Christian Amsüss <[email protected]> wrote: > Yes, that's the way I'd hope they could be used. For example, if a > device were onboarded into an ACE domain with three AS that's using the > ACE-OSCORE profile with the devices, they'd obtain three symmetric keys > with a key identifier h'00', h'01' and h'02' respectively, so that when > the device receives a token, it'll try the one key and not any.
No, that part does not make sense.
The voucher is authenticating the (public key) identity of the Registrar (aka
AS) to the Pledge. If you want to do further key derivations, then you'd have
to some PRFs and/or DH (for PFS).
>> It makes me nervous, but just because of the normal shared-key threat
>> model.
> That'd make me nervous too, but see above -- with shared keys, it'd be
> at least my expectation that there's a key for every AS.
> ... which also means that there'd be a need to update data that
> originally came in on an ANIMA voucher, and I don't know whether that's
> better done through ANIMA again or through ACE.
Has to be done through OSCORE/EDHOC.
> The identity a device (after onboarding onto an AS through ANIMA means)
> will have as its operational identity the (AS-URI, audience) tuple,
> confirmed by the shared key(s) it has obtained. It would not receive
> any certificate, and not use the IDevID unless onboarding is started
> anew.
Yes, but the shared key comes from the EDHOC operation.
> Is that identity now an LDevID (even though it has a completely
> different shape than the IDevID), or is a certificate based LDevID
> still created as part of the process, or can the device happily
> complete the ANIMA processes without an LDevID?
I wouldn't call it an LDevID.
You don't need to do EST and ask for an LDevID.
--
Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
