draft-ietf-netconf-sztp-csr-00.txt   draft-ietf-netconf-sztp-csr-01.txt 
NETCONF Working Group K. Watsen NETCONF Working Group K. Watsen
Internet-Draft Watsen Networks Internet-Draft Watsen Networks
Updates: 8572 (if approved) R. Housley Updates: 8572 (if approved) R. Housley
Intended status: Standards Track Vigil Security, LLC Intended status: Standards Track Vigil Security, LLC
Expires: 5 April 2021 S. Turner Expires: 20 May 2021 S. Turner
sn3rd sn3rd
2 October 2020 16 November 2020
Conveying a Certificate Signing Request (CSR) in a Secure Zero Touch Conveying a Certificate Signing Request (CSR) in a Secure Zero Touch
Provisioning (SZTP) Bootstrapping Request Provisioning (SZTP) Bootstrapping Request
draft-ietf-netconf-sztp-csr-00 draft-ietf-netconf-sztp-csr-01
Abstract Abstract
This draft extends the "get-bootstrapping-data" RPC defined in RFC This draft extends the "get-bootstrapping-data" RPC defined in RFC
8572 to include an optional certificate signing request (CSR), 8572 to include an optional certificate signing request (CSR),
enabling a bootstrapping device to additionally obtain an identity enabling a bootstrapping device to additionally obtain an identity
certificate (e.g., an LDevID, from IEEE 802.1AR) as part of the certificate (e.g., an LDevID, from IEEE 802.1AR) as part of the
"onboarding information" response provided in the RPC-reply. "onboarding information" response provided in the RPC-reply.
Editorial Note (To be removed by RFC Editor) Editorial Note (To be removed by RFC Editor)
skipping to change at page 1, line 42 skipping to change at page 1, line 42
* "XXXX" --> the assigned numerical RFC value for this draft * "XXXX" --> the assigned numerical RFC value for this draft
* "AAAA" --> the assigned RFC value for I-D.ietf-netconf-crypto- * "AAAA" --> the assigned RFC value for I-D.ietf-netconf-crypto-
types types
Artwork in this document contains a placeholder value for the Artwork in this document contains a placeholder value for the
publication date of this draft. Please apply the following publication date of this draft. Please apply the following
replacement: replacement:
* "2020-10-02" --> the publication date of this draft * "2020-11-16" --> the publication date of this draft
This document contains references to other drafts in progress, both This document contains references to other drafts in progress, both
in the Normative References section, as well as in body text in the Normative References section, as well as in body text
throughout. Please update the following references to reflect their throughout. Please update the following references to reflect their
final RFC assignments: final RFC assignments:
* I-D.ietf-netconf-crypto-types * I-D.ietf-netconf-crypto-types
* I-D.ietf-netconf-keystore * I-D.ietf-netconf-keystore
* I-D.ietf-netconf-trust-anchors * I-D.ietf-netconf-trust-anchors
skipping to change at page 2, line 25 skipping to change at page 2, line 25
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 5 April 2021. This Internet-Draft will expire on 20 May 2021.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
skipping to change at page 3, line 7 skipping to change at page 3, line 7
1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3
1.3. Requirements Language . . . . . . . . . . . . . . . . . . 4 1.3. Requirements Language . . . . . . . . . . . . . . . . . . 4
2. The "ietf-sztp-csr" Module . . . . . . . . . . . . . . . . . 4 2. The "ietf-sztp-csr" Module . . . . . . . . . . . . . . . . . 4
2.1. Data Model Overview . . . . . . . . . . . . . . . . . . . 4 2.1. Data Model Overview . . . . . . . . . . . . . . . . . . . 4
2.2. Example Usage . . . . . . . . . . . . . . . . . . . . . . 7 2.2. Example Usage . . . . . . . . . . . . . . . . . . . . . . 7
2.3. YANG Module . . . . . . . . . . . . . . . . . . . . . . . 13 2.3. YANG Module . . . . . . . . . . . . . . . . . . . . . . . 13
3. Security Considerations . . . . . . . . . . . . . . . . . . . 23 3. Security Considerations . . . . . . . . . . . . . . . . . . . 23
3.1. SZTP-Client Considerations . . . . . . . . . . . . . . . 23 3.1. SZTP-Client Considerations . . . . . . . . . . . . . . . 23
3.1.1. Ensuring the Integrity of Asymmetric Private Keys . . 23 3.1.1. Ensuring the Integrity of Asymmetric Private Keys . . 23
3.1.2. Reuse of a Manufacturer-generated Private Key . . . . 23 3.1.2. Reuse of a Manufacturer-generated Private Key . . . . 23
3.1.3. Replay Attack Protection . . . . . . . . . . . . . . 24 3.1.3. Replay Attack Protection . . . . . . . . . . . . . . 23
3.1.4. Connecting to an Untrusted Bootstrap Server . . . . . 24 3.1.4. Connecting to an Untrusted Bootstrap Server . . . . . 24
3.1.5. Selecting the Best Origin Authentication Mechanism . 25 3.1.5. Selecting the Best Origin Authentication Mechanism . 24
3.1.6. Clearing the Private Key and Associated 3.1.6. Clearing the Private Key and Associated
Certificate . . . . . . . . . . . . . . . . . . . . . 25 Certificate . . . . . . . . . . . . . . . . . . . . . 25
3.2. SZTP-Server Considerations . . . . . . . . . . . . . . . 25 3.2. SZTP-Server Considerations . . . . . . . . . . . . . . . 25
3.2.1. Conveying Proof of Possession to a CA . . . . . . . . 25 3.2.1. Conveying Proof of Possession to a CA . . . . . . . . 25
3.2.2. Supporting SZTP-Clients that don't trust the 3.2.2. Supporting SZTP-Clients that don't trust the
SZTP-Server . . . . . . . . . . . . . . . . . . . . . 25 SZTP-Server . . . . . . . . . . . . . . . . . . . . . 25
3.2.3. YANG Module Considerations . . . . . . . . . . . . . 26 3.2.3. YANG Module Considerations . . . . . . . . . . . . . 26
4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 26 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 26
4.1. The "IETF XML" Registry . . . . . . . . . . . . . . . . . 26 4.1. The "IETF XML" Registry . . . . . . . . . . . . . . . . . 26
4.2. The "YANG Module Names" Registry . . . . . . . . . . . . 26 4.2. The "YANG Module Names" Registry . . . . . . . . . . . . 26
5. References . . . . . . . . . . . . . . . . . . . . . . . . . 27 5. References . . . . . . . . . . . . . . . . . . . . . . . . . 26
5.1. Normative References . . . . . . . . . . . . . . . . . . 27 5.1. Normative References . . . . . . . . . . . . . . . . . . 26
5.2. Informative References . . . . . . . . . . . . . . . . . 28 5.2. Informative References . . . . . . . . . . . . . . . . . 27
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 29 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 28
1. Introduction 1. Introduction
1.1. Overview 1.1. Overview
This draft extends the "get-bootstrapping-data" RPC defined in This draft extends the "get-bootstrapping-data" RPC defined in
[RFC8572] to include an optional certificate signing request (CSR) [RFC8572] to include an optional certificate signing request (CSR)
[RFC2986], enabling a bootstrapping device to additionally obtain an [RFC2986], enabling a bootstrapping device to additionally obtain an
identity certificate (e.g., an LDevID [Std-802.1AR-2018]) as part of identity certificate (e.g., an LDevID [Std-802.1AR-2018]) as part of
the "onboarding information" response provided in the RPC-reply. the "onboarding information" response provided in the RPC-reply.
skipping to change at page 11, line 7 skipping to change at page 11, line 7
"pre-configuration-script"), while other implementations convey it "pre-configuration-script"), while other implementations convey it
inside the SZTP "configuration" node. inside the SZTP "configuration" node.
Following are two examples of conveying the signed certificate inside Following are two examples of conveying the signed certificate inside
the "configuration" node. Both examples assume that the SZTP-client the "configuration" node. Both examples assume that the SZTP-client
understands the "ietf-keystore" module defined in understands the "ietf-keystore" module defined in
[I-D.ietf-netconf-keystore]. [I-D.ietf-netconf-keystore].
This first example illustrates the case where the signed certificate This first example illustrates the case where the signed certificate
is for the same asymmetric key used by the SZTP-client's is for the same asymmetric key used by the SZTP-client's
manufacturer-generated identity certificate (e.g., an IDevID). As manufacturer-generated identity certificate (e.g., an IDevID, from
such, the configuration needs to associate the newly signed [Std-802.1AR-2018]). As such, the configuration needs to associate
certificate with the existing asymmetric key: the newly signed certificate with the existing asymmetric key:
=============== NOTE: '\' line wrapping per RFC 8792 ================ =============== NOTE: '\' line wrapping per RFC 8792 ================
{ {
"ietf-keystore:keystore": { "ietf-keystore:keystore": {
"asymmetric-keys": { "asymmetric-keys": {
"asymmetric-key": [ "asymmetric-key": [
{ {
"name": "Manufacturer-Generated Hidden Key", "name": "Manufacturer-Generated Hidden Key",
"public-key-format": "ietf-crypto-types:subject-public-key\ "public-key-format": "ietf-crypto-types:subject-public-key\
skipping to change at page 13, line 12 skipping to change at page 13, line 12
to use the "ietf-truststore" module defined in to use the "ietf-truststore" module defined in
[I-D.ietf-netconf-trust-anchors]. [I-D.ietf-netconf-trust-anchors].
2.3. YANG Module 2.3. YANG Module
This module augments an RPC defined in [RFC8572], uses a data type This module augments an RPC defined in [RFC8572], uses a data type
defined in [I-D.ietf-netconf-crypto-types], has an normative defined in [I-D.ietf-netconf-crypto-types], has an normative
references to [RFC2986] and [ITU.X690.2015], and an informative references to [RFC2986] and [ITU.X690.2015], and an informative
reference to [Std-802.1AR-2018]. reference to [Std-802.1AR-2018].
<CODE BEGINS> file "ietf-sztp-csr@2020-10-02.yang" <CODE BEGINS> file "ietf-sztp-csr@2020-11-16.yang"
module ietf-sztp-csr { module ietf-sztp-csr {
yang-version 1.1; yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-sztp-csr"; namespace "urn:ietf:params:xml:ns:yang:ietf-sztp-csr";
prefix sztp-csr; prefix sztp-csr;
import ietf-sztp-bootstrap-server { import ietf-sztp-bootstrap-server {
prefix sztp-svr; prefix sztp-svr;
reference "RFC 8572: Secure Zero Touch Provisioning (SZTP)"; reference "RFC 8572: Secure Zero Touch Provisioning (SZTP)";
} }
skipping to change at page 14, line 26 skipping to change at page 14, line 26
(https://www.rfc-editor.org/info/rfcXXXX); see the RFC (https://www.rfc-editor.org/info/rfcXXXX); see the RFC
itself for full legal notices. itself for full legal notices.
The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this
document are to be interpreted as described in BCP 14 document are to be interpreted as described in BCP 14
(RFC 2119) (RFC 8174) when, and only when, they appear (RFC 2119) (RFC 8174) when, and only when, they appear
in all capitals, as shown here."; in all capitals, as shown here.";
revision 2020-10-02 { revision 2020-11-16 {
description description
"Initial version"; "Initial version";
reference reference
"RFC XXXX: Conveying a Certificate Signing Request (CSR) "RFC XXXX: Conveying a Certificate Signing Request (CSR)
in a Secure Zero Touch Provisioning (SZTP) in a Secure Zero Touch Provisioning (SZTP)
Bootstrapping Request"; Bootstrapping Request";
} }
identity certificate-request-format { identity certificate-request-format {
description description
skipping to change at page 23, line 37 skipping to change at page 23, line 37
In cases where the device does not possess an HSM, or otherwise is In cases where the device does not possess an HSM, or otherwise is
unable to use an HSM for the private key, it is RECOMMENDED to unable to use an HSM for the private key, it is RECOMMENDED to
regenerate the private key (and associated identity certificates) regenerate the private key (and associated identity certificates)
periodically. Details for how to generate a new private key and periodically. Details for how to generate a new private key and
associate a new identity certificate are outside the scope of this associate a new identity certificate are outside the scope of this
document. document.
3.1.2. Reuse of a Manufacturer-generated Private Key 3.1.2. Reuse of a Manufacturer-generated Private Key
It is RECOMMENDED in [RFC8572] that devices are shipped from It is RECOMMENDED that a new private key is generated for each CSR
manufacturing with a secure device identity certificate (e.g., an described in this document.
IDevID, from [Std-802.1AR-2018]). It is also RECOMMENDED that the
private key for these necessarily long-lived certificates be stored
in an HSM, such as a TPM. Lastly, per the FIXME: guy says that the
the keys/certs aren't always stored in the TPM (see private email
from Aug 13th) previous consideration, when devices generate a new
private key, it is also RECOMMENDED that the private key is protected
by the HSM.
However, it is understood that space on an HSM chip may be limited, This private key SHOULD be protected as well as the built-in private
potentially to the point of not being able to store an additional key associated with the device's initial secure device identity
private key for the CSR described in this document, and that it may certificate (e.g., the IDevID, from [Std-802.1AR-2018]).
not be possible to store hardware-protected keys outside the TPM
(e.g., a TPM-encrypted key stored in non-volatile memory). In such In cases where it it not possible to generate a new private key that
cases, it is RECOMMENDED to reuse the existing hardware-protected is protected as well as the built-in private key, it is RECOMMENDED
private key rather than generate a second private key outside of to reuse the built-in private key rather then generate a new private
protection afforded by the hardware. key that is not as well protected.
3.1.3. Replay Attack Protection 3.1.3. Replay Attack Protection
This RFC enables an SZTP-client to announce an ability to generate This RFC enables an SZTP-client to announce an ability to generate
new key to use for its CSR. new key to use for its CSR.
When the SZTP-server responds with a request for the device to When the SZTP-server responds with a request for the device to
generate a new key, it is essential that the device actually generate a new key, it is essential that the device actually
generates a new key. generates a new key.
 End of changes. 13 change blocks. 
33 lines changed or deleted 26 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/