IETF Logo Mail Archive

Re: [yang-doctors] Yangdoctors last call review of draft-ietf-netconf-keystore-02

Kent Watsen <kwatsen@juniper.net> Fri, 28 July 2017 02:12 UTC

Return-Path: <kwatsen@juniper.net>
X-Original-To: yang-doctors@ietfa.amsl.com
Delivered-To: yang-doctors@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5721B131E99; Thu, 27 Jul 2017 19:12:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BXQyw2gP24vh; Thu, 27 Jul 2017 19:12:37 -0700 (PDT)
Received: from NAM03-CO1-obe.outbound.protection.outlook.com (mail-co1nam03on0103.outbound.protection.outlook.com [104.47.40.103]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 61A9E13146E; Thu, 27 Jul 2017 19:12:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=eWCNANLkdwO+zBx4Zh9mZcfjqZNfAc5GG0pDC9N5qhU=; b=E5SDD3haw2chqkOo0dKa2FQ8YQaHZpBGvk/aGEG3O0EMQlhFlriNqvu4Vmvm4Ufrnkdr0xjseMvn3DB7io1gSgZ/YsOjudHtS09pbDDJb2TxPK+UlLXcXRimUlps2/e9eecF2lrrz8vl13hQ8J6tlnGbh36ggvSgZ7XYPzpawXQ=
Received: from BN3PR0501MB1442.namprd05.prod.outlook.com (10.160.117.151) by BN3PR0501MB1235.namprd05.prod.outlook.com (10.160.183.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.1.1304.10; Fri, 28 Jul 2017 02:12:33 +0000
Received: from BN3PR0501MB1442.namprd05.prod.outlook.com ([10.160.117.151]) by BN3PR0501MB1442.namprd05.prod.outlook.com ([10.160.117.151]) with mapi id 15.01.1304.016; Fri, 28 Jul 2017 02:12:33 +0000
From: Kent Watsen <kwatsen@juniper.net>
To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
CC: "yang-doctors@ietf.org" <yang-doctors@ietf.org>, "draft-ietf-netconf-keystore.all@ietf.org" <draft-ietf-netconf-keystore.all@ietf.org>, "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: Yangdoctors last call review of draft-ietf-netconf-keystore-02
Thread-Index: AQHS/tjFB6LSB6mMA0ixt1H16U9uU6Jbyb8AgAEruACAC1e7gA==
Date: Fri, 28 Jul 2017 02:12:33 +0000
Message-ID: <F5E9973C-FCCD-4A96-B0D3-8C735CE911D3@juniper.net>
References: <150028100874.32703.14161403810529927281@ietfa.amsl.com> <B1AC6895-5681-48F8-B7E7-418118120B4E@juniper.net> <20170720165942.GB21506@elstar.local>
In-Reply-To: <20170720165942.GB21506@elstar.local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.20.0.170309
x-originating-ip: [66.129.241.12]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BN3PR0501MB1235; 7:uRDPD/d4iqT7q8JJE64zOwsBS3nbJSCg+XipWZG3vanTcLlJgNrOXFKzfmw3mt//KZrmfafmmiCveLYYi7lZX0RZ/bQnZgUF4KHsyTUw4H9uJTP27nRzUaGv+6A/i4GcMSXt/H6FWBQVha/WRn2Rs/qNr4sjnA0UOsTjLjfyN2cEilCUwPWUzfl4bA/6f7h4PEFi1PcmerGu7DApxrkr3Vkxh3ZcPfYbYFh2611/YaORFZX2IdhRf7+WwDQx59rtuLUAFv/FbYknJj39lwoMIe4yMlxxriENUWflbZ/9KB8qwMjEi/q3GNHaTCH2otGhN9SGmxhADFndDdDbPAASsUa4//mPAYZRvhb9FZZ9dcaUs9QAEjtNJ65mYbUwmvbxD5QFtCWE9jlwU8QDgQqY1EuRSEqsUUbDAGzATi4BB29DwipWRtGJ2H8h03GLGbdtjZbUu2fYCJcGEvywsSoXq6a0jg/NcgzCDZQJHkoSdc7QbbUrn1sP+z1QMYJc4SdtjqaZHrCgQ0vsR652pUNU+YtpJGY6F8i46cncOCjEOp6WnFWDE+S2VC5eC7yza5kiJ3laMfU0gqlYIs845ZI0KFzhLKgVSfIA83BYstM4zYugMcnB1G0n54ORVqHzC8mcKAikaFtT/uPA63rIumI2F6rPER6MN5q3KaWbDHSSP6IB8hj8oSTT7oT7y65h+kIXk13EJ6X/8+dHbmZv08E3P3tLegBiyBy9I0cn9CpB4qoC8q7oECNjrsoY7E1l3l0HIhz1wT/xXRvFukteAsctkO40xzLWuq4/onQNsmCfr2M=
x-ms-office365-filtering-correlation-id: 6f2ca360-7f16-47eb-3fbe-08d4d55e1bdf
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(300000502095)(300135100095)(22001)(2017030254118)(48565401081)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:BN3PR0501MB1235;
x-ms-traffictypediagnostic: BN3PR0501MB1235:
x-exchange-antispam-report-test: UriScan:(158342451672863)(192374486261705);
x-microsoft-antispam-prvs: <BN3PR0501MB1235CC439B4C772659408EE7A5BF0@BN3PR0501MB1235.namprd05.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(5005006)(8121501046)(93006095)(93001095)(3002001)(10201501046)(100000703101)(100105400095)(6055026)(6041248)(20161123558100)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(20161123560025)(20161123555025)(20161123562025)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:BN3PR0501MB1235; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:BN3PR0501MB1235;
x-forefront-prvs: 03827AF76E
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(39840400002)(39410400002)(39400400002)(39850400002)(39450400003)(39860400002)(199003)(51444003)(52314003)(189002)(174864002)(2906002)(5660300001)(229853002)(966005)(7736002)(77096006)(189998001)(6486002)(305945005)(36756003)(14454004)(97736004)(83716003)(102836003)(101416001)(53936002)(6246003)(6916009)(2950100002)(8936002)(6116002)(2900100001)(3846002)(6436002)(6306002)(6512007)(99286003)(4326008)(66066001)(110136004)(81166006)(81156014)(38730400002)(50986999)(76176999)(54356999)(82746002)(8676002)(83506001)(3660700001)(3280700002)(54906002)(25786009)(106356001)(68736007)(4001350100001)(230783001)(105586002)(6506006)(33656002)(478600001)(86362001); DIR:OUT; SFP:1102; SCL:1; SRVR:BN3PR0501MB1235; H:BN3PR0501MB1442.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=kwatsen@juniper.net;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <B8B9F1A2168DEF488033D8B6CF940574@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Jul 2017 02:12:33.6246 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3PR0501MB1235
Archived-At: <https://mailarchive.ietf.org/arch/msg/yang-doctors/eywKecuSaGeXGBSw3haGD-eO618>
Subject: Re: [yang-doctors] Yangdoctors last call review of draft-ietf-netconf-keystore-02
X-BeenThere: yang-doctors@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Email list of the yang-doctors directorate <yang-doctors.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/yang-doctors>, <mailto:yang-doctors-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/yang-doctors/>
List-Post: <mailto:yang-doctors@ietf.org>
List-Help: <mailto:yang-doctors-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/yang-doctors>, <mailto:yang-doctors-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Jul 2017 02:12:40 -0000

Hi Juergen,

 
>> PS: why is ietf@ietf.org in the CC?
>
> I used the datatracker form and it does what it does.

From other responses, it seems that ietf@ietf.org is not meant to be in
the CC, so I removed the alias from the CC on this message.  I wish I 
had done the same on my other response to you sent earlier.  Oh well.

 
> Assuming people will figure out that ... is just a marker, what about
> this?
> 
>   <private-key>...</private-key> <!-- base64 encoded key  -->

For this case, it works out nicely.  But, still, there are other
cases where the string is longer the net result doesn't work out
great.

Rob had an idea of using a footnote to keep the line lengths within
limit.  I'm hoping to not do this, though, as it would be hard to
automate the compilation of the draft, while maintaining validate-
able files.

Here's another idea, it turns out that the string "base64encoded==="
is itself a valid base64 string.  This could be used everywhere.
We would lose information about the structure encoded, but maybe
that's okay, since the examples are in the same section where the
YANG module is located.  Maybe we only need to worry if 1) is it 
readable enough? and 2) are folks still going to copy/paste it 
into examples without thought?

Recap: we're trying to avoid having real base64 encoded data
examples because the net-result is a whole lot of unintelligible
text.  

Not that it has bearing, but I never seriously tried to encode 
the binary structures used in the action statements.  If we 
decided to have real base64 encoded data examples, we'd have
to write custom code for them, which would be a good proof 
point of sorts. That said, it'd be even better if the entire
keystore module were implemented.  Running code, right?


>> - I am not sure I understand trusted-host-keys. On systems that have
>>   multiple user accounts, you usually have a per account list of
>>   trusted host keys in addition to a global system wide list. Perhaps
>>   make it clear that this models the global known hosts list only?
>> 
>> <KENT> it's a list of lists, so there can be many different
>> sets a host-keys defined, with each application/use pointing
>> to its own entry.  The ietf-ssh-client module's grouping has
>> a leafref to a specific entry.  FWIW, this grouping is
>> used by ietf-netconf-client module.  At the moment, there
>> no other uses of this grouping.  I think that you may be
>> getting confused between the key the server presents (the
>> host-key) versus the key user presents.
>> .
>
> I though these are the authorized host keys? Yes, I am confused. If
> these are user public keys, they should not be called host keys. But
> yes, I am confused (but I started to read the other documents).

This leaf encodes an SSH public key (RFC4253, 6.6), same as used in 
/ietf-system/system/user/authorized-key/key-data (and I have changed
this leaf's type to match it in my local copy already), but the uses
are different.  In ietf-system, the authorized-key is configured on
a server in order to authenticate subsequent SSH-client connections.
Here, we're taking about the key that that SSH-server presents to
the client.  These are the host keys that OpenSSL often puts into the 
~/.ssh/known-hosts file.


>> - Should the document title be aligned with other YANG module
>>   definitions, so it is easier to spot it?
>> 
>> <KENT> I don't understand, what do you mean?
>
> We often use "[A] YANG Data Model for ....".
>
> https://en.wikipedia.org/wiki/YANG#Usage_in_Standards
>
> The current name does not say YANG (sometimes I search for YANG 
> in the RFC index) and Keystore is also pretty broad given the
> related work we have.

Gotcha, how about "YANG Data Model for Keystores"?


>> - Since crypto algorithms come and go, is it reasonable to have the
>>   identities defined in a rather static RFC? Would an IANA maintained
>>   identity module perhaps make more sense?
>> 
>> <KENT> Unsure, but I wouldn't suspect needing to make that
>> kind of update for a long time.  If we were to define a 
>> module for algorithm identities, it might lead to us wanting
>> to define every algorithm (not just public-key algs), which
>> could take some time...
>
> I think an IANA maintained registry can be as incomplete or complete
> as the I-D. I understand that the mechanics of working out the proper
> registry can be painful (there likely are already N registries) but
> clearly crypto algorithm identities must be easily extensible.

In another thread, we concluded that we might want to ask SecDir.


>> - Oh, I now see that the key length is embedded in the algorithm
>>   identity. Perhaps clarify this earlier, see my confused comments
>>   above. Anyway, I think this makes the need for an IANA maintained
>>   module even stronger.
>> 
>> <KENT> yes, but your comment before was valid.  I don't see why
>> this makes a stronger case though...
>
> Well, the notion of what is strong changes every N years.

;)


>> - Why do certificate names have to be unique across all keys?
>> 
>> <KENT> because otherwise leafrefs might be ambiguous, right?
>
> OK. Perhaps explain this detail so it is obvious to everybody.

Done.


>> - Since the certs of a key do not contain a signature, where are signed
>>   certificates stored or are they outside the scope of the model?
>> 
>> <KENT> I'm confused, certificates are signed structures already...
>
> Well, the description of certificates/certificate/value says:
>
>   An unsigned PKCS #7 SignedData structure, as specified
>   by Section 9.1 in RFC 2315, containing just certificates
>   (no content, signatures, or CRLs), encoded using ASN.1
>   distinguished encoding rules (DER), as specified in
>   ITU-T X.690.
>
> Yes, I am confused how this works.
 
Okay, now I understand your confusion.  I believe the text is 
accurate.  Think of the PKCS#7 structure being a little like a 
TAR file that contains a directory structure like this:

 pkcs7:
  /signed-info
  /signature   - this sig is only over 'signed-info' ...
  /extra-certificates
  /extra-revocation-objects

So, in this case, we're using a degenerate form of the pkcs7
structure that has no content (signed-info), signature, or CRLs 
(revocation-objects), it only contains the certificates. Perhaps
my use of the word "unsigned" isn't clear enough?


>> - Is there any text needed to explain what happens if actions can't be
>>   carried out, e.g., the algorithm identity is not supported? Can a
>>   client actually learn which algorithm identities are supported or is
>>   the approach simply trial and error?
>> 
>> <KENT> If an action fails, then standard NC/RC error is returned.
>> There is no support to learn which algorithms a server supports,
>> but by supporting this module, the server must support all of
>> these algorithms.
>
> This may raise a red flag by the security people. They take crypto
> agility serious and there might be very valid reasons to not support
> some of the algorithms at a certain point in time. Actually, there is
> a difference between supporting (in the sense of implemented) and
> enabled (in the sense can be used).
>
> Anyway, this is usually regulated by protocol specifications,
> protocols often define mandatory to implement algorithms etc. Is the
> keystore going to interfer with this? Or should it better be silent
> about what is mandatory?
 
Okay, I see your point.  We want the keystore to support as many 
algorithms as possible; this is why we're using identities.  The
keystore is like an application- and (somewhat) protocol-independent
database, anything can be stored in it, but apps (higher-level 
modules) referring to it (via configuration) need to ensure that 
the reference is valid for its use.  The keystore action itself 
may not fail, but the app referring to a value there may have 
issues.  I'm not yet sure what to do here.


>> - I am not sure what 'trusted certificate' here really means. What you
>>   are modeling is a set of sets of certificates. What such a set means
>>   depends on where this list is used. I am not sure what it means for
>>   a certificate in such a set to be 'trusted'.
>> 
>> <KENT> yes, the certs may be used by different modules for
>> different use-cases, but they'd always be trusted.  E.g.,
>> the certs preinstalled by a browser...
>
> If an application (i.e. a RESTCONF server) trusts some set of
> certificates, the certificates in that set become trusted by that
> specific application. But without concrete context, isn't it unclear
> what is trusting a listed certificate and why?
 
Regarding the word "trusted", maybe it's overstating things, but I
think it's accurate.  Regarding "concrete context", I think what
the "fix" for your concern is that clients SHOULD choose meaningful
names for their certificates, such as I do in the keystore example.


>> - What about the // rename to 'data' comment? I like it, renaming to
>>   list certificate { key name; leaf name; leaf data; } seems less
>>   confusing (and it is even shorter). Perhaps something along this
>>   line would be better (not sure I like certificate-set)
>> 
>> 	 +--rw certificate-set* [name]
>>          |  +--rw name                   string
>>          |  +--rw description?           string
>>          |  +--rw certificate* [name]
>>          |     +--rw name    string
>>          |     +--rw data?   binary
>> 
>> 
>> <KENT> "set" doesn't sound too bad - dunno.  Regarding moving
>> "data", see the tail-end of the email I sent on July 11.
>
> Aha. Not sure this resolves this (or I looked at the wrong message).

Sorry, my email was addressed to Martin (CC list) with the subject
"Re: [Netconf] comments on draft-ietf-netconf-keystore-02".  Here:
https://mailarchive.ietf.org/arch/msg/netconf/KXpig_5AsisqhmwoayS3UIVbjEo


> /js

K.

v2.23.0 | Report a Bug | By Email