IETF Logo Mail Archive

Re: [TLS] bootstrapping of constrained devices (was: Re: Should TLS 1.3 use an augmented PAKE by default?)

Don Sturek <d.sturek@att.net> Fri, 21 March 2014 15:15 UTC

Return-Path: <d.sturek@att.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3A3B1A09BD for <tls@ietfa.amsl.com>; Fri, 21 Mar 2014 08:15:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.399
X-Spam-Level:
X-Spam-Status: No, score=-1.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, J_CHICKENPOX_15=0.6, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X_Pf_cBiahG6 for <tls@ietfa.amsl.com>; Fri, 21 Mar 2014 08:15:09 -0700 (PDT)
Received: from nm20-vm2.access.bullet.mail.gq1.yahoo.com (nm20-vm2.access.bullet.mail.gq1.yahoo.com [216.39.63.48]) by ietfa.amsl.com (Postfix) with ESMTP id 0491F1A09BC for <tls@ietf.org>; Fri, 21 Mar 2014 08:15:08 -0700 (PDT)
Received: from [216.39.60.165] by nm20.access.bullet.mail.gq1.yahoo.com with NNFMP; 21 Mar 2014 15:14:59 -0000
Received: from [67.195.22.113] by tm1.access.bullet.mail.gq1.yahoo.com with NNFMP; 21 Mar 2014 15:14:59 -0000
Received: from [127.0.0.1] by smtp115.sbc.mail.gq1.yahoo.com with NNFMP; 21 Mar 2014 15:14:59 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=att.net; s=s1024; t=1395414899; bh=P9qjcf6o+CiteRTub6f0PIieFDd6W3m0Xuf5+sUlUhg=; h=X-Yahoo-Newman-Id:X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:X-Rocket-Received:User-Agent:Date:Subject:From:To:CC:Message-ID:Thread-Topic:References:In-Reply-To:Mime-version:Content-type:Content-transfer-encoding; b=aOEgJHm4peTAf6MTK1ioveBBpA1yav5yU4zo+sRiGWBIppo3dUr2dGvSDKL+x0exEcpBM5PvIY11tMoFuxcjw/85Py+VcfJre1RbC3h4Vy4nRfrWPiCNeCaT4q/xBJ0uCocmNF8OlFsdpI0Ji18g1JBDnVayLUPLc6WpvG9eT5I=
X-Yahoo-Newman-Id: 727800.65713.bm@smtp115.sbc.mail.gq1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: 0bYL7v4VM1lBJ8woxeABNrDAdUFuyoh0b3vBpu3dCDEjwUY hy0JSGvhjFA95_M07hLg_Ev9mGk9gpX.fTnQpymAgrwMd9iquWxEZo0eH_H5 RU4qsvwKaWOPzAiN4PI0_GTJWgZiAOBYiaWvsou3UfOydfSwABikyZaCi.q1 LQ_Xc0Ci2_vBOAmBcCOFxxKWpX6Z2WEJbr7dU6dY2ClvC7a5wRPrIkw4UEdz rNEy1ywduzZHWL4hFFxc93mR2ruO0sJIgNqrK5r4nY.YZwUMa9JM4hqBwl9M jeN9F7HeLabbCS8qva.wfEUNYlCJpBC1n_ZJ1bIDQCtjc.S.EuNyR9DfLk0p VkdfBVokSeXNRdCpxgsXAlWXMZlokLy9mNp.C0PPlHW9n48UBwouafaknGg9 yVbP_0NtAY3nIuNj616Z3RHJsI3IZ1iFjCdWacpyurJtRlEJxYlpbsCG5Qh7 ob3ahM5jM7AyZO5qdNCVSpVarTHfL6xX.cvK9gm.fqkDP.PHnYab.SBQPLDY 4SlmgtxyWZQjLRlFOsZlmrJH90Z0Jc4yzwYsG3ZClWUwP7gXZ0PVeLyKlzYX k96xToMh7kQ--
X-Yahoo-SMTP: fvjol_aswBAraSJvMLe2r1XTzhBhbFxY8q8c3jo-
X-Rocket-Received: from [10.0.0.4] (d.sturek@108.225.234.240 with plain [67.195.15.5]) by smtp115.sbc.mail.gq1.yahoo.com with SMTP; 21 Mar 2014 08:14:59 -0700 PDT
User-Agent: Microsoft-MacOutlook/14.3.9.131030
Date: Fri, 21 Mar 2014 08:14:56 -0700
From: Don Sturek <d.sturek@att.net>
To: Michael Sweet <msweet@apple.com>, "t.petch" <ietfc@btconnect.com>
Message-ID: <CF51A439.2A724%d.sturek@att.net>
Thread-Topic: [TLS] bootstrapping of constrained devices (was: Re: Should TLS 1.3 use an augmented PAKE by default?)
References: <53288C43.9010205@mit.edu> <5328B6DF.8070703@fifthhorseman.net> <5328C0C8.9060403@mit.edu> <6b79e0820d349720f12b14d4706a8a5d.squirrel@webmail.dreamhost.com> <CALCETrUz8zCBHiq42GTnkkSaBcpA5pjSvk6kwwPjzn+MtBKMgA@mail.gmail.com> <e38419e3ada3233dbb3f860048703347.squirrel@webmail.dreamhost.com> <CALCETrVgJxfdCxZqc9ttHHNKHm-hdtGbqzHvsQ-6yd5BK=9PDw@mail.gmail.com> <67BAC033-2E23-4F03-A4D9-47875350E6B5@gmail.com> <532B0EAA.5040104@fifthhorseman.net> <8D8698DF-5C06-4F2A-8994-E0A36A987D6D@vpnc.org> <532B1739.80907@fifthhorseman.net> <CADrU+d+GkGU1Da3W6xGuOq4qvd40DdT6+sO6WEZeEag7Q1OiVQ@mail.gmail.com> <532B9B65.4030708@gmail.com> <8FD78E18-C3C7-4085-9E3F-8B60B20F2CB5@apple.com> <045401cf4514$1c0e5ec0$4001a8c0@gateway.2wire.net> <CD2F837D-C9D1-4EDD-BFE9-8BE620A277BD@apple.com>
In-Reply-To: <CD2F837D-C9D1-4EDD-BFE9-8BE620A277BD@apple.com>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/slOGkBa_2wFhDyRGH-Zy0mhuWwQ
Cc: tls@ietf.org
Subject: Re: [TLS] bootstrapping of constrained devices (was: Re: Should TLS 1.3 use an augmented PAKE by default?)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Mar 2014 15:15:11 -0000

Hi Michael,

One approach we used for Smart Energy Profile 2.0 (now IEEE 2030.5) is to
use IEEE 802.1ar certificates.   These are secure device identity
certificates just for authentication.   We don't support OCP on these
certificates, however, it is possible to use CRL.

The purpose is to simply authenticate the device.   If authorization is
wanted, an operational certificate or a whitelist/blacklist can be used.

Don


On 3/21/14 7:57 AM, "Michael Sweet" <msweet@apple.com> wrote:

>Tom,
>
>Yes, self-signed device certificates are the common implementation choice
>and are often generated on the first use/setup of the device (simpler
>than doing it in the factory...)
>
>
>On Mar 21, 2014, at 10:44 AM, t.petch <ietfc@btconnect.com> wrote:
>
>> ----- Original Message -----
>> From: "Michael Sweet" <msweet@apple.com>
>> To: "Rene Struik" <rstruik.ext@gmail.com>
>> Cc: <tls@ietf.org>
>> Sent: Friday, March 21, 2014 12:26 PM
>> 
>> Rene,
>> 
>> Installing device certificates during manufacturing is not a simple
>> process - the factory would need to act as a CA or would need to have a
>> supply of certificates that matches whatever identifiers are used by the
>> devices.  Not to mention how you'd manage revocation if the root was
>> compromised...
>> 
>> <tp>
>> 
>> Michael
>> 
>> In the context of syslog security, some years ago now, the question of
>> device certificates arose and it was said there that they were quite
>> common.  They would be self-signed, which gives much of the needed
>> security, while avoiding issues of CA and root compromise.
>> 
>> Tom Petch
>> 
>> On Mar 20, 2014, at 9:52 PM, Rene Struik <rstruik.ext@gmail.com> wrote:
>> 
>>> Hi Robert:
>>> 
>>> Wouldn't it be much easier to embed device certificates with
>> constrained devices at manufacturing? This may do away with need
>> to store info that is not public on servers.
>>> 
>>> If you could provide some links to discussions in "IoT community
>> groups" interested in this, that would help.
>>> 
>>> Best regards, Rene
>>> 
>>> ==
>>> There is a lot of interest in the IoT community in using some form of
>> PAKE in conjunction with DTLS (or TLS with EAP) for authenticating
>> commissioning/bootstrapping of IoT devices onto IoT networks
>>> 
>>> On 3/20/2014 1:21 PM, Robert Cragie wrote:
>>>> It should be remembered that TLS is used in places other than web
>> browsers - the existence of the DICE WG is testament to this. There is a
>> lot of interest in the IoT community in using some form of PAKE in
>> conjunction with DTLS (or TLS with EAP) for authenticating
>> commissioning/bootstrapping of IoT devices onto IoT networks. I realise
>> this is different to the original proposition in this thread but wanted
>> to draw this to the attention of the WG nevertheless.
>>>> 
>>>> Robert
>>>> 
>>>> On 20 Mar 2014 12:28, "Daniel Kahn Gillmor" <dkg@fifthhorseman.net>
>> wrote:
>>>> On 03/20/2014 12:18 PM, Paul Hoffman wrote:
>>>>> As an important note, you did not define "we" above. A few possible
>> expansions would be:
>>>>> 
>>>>> - The TLS WG, where this thread currently lives, does not get to
>> define Web UI without a charter change.
>>>>> 
>>>>> - The HTTPbis WG has not asked the TLS WG to take over this work,
>> nor has it embraced anything like it.
>>>>> 
>>>>> - The IETF doesn't do this kind of work as a whole body.
>>>>> 
>>>>> - The IAB (of which none of us are part of the "we") might take the
>> topic on and suggest ways which the IETF might do the work.
>>>> 
>>>> yep, thanks for the clarification.  I actually meant "we" in the
>> broad
>>>> sense of "the community of people who care about making
>> communications
>>>> on the web more secure", which includes groups you didn't even
>> mention
>>>> above, like web site designers, systems administrators, etc.
>>>> 
>>>> It's still on-topic here (despite the broad scope implied above)
>> because
>>>> the TLS WG does have a role to play, by considering the merits of
>>>> proposals like http://tools.ietf.org/html/draft-thomson-tls-care, as
>>>> well as considering alternatives that deal with this particular use
>> case.
>>>> 
>>>>>> option (A) is seriously hard, maybe impossible given the state of
>> the
>>>>>> web.  option (B) is terrible.
>>>>> 
>>>>> Exactly right, for any value of "we".
>>>> 
>>>> :(
>>>> 
>>>>        --dkg
>>>> 
>>>>> --
>>> email: rstruik.ext@gmail.com | Skype: rstruik
>>> cell: +1 (647) 867-5658 | US: +1 (415) 690-7363
>> 
>> _________________________________________________________
>> Michael Sweet, Senior Printing System Engineer, PWG Chair
>> 
>
>_________________________________________________________
>Michael Sweet, Senior Printing System Engineer, PWG Chair
>
>_______________________________________________
>TLS mailing list
>TLS@ietf.org
>https://www.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email