If there is always a TLS/DTLS session, then why is there a note in Sec Consid about CMP messages being in the clear?
Deb On Mon, Sep 2, 2024 at 9:17 AM Michael Richardson <[email protected]> wrote: > > Deb Cooley via Datatracker <[email protected]> wrote: > > While this draft clearly outlines the requirements for proof of > possession and > > integrity/authentication of the pledge, I did not see any discussion > on > > integrity/authentication of the RA/CA. How can the pledge determine > if it is > > requesting certificates (either its own or CA) from the proper > RA/CA? One of > > the advantages of EST is that the pledge can verify the EST server > certificate, > > and an on-path attack is harder when there is an adequate TLS > session. Is that > > the case with CMP (or SCEP)? If so, either point me to where that is > > documented or add a couple of sentences on how that is done. If > not, please > > add a section to the Security Considerations. > > Hi, you are asking a BRSKI question, which is a super-set of EST. > This is all in RFC8995, section 5, especially section 5.6.2. > > The short answer is that the RFC8366 voucher pins the RA/CAs' key. > > For CMP, the process is similiar. A TLS or DTLS is still created, > but when it comes to enrollment, EST is not used. > I wonder if including the vouchers in figure 2 would help? > > brski.org contains a bunch of slides, and some videos of a few > presentations > on BRSKI. https://brski.org/brski-impls.html > _Generic Animation of BRSKI - Bootstrapping Remote Secure Key > Infrastructure_ > https://www.youtube.com/watch?v=Mtbh_GN0Ce4 > is something I put together specifically to answer this question. > It's only 5 minutes. Watchable at 1.5X too. > > -- > Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting ) > Sandelman Software Works Inc, Ottawa and Worldwide > > > > >
_______________________________________________ Anima mailing list -- [email protected] To unsubscribe send an email to [email protected]
