Eliot Lear <l...@cisco.com> wrote:
> What is the thinking on including CRL pointer in the manufacturer
> signing cert? This question came up in industry discussions.
Kent Watsen <kwat...@juniper.net> wrote:
> 802.1AR says that the IDevID secrets must be stored confidentially and
> be not available outside the module. In practice, a crypto processor
> with tamper-resistant NVRAM is used (e.g., TPM). As such, the
> likelihood of the credentials being stolen/discovered are near zero,
> but it is not zero, as a determined adversary with sufficient resources
While 802.1AR would like this, I think that the BRSKI mechanism we are
describing (and re-interpreting for constrained environments in 6tisch) are
very unlikely to have serious tamper-resistant mechanisms for the IDevID
that are seperate from the system in general.
Revoking the IDevID would be useful, but it might be that the MASA can
effect the same thing by refusing to issue an ownership voucher.
This only works if ownership vouchers are to be issued online, or
they can be revoked. This doesn't solve the same problem, but it may have
the same result.
I am also concerned about how many bytes a CRL pointer requires. I'm
guessing it's on the order of 50 bytes for the URL and container.
--
Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima
