Re: [T2TRG] idevid-considerations at -- SecDispatch/IETF108
Carsten Bormann <cabo@tzi.org> Tue, 25 August 2020 00:27 UTC
Return-Path: <cabo@tzi.org>
X-Original-To: t2trg@ietfa.amsl.com
Delivered-To: t2trg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 181D73A0B06 for <t2trg@ietfa.amsl.com>; Mon, 24 Aug 2020 17:27:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.003
X-Spam-Level:
X-Spam-Status: No, score=0.003 tagged_above=-999 required=5 tests=[RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vEghcCwO52mY for <t2trg@ietfa.amsl.com>; Mon, 24 Aug 2020 17:27:38 -0700 (PDT)
Received: from gabriel-vm-2.zfn.uni-bremen.de (gabriel-vm-2.zfn.uni-bremen.de [134.102.50.17]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2B4ED3A0AFF for <t2trg@irtf.org>; Mon, 24 Aug 2020 17:27:37 -0700 (PDT)
Received: from [172.16.42.100] (p5089ae91.dip0.t-ipconnect.de [80.137.174.145]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by gabriel-vm-2.zfn.uni-bremen.de (Postfix) with ESMTPSA id 4Bb8vm0JyZzySW; Tue, 25 Aug 2020 02:27:32 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <4597f6de-6ae7-56ff-1c47-f7edf658a727@sandelman.ca>
Date: Tue, 25 Aug 2020 02:27:31 +0200
Cc: t2trg@irtf.org
X-Mao-Original-Outgoing-Id: 620008051.515885-0bc4f2b22cac1092b139a47ca68fc1a8
Content-Transfer-Encoding: quoted-printable
Message-Id: <95FFAF54-2B2F-4210-8D58-DEC19CD46716@tzi.org>
References: <47C264DC-D59D-49E8-B087-BAF0E23527DD@ericsson.com> <17177.1596684898@localhost> <4597f6de-6ae7-56ff-1c47-f7edf658a727@sandelman.ca>
To: Michael Richardson <mcr+ietf@sandelman.ca>
X-Mailer: Apple Mail (2.3608.120.23.2.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/t2trg/i-I71EdSzMyjUVigq5_wV5hB__w>
Subject: Re: [T2TRG] idevid-considerations at -- SecDispatch/IETF108
X-BeenThere: t2trg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IRTF Thing-to-Thing Research Group <t2trg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/t2trg>, <mailto:t2trg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/t2trg/>
List-Post: <mailto:t2trg@irtf.org>
List-Help: <mailto:t2trg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/t2trg>, <mailto:t2trg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Aug 2020 00:27:41 -0000
Good start, Michael. I have sent a zillion editorial comments (yes, starting from “toxonomy”) to the authors; I really recommend reading the document as soon as they are addressed. It is amazing that even this document occasionally falls into the trap of using the same term for a public key/certificate and a key pair (or even the attribute that is proven by demonstrating the possession of that key pair). That is easy to do because they work in step/in harmony, but we do need to fix our language here. I think that the questions in Section 6 are good ones, but sometimes I feel that more fundamental questions are struggling to come to the light here. Can we find them? The document discusses the issue of “justified parties” for the manufacturing process, but not for the PKI side. Maybe we can expand on that, too. Grüße, Carsten > On 2020-08-19, at 00:46, Michael Richardson <mcr+ietf@sandelman.ca> wrote: > > I have re-posted with a new name, and title: > > https://datatracker.ietf.org/doc/draft-richardson-t2trg-idevid-considerations/ > > A Toxonomy of operational security of manufacturer installed keys and > anchors > draft-richardson-t2trg-idevid-considerations-00 > > Abstract > > This document provides a toxonomy of methods by manufacturers of > silicon and devices secure private keys and public trust anchors. > This deals with two related activities: how trust anchors and private > keys are installed into devices during manufacturer, and how the > related manufacturer held private keys are secured against > disclosure. > > This document does not evaluate the different mechanisms, but rather > just serves to name them in a consistent manner in order to aid in > communication. > > _______________________________________________ > T2TRG mailing list > T2TRG@irtf.org > https://www.irtf.org/mailman/listinfo/t2trg
- [T2TRG] idevid-considerations at -- SecDispatch/I… Michael Richardson
- Re: [T2TRG] idevid-considerations at -- SecDispat… Michael Richardson
- Re: [T2TRG] idevid-considerations at -- SecDispat… Carsten Bormann
- Re: [T2TRG] idevid-considerations at -- SecDispat… Carsten Bormann
- [T2TRG] Laws of Identity and idevid-considerations Michael Richardson