Re: [lamps] [Anima] RFC 8366 / BRSKI / constrained-voucher: what is encoded in the idevid-issuer field?
Qin Wu <bill.wu@huawei.com> Fri, 24 September 2021 09:44 UTC
Return-Path: <bill.wu@huawei.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B75573A20FD; Fri, 24 Sep 2021 02:44:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0QQb1v8lFW7u; Fri, 24 Sep 2021 02:44:06 -0700 (PDT)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C38A63A2100; Fri, 24 Sep 2021 02:44:00 -0700 (PDT)
Received: from fraeml705-chm.china.huawei.com (unknown [172.18.147.207]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4HG6Vd41nbz67P1d; Fri, 24 Sep 2021 17:41:29 +0800 (CST)
Received: from dggeml702-chm.china.huawei.com (10.3.17.135) by fraeml705-chm.china.huawei.com (10.206.15.54) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2308.8; Fri, 24 Sep 2021 11:43:56 +0200
Received: from dggeml753-chm.china.huawei.com (10.1.199.152) by dggeml702-chm.china.huawei.com (10.3.17.135) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2308.8; Fri, 24 Sep 2021 17:43:54 +0800
Received: from dggeml753-chm.china.huawei.com ([10.1.199.152]) by dggeml753-chm.china.huawei.com ([10.1.199.152]) with mapi id 15.01.2308.008; Fri, 24 Sep 2021 17:43:54 +0800
From: Qin Wu <bill.wu@huawei.com>
To: Esko Dijk <esko.dijk@iotconsultancy.nl>, "spasm@ietf.org" <spasm@ietf.org>
CC: "anima@ietf.org" <anima@ietf.org>
Thread-Topic: [Anima] RFC 8366 / BRSKI / constrained-voucher: what is encoded in the idevid-issuer field?
Thread-Index: AdexJS/8qPGA432LQEuctFSa021XNw==
Date: Fri, 24 Sep 2021 09:43:54 +0000
Message-ID: <730a17509ba94e55a6bb7c98609dec66@huawei.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.136.123.117]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/sNv0mvQAPt3irOUZXw8aQSBtb4s>
Subject: Re: [lamps] [Anima] RFC 8366 / BRSKI / constrained-voucher: what is encoded in the idevid-issuer field?
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Sep 2021 09:44:13 -0000
Hi, Esko: -----邮件原件----- 发件人: Esko Dijk [mailto:esko.dijk@iotconsultancy.nl] 发送时间: 2021年9月23日 22:44 收件人: Qin Wu <bill.wu@huawei.com>; spasm@ietf.org 抄送: anima@ietf.org 主题: RE: [Anima] RFC 8366 / BRSKI / constrained-voucher: what is encoded in the idevid-issuer field? Hi, > [Qin]: Yes, I confuse with the option2 and 3, 1. first, I didn't see 2 > bytes 04 18 appeared in the below 26 bytes example encoded data 2. > Second I think ox18 standard for length of encoded data which is 24 bytes. > 3. Since the 'SEQUENCE' is included in the encoded data, why not choose option 2? 1. Indeed for Option 3, the idevid-issuer field bstr would contain 26 bytes: 041830168014D5039FC78A4DC0468760191FD71B1534C2D88428 Option 2 is 24 bytes: 30168014D5039FC78A4DC0468760191FD71B1534C2D88428 Option 1 is 20 bytes: D5039FC78A4DC0468760191FD71B1534C2D88428 [Qin]: Thank for clarification. See one example of Authority Key Identifier available at: http://www.pkiglobe.org/aki_ski.htm the length of Authority Key Identifier is 20 bytes, also seems it uses text readable format, i.e.,PEM rather than binary encoded format, which aligns with idevid-issuer example (i.e., base64encodedvalue==) in the section 5.2 of RFC8366. 2. Sorry, not quite sure what you meant here! [Qin] Thank, I think you clear my confusion on the encoded data format. In this case the data inside the octet string ('payload') is 24 bytes but it could be another value depending on how the CA encodes its Authority Key Identifier ext, e.g. how it is hashed / how long the hash is, and what other of the optional fields are included in the AKI. [Qin]: Do you propose to add more attributes or fields in the AKI? E.g., add cryptography methods, see cryptograph methods example in https://asecuritysite.com/encryption/sigs4 3. Option 2 and 3 are quite similar I think. In the Constrained-BRSKI draft + interop work we have just selected Option 3, though. This was based on the feeling that Option 3 was closest to the present RFC 8366 definition. The size was not really an argument here because the field is used always in the non-constrained network leg Registrar -> MASA (in Voucher Request) and hardly ever used in the constrained network leg (Registrar -> Pledge, in Voucher). [Qin]: Understood now. I agree with your statement. In addition, It looks authorityKeyIdentifier=keyid,issuer, the keyed is The Key ID of the CA’s cert, the issuer is the subject and the serial number of the CA’s cert One example of X509v3 Authority Key Identifier is: X509v3 Authority Key Identifier: keyid:7E:E5:82:FF:FF:FF:15:96:9B:40:FF:C9:5E:51:FF:69:67:4D:BF:FF DirName:/C=UK/O=V13/OU=V13/CN=V13 Certificate Authority serial:8E:FF:A2:1B:74:DD:54:FF In this example, both DirName and Serial are seen as issuer. DirName is one example of subject alternative name, it could also be URI, email, IP address, e.g., subjectAltName=email:copy,email:my@other.address,URI:http://my.url.here/ subjectAltName=IP:192.168.7.1 subjectAltName=IP:13::17 subjectAltName=email:my@other.address,RID:1.2.3.4 subjectAltName=otherName:1.2.3.4;UTF8:some other identifier It seems we will completely remove the “issuer” from authorityKeyIdentifier for some reasons. Best regards Esko -----Original Message----- From: Qin Wu <bill.wu@huawei.com> Sent: Tuesday, September 21, 2021 12:44 To: Esko Dijk <esko.dijk@iotconsultancy.nl>; lamps@ietf.org Cc: anima@ietf.org Subject: RE: [Anima] RFC 8366 / BRSKI / constrained-voucher: what is encoded in the idevid-issuer field? Hi, Esko: -----邮件原件----- 发件人: Anima [mailto:anima-bounces@ietf.org] 代表 Esko Dijk 发送时间: 2021年9月20日 20:48 收件人: Qin Wu <bill.wu@huawei.com>; lamps@ietf.org 抄送: anima@ietf.org 主题: Re: [Anima] RFC 8366 / BRSKI / constrained-voucher: what is encoded in the idevid-issuer field? Hello Qin, > naming of this leaf ' idevid-issuer ' is the root cause for > introducing such confusion, For me the cause of the confusion was the sentence " The Authority Key Identifier OCTET STRING (as defined in Section 4.2.1.1 of RFC 5280)". There is only one OCTET STRING defined in Section 4.2.1.1, which is the keyIdentifier field, also named "Key Identifier" in the draft which is not the "Authority Key Identifier". The actual Authority Key Identifier OCTET STRING is defined in Section 4.1 as the field " extnValue" which is present in the Authority Key Identifier extension, so one needs to look in another section (4.1) for the meant OCTET STRING. The interpretation is still ambiguous between options 2 and 3 even if you analyse closely. [Qin]: Yes, I confuse with the option2 and 3, 1. first, I didn't see 2 bytes 04 18 appeared in the below 26 bytes example encoded data 2. Second I think ox18 standard for length of encoded data which is 24 bytes. 3. Since the 'SEQUENCE' is included in the encoded data, why not choose option 2? > whether the voucher artifacts signed by manufacture, needs to closely > tie with MASA For nonceful Vouchers, the MASA would need to sign it or delegate the generation and/or signing to a manufacturer's server. (In the latter case there is a trust relation and operational interaction, but no close tie necessarily.) As long as the signer can be trusted by the Pledge's built-in Trust Anchor, it works. [Qin]:Thank for clarification, if my understanding is correct, the MASA in the former case is the third party entity while manufacturer's server in the latter case should be deployed together with the device by the same manufacturer. regards Esko -----Original Message----- From: Qin Wu <bill.wu@huawei.com> Sent: Saturday, September 18, 2021 11:41 To: Michael Richardson <mcr@sandelman.ca>; lamps@ietf.org Cc: stokcons@bbhmail.nl; Esko Dijk <esko.dijk@iotconsultancy.nl>; anima@ietf.org Subject: RE: [Anima] RFC 8366 / BRSKI / constrained-voucher: what is encoded in the idevid-issuer field? I agree with this analysis, it looks the naming of this leaf ' idevid-issuer ' is the root cause for introducing such confusion, i.e., easily link KeyIdentifier to 'issuer' defined in section 4.1.2.4 of RFC5280. Also I am wondering whether the voucher artifacts signed by manufacture, needs to closely tie with MASA. Maybe this relation can be decoupled as well. -Qin -----邮件原件----- 发件人: Anima [mailto:anima-bounces@ietf.org] 代表 Michael Richardson 发送时间: 2021年9月9日 1:12 收件人: lamps@ietf.org 抄送: stokcons@bbhmail.nl; Esko Dijk <esko.dijk@iotconsultancy.nl>; anima@ietf.org 主题: [Anima] RFC 8366 / BRSKI / constrained-voucher: what is encoded in the idevid-issuer field? RFC8366 specifies a idevid-issuer to identify the CA that issued the IDevID. It says: https://www.rfc-editor.org/rfc/rfc8366.html#section-5.3 leaf idevid-issuer { type binary; description "The Authority Key Identifier OCTET STRING (as defined in Section 4.2.1.1 of RFC 5280) from the pledge's IDevID certificate. Optional since some serial-numbers are already unique within the scope of a MASA. Inclusion of the statistically unique key identifier ensures statistically unique identification of the hardware. When processing a voucher, a pledge MUST ensure that its IDevID Authority Key Identifier matches this value. If no match occurs, then the pledge MUST NOT process this voucher. When issuing a voucher, the MASA MUST ensure that this field is populated for serial-numbers that are not otherwise unique within the scope of the MASA."; } We have some discussion about what exactly this means. https://github.com/anima-wg/constrained-voucher/issues/161 captures this as three possibilities: 1) only the KeyIdentifier OCTET STRING 2) the complete AuthorityKeyIdentifier ASN.1 SEQUENCE structure 3) the complete Authority Key Identifier extension OCTET STRING value 'extnValue' per Section 4.1 of RFC 5280 Esko suggests that (3) is the correct thing, detailed as: OCTET STRING (26 byte) 30168014D5039FC78A4DC0468760191FD71B1534C2D88428 SEQUENCE (1 elem) [0] (20 byte) D5039FC78A4DC0468760191FD71B1534C2D88428 > I meant here 26 bytes, sorry! > So 2 bytes 04 18 are used to encode ‘OCTET STRING’, 2 bytes 30 16 for > ‘SEQUENCE’, 2 bytes 80 14 for the ‘[0]’ and the rest is the actual > KeyIdentifier (20 bytes). We think this consistent with other users of Authority Key Identifier. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | IoT architect [ ] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on rails [ _______________________________________________ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima _______________________________________________ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima