randy/draft-l3dl-signing
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

minor tuning after a light russ pass

Browse source
This commit is contained in:
Randy Bush 2019-04-19 15:21:31 -07:00
parent a33b485227
commit bc74ab76a8
1 changed files with 34 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

63
draft-ymbk-lsvr-l3dl-signing.xml
View file

@ -58,12 +58,11 @@
<abstract> <abstract>
<t>The Layer 3 Discovery and Liveness protocol provides for the OPEN <t>The Layer 3 Discovery and Liveness protocol OPEN PDU contains a
PDU to contain a key which can be used to verify signatures on key which can be used to verify signatures on subsequent PDUs. This
subsequent PDUs. This document describes two mechanisms based on document describes two mechanisms based on digital signatures, one
digital signatures, one that is Trust On First Use (TOFU), and one that is Trust On First Use (TOFU), and one that uses certificates to
that uses certificates to provide authentication as well as session provide authentication as well as session integrity.</t>
integrity.</t>
</abstract> </abstract>
@ -84,36 +83,40 @@
<section anchor="intro" title="Introduction"> <section anchor="intro" title="Introduction">
<t>The Layer 3 Discovery and Liveness protocol [old ref because new <t>The Layer 3 Discovery and Liveness protocol [old ref because new
draft not yet pushed] <xref target="I-D.ietf-lsvr-lsoe"/> provides draft not yet pushed] <xref target="I-D.ietf-lsvr-lsoe"/> OPEN PDU
for the OPEN PDU to contain an algorithm specifier and a key which contains an algorithm specifier and a key which can be used to
can be used to verify signatures on subsequent PDUs. This document verify signatures on subsequent PDUs. This document describes two
describes two methods of key generation and signing for use by L3DL, methods of key generation and signing for use by L3DL, Trust On
Trust On First Use (TOFU) and a PKI-based mechanism to provide First Use (TOFU) and a PKI-based mechanism to provide authentication
authentication as well as session integrity.</t> as well as session integrity.</t>
<t>To the receiver, the two methods are indistinguishable, the key
provided in the OPEN PDU is used to verify the signatures on the
subsequent PDUs. The difference is how that key is generated.</t>
<t>In the TOFU method the OPEN key is believed without question and
is used to verify all subsequent PDUs from the same peer with the
same Key Type.</t>
<t>With the PKI-mechanism, an enrollment step is performed. The
public key and an identifier of the subject are put into a
certificate, which is signed by the trust anchor. In this way, the
relying party can be confident that the public key is under control
of the identified L3DL protocol entity.</t>
<t>In the PKI method the OPEN key MUST be verified against the trust
anchor for the operational domain. It is then used to verify all
subsequent PDUs from the same peer with the same Key Type.</t>
<t>The Key in the OPEN PDU SHOULD be the public key of an asymmetric <t>The Key in the OPEN PDU SHOULD be the public key of an asymmetric
key pair. The sender signs with the private key, of course. The key pair. The sender signs with the private key, of course. The
device sending the OPEN may use one key for all links, a different device sending the OPEN may use one key for all links, a different
key for each link, or some aggregation(s) thereof.</t> key for each link, or some aggregation(s) thereof.</t>
<t>In the TOFU method the OPEN key is generated on the sending
device, believed without question by the receiver, and used to
verify all subsequent PDUs from the same sender with the same Key
Type.</t>
<t>With the PKI-mechanism, an enrollment step is performed. The
public key and an identifier of the subject are put into a
certificate, which is signed by the the operational environment's
trust anchor. In this way, the relying party can be confident that
the public key is under control of the identified L3DL protocol
entity.</t>
<t>To the receiver verifying signatures on PDUs, the two methods are
indistinguishable; the key provided in the OPEN PDU is used to
verify the signatures of subsequent PDUs. The difference that
PKI-based keys may be verified against the trust anchor when the
OPEN PDU is received.</t>
<t>In the PKI method the OPEN key MUST be verified against the trust
anchor for the operational domain. It is then used to verify all
subsequent PDUs from the same peer with the same Key Type.</t>
</section> </section>
<section anchor="tofu" title="Trust On First Use Method"> <section anchor="tofu" title="Trust On First Use Method">