IETF Logo Mail Archive

Re: [TLS] draft-wang-tls-raw-public-key-with-ibc-10

Wang Haiguang <wang.haiguang.shieldlab@huawei.com> Sun, 24 March 2019 15:34 UTC

Return-Path: <wang.haiguang.shieldlab@huawei.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E54A130EA6 for <tls@ietfa.amsl.com>; Sun, 24 Mar 2019 08:34:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mGvvlkbzcYCb for <tls@ietfa.amsl.com>; Sun, 24 Mar 2019 08:34:01 -0700 (PDT)
Received: from huawei.com (lhrrgout.huawei.com [185.176.76.210]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 27583130E82 for <tls@ietf.org>; Sun, 24 Mar 2019 08:34:01 -0700 (PDT)
Received: from lhreml702-cah.china.huawei.com (unknown [172.18.7.107]) by Forcepoint Email with ESMTP id 8E48AFB8301CC3C5591F for <tls@ietf.org>; Sun, 24 Mar 2019 15:33:58 +0000 (GMT)
Received: from SINEML706-CAH.china.huawei.com (10.223.161.56) by lhreml702-cah.china.huawei.com (10.201.108.43) with Microsoft SMTP Server (TLS) id 14.3.408.0; Sun, 24 Mar 2019 15:33:57 +0000
Received: from SINEML521-MBX.china.huawei.com ([169.254.1.119]) by SINEML706-CAH.china.huawei.com ([10.223.161.56]) with mapi id 14.03.0415.000; Sun, 24 Mar 2019 23:33:54 +0800
From: Wang Haiguang <wang.haiguang.shieldlab@huawei.com>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] draft-wang-tls-raw-public-key-with-ibc-10
Thread-Index: AdTftNFrvlhWFP56RKG/V+cna1b4df//6R+AgAIwy8WAAKdgAIACSSzv//+V0wCAAKBOgQ==
Date: Sun, 24 Mar 2019 15:33:55 +0000
Message-ID: <0AE05CBFB1A6A0468C8581DAE58A31309E33263E@SINEML521-MBX.china.huawei.com>
References: <0AE05CBFB1A6A0468C8581DAE58A31309E321135@SINEML521-MBX.china.huawei.com> <CABcZeBMfY38Ps4fVk+Y6xuJB9=WjCJVNgyL+aOKp6TVy=s8ZKw@mail.gmail.com> <0AE05CBFB1A6A0468C8581DAE58A31309E323661@SINEML521-MBX.china.huawei.com> <e766492c-07b0-b45f-d6ae-e636422fcd4b@nomountain.net> <0AE05CBFB1A6A0468C8581DAE58A31309E3325C5@SINEML521-MBX.china.huawei.com>, <9242a185-cbf4-e827-902d-c01b03472224@nomountain.net>
In-Reply-To: <9242a185-cbf4-e827-902d-c01b03472224@nomountain.net>
Accept-Language: en-SG, en-US
Content-Language: en-SG
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.220.68.93]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/u_ajWyOllNxcZ01krt3ajkuNAYg>
Subject: Re: [TLS] draft-wang-tls-raw-public-key-with-ibc-10
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Mar 2019 15:34:03 -0000

To handle the compromised key, a revocation list maintained at server side can help. This is similar to the PKI certificate. 

The binding list used by existing raw public in TLS 1.3 actually is a white list. If I have a few million devices, then the white list contains a few million records.   

On the other hand, the number of compromised keys usually should be only a small number.  So the revocation list is much shorter compare to the binding list maintain for raw public.

This is value point of using IBS as signature algorithm. 

TLS with IBS is not proposed for use with the existing browser/server kind of communication. The intention is to use IBS for IoT networks.  

________________________________________
From: Melinda Shore [melinda.shore@nomountain.net]
Sent: Sunday, 24 March, 2019 9:46:44 PM
To: Wang Haiguang; tls@ietf.org
Subject: Re: [TLS] draft-wang-tls-raw-public-key-with-ibc-10

On 3/24/19 4:16 AM, Wang Haiguang wrote:
> We do plan to include an expire date in the identity design. The
> valid period is a decision that should be decide either by the user
> or the PKG manager.

The problem here is that you do not want to get into the
position of allowing a known compromised key to be treated
as valid for, say, a period of several years.  Even if you
replace the private key in the handset, a "compromise"
typically involves the existence of an uncontrolled instance
of the private key.  Consequently you need to either narrowly
constrain the key lifetime or provide a revocation mechanism.

Melinda


--
Software longa, hardware brevis

PGP key fingerprint  4F68 2D93 2A17 96F8 20F2
                     34C0 DFB8 9172 9A76 DB8F

v2.23.0 | Report a Bug | By Email