s8MvuE/PfmSaG4ADgb9p0LRBrhmt18KBtohxnaVnCoOnsRzXgKJZHZ2z9TiFZpSv8Sk/jDrZKH9eUQURILpyV1hUdP6fKY6wojqYAX3Ftio=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR10MB2786
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/SDHQTqr_Z8fINjYmjsT4JDvKQg4>
Subject: Re: [lamps] I-D Action: draft-ietf-lamps-lightweight-cmp-profile-03.txt
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Oct 2020 15:52:42 -0000
I submitted an update of the Lightweight CMP Profile today. Theses are the main changes from version 02 -> 03: o Updated the interoperability with [UNISIG-Subset137] in Section 1.4. o Changed Section 2.3 to a tabular layout to enhanced readability o Added a ToDo to section 3.1 on aligning with the CMP Algorithms draft that will be set up as decided in IETF 108 o Updated section 4.1.6 to add the AsymmetricKey Package structure to transport a newly generated private key as decided in IETF 108 o Added a ToDo to section 4.1.7 on required review of the nonce handling in case an offline LRA responds and not forwards the pollReq messages o Updated Section 4 due to the definition of the new ITAV OIDs in CMP Updates o Updated Section 4.4.4 to utilize controls instead of rsaKeyLen (see thread "dtaft-ietf-lamps-cmp-updates and rsaKeyLen") o Deleted the section on definition and discovery of HTTP URIs and copied the text to the HTTP transport section and to CMP Updates section 3.2 o Added some explanation to Section 5.1.2 and Section 5.1.3 on using nested messages when a protection by the RA is required. o Deleted the section on HTTP URI definition and discovery as some content was moved to CMP Updates. The rest of the content was moved back to the HTTP transport section o Deleted the ASN.1 module after moving the new OIDs id-it-caCerts, id-it-rootCaKeyUpdate, and id-it-certReqTemplate to CMP Updates o Minor changes in wording and addition of some open ToDos Any feedback is welcome. Hendrik > -----Ursprüngliche Nachricht----- > Von: Spasm <spasm-bounces@ietf.org> Im Auftrag von internet-drafts@ietf.org > Gesendet: Freitag, 2. Oktober 2020 17:46 > An: i-d-announce@ietf.org > Cc: spasm@ietf.org > Betreff: [lamps] I-D Action: draft-ietf-lamps-lightweight-cmp-profile-03.txt > > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Limited Additional Mechanisms for PKIX and > SMIME WG of the IETF. > > Title : Lightweight CMP Profile > Authors : Hendrik Brockhaus > Steffen Fries > David von Oheimb > Filename : draft-ietf-lamps-lightweight-cmp-profile-03.txt > Pages : 81 > Date : 2020-10-02 > > Abstract: > The goal of this document is to facilitate interoperability and > automation by profiling the Certificate Management Protocol (CMP) > version 2, the related Certificate Request Message Format (CRMF) > version 2, and the HTTP Transfer for the Certificate Management > Protocol. It specifies a subset of CMP and CRMF focusing on typical > uses cases relevant for managing certificates of devices in many > industrial and IoT scenarios. To limit the overhead of certificate > management for more constrained devices only the most crucial types > of operations are specified as mandatory. To foster interoperability > in more complex scenarios, other types of operations are specified as > recommended or optional. > > > The IETF datatracker status page for this draft is: > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatrack > er.ietf.org%2Fdoc%2Fdraft-ietf-lamps-lightweight-cmp- > profile%2F&data=02%7C01%7Chendrik.brockhaus%40siemens.com%7C7e > b40ee17fe9488b36b108d866ea77e1%7C38ae3bcd95794fd4addab42e1495d55a > %7C1%7C0%7C637372504504442483&sdata=6U2m8wV00wjvzjCbxMjz7Rj > b%2B9Mdu8CaDh5vi70dR%2Bw%3D&reserved=0 > > There are also htmlized versions available at: > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf. > org%2Fhtml%2Fdraft-ietf-lamps-lightweight-cmp-profile- > 03&data=02%7C01%7Chendrik.brockhaus%40siemens.com%7C7eb40ee17 > fe9488b36b108d866ea77e1%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7 > C0%7C637372504504442483&sdata=vcJFGESjAc%2B3NGhenVSeb7js36z%2 > FVUyUjbbGi%2FrdiBg%3D&reserved=0 > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatrack > er.ietf.org%2Fdoc%2Fhtml%2Fdraft-ietf-lamps-lightweight-cmp-profile- > 03&data=02%7C01%7Chendrik.brockhaus%40siemens.com%7C7eb40ee17 > fe9488b36b108d866ea77e1%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7 > C0%7C637372504504442483&sdata=vZ7CQCDIUh1tx0SMgcgyfff5GVc4kK > AMM5AAIC4hw6M%3D&reserved=0 > > A diff from the previous version is available at: > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf. > org%2Frfcdiff%3Furl2%3Ddraft-ietf-lamps-lightweight-cmp-profile- > 03&data=02%7C01%7Chendrik.brockhaus%40siemens.com%7C7eb40ee17 > fe9488b36b108d866ea77e1%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7 > C0%7C637372504504442483&sdata=80YLbaTQV3abMEi93td9T7BWzdXPr > T08nrqoEozjhOo%3D&reserved=0 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > https://eur01.safelinks.protection.outlook.com/?url=ftp%3A%2F%2Fftp.ietf.org% > 2Finternet- > drafts%2F&data=02%7C01%7Chendrik.brockhaus%40siemens.com%7C7eb > 40ee17fe9488b36b108d866ea77e1%7C38ae3bcd95794fd4addab42e1495d55a > %7C1%7C0%7C637372504504442483&sdata=ER21ZTR45lNcvZ47S3DQFny > gH%2BozhLNY3N34y7UKSKg%3D&reserved=0 > > > _______________________________________________ > Spasm mailing list > Spasm@ietf.org > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf. > org%2Fmailman%2Flistinfo%2Fspasm&data=02%7C01%7Chendrik.brockha > us%40siemens.com%7C7eb40ee17fe9488b36b108d866ea77e1%7C38ae3bcd95 > 794fd4addab42e1495d55a%7C1%7C0%7C637372504504442483&sdata=b > uASe6QRF5okMmV%2FwfxUa8%2Bl%2B0qql5dMMBKS5XEW0wQ%3D&res > erved=0
- [lamps] I-D Action: draft-ietf-lamps-lightweight-… internet-drafts
- Re: [lamps] I-D Action: draft-ietf-lamps-lightwei… Brockhaus, Hendrik