PER processing errors - Githubissues

anima-wg / anima-brski-prm

ANIMA BRSKI Pledge in Responder Mode

Other

0 stars 6 forks source link

PER processing errors #91

Closed stfries closed 1 year ago

stfries commented 1 year ago

Comment from Toerless regarding section 6.2.6:

What happens if there is a potentially repairable error on the PER (enrolment) ? I think in BRSKI, the pledge would start over again, creating a new voucher request and then enrolment. Of course we would not want this, because it would mean the registrar-agent would have to run up and down stairs again.

Maybe something like this:

The registrar agent SHOULD send PVR and (after success of PVR) PER in one HTTPS connection. Once the registar has returned a voucher for a pledge to the registrar-agent, it MUST be able to successfully process a PER (enroll the pledge) even if the PER is received in a separate new HTTPS connection from a prior PER. This requirement ensures that a temporary failure for PER processing does not require re-triggering the pledge for new PVR and PER.

stfries commented 1 year ago

The intention was that the registrar-agent behaves like a pledge for the interaction with the registrar, with the exception, that he already has both request objects in place. i.e.:

Opens a TLS connection to the registrar
sends the PVR
waits for the voucher
sends the PER in the same connection
waits for the certificate So it is intended to be handled all via the same https connection. The registrar-agent would wait until he receives all responses.

Proposal to enhance the first paragraph to: After receiving the voucher, the registrar-agent sends the PER to the registrar in the same HTTPS connection similar as described for the PER processing in Section 5.2 of BRSKI.

stfries commented 1 year ago

Default case addressed with the new statement above. Discuss about potential different https connection for providing the PER in case of failures to state that the registrar-agent may "resent" the PER also in a different https connection. May also cope with using a nonceless voucher , which can be pre-provisioned. In this case the pledge would only generate a PER.

stfries commented 1 year ago

Added the following text in section 6.2.6: "In case of inability to send the PER in the same HTTPS connection the registrar-agent may send the PER in a different HTTPS connection as the registrar is able to correlate the PVR and the PER based on the signatures and contained product-serial-number information. Note that this also addresses situations in which a nonceless voucher is used and may be pre-provisioned to the pledge. "

Can be closed.

siethower commented 1 year ago

Small improvements see last commit, can be closed.