IETF Logo Mail Archive

Re: [lamps] Support for working on the lightweight CMP profile

"Fries, Steffen" <steffen.fries@siemens.com> Wed, 29 May 2019 06:14 UTC

Return-Path: <steffen.fries@siemens.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4BCB812008B for <spasm@ietfa.amsl.com>; Tue, 28 May 2019 23:14:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level:
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VM_KsFbUvg_J for <spasm@ietfa.amsl.com>; Tue, 28 May 2019 23:14:22 -0700 (PDT)
Received: from lizzard.sbs.de (lizzard.sbs.de [194.138.37.39]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 38212120045 for <spasm@ietf.org>; Tue, 28 May 2019 23:14:22 -0700 (PDT)
Received: from mail2.sbs.de (mail2.sbs.de [192.129.41.66]) by lizzard.sbs.de (8.15.2/8.15.2) with ESMTPS id x4T6EJ0o021068 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 29 May 2019 08:14:19 +0200
Received: from DEFTHW99ERNMSX.ww902.siemens.net (defthw99ernmsx.ww902.siemens.net [139.22.70.141]) by mail2.sbs.de (8.15.2/8.15.2) with ESMTPS id x4T6EIJi024404 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 29 May 2019 08:14:19 +0200
Received: from DENBGAT9EREMSX.ww902.siemens.net (139.22.70.81) by DEFTHW99ERNMSX.ww902.siemens.net (139.22.70.141) with Microsoft SMTP Server (TLS) id 14.3.435.0; Wed, 29 May 2019 08:14:18 +0200
Received: from DENBGAT9EJ5MSX.ww902.siemens.net ([169.254.12.220]) by DENBGAT9EREMSX.ww902.siemens.net ([139.22.70.81]) with mapi id 14.03.0435.000; Wed, 29 May 2019 08:14:17 +0200
From: "Fries, Steffen" <steffen.fries@siemens.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>, "spasm@ietf.org" <spasm@ietf.org>
Thread-Topic: [lamps] Support for working on the lightweight CMP profile
Thread-Index: AQHVFaXqgLz2N8gj8ki0bie+pF7r+aaBnxcg
Date: Wed, 29 May 2019 06:14:17 +0000
Message-ID: <E6C9F0E527F94F4692731382340B337826FA104E@DENBGAT9EJ5MSX.ww902.siemens.net>
References: <AM0PR10MB24028210BCE560C64195A74EFE320@AM0PR10MB2402.EURPRD10.PROD.OUTLOOK.COM> <AM0PR10MB2402B5BB06E4FB59A8ECB16BFE060@AM0PR10MB2402.EURPRD10.PROD.OUTLOOK.COM> <AM0PR10MB2402C7C1AAA09EABF047F0CEFE1D0@AM0PR10MB2402.EURPRD10.PROD.OUTLOOK.COM> <29FAEBF1-2D67-469F-BE78-AF58F78D055E@vigilsec.com> <BN7PR11MB2547D526E00CE7C5DDCDB3E9C91E0@BN7PR11MB2547.namprd11.prod.outlook.com> <17374.1559083024@localhost>
In-Reply-To: <17374.1559083024@localhost>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-document-confidentiality: NotClassified
x-originating-ip: [139.22.70.50]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/ukQxIhOuYd36f07b1TwyYBb2zzs>
Subject: Re: [lamps] Support for working on the lightweight CMP profile
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 May 2019 06:14:24 -0000

Michael Richardson <mcr+ietf@sandelman.ca> wrote:
> Panos Kampanakis (pkampana) <pkampana@cisco.com> wrote:
>     > Sorry, for insisting. I still have the concern that by adopting this, IETF
>     > will continue the trend of endorsing different certificate management
>     > protocols and profiles (SCEP, CMPv2, CMC, EST) that mostly do the same
>     > things. Specifically for industrial automation we already have SCEP and EST
>     > in IE 61850/IEC 62351. OPC UA has its own SDP for the same purposes. Now, we
>     > want to add one more (CMP) in the mix for this vertical.
> 
> I agree with Panos.
> I don't really know why we need CMP, let alone a lightweight CMP.
> Plus we have a bunch of proprietary RESTful interfaces to CAs.
> 
> I have less of an objection to the IETF doing something, but I won't be reading/editing or implementing.
> 
> If anything, I'd like to remove features from the protocols we have to simplify them and focus them better.
That exactly is the intention of lightweight CMP. It intends to strip down functionality from an IETF defined protocol to have less requirements for interoperability for implementing devices. This lightweight approach should make it easier for others to adopt the already standardized functionality instead of defining proprietary approaches with a similar functionality. 

Best regards
Steffen

v2.23.0 | Report a Bug | By Email