Closed csosto-pk closed 4 years ago
A separate response to one of Ben's specific questions
When proof-of-possession is desired, a set of actions are required regarding the use of tls-unique, described in Section 3.5 in [RFC7030]. The tls-unique information consists of the contents of
I see the note in the shepherd writeup about converting EST to use TLS exporters rather than tls-unique in a separate update document. Where is that work happening? The discussion in Section 10.1 is helpful (and we could do well to reference it from here) but does not inspire great confidence in the reader that such work will come to fruition.
Sean Turner had expressed interest in submitting something with me about this. He told me he was going to ask for help from Benjamin B. from INRIA as well. That was back in April 2019.
I don't think there are any volunteers for the moment. Panos K. schreef op 2019-09-04 19:25:
When proof-of-possession is desired, a set of actions are required regarding the use of tls-unique, described in Section 3.5 in [RFC7030]. The tls-unique information consists of the contents of
I see the note in the shepherd writeup about converting EST to use TLS exporters rather than tls-unique in a separate update document. Where is that work happening? The discussion in Section 10.1 is helpful (and we could do well to reference it from here) but does not inspire great confidence in the reader that such work will come to fruition.
-- You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub [1], or mute the thread [2].
[1] https://github.com/SanKumar2015/EST-coaps/issues/150?email_source=notifications&email_token=ADCZGQLVU5T2LSETJIODUGDQH7VQXA5CNFSM4ITUPLZ2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD54KWDY#issuecomment-528001807 [2] https://github.com/notifications/unsubscribe-auth/ADCZGQJHLN5YWF5262STVI3QH7VQXANCNFSM4ITUPLZQ
Some more comments from Ben's AD review that we addressed after -13 iteration.
I think we also need to at least mandate extended-master-secret to be used on the underlying DTLS connection. (That is, assuming that we don't want to lock down to specific, non-vulnerable, ciphersuites -- RFC 7925 only has TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 as MTI, not MTU.)
Extended-master-secret discussed in the list. Ben' agreed with Michael on that from a crypto perspective, we should do that. From a protocol-specification perspective, we should retain parity with classic EST and only update when it does. So we should probably mostly ignore this other than trying to kick off work on classic EST, and mandating extended-master-secret.
Clients and servers MUST support the short resource EST-coaps URIs.
Are they expected to also support the long EST URIs over CoAP?
No. We used to have it there, but it was removed after we received WG feedback that pointed out that we can't make our minds what to use and we let the implementers use what they want. So we decided to be more specific and pick short URIs only.
In the context of CoAP, the presence and location of (path to) the EST resources are discovered by sending a GET request to "/.well- known/core" including a resource type (RT) parameter with the value "ace.est*" [RFC6690]. The example below shows the discovery over
Is that a literal asterisk, for ace dot est star? (1) Why? (2) It probably merits a mention in the text to confirm it for the reader.
Nothing to fix here. Discussed in the WG list.
encryptedKey attribute in a KeyTransRecipientInfo structure. Finally, if the asymmetric encryption key is suitable for key agreement, the generated private key is encrypted with a symmetric key which is encrypted by the client defined (in the CSR) asymmetric
In the key-agreement case, the symmetric key-encryption key is the result of the key-agreement operation, no? In which case it is not itself encrypted, but rather the server's ephemeral public value is sent.
No. In the asymmetric case the server generated private key is still encrypted with a symmetric key which the client does not know. In order to provide that key to the client in order to decrypt the server uses assymetric encryption. So the server encrypts the symmetric key with the client's public key (assymetric transport key or asymmetric key agreement key). The client decrypts with his private key and is able to get the symmetric key and thus then decrypt the server generated identity public key. Slightly confusing I know...
public key and is carried in an recipientEncryptedKeys attribute in a KeyAgreeRecipientInfo.
[RFC7030] recommends the use of additional encryption of the returned private key. For the context of this specification, clients and servers that choose to support server-side key generation MUST support unprotected (PKCS#8) private keys (Content-Format 284). Symmetric or asymmetric encryption of the private key (CMS EnvelopedData, Content-Format 280) SHOULD be supported for deployments where end-to-end encryption needs to be provided between the client and a server. Such cases could include architectures where an entity between the client and the CA terminates the DTLS connection (Registrar in Figure 4).
This carefully says nothing about recommendations for use, only for software support. Are we letting 7030's recommendation for use of encryption stand? It's probably worth being explicit, either way.
EST mandated two layers of encryption but did not say how the extra encryption can be established. It is counter-intuitive to say we don't trust the DTLS connection and we require more encryption on top of it. Due to how hard it is to establish the keys for the extra encryption and that if the DTLS channel is not secure we have bigger problems, I do not agree this paragraph should be here. I added text to say
This document does not strongly recommend CMS encryption on top of the DTLS channel like [RFC7030] unless mandated by the usecase.
It is recommended, based on experiments, to follow the default CoAP configuration parameters ([RFC7252]). However, depending on the implementation scenario, retransmissions and timeouts can also occur on other networking layers, governed by other configuration parameters. A change in a server parameter MUST ensure the adjusted value is also available to all the endpoints with which these adjusted values are to be used to communicate.
I don't understand who this is a normative requirement upon. Is it the network operator's, to propagate configuration changes? Or is there supposed to be some automated protocol that makes adjusted values available?
Point taken and discussed in the list. Text was changed to reflect Ben's recommendation and now reads When a change in a server parameter has taken place, the parameter values in the communicating endpoints MUST be adjusted as necessary.
tenth packet of 63 bytes. The client sends an IPv6 packet containing the UDP datagram with the DTLS record that encapsulates the CoAP request 10 times. The server returns an IPv6 packet containing the UDP datagram with the DTLS record that encapsulates the CoAP response. The CoAP request-response exchange with block option is
The definite vs. indefinite articles here don't seem quite right, and each of the 10 datagrams do not encapsulate the entire CoAP request.
Discussed in the list and converged to the text added in the draft.
The client sends an IPv6 packet containing a UDP datagram with DTLS record protection that encapsulates a CoAP request 10 times (one fragment of the request per block). The server returns an IPv6 packet containing a UDP datagram with the DTLS record that encapsulates the CoAP response.
This issue to be closed after Ben K. confirms it and we upload -14 iteration.
A couple of follow ups from Ben K. and how we addressed them
In Section 4, I think we need to put the "for" back in "requests for a trusted certificate list".
ACK. Done.
Also, refresh my memory: did we decide that there's no need to explicitly mandate the use of the "extended_master_secret" TLS extension?
Yes. There is a thread with Michael Richardson, Jim S. about updating EST-coaps to use RFC5705 in the CSR.
Jim had suggested that
If this work is going to happen it needs to be done as an update to the EST RFC. I don't know if it would be better to do that in LAMPS rather than here. Currently I do not know of anybody who is going to do this.This is my issue and I am willing to let it slide for the time being.
Ben said
From a crypto perspective, we should do that. From a protocol-specification perspective, we should retain parity with classic EST and only update when it does. So we should probably mostly ignore this other than trying to kick off work on classic EST, and mandating extended-master-secret.
And Michael agreed
okay, good.
So, we decided to let this slide assuming it would take place in EST.
BTW, I agree with that approach. I think extended-master-secret is a good idea, but I don't see it specific to EST, EST-coaps. I don't think we should add normative language for extended-master-secret as it is assumed for any app using (D)TLS as the underlying tunnel. The (D)TLS requirements EST and EST-coaps RFCs require are mostly related to the protocol itself (CSR, PoP etc) and the environments (ciphersuites for COAPS).
I'd also change the note about supported_groups vs. Supported Elliptic Curves to read "In addition, in DTLS 1.3 the Supported Elliptic Curves extension has been renamed to Supported Groups."
ACK. Fixed.
I think we can move /csrattrs to the bottom of Table 2 (thank you for changing Table 1!).
ACK. Fixed.
With the changes to the example in Figure 3, can you walk me through the block-size negotiation? Quoting:
POST [2001:db8::2:1]:61616/est/sen(CON)(1:N1/0/256){CSR (frag# N1+1)}--> | ... Immediate response when certificate is ready ... | <-- (ACK) (1:N1/0/256) (2:0/1/256) (2.04 Changed){Cert resp (frag# 1)} POST [2001:db8::2:1]:61616/est/sen (CON)(2:1/0/128) --> <-- (ACK) (2:1/1/128) (2.04 Changed) {Cert resp (frag# 2)}
So the ACK to the final fragment of the POST includes (2:0/1/256), or the first fragment of a 256-byte-fragmented version of the response.
Right.
The client then goes and asks for (2:1/0/128), which is the second fragment of a 128-byte-fragmented version of the response. Is that just going to be the last 128 bytes of the thing it already got from the server? If so, is that something it would actually do (e.g., if it had to drop part of the server's response due to a buffer-size limitation) or is it not possible to only have part of a fragment (so it would need to either ask for (2:0/0/128) or (2:2/0/128)?
The client ACKs the first Block2 fragment the server sent, but you are on to something here. The client cannot ask for 128-bytes unless it is his first Block2 request (NUM=0). So, Fig 2 and Fig 3 violated RFC7959 by asking for smaller (128B) blocks when acknowledging the first Block2 from the server. To ask for a Block2 size the client would need to add a Block2 option in his last fragmented Block1 request. That would complicate the example which was not intended for a COAP BLOCK example. So I updated both Fig 2 and Fig 3 to not use /128
and changed the text too. That was a good catch.
It looks like you removed the text about "[the two representations] do not have to be in a particular order since each representation is preceded by its Content-Format ID" based on my remark about core-multipart-ct; that document has since been approved by the IESG and is explicitly confirming that there is no specific ordering requirement (in contrast to multipart/mixed), so we could put that clause back in this document if desired.
Good to know. I added it back.
I consider it more likely than not that a directorate reviewer will want to tweak the added language at the end of Section 5.8 explaining our divergence from RFC 7030; if you want to preemptively reword, my suggestion would be "Although [RFC7030] strongly recommends that clients request the use of CMS encryption on top of the TLS channel's protection, this document does not make such a recommendation; CMS encryption can still be used when mandated by the use case."
Looks good. I updated the text.
All added in https://github.com/SanKumar2015/EST-coaps/commit/d16c53d3360430b5587021dc1a2d31f668c0c0fe#comments
Also, refresh my memory: did we decide that there's no need to explicitly mandate the use of the "extended_master_secret" TLS extension?
Yes. There is a thread with Michael Richardson, Jim S. about updating EST-coaps to use RFC5705 in the CSR.
Jim had suggested that
If this work is going to happen it needs to be done as an update to the EST RFC. I don't know if it would be better to do that in LAMPS rather than here. Currently I do not know of anybody who is going to do this.This is my issue and I am willing to let it slide for the time being.
Ben said
From a crypto perspective, we should do that. From a protocol-specification perspective, we should retain parity with classic EST and only update when it does. So we should probably mostly ignore this other than trying to kick off work on classic EST, and mandating extended-master-secret.
And Michael agreed
okay, good.
So, we decided to let this slide assuming it would take place in EST.
BTW, I agree with that approach. I think extended-master-secret is a good idea, but I don't see it specific to EST, EST-coaps. I don't think we should add normative language for extended-master-secret as it is assumed for any app using (D)TLS as the underlying tunnel. The (D)TLS requirements EST and EST-coaps RFCs require are mostly related to the protocol itself (CSR, PoP etc) and the environments (ciphersuites for COAPS).
Hmm, I think I was interpreting that exchange differently -- I thought the work that would take place in (on?) EST was to switch from using tls-unique to using TLS Exporters; using extended-master-secret can be done independently of that change and is something we could fairly easily mandate for coap-EST.
I added sentence Implementers should use the Extended Master Secret Extension in DTLS [RFC7627] to prevent such attacks
in Section 10.1 where we talk about the 3SHAKE attack that RFC7627 and extended-master-secret aims to protect against.
The Commit is here https://github.com/SanKumar2015/EST-coaps/commit/150b8cab423de7bc34bdcc13fbf01477b30ed5f1
Addressed in https://tools.ietf.org/html/draft-ietf-ace-coap-est-15 . Closing this issue.
Answer's to Ben's comments (including discussion on the ACE mailing list with @petervanderstok , Jim S. ):
Addressed in the mailing list discussion with Ben.
Peter added in the text.
Yes.
Removed the unnecessary phrase
the server is expected to trust that certificate
Used
the certified public key
in the text.Peter fixed in the text.
Fixed.
client identity public key
.Fixed by Peter.
client identity private key
. Fixed.Addressed in text.
Fixed in text.
Fixed. Added the text.
Yes. We had extensive discussions in the WG about this. There is nothing else we could do due to the COAP spec.
Peter fixed in text.
Right. This is now part of the text in Section 5.1
We made sure this is clear in the protocol design section so readers can see it early in the document.
Yes, but we though they would be clearer separate.
Peter fixed in text.
Addressed with a new table.
Peter rephrased to
[...]which are preceded by an immediately returned empty ACK[...]
Nah. We had explicit comments in the list to not put normative language the repeats normative language from other standards.
Peter fixed.
Peter added text to point to the appendix.
Peter fixed.
Peter fixed in text.
Right. Addressed in the example.
Right. I updated the line to be more accurate
<-- (ACK) (1:N1/0/256) (2:0/1/256) (2.04 Changed){Cert resp (frag# 1)}
Nothing to address for this.
Peter fixed in text.
This was discussed in WG mailing list.
Rephrased to
In all respects, the server treats the CSR as it would treat any enroll or re-enroll CSR; the only distinction here is that the server MUST ignore the public key values
Fixed by Peter.
Fixed by Peter.
Fixed in text by Peter.
Fixed in text by Peter.
Done in text.
I made the "OPTIONALLY" lowercase. Authorization does not need to happen by a Registrar. For some usecases authentication is enough.
I added quotes to show this is directly from RFC7030.
Fixed in text by Peter.
Fixed in text by Peter.
Always. Removed the rest of the sentence.
Peter added
at the Registrar
.Yes. There was already normative text saying
Table 1 contains the URI mappings between EST-coaps and EST
Addressed in the text by Peter.
Peter addressed in the text.
Peter adjusted the text.
Correct. [This document] was added in all lines.
Fixed in text.
Peter added in text.
Yes, Peter adjusted the text.
Right. That is why we kept it normative.
Peter added
or
.This is self explanatory. No need to add text here.
Peter fixed by using
interleaves
.This is to comply with the text in RFC7030. After you get the new Explicit TA you need to start using it.
Agreed in the mailing list that this was not necessary.
Peter adjusted the text.
I commented it out.
I rephrased to
by using a TLS exporter [RFC5705] in TLS 1.2 or TLS 1.3's updated exporter (Section 7.5 of [RFC8446]) value in place of the tls-unique value in the CSR.
I did not split the tls-unique paragraph into a separate subsection because I am not sure we need to reference it somewhere in the draft. This is a security consideration that offers a potential solution that practically does not exist as a standard, so I am not sure where we can reference it in the draft.
Good point. I rephrased slithtly to say
value generated from an exporter would break backwards compatibility for an RA that proxies through to a classic EST server.
It is the former. Agreed. We kept it there.
This is only to say that if you are going from COAP environments to HTTP CAs you need a registrar. We do not recommend clients going to server directly. I rephrased a little in the text to
when direct client-server connections are not possible
.Agreed. Peter adjusted the text.
We rephrased in the text to clarify it.
Rephrased to
client can authenticate the Registrar
.It is not mandatory. Some clients may trust the server if its cert can be authenticated without caring if it is an RA or not.
Peter adjusted in the text.
All addressed in the references by Peter.
Addressed in the references by Peter .
Added in the references by Peter
Fixed by Peter.
Yes. Also discussed in mailing list.
You are right. We changed the lengths to exclude counting the quotes. And similarly we used two bytes for the port.
Text was added
The CSR also contains an id-on-hardwareModuleName hardware identifier to customize the returned certificate to the requesting device (See [RFC7299] and [I-D.moskowitz-ecdsa-pki]).
Peter removed the passphrase encryption for the private key.
No. This is just an example for completeness.
Peter removed.
Added
around 29 bytes
.Peter removed.
It is not important as discussed in the mailing list.
We meant the
256
in1:0/1/256
.Peter fixed.
This is sample output, we chose not to address and add explanatory text as state above.
Indeed! Nothing to change there.