Re: [Anima] Last Call: <draft-ietf-anima-bootstrapping-keyinfra-20.txt> (Bootstrapping Remote Secure Key Infrastructures (BRSKI)) to Proposed Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Just on this text:

In Section 10.3 the following text exists:

   o  A Trust-On-First-Use (TOFU) mechanism.  A human would be queried
      upon seeing a manufacturer's trust anchor for the first time, and
      then the trust anchor would be installed to the trusted store.
      There are risks with this; even if the key to name is validated
      using something like the WebPKI, there remains the possibility
      that the name is a look alike: e.g, c1sco.com, ...

First, this isn’t REALLY Trust-On-First-Use, and I would prefer that the term be replaced with something like "out-of-band approval".  This would also be a good area for certification services to step in to indicate the trustworthiness of a manufacturer.

Eliot

On 21 May 2019, at 23:21, The IESG <iesg-secretary@xxxxxxxx> wrote:


The IESG has received a request from the Autonomic Networking Integrated
Model and Approach WG (anima) to consider the following document: -
'Bootstrapping Remote Secure Key Infrastructures (BRSKI)'
 <draft-ietf-anima-bootstrapping-keyinfra-20.txt> as Proposed Standard

This is a second Last Call. IoT Directorate review was done after the ANIMA
WG Last Call and consensus to request the publication, and that review resulted
in substantial changes to the document.  

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
ietf@xxxxxxxx mailing lists by 2019-06-04. Exceptionally, comments may be
sent to iesg@xxxxxxxx instead. In either case, please retain the beginning of
the Subject line to allow automated sorting.

Abstract


  This document specifies automated bootstrapping of an Autonomic
  Control Plane.  To do this a remote secure key infrastructure (BRSKI)
  is created using manufacturer installed X.509 certificate, in
  combination with a manufacturer's authorizing service, both online
  and offline.  Bootstrapping a new device can occur using a routable
  address and a cloud service, or using only link-local connectivity,
  or on limited/disconnected networks.  Support for lower security
  models, including devices with minimal identity, is described for
  legacy reasons but not encouraged.  Bootstrapping is complete when
  the cryptographic identity of the new key infrastructure is
  successfully deployed to the device but the established secure
  connection can be used to deploy a locally issued certificate to the
  device as well.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-anima-bootstrapping-keyinfra/

IESG discussion can be tracked via
https://datatracker.ietf.org/doc/draft-ietf-anima-bootstrapping-keyinfra/ballot/

The following IPR Declarations may be related to this I-D:

  https://datatracker.ietf.org/ipr/2816/
  https://datatracker.ietf.org/ipr/3233/
  https://datatracker.ietf.org/ipr/2463/



The document contains these normative downward references.
See RFC 3967 for additional information:
   rfc8368: Using an Autonomic Control Plane for Stable Connectivity of Network Operations, Administration, and Maintenance (OAM) (Informational - IETF stream)



_______________________________________________
Anima mailing list
Anima@xxxxxxxx
https://www.ietf.org/mailman/listinfo/anima

Attachment: signature.asc
Description: Message signed with OpenPGP

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux