Security and Operational considerations for manufacturer generated IDevID
draft-richardson-secdispatch-idevid-considerations-00

Document Type Active Internet-Draft (individual)
Last updated 2020-06-09
Stream (None)
Intended RFC status (None)
Formats plain text html xml pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state I-D Exists
Telechat date
Responsible AD (None)
Send notices to (None)
anima Working Group                                        M. Richardson
Internet-Draft                                  Sandelman Software Works
Intended status: Standards Track                                  W. Pan
Expires: 12 December 2020                            Huawei Technologies
                                                            10 June 2020

   Security and Operational considerations for manufacturer generated
                                 IDevID
         draft-richardson-secdispatch-idevid-considerations-00

Abstract

   This document provides a number of operational modes that a
   manufacturer of devices that include IEEE 802.1AR IDevID certificates
   may choose from.  Different ways of generating and signing the needed
   keypairs are detailed, and the security tradeoffs of each method are
   considered.  This document provides a nomenclature for each mode.

   IDevID certificates are used in ANIMA's BRSKI Manufacturer Authorized
   Signing Authority (MASA) process.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on 12 December 2020.

Copyright Notice

   Copyright (c) 2020 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents (https://trustee.ietf.org/
   license-info) in effect on the date of publication of this document.
   Please review these documents carefully, as they describe your rights

Richardson & Pan        Expires 12 December 2020                [Page 1]
Internet-Draft            IDevID Considerations                June 2020

   and restrictions with respect to this document.  Code Components
   extracted from this document must include Simplified BSD License text
   as described in Section 4.e of the Trust Legal Provisions and are
   provided without warranty as described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Operational Considerations for Manufacturer IDevID Public Key
           Infrastructure  . . . . . . . . . . . . . . . . . . . . .   3
     2.1.  Key Generation process  . . . . . . . . . . . . . . . . .   3
       2.1.1.  On-device private key generation  . . . . . . . . . .   3
       2.1.2.  Off-device private key generation . . . . . . . . . .   4
       2.1.3.  Key setup based on 256-bit secret seed  . . . . . . .   5
     2.2.  Public Key infrastructure for IDevID  . . . . . . . . . .   6
   3.  Privacy Considerations  . . . . . . . . . . . . . . . . . . .   7
   4.  Security Considerations . . . . . . . . . . . . . . . . . . .   7
   5.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   7
   6.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .   7
   7.  Changelog . . . . . . . . . . . . . . . . . . . . . . . . . .   7
   8.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   7
     8.1.  Normative References  . . . . . . . . . . . . . . . . . .   7
     8.2.  Informative References  . . . . . . . . . . . . . . . . .   7
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   9

1.  Introduction

   [I-D.ietf-anima-bootstrapping-keyinfra] introduces a mechanism for
   new devices (called pledges) to be onboarded into a network without
   intervention from an expert operator.

   This mechanism leverages the pre-existing relationship between a
   device and the manufacturer that built the device.  There are two
   aspects to this relationship: the provision of an identity for the
   device by the manufacturer (the IDevID), and a mechanism which
   convinces the device to trust the new owner (the [RFC8366] voucher).

   This document is about the first part: where the device becomes
   trusted by a network operator through a manufacturer provided trust
   anchor.  A second document,
   [I-D.richardson-anima-masa-considerations] deals with the trust
   anchors needed to establish the device to operator trust
   relationship.

   The operator to device trust relationship is in the form of an
   [ieee802-1AR] certificate that is installed at manufacturing time in
   the device.

Richardson & Pan        Expires 12 December 2020                [Page 2]
Internet-Draft            IDevID Considerations                June 2020
Show full document text