Re: [Ace] Alissa Cooper's No Objection on draft-ietf-ace-coap-est-17: (with COMMENT)
Hi Alissa This commit https://github.com/SanKumar2015/EST-coaps/commit/a45eda375f4b228b4bcb29e142e 393cddbaa4e6a tries to address your feedback. The full discussion is in https://github.com/SanKumar2015/EST-coaps/issues/157 Let us know if it does not make sense. Rgs, Panos -Original Message- From: Ace On Behalf Of Panos Kampanakis (pkampana) Sent: Thursday, December 19, 2019 11:50 PM To: Alissa Cooper ; The IESG Cc: draft-ietf-ace-coap-...@ietf.org; i...@augustcellars.com; ace-cha...@ietf.org; ace@ietf.org Subject: Re: [Ace] Alissa Cooper's No Objection on draft-ietf-ace-coap-est-17: (with COMMENT) Hi Alissa, Thank you for the feedback. > "It is also RECOMMENDED that the Implicit Trust Anchor database used > for EST server authentication is carefully managed to reduce the > chance of a third-party CA with poor certification practices > jeopardizing authentication." > > This strikes me as a slightly odd use of normative language (what are the exception cases when the trust anchor database should not be carefully managed?). > The blurb is directly from RFC7030. We reiterate it here to point it out as a best practice and then we present a potential deviation from it for constrained environments. To avoid this confusion we can rephrase it as As discussed in Section 6 of [RFC7030], it is "RECOMMENDED that the Implicit Trust Anchor database used for EST server authentication is carefully managed to reduce the chance of a third-party CA with poor certification practices jeopardizing authentication. Disabling the Implicit Trust Anchor database after successfully receiving the Distribution of CA certificates response (Section 4.1.3 of [RFC7030]) limits any risk to the first DTLS exchange." [...] Rgs, Panos -Original Message- From: Ace On Behalf Of Alissa Cooper via Datatracker Sent: Tuesday, December 17, 2019 2:35 PM To: The IESG Cc: draft-ietf-ace-coap-...@ietf.org; i...@augustcellars.com; ace-cha...@ietf.org; ace@ietf.org Subject: [Ace] Alissa Cooper's No Objection on draft-ietf-ace-coap-est-17: (with COMMENT) Alissa Cooper has entered the following ballot position for draft-ietf-ace-coap-est-17: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-ace-coap-est/ -- COMMENT: -- Section 10.1: "It is also RECOMMENDED that the Implicit Trust Anchor database used for EST server authentication is carefully managed to reduce the chance of a third-party CA with poor certification practices jeopardizing authentication." This strikes me as a slightly odd use of normative language (what are the exception cases when the trust anchor database should not be carefully managed?). ___ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace ___ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace smime.p7s Description: S/MIME cryptographic signature ___ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
Re: [Ace] Alissa Cooper's No Objection on draft-ietf-ace-coap-est-17: (with COMMENT)
Hi Alissa, Thank you for the feedback. > "It is also RECOMMENDED that the Implicit Trust Anchor database used > for EST server authentication is carefully managed to reduce the > chance of a third-party CA with poor certification practices > jeopardizing authentication." > > This strikes me as a slightly odd use of normative language (what are the > exception cases when the trust anchor database should not be carefully > managed?). > The blurb is directly from RFC7030. We reiterate it here to point it out as a best practice and then we present a potential deviation from it for constrained environments. To avoid this confusion we can rephrase it as As discussed in Section 6 of [RFC7030], it is "RECOMMENDED that the Implicit Trust Anchor database used for EST server authentication is carefully managed to reduce the chance of a third-party CA with poor certification practices jeopardizing authentication. Disabling the Implicit Trust Anchor database after successfully receiving the Distribution of CA certificates response (Section 4.1.3 of [RFC7030]) limits any risk to the first DTLS exchange." [...] Rgs, Panos -Original Message- From: Ace On Behalf Of Alissa Cooper via Datatracker Sent: Tuesday, December 17, 2019 2:35 PM To: The IESG Cc: draft-ietf-ace-coap-...@ietf.org; i...@augustcellars.com; ace-cha...@ietf.org; ace@ietf.org Subject: [Ace] Alissa Cooper's No Objection on draft-ietf-ace-coap-est-17: (with COMMENT) Alissa Cooper has entered the following ballot position for draft-ietf-ace-coap-est-17: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-ace-coap-est/ -- COMMENT: -- Section 10.1: "It is also RECOMMENDED that the Implicit Trust Anchor database used for EST server authentication is carefully managed to reduce the chance of a third-party CA with poor certification practices jeopardizing authentication." This strikes me as a slightly odd use of normative language (what are the exception cases when the trust anchor database should not be carefully managed?). ___ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace ___ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
[Ace] Alissa Cooper's No Objection on draft-ietf-ace-coap-est-17: (with COMMENT)
Alissa Cooper has entered the following ballot position for draft-ietf-ace-coap-est-17: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-ace-coap-est/ -- COMMENT: -- Section 10.1: "It is also RECOMMENDED that the Implicit Trust Anchor database used for EST server authentication is carefully managed to reduce the chance of a third-party CA with poor certification practices jeopardizing authentication." This strikes me as a slightly odd use of normative language (what are the exception cases when the trust anchor database should not be carefully managed?). ___ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace