Re: [lamps] [Anima] /.well-known/brski reference to brski-registry

"Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com> Wed, 06 April 2022 07:28 UTC

From: "Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com>
To: Benjamin Kaduk <kaduk@mit.edu>, Sean Turner <sean@sn3rd.com>
CC: Roman Danyliw <rdd@cert.org>, Robert Wilton <rwilton@cisco.com>, "david.von.oheimb@siemens.com" <david.von.oheimb@siemens.com>, John Gray <John.Gray@entrust.com>, Russ Housley <housley@vigilsec.com>, "spasm@ietf.org" <spasm@ietf.org>, Mark Nottingham <mnot@mnot.net>, "Fries, Steffen" <steffen.fries@siemens.com>, Michael Richardson <mcr+ietf@sandelman.ca>, "anima@ietf.org" <anima@ietf.org>
Thread-Topic: [lamps] [Anima] /.well-known/brski reference to brski-registry
Thread-Index: AQHYRRbzY8SMZTUrnkqG34qrYXpNj6zZqU6AgAAcy4CAANEN4IAEeB6AgAKMngCAAOlPMA==
Date: Wed, 6 Apr 2022 07:28:46 +0000
Message-ID: <DB6PR1001MB1269F7A358980B5592420B4AFEE79@DB6PR1001MB1269.EURPRD10.PROD.OUTLOOK.COM>
References: <30686.1648741661@localhost> <DB6PR1001MB12691C71E28CF3AEB4603368FEE19@DB6PR1001MB1269.EURPRD10.PROD.OUTLOOK.COM> <4ACC1227-F79D-42B8-B050-07FB0C2BC86A@vigilsec.com> <DB6PR1001MB1269630A63DBF8DF02BCCB6DFEE09@DB6PR1001MB1269.EURPRD10.PROD.OUTLOOK.COM> <E2286164-E5F8-4563-BC69-C34B6D18B687@sn3rd.com> <20220405173150.GX13021@mit.edu>
In-Reply-To: <20220405173150.GX13021@mit.edu>
Accept-Language: de-DE, en-US
Content-Language: de-DE
msip_labels: MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Enabled=true; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SetDate=2022-04-06T07:28:44Z; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Method=Standard; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Name=restricted-default; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ActionId=b65b26a3-1f35-46f0-af77-1e01de3b8ce1; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ContentBits=0
document_confidentiality: Restricted
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 362613ff-1352-4b5e-64e9-08da179f1607
x-ms-traffictypediagnostic: AM0PR10MB2323:EE_
x-ld-processed: 38ae3bcd-9579-4fd4-adda-b42e1495d55a,ExtAddr
x-microsoft-antispam-prvs: <AM0PR10MB2323884CD050847B6EF0705BFEE79@AM0PR10MB2323.EURPRD10.PROD.OUTLOOK.COM>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: VlHvCxVe5F2GKyREDhVRoAMw8KvaWeLfZNXbgrsqFV9swafS0EQzHQrFltMojfalDj92fcl9p0SpSs6wkl8gQ7VRD0cXdBXkVJJYeJ6mj1osFnkUWRBlBp0KOD5n72skIN2W8RLaJUUKmLSE4rvo1rMeWB+d2z/w7tp4q20V+BLCPcFG3QbvZQtuV5uo4zQX7pGtopVTgboCcKdAnhN8p3mtinHU8XeFlT3eZ8QCIbttrwuUKd3djkUUD6ZwTj5a5/1QruKogHHeAnLDyD9BtkUav0ApK+nwv9i5B1V8b4rcP4y9BLoMSe/G7vE+wHwA8+PvJktx/RjEHvKh81BKRNctUvdDT2ccrYFh8FbyPTsr7lriVEbwaUx0glMIQEa+uwhSCrcTfwn0Fa7VXqPXF6SE+jd4VXfWJydFEl/DNGWSPv0+3IRK/e9nOj/6bJd0TXEklXtx7PPFadnoQRgZCgxZxzlxxQIRQ0EDjWtg+pZLVj1KbUK20f0EXVBncHvJQBd7IdHKAwvZ2f9vWPH36lxCSZ6dPpd+1GkyNq20Za3YTorBxaGyb3XLNICDQIq8fu3UL+3GNPf95iKOHZsZCtT6F1s65gYgkzVKuFx5gV9WFW0mDSD4aXR1JCSun2zpNThqqS0iexC4Y0p6YAMkBja4nzacGMNeYvR3zRU/hATuhYHXqluczC/ttwWVYeGYsjI/GKuUNYLL3iOm8GLTjA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB6PR1001MB1269.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(53546011)(86362001)(33656002)(38100700002)(82960400001)(122000001)(55016003)(52536014)(71200400001)(5660300002)(38070700005)(76116006)(7696005)(6506007)(9686003)(186003)(26005)(8676002)(64756008)(66446008)(66476007)(66556008)(110136005)(8936002)(4326008)(66946007)(7416002)(508600001)(83380400001)(316002)(66574015)(2906002)(54906003); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?utf-8?B?cEY4Sm1mK0JxUlZzVzRaNUZlYldyV3dRVlM5bFdBMVZmekZ4d2RTdVE2OXl3?= =?utf-8?B?NndFcFd0c0Y5R2JYQjRQTkdXQjZGMmhZMkxnTjRyQVRsSUdkcGtkRmJJNU90?= =?utf-8?B?L2NjZ21iZmJMb25YOVdVaXZmNGM3NzRueGVHdzN4TVg5MDJOdlpidzNuSC9T?= =?utf-8?B?Sm10Sk96dEh4dUhyaXRxaHFkd2ZqamFhZlN0RmltOGhRYmVTb0ZiRmp3aU9i?= =?utf-8?B?MCt0Q2hSVWNiTzFKS3Jvd0RKSVgrdWE1Q3hjU0czSnNCV2NYT2VsNHRZcys0?= =?utf-8?B?VjRpcEh5YlVnbmJUZ0N4Wi8rQVUxUW9OcFVETVR1QWs1YXZUN2RwMDNVL2hU?= =?utf-8?B?R051Tm9raDdONnRGOGZBOEdKbkJjTFpuWkYweWRCQ1lsa3laMjlwK0VPOFE3?= =?utf-8?B?b3V2QXpVM0hoN3M3U0VSNGJFOEhUWjV6ZThrZVZ3RDNwUW9IMXJqcDNsOUFC?= =?utf-8?B?WE5SbWZ2bW4rM1F6NEpwNVNCQ1E0OGtOcUV6YmtyRHY4M3lPYXpndmwxT1Vy?= =?utf-8?B?OUZ4Nldjc2tWSXF3dmdNSGRZQnRlTkdDdDFTK25TT3pBajhIOEtrRUpraEQz?= =?utf-8?B?alZIODNiZitCREI0WXkrcXd3OTF3bE8xWnNtcmk3QS9UMTVvNlBNOFpuSG93?= =?utf-8?B?MmNaUzlHcmR0K0NvNnRGUzY4ZGtFd2hJSzA0SkhaRG1oSmRhOTZ6NHloak5l?= =?utf-8?B?YWN6ZHNXazNMZ2pjajQ2OWFYS09KZDRLZWEwQWVTT3d6cGw2K3R1b3o5eVd4?= =?utf-8?B?ZkVzZWtNOFA3ak9yUjE4OHJzczFWRHZxOGY5R0V4STlrMlVacWhReEtxMEVG?= =?utf-8?B?WHRpTlU3ZVM3dDR0Rzlwd2VTbnVOWmFXUG05KzNqZkxqMFg1MHVZRDZMais0?= =?utf-8?B?akVvV1dGME84bUE4a0FlbFBlbWsvazVuT0lHdmljc0E5aUhkMGNBN05MTFRp?= =?utf-8?B?MzFWeFVXVjdpOWU1amR2WjF3NGpuVjhrdThkVEZiQ0MybVNKOTNpZ3FzU3pk?= =?utf-8?B?aVBFSkZRaDNBaXhPZTVWMDZDZU1WMS9QTXNkbng1YVZjRU1CcEl0am40aFpV?= =?utf-8?B?R2hDV2duS1hSS2RQaUp0R2g5czdpT2cwa05JRjFDNnJWQ244QnlEamo2TSth?= =?utf-8?B?ckZGNGtsVW9XRHFJVnUySU4wRGlXSFE5c2pXVXo0VnFJZHhtU1E5cnExdGRM?= =?utf-8?B?Q0N6Wm02a2NUdm1CUFlLQlNXUkpPSVNJK3g3TFBUTFo4VzUxaEwrMjNidnRr?= =?utf-8?B?bkFmVHFlUzBkcHU2MmV2eWE1Nk0rN0pDeVFMYm50b01ZeEx1Y3Fpb2tzUDlI?= =?utf-8?B?aW1NMXdjcXp2VHNKc0RUL0o5YjFreFIvM01kdDVhZ0FjODY0TG4xbTZUMjVN?= =?utf-8?B?cVpHS2RSSVhjbWdMaDEwUXIzQkcvK2wvM1dkSmhld0hVdVVsZzZqdkpaR3Fv?= =?utf-8?B?eC8yYXMwREY0ZlVDclpwemVJU09FKzZDcjMrVDczeUZVMVllOXdBb2ROSEZ4?= =?utf-8?B?TDZsU2FMQ3JxcGF5RHBGVFE0dXNEbWQ5TG93VzhMMldTSFhJZkk0b0ZOcW43?= =?utf-8?B?SjNRd3V3TTc0SDNlNmpkUnZiUW8veVJWRWRkak1TM084dGsvc1pjQ253Nm93?= =?utf-8?B?dW1CL0Y0MHBkVXBNT21SaWVERVlnUVg4RXhYRFNTbHhmNkpveW9jN200WHdZ?= =?utf-8?B?SnkzMEJLVjZJVEM4Q0kwUjd4SjY0NG9JU1FMSHorRTZ3aU5vN0Z4eXBNd2V2?= =?utf-8?B?Uyt2WWFHc0wxV0RSdTNtK2IyZVQ5dzNISjFON2ZTd3RVMkcvNTNpV2MwaUh0?= =?utf-8?B?U3g4UGFHa3RzYXhXTUZRTnZoRGdJWU9DakdQSDZ6U1lQUWhyanFQNU41dGR6?= =?utf-8?B?Y093UlJBc0t4dmNtMWVGL2srSXUrS3dPdEtRdEZJekJ5d1FJamVFanpQRlRK?= =?utf-8?B?QmgzbzRDTmtqVERWNUtIZG5pcVo5UktwYmNVaURIS0VQdVZEaStVM3NrOTNQ?= =?utf-8?B?dEUyY2I0V2FRM2ZxeW1qNEh2K1RMVjEreUZaVEpadDlLeUhjcDcrNzVUeGcz?= =?utf-8?B?M0xyVkZpU2xReEd6VmxBd2Evc2ZOVTF0ODlCeFNiU3I5M3hpeCtqdzRyS0g0?= =?utf-8?B?dkZLU3hCZHE4OUFRNW43OTNUV3ZHSlJkSFY3aGRqclpPMm5TNE1Ia0xnMjcy?= =?utf-8?B?R1lPU0UzZktWZGd0aUNvWEZscmllOTMxM3NiRU9naVQ1NzA3VUJnOHdnWTJn?= =?utf-8?B?Y3h5WDVmVzFKaDI5cElzQzArQmdrRng3bWJVQVlWVjVYN3g2ZkxLNnhtVG9G?= =?utf-8?B?M29SdlUwcTdxK21PbkVDQnpqUitMMCtMZ0VpdzlsampQVjdyZ2Q5UlZKcWo4?= =?utf-8?Q?VUvOmHpC0CWk4tpU=3D?=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DB6PR1001MB1269.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 362613ff-1352-4b5e-64e9-08da179f1607
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Apr 2022 07:28:46.2231 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: PHxhZiyoW/UY0CLufYad2zq5e1Mh9qtoUKH/BgdOLcWfsSDASmSypCO2sNAAACiTiPangcDKQ7MC8Iab4gqzycohIDSHYtqhbhm9OVf+8Dw=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR10MB2323
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/zWrAD-c8AY1umSp5MEM0D3sN-9g>
X-Mailman-Approved-At: Wed, 06 Apr 2022 06:50:21 -0700
Subject: Re: [lamps] [Anima] /.well-known/brski reference to brski-registry
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Apr 2022 07:28:56 -0000


> Von: Benjamin Kaduk <kaduk@mit.edu>
> Gesendet: Dienstag, 5. April 2022 19:32
> 
> On Sun, Apr 03, 2022 at 10:36:01PM -0400, Sean Turner wrote:
> >
> >
> > > On Apr 1, 2022, at 02:25, Brockhaus, Hendrik
> <hendrik.brockhaus@siemens.com> wrote:
> > >
> > >
> > >> Von: Russ Housley <housley@vigilsec.com>
> > >> Gesendet: Donnerstag, 31. März 2022 19:53
> > >>
> > >>> On Mar 31, 2022, at 12:20 PM, Brockhaus, Hendrik
> > >> <hendrik.brockhaus@siemens.com> wrote:
> > >>>
> > >>> Thank you Michael for rising the questions.
> > >>>
> > >>>> Von: Anima <anima-bounces@ietf.org> Im Auftrag von Michael
> > >>>> Richardson
> > >>>> Gesendet: Donnerstag, 31. März 2022 17:48
> > >>>>
> > >>>>
> > >>>> We were discussing the /.well-known/cmp that is in being proposed
> > >>>> in
> > >>>> draft-ietf- lamps-cmp-updates, We were comparing it to
> > >>>> /.well-known/brski and /.well- known/est.
> > >>>>
> > >>>> Question 2)
> > >>>>  Should the CMP document be establishing a registry or not?
> > >>>>
> > >>> As discussed during IETF 113 I plan to do these things in CMP
> > >>> Updates
> > >>> - register 'cmp' in the "Well-Known URIs" registry
> > >>> - define a protocol registry group "Certificate Management Protocol
> (CMP)"
> > >>> - define a registry for "CMP Well-Known Arbitrary Label URI Segments"
> > >> defining 'p' to be followed by a <profileLabel>.
> > >>> In addition I would define a registry for "CMP Well-Known
> > >>> Operation Label URI
> > >> Segments" in Lightweight CMP Profile containing the path segments
> > >> defined three for http and coap use.
> > >>>
> > >>> Does this makes sense?
> > >>
> > >> Hendrik:
> > >>
> > >> That is consistent with the discussion lat week.
> > >>
> > >> Russ
> > >
> > > Would it also be sufficient to have only one additional registry "CMP Well-
> Known URI Path Segments" containing the arbitrary label 'p' and the operation
> labels?
> > >
> > > Hendrik
> >
> > When the /.well-known/est/ was registered we only did the top level, i.e.,
> /est/. There are no registries for the /.well-known/est/*this part*.  It’s not clear
> to me that you need to do anything more than get /.well-known/cmp.
> >
> > What will be the registration policy [0] for the ‘p’ values? I assume FCFS (first
> come first served)?
> 
> I had assumed that we were just registering the value 'p' in a single combined
> registry of CMP operations and path labels, but that the stuff after 'p' was site-
> local and did not need to be registered.  (Though a FCFS registry for them is not
> wrong.)
> 
> -Ben

Ben, thank you for clarifying this. This is also my understanding and I am about to update the drafts accordingly.

Hendrik

Re: [lamps] [Anima] /.well-known/brski reference … Brockhaus, Hendrik
Re: [lamps] [Anima] /.well-known/brski reference … Russ Housley
Re: [lamps] [Anima] /.well-known/brski reference … Brockhaus, Hendrik
Re: [lamps] [Anima] /.well-known/brski reference … Sean Turner
Re: [lamps] [Anima] /.well-known/brski reference … Michael Richardson
Re: [lamps] [Anima] /.well-known/brski reference … Russ Housley
Re: [lamps] [Anima] /.well-known/brski reference … Brockhaus, Hendrik
Re: [lamps] [Anima] /.well-known/brski reference … Brockhaus, Hendrik
Re: [lamps] [Anima] /.well-known/brski reference … Benjamin Kaduk
Re: [lamps] [Anima] /.well-known/brski reference … Brockhaus, Hendrik