-
Notifications
You must be signed in to change notification settings - Fork 5
/
dtbootstrap-anima-keyinfra-35.txt
6720 lines (4901 loc) · 290 KB
/
dtbootstrap-anima-keyinfra-35.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
ANIMA WG M. Pritikin
Internet-Draft Cisco
Intended status: Standards Track M. Richardson
Expires: 29 August 2020 Sandelman
T.T.E. Eckert
Futurewei USA
M.H. Behringer
K.W. Watsen
Watsen Networks
26 February 2020
Bootstrapping Remote Secure Key Infrastructures (BRSKI)
draft-ietf-anima-bootstrapping-keyinfra-35
Abstract
This document specifies automated bootstrapping of an Autonomic
Control Plane. To do this a Secure Key Infrastructure is
bootstrapped. This is done using manufacturer-installed X.509
certificates, in combination with a manufacturer's authorizing
service, both online and offline. We call this process the
Bootstrapping Remote Secure Key Infrastructure (BRSKI) protocol.
Bootstrapping a new device can occur using a routable address and a
cloud service, or using only link-local connectivity, or on limited/
disconnected networks. Support for deployment models with less
stringent security requirements is included. Bootstrapping is
complete when the cryptographic identity of the new key
infrastructure is successfully deployed to the device. The
established secure connection can be used to deploy a locally issued
certificate to the device as well.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 29 August 2020.
Pritikin, et al. Expires 29 August 2020 [Page 1]
Internet-Draft BRSKI February 2020
Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components
extracted from this document must include Simplified BSD License text
as described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 5
1.1. Prior Bootstrapping Approaches . . . . . . . . . . . . . 6
1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 8
1.3. Scope of solution . . . . . . . . . . . . . . . . . . . . 11
1.3.1. Support environment . . . . . . . . . . . . . . . . . 11
1.3.2. Constrained environments . . . . . . . . . . . . . . 11
1.3.3. Network Access Controls . . . . . . . . . . . . . . . 12
1.3.4. Bootstrapping is not Booting . . . . . . . . . . . . 12
1.4. Leveraging the new key infrastructure / next steps . . . 12
1.5. Requirements for Autonomic Network Infrastructure (ANI)
devices . . . . . . . . . . . . . . . . . . . . . . . . . 13
2. Architectural Overview . . . . . . . . . . . . . . . . . . . 13
2.1. Behavior of a Pledge . . . . . . . . . . . . . . . . . . 15
2.2. Secure Imprinting using Vouchers . . . . . . . . . . . . 16
2.3. Initial Device Identifier . . . . . . . . . . . . . . . . 17
2.3.1. Identification of the Pledge . . . . . . . . . . . . 18
2.3.2. MASA URI extension . . . . . . . . . . . . . . . . . 18
2.4. Protocol Flow . . . . . . . . . . . . . . . . . . . . . . 20
2.5. Architectural Components . . . . . . . . . . . . . . . . 23
2.5.1. Pledge . . . . . . . . . . . . . . . . . . . . . . . 23
2.5.2. Join Proxy . . . . . . . . . . . . . . . . . . . . . 23
2.5.3. Domain Registrar . . . . . . . . . . . . . . . . . . 23
2.5.4. Manufacturer Service . . . . . . . . . . . . . . . . 23
2.5.5. Public Key Infrastructure (PKI) . . . . . . . . . . . 24
2.6. Certificate Time Validation . . . . . . . . . . . . . . . 24
2.6.1. Lack of realtime clock . . . . . . . . . . . . . . . 24
2.6.2. Infinite Lifetime of IDevID . . . . . . . . . . . . . 24
2.7. Cloud Registrar . . . . . . . . . . . . . . . . . . . . . 25
2.8. Determining the MASA to contact . . . . . . . . . . . . . 25
3. Voucher-Request artifact . . . . . . . . . . . . . . . . . . 26
3.1. Nonceless Voucher Requests . . . . . . . . . . . . . . . 27
3.2. Tree Diagram . . . . . . . . . . . . . . . . . . . . . . 27
Pritikin, et al. Expires 29 August 2020 [Page 2]
Internet-Draft BRSKI February 2020
3.3. Examples . . . . . . . . . . . . . . . . . . . . . . . . 27
3.4. YANG Module . . . . . . . . . . . . . . . . . . . . . . . 29
4. Proxying details (Pledge - Proxy - Registrar) . . . . . . . . 32
4.1. Pledge discovery of Proxy . . . . . . . . . . . . . . . . 33
4.1.1. Proxy GRASP announcements . . . . . . . . . . . . . . 35
4.2. CoAP connection to Registrar . . . . . . . . . . . . . . 36
4.3. Proxy discovery and communication of Registrar . . . . . 36
5. Protocol Details (Pledge - Registrar - MASA) . . . . . . . . 38
5.1. BRSKI-EST TLS establishment details . . . . . . . . . . . 39
5.2. Pledge Requests Voucher from the Registrar . . . . . . . 40
5.3. Registrar Authorization of Pledge . . . . . . . . . . . . 42
5.4. BRSKI-MASA TLS establishment details . . . . . . . . . . 43
5.4.1. MASA authentication of customer Registrar . . . . . . 43
5.5. Registrar Requests Voucher from MASA . . . . . . . . . . 44
5.5.1. MASA renewal of expired vouchers . . . . . . . . . . 46
5.5.2. MASA pinning of registrar . . . . . . . . . . . . . . 46
5.5.3. MASA checking of voucher request signature . . . . . 46
5.5.4. MASA verification of domain registrar . . . . . . . . 47
5.5.5. MASA verification of pledge
prior-signed-voucher-request . . . . . . . . . . . . 48
5.5.6. MASA nonce handling . . . . . . . . . . . . . . . . . 48
5.6. MASA and Registrar Voucher Response . . . . . . . . . . . 48
5.6.1. Pledge voucher verification . . . . . . . . . . . . . 51
5.6.2. Pledge authentication of provisional TLS
connection . . . . . . . . . . . . . . . . . . . . . 52
5.7. Pledge BRSKI Status Telemetry . . . . . . . . . . . . . . 53
5.8. Registrar audit-log request . . . . . . . . . . . . . . . 54
5.8.1. MASA audit log response . . . . . . . . . . . . . . . 55
5.8.2. Calculation of domainID . . . . . . . . . . . . . . . 58
5.8.3. Registrar audit log verification . . . . . . . . . . 58
5.9. EST Integration for PKI bootstrapping . . . . . . . . . . 60
5.9.1. EST Distribution of CA Certificates . . . . . . . . . 60
5.9.2. EST CSR Attributes . . . . . . . . . . . . . . . . . 60
5.9.3. EST Client Certificate Request . . . . . . . . . . . 61
5.9.4. Enrollment Status Telemetry . . . . . . . . . . . . . 61
5.9.5. Multiple certificates . . . . . . . . . . . . . . . . 63
5.9.6. EST over CoAP . . . . . . . . . . . . . . . . . . . . 63
6. Clarification of transfer-encoding . . . . . . . . . . . . . 63
7. Reduced security operational modes . . . . . . . . . . . . . 63
7.1. Trust Model . . . . . . . . . . . . . . . . . . . . . . . 64
7.2. Pledge security reductions . . . . . . . . . . . . . . . 64
7.3. Registrar security reductions . . . . . . . . . . . . . . 65
7.4. MASA security reductions . . . . . . . . . . . . . . . . 66
7.4.1. Issuing Nonceless vouchers . . . . . . . . . . . . . 67
7.4.2. Trusting Owners on First Use . . . . . . . . . . . . 67
7.4.3. Updating or extending voucher trust anchors . . . . . 68
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 69
8.1. The IETF XML Registry . . . . . . . . . . . . . . . . . . 69
Pritikin, et al. Expires 29 August 2020 [Page 3]
Internet-Draft BRSKI February 2020
8.2. YANG Module Names Registry . . . . . . . . . . . . . . . 69
8.3. Well-known EST registration . . . . . . . . . . . . . . . 69
8.4. PKIX Registry . . . . . . . . . . . . . . . . . . . . . . 70
8.5. Pledge BRSKI Status Telemetry . . . . . . . . . . . . . . 70
8.6. DNS Service Names . . . . . . . . . . . . . . . . . . . . 70
9. Applicability to the Autonomic Control Plane (ACP) . . . . . 71
9.1. Operational Requirements . . . . . . . . . . . . . . . . 72
9.1.1. MASA Operational Requirements . . . . . . . . . . . . 72
9.1.2. Domain Owner Operational Requirements . . . . . . . . 73
9.1.3. Device Operational Requirements . . . . . . . . . . . 74
10. Privacy Considerations . . . . . . . . . . . . . . . . . . . 74
10.1. MASA audit log . . . . . . . . . . . . . . . . . . . . . 74
10.2. What BRSKI-EST reveals . . . . . . . . . . . . . . . . . 75
10.3. What BRSKI-MASA reveals to the manufacturer . . . . . . 76
10.4. Manufacturers and Used or Stolen Equipment . . . . . . . 78
10.5. Manufacturers and Grey market equipment . . . . . . . . 79
10.6. Some mitigations for meddling by manufacturers . . . . . 80
10.7. Death of a manufacturer . . . . . . . . . . . . . . . . 81
11. Security Considerations . . . . . . . . . . . . . . . . . . . 81
11.1. Denial of Service (DoS) against MASA . . . . . . . . . . 82
11.2. DomainID must be resistant to second-preimage
attacks . . . . . . . . . . . . . . . . . . . . . . . . 83
11.3. Availability of good random numbers . . . . . . . . . . 83
11.4. Freshness in Voucher-Requests . . . . . . . . . . . . . 83
11.5. Trusting manufacturers . . . . . . . . . . . . . . . . . 84
11.6. Manufacturer Maintenance of trust anchors . . . . . . . 85
11.6.1. Compromise of Manufacturer IDevID signing
keys . . . . . . . . . . . . . . . . . . . . . . . . 87
11.6.2. Compromise of MASA signing keys . . . . . . . . . . 87
11.6.3. Compromise of MASA web service . . . . . . . . . . . 89
11.7. YANG Module Security Considerations . . . . . . . . . . 90
12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 90
13. References . . . . . . . . . . . . . . . . . . . . . . . . . 90
13.1. Normative References . . . . . . . . . . . . . . . . . . 90
13.2. Informative References . . . . . . . . . . . . . . . . . 94
Appendix A. IPv4 and non-ANI operations . . . . . . . . . . . . 98
A.1. IPv4 Link Local addresses . . . . . . . . . . . . . . . . 98
A.2. Use of DHCPv4 . . . . . . . . . . . . . . . . . . . . . . 98
Appendix B. mDNS / DNSSD proxy discovery options . . . . . . . . 98
Appendix C. Example Vouchers . . . . . . . . . . . . . . . . . . 99
C.1. Keys involved . . . . . . . . . . . . . . . . . . . . . . 99
C.1.1. Manufacturer Certificate Authority for IDevID
signatures . . . . . . . . . . . . . . . . . . . . . 100
C.1.2. MASA key pair for voucher signatures . . . . . . . . 101
C.1.3. Registrar Certificate Authority . . . . . . . . . . . 103
C.1.4. Registrar key pair . . . . . . . . . . . . . . . . . 104
C.1.5. Pledge key pair . . . . . . . . . . . . . . . . . . . 105
C.2. Example process . . . . . . . . . . . . . . . . . . . . . 107
Pritikin, et al. Expires 29 August 2020 [Page 4]
Internet-Draft BRSKI February 2020
C.2.1. Pledge to Registrar . . . . . . . . . . . . . . . . . 107
C.2.2. Registrar to MASA . . . . . . . . . . . . . . . . . . 110
C.2.3. MASA to Registrar . . . . . . . . . . . . . . . . . . 116
Appendix D. Additional References . . . . . . . . . . . . . . . 120
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 120
1. Introduction
The Bootstrapping Remote Secure Key Infrastructure (BRSKI) protocol
provides a solution for secure zero-touch (automated) bootstrap of
new (unconfigured) devices that are called pledges in this document.
Pledges have an IDevID installed in them at the factory.
"BRSKI" is pronounced like "brewski", a colloquial term for beer in
Canada and parts of the US-midwest. [brewski]
This document primarily provides for the needs of the ISP and
Enterprise focused ANIMA Autonomic Control Plane (ACP)
[I-D.ietf-anima-autonomic-control-plane]. This bootstrap process
satisfies the [RFC7575] requirements of section 3.3 of making all
operations secure by default. Other users of the BRSKI protocol will
need to provide separate applicability statements that include
privacy and security considerations appropriate to that deployment.
Section 9 explains the detailed applicability for this the ACP usage.
The BRSKI protocol requires a significant amount of communication
between manufacturer and owner: in its default modes it provides a
cryptographic transfer of control to the initial owner. In its
strongest modes, it leverages sales channel information to identify
the owner in advance. Resale of devices is possible, provided that
the manufacturer is willing to authorize the transfer. Mechanisms to
enable transfers of ownership without manufacturer authorization are
not included in this version of the protocol, but could be designed
into future versions.
This document describes how pledges discover (or are discovered by)
an element of the network domain to which the pledge belongs that
will perform the bootstrap. This element (device) is called the
registrar. Before any other operation, pledge and registrar need to
establish mutual trust:
1. Registrar authenticating the pledge: "Who is this device? What
is its identity?"
2. Registrar authorizing the pledge: "Is it mine? Do I want it?
What are the chances it has been compromised?"
Pritikin, et al. Expires 29 August 2020 [Page 5]
Internet-Draft BRSKI February 2020
3. Pledge authenticating the registrar: "What is this registrar's
identity?"
4. Pledge authorizing the registrar: "Should I join this network?"
This document details protocols and messages to answer the above
questions. It uses a TLS connection and an PKIX-shaped (X.509v3)
certificate (an IEEE 802.1AR [IDevID] IDevID) of the pledge to answer
points 1 and 2. It uses a new artifact called a "voucher" that the
registrar receives from a "Manufacturer Authorized Signing Authority"
(MASA) and passes to the pledge to answer points 3 and 4.
A proxy provides very limited connectivity between the pledge and the
registrar.
The syntactic details of vouchers are described in detail in
[RFC8366]. This document details automated protocol mechanisms to
obtain vouchers, including the definition of a 'voucher-request'
message that is a minor extension to the voucher format (see
Section 3) defined by [RFC8366].
BRSKI results in the pledge storing an X.509 root certificate
sufficient for verifying the registrar identity. In the process a
TLS connection is established that can be directly used for
Enrollment over Secure Transport (EST). In effect BRSKI provides an
automated mechanism for the "Bootstrap Distribution of CA
Certificates" described in [RFC7030] Section 4.1.1 wherein the pledge
"MUST [...] engage a human user to authorize the CA certificate using
out-of-band" information. With BRSKI the pledge now can automate
this process using the voucher. Integration with a complete EST
enrollment is optional but trivial.
BRSKI is agile enough to support bootstrapping alternative key
infrastructures, such as a symmetric key solutions, but no such
system is described in this document.
1.1. Prior Bootstrapping Approaches
To literally "pull yourself up by the bootstraps" is an impossible
action. Similarly the secure establishment of a key infrastructure
without external help is also an impossibility. Today it is commonly
accepted that the initial connections between nodes are insecure,
until key distribution is complete, or that domain-specific keying
material (often pre-shared keys, including mechanisms like SIM cards)
is pre-provisioned on each new device in a costly and non-scalable
manner. Existing automated mechanisms are known as non-secured
'Trust on First Use' (TOFU) [RFC7435], 'resurrecting duckling'
[Stajano99theresurrecting] or 'pre-staging'.
Pritikin, et al. Expires 29 August 2020 [Page 6]
Internet-Draft BRSKI February 2020
Another prior approach has been to try and minimize user actions
during bootstrapping, but not eliminate all user-actions. The
original EST protocol [RFC7030] does reduce user actions during
bootstrap but does not provide solutions for how the following
protocol steps can be made autonomic (not involving user actions):
* using the Implicit Trust Anchor [RFC7030] database to authenticate
an owner specific service (not an autonomic solution because the
URL must be securely distributed),
* engaging a human user to authorize the CA certificate using out-
of-band data (not an autonomic solution because the human user is
involved),
* using a configured Explicit TA database (not an autonomic solution
because the distribution of an explicit TA database is not
autonomic),
* and using a Certificate-Less TLS mutual authentication method (not
an autonomic solution because the distribution of symmetric key
material is not autonomic).
These "touch" methods do not meet the requirements for zero-touch.
There are "call home" technologies where the pledge first establishes
a connection to a well known manufacturer service using a common
client-server authentication model. After mutual authentication,
appropriate credentials to authenticate the target domain are
transferred to the pledge. This creates several problems and
limitations:
* the pledge requires realtime connectivity to the manufacturer
service,
* the domain identity is exposed to the manufacturer service (this
is a privacy concern),
* the manufacturer is responsible for making the authorization
decisions (this is a liability concern),
BRSKI addresses these issues by defining extensions to the EST
protocol for the automated distribution of vouchers.
Pritikin, et al. Expires 29 August 2020 [Page 7]
Internet-Draft BRSKI February 2020
1.2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
The following terms are defined for clarity:
ANI: The Autonomic Network Infrastructure as defined by
[I-D.ietf-anima-reference-model]. Section 9 details specific
requirements for pledges, proxies and registrars when they are
part of an ANI.
Circuit Proxy: A stateful implementation of the join proxy. This is
the assumed type of proxy.
drop-ship: The physical distribution of equipment containing the
"factory default" configuration to a final destination. In zero-
touch scenarios there is no staging or pre-configuration during
drop-ship.
Domain: The set of entities that share a common local trust anchor.
This includes the proxy, registrar, Domain Certificate Authority,
Management components and any existing entity that is already a
member of the domain.
domainID: The domain IDentity is a unique value based upon the
Registrar CA's certificate. Section 5.8.2 specifies how it is
calculated.
Domain CA: The domain Certification Authority (CA) provides
certification functionalities to the domain. At a minimum it
provides certification functionalities to a registrar and manages
the private key that defines the domain. Optionally, it certifies
all elements.
enrollment: The process where a device presents key material to a
network and acquires a network-specific identity. For example
when a certificate signing request is presented to a certification
authority and a certificate is obtained in response.
imprint: The process where a device obtains the cryptographic key
material to identify and trust future interactions with a network.
This term is taken from Konrad Lorenz's work in biology with new
ducklings: during a critical period, the duckling would assume
that anything that looks like a mother duck is in fact their
Pritikin, et al. Expires 29 August 2020 [Page 8]
Internet-Draft BRSKI February 2020
mother. An equivalent for a device is to obtain the fingerprint
of the network's root certification authority certificate. A
device that imprints on an attacker suffers a similar fate to a
duckling that imprints on a hungry wolf. Securely imprinting is a
primary focus of this document [imprinting]. The analogy to
Lorenz's work was first noted in [Stajano99theresurrecting].
IDevID: An Initial Device Identity X.509 certificate installed by
the vendor on new equipment. This is a term from 802.1AR [IDevID]
IPIP Proxy: A stateless proxy alternative.
Join Proxy: A domain entity that helps the pledge join the domain.
A join proxy facilitates communication for devices that find
themselves in an environment where they are not provided
connectivity until after they are validated as members of the
domain. For simplicity this document sometimes uses the term of
'proxy' to indicate the join proxy. The pledge is unaware that
they are communicating with a proxy rather than directly with a
registrar.
Join Registrar (and Coordinator): A representative of the domain
that is configured, perhaps autonomically, to decide whether a new
device is allowed to join the domain. The administrator of the
domain interfaces with a "join registrar (and coordinator)" to
control this process. Typically a join registrar is "inside" its
domain. For simplicity this document often refers to this as just
"registrar". Within [I-D.ietf-anima-reference-model] this is
referred to as the "join registrar autonomic service agent".
Other communities use the abbreviation "JRC".
LDevID: A Local Device Identity X.509 certificate installed by the
owner of the equipment. This is a term from 802.1AR [IDevID]
manufacturer: the term manufacturer is used throughout this document
to be the entity that created the device. This is typically the
"original equipment manufacturer" or OEM, but in more complex
situations it could be a "value added retailer" (VAR), or possibly
even a systems integrator. In general, it a goal of BRSKI to
eliminate small distinctions between different sales channels.
The reason for this is that it permits a single device, with a
uniform firmware load, to be shipped directly to all customers.
This eliminates costs for the manufacturer. This also reduces the
number of products supported in the field increasing the chance
that firmware will be more up to date.
MASA Audit-Log: An anonymized list of previous owners maintained by
Pritikin, et al. Expires 29 August 2020 [Page 9]
Internet-Draft BRSKI February 2020
the MASA on a per device (per pledge) basis. Described in
Section 5.8.1.
MASA Service: A third-party Manufacturer Authorized Signing
Authority (MASA) service on the global Internet. The MASA signs
vouchers. It also provides a repository for audit-log information
of privacy protected bootstrapping events. It does not track
ownership.
nonced: a voucher (or request) that contains a nonce (the normal
case).
nonceless: a voucher (or request) that does not contain a nonce,
relying upon accurate clocks for expiration, or which does not
expire.
offline: When an architectural component cannot perform realtime
communications with a peer, either due to network connectivity or
because the peer is turned off, the operation is said to be
occurring offline.
Ownership Tracker: An Ownership Tracker service on the global
Internet. The Ownership Tracker uses business processes to
accurately track ownership of all devices shipped against domains
that have purchased them. Although optional, this component
allows vendors to provide additional value in cases where their
sales and distribution channels allow for accurate tracking of
such ownership. Ownership tracking information is indicated in
vouchers as described in [RFC8366]
Pledge: The prospective (unconfigured) device, which has an identity
installed at the factory.
(Public) Key Infrastructure: The collection of systems and processes
that sustain the activities of a public key system. The registrar
acts as an [RFC5280] and [RFC5272] (see section 7) "Registration
Authority".
TOFU: Trust on First Use. Used similarly to [RFC7435]. This is
where a pledge device makes no security decisions but rather
simply trusts the first registrar it is contacted by. This is
also known as the "resurrecting duckling" model.
Voucher: A signed artifact from the MASA that indicates to a pledge
the cryptographic identity of the registrar it should trust.
There are different types of vouchers depending on how that trust
is asserted. Multiple voucher types are defined in [RFC8366]
Pritikin, et al. Expires 29 August 2020 [Page 10]
Internet-Draft BRSKI February 2020
1.3. Scope of solution
1.3.1. Support environment
This solution (BRSKI) can support large router platforms with multi-
gigabit inter-connections, mounted in controlled access data centers.
But this solution is not exclusive to large equipment: it is intended
to scale to thousands of devices located in hostile environments,
such as ISP provided CPE devices which are drop-shipped to the end
user. The situation where an order is fulfilled from distributed
warehouse from a common stock and shipped directly to the target
location at the request of a domain owner is explicitly supported.
That stock ("SKU") could be provided to a number of potential domain
owners, and the eventual domain owner will not know a-priori which
device will go to which location.
The bootstrapping process can take minutes to complete depending on
the network infrastructure and device processing speed. The network
communication itself is not optimized for speed; for privacy reasons,
the discovery process allows for the pledge to avoid announcing its
presence through broadcasting.
Nomadic or mobile devices often need to acquire credentials to access
the network at the new location. An example of this is mobile phone
roaming among network operators, or even between cell towers. This
is usually called handoff. BRSKI does not provide a low-latency
handoff which is usually a requirement in such situations. For these
solutions BRSKI can be used to create a relationship (an LDevID) with
the "home" domain owner. The resulting credentials are then used to
provide credentials more appropriate for a low-latency handoff.
1.3.2. Constrained environments
Questions have been posed as to whether this solution is suitable in
general for Internet of Things (IoT) networks. This depends on the
capabilities of the devices in question. The terminology of
[RFC7228] is best used to describe the boundaries.
The solution described in this document is aimed in general at non-
constrained (i.e., class 2+ [RFC7228]) devices operating on a non-
Challenged network. The entire solution as described here is not
intended to be useable as-is by constrained devices operating on
challenged networks (such as 802.15.4 Low-power Lossy Networks
(LLN)s).
Specifically, there are protocol aspects described here that might
result in congestion collapse or energy-exhaustion of intermediate
battery powered routers in an LLN. Those types of networks should
Pritikin, et al. Expires 29 August 2020 [Page 11]
Internet-Draft BRSKI February 2020
not use this solution. These limitations are predominately related
to the large credential and key sizes required for device
authentication. Defining symmetric key techniques that meet the
operational requirements is out-of-scope but the underlying protocol
operations (TLS handshake and signing structures) have sufficient
algorithm agility to support such techniques when defined.
The imprint protocol described here could, however, be used by non-
energy constrained devices joining a non-constrained network (for
instance, smart light bulbs are usually mains powered, and speak
802.11). It could also be used by non-constrained devices across a
non-energy constrained, but challenged network (such as 802.15.4).
The certificate contents, and the process by which the four questions
above are resolved do apply to constrained devices. It is simply the
actual on-the-wire imprint protocol that could be inappropriate.
1.3.3. Network Access Controls
This document presumes that network access control has either already
occurred, is not required, or is integrated by the proxy and
registrar in such a way that the device itself does not need to be
aware of the details. Although the use of an X.509 Initial Device
Identity is consistent with IEEE 802.1AR [IDevID], and allows for
alignment with 802.1X network access control methods, its use here is
for pledge authentication rather than network access control.
Integrating this protocol with network access control, perhaps as an
Extensible Authentication Protocol (EAP) method (see [RFC3748]), is
out-of-scope.
1.3.4. Bootstrapping is not Booting
This document describes "bootstrapping" as the protocol used to
obtain a local trust anchor. It is expected that this trust anchor,
along with any additional configuration information subsequently
installed, is persisted on the device across system restarts
("booting"). Bootstrapping occurs only infrequently such as when a
device is transferred to a new owner or has been reset to factory
default settings.
1.4. Leveraging the new key infrastructure / next steps
As a result of the protocol described herein, the bootstrapped
devices have the Domain CA trust anchor in common. An end entity
certificate has optionally been issued from the Domain CA. This
makes it possible to securely deploy functionalities across the
domain, e.g:
* Device management.
Pritikin, et al. Expires 29 August 2020 [Page 12]
Internet-Draft BRSKI February 2020
* Routing authentication.
* Service discovery.
The major intended benefit is that it possible to use the credentials
deployed by this protocol to secure the Autonomic Control Plane (ACP)
([I-D.ietf-anima-autonomic-control-plane]).
1.5. Requirements for Autonomic Network Infrastructure (ANI) devices
The BRSKI protocol can be used in a number of environments. Some of
the options in this document are the result of requirements that are
out of the ANI scope. This section defines the base requirements for
ANI devices.
For devices that intend to become part of an Autonomic Network
Infrastructure (ANI) ([I-D.ietf-anima-reference-model]) that includes
an Autonomic Control Plane
([I-D.ietf-anima-autonomic-control-plane]), the BRSKI protocol MUST
be implemented.
The pledge must perform discovery of the proxy as described in
Section 4.1 using Generic Autonomic Signaling Protocol (GRASP)'s DULL
[I-D.ietf-anima-grasp] M_FLOOD announcements.
Upon successfully validating a voucher artifact, a status telemetry
MUST be returned. See Section 5.7.
An ANIMA ANI pledge MUST implement the EST automation extensions
described in Section 5.9. They supplement the [RFC7030] EST to
better support automated devices that do not have an end user.
The ANI Join Registrar Autonomic Service Agent (ASA) MUST support all
the BRSKI and above listed EST operations.
All ANI devices SHOULD support the BRSKI proxy function, using
circuit proxies over the ACP. (See Section 4.3)
2. Architectural Overview
The logical elements of the bootstrapping framework are described in
this section. Figure 1 provides a simplified overview of the
components.
Pritikin, et al. Expires 29 August 2020 [Page 13]
Internet-Draft BRSKI February 2020
+------------------------+
+--------------Drop Ship----------------| Vendor Service |
| +------------------------+
| | M anufacturer| |
| | A uthorized |Ownership|
| | S igning |Tracker |
| | A uthority | |
| +--------------+---------+
| ^
| | BRSKI-
V | MASA
+-------+ ............................................|...
| | . | .
| | . +------------+ +-----------+ | .
| | . | | | | | .
|Pledge | . | Join | | Domain <-------+ .
| | . | Proxy | | Registrar | .
| <-------->............<-------> (PKI RA) | .
| | | BRSKI-EST | | .
| | . | | +-----+-----+ .
|IDevID | . +------------+ | e.g. RFC7030 .
| | . +-----------------+----------+ .
| | . | Key Infrastructure | .
| | . | (e.g., PKI Certificate | .
+-------+ . | Authority) | .
. +----------------------------+ .
. .
................................................
"Domain" components
Figure 1: Architecture Overview
We assume a multi-vendor network. In such an environment there could
be a Manufacturer Service for each manufacturer that supports devices
following this document's specification, or an integrator could
provide a generic service authorized by multiple manufacturers. It
is unlikely that an integrator could provide Ownership Tracking
services for multiple manufacturers due to the required sales channel
integrations necessary to track ownership.
The domain is the managed network infrastructure with a Key
Infrastructure the pledge is joining. The domain provides initial
device connectivity sufficient for bootstrapping through a proxy.
The domain registrar authenticates the pledge, makes authorization
decisions, and distributes vouchers obtained from the Manufacturer
Service. Optionally the registrar also acts as a PKI Certification
Authority.
Pritikin, et al. Expires 29 August 2020 [Page 14]
Internet-Draft BRSKI February 2020
2.1. Behavior of a Pledge
The pledge goes through a series of steps, which are outlined here at
a high level.
------------
/ Factory \
\ default /
-----+------
|
+------v-------+
| (1) Discover |
+------------> |
| +------+-------+
| |
| +------v-------+
| | (2) Identify |
^------------+ |
| rejected +------+-------+
| |
| +------v-------+
| | (3) Request |
| | Join |
| +------+-------+
| |
| +------v-------+
| | (4) Imprint |
^------------+ |
| Bad MASA +------+-------+
| response | send Voucher Status Telemetry
| +------v-------+
| | (5) Enroll |<---+ (non-error HTTP codes )
^------------+ |\___/ (e.g. 202 'Retry-After')
| Enroll +------+-------+
| Failure |
| -----v------
| / Enrolled \
^------------+ |
Factory \------------/
reset
Figure 2: Pledge State Diagram
State descriptions for the pledge are as follows:
1. Discover a communication channel to a registrar.
Pritikin, et al. Expires 29 August 2020 [Page 15]
Internet-Draft BRSKI February 2020
2. Identify itself. This is done by presenting an X.509 IDevID
credential to the discovered registrar (via the proxy) in a TLS
handshake. (The registrar credentials are only provisionally
accepted at this time).
3. Request to join the discovered registrar. A unique nonce is
included ensuring that any responses can be associated with this
particular bootstrapping attempt.
4. Imprint on the registrar. This requires verification of the
manufacturer-service-provided voucher. A voucher contains
sufficient information for the pledge to complete authentication
of a registrar. This document details this step in depth.
5. Enroll. After imprint an authenticated TLS (HTTPS) connection
exists between pledge and registrar. Enrollment over Secure
Transport (EST) [RFC7030] can then be used to obtain a domain
certificate from a registrar.
The pledge is now a member of, and can be managed by, the domain and
will only repeat the discovery aspects of bootstrapping if it is
returned to factory default settings.
This specification details integration with EST enrollment so that
pledges can optionally obtain a locally issued certificate, although
any Representational State Transfer (REST) (see [REST]) interface
could be integrated in future work.
2.2. Secure Imprinting using Vouchers
A voucher is a cryptographically protected artifact (using a digital
signature) to the pledge device authorizing a zero-touch imprint on
the registrar domain.
The format and cryptographic mechanism of vouchers is described in
detail in [RFC8366].
Vouchers provide a flexible mechanism to secure imprinting: the
pledge device only imprints when a voucher can be validated. At the
lowest security levels the MASA can indiscriminately issue vouchers
and log claims of ownership by domains. At the highest security
levels issuance of vouchers can be integrated with complex sales
channel integrations that are beyond the scope of this document. The
sales channel integration would verify actual (legal) ownership of
the pledge by the domain. This provides the flexibility for a number
of use cases via a single common protocol mechanism on the pledge and
registrar devices that are to be widely deployed in the field. The
MASA services have the flexibility to leverage either the currently
Pritikin, et al. Expires 29 August 2020 [Page 16]
Internet-Draft BRSKI February 2020
defined claim mechanisms or to experiment with higher or lower
security levels.
Vouchers provide a signed but non-encrypted communication channel
among the pledge, the MASA, and the registrar. The registrar
maintains control over the transport and policy decisions, allowing
the local security policy of the domain network to be enforced.
2.3. Initial Device Identifier
Pledge authentication and pledge voucher-request signing is via a
PKIX-shaped certificate installed during the manufacturing process.
This is the 802.1AR Initial Device Identifier (IDevID), and it
provides a basis for authenticating the pledge during the protocol
exchanges described here. There is no requirement for a common root
PKI hierarchy. Each device manufacturer can generate its own root
certificate. Specifically, the IDevID enables:
1. Uniquely identifying the pledge by the Distinguished Name (DN)
and subjectAltName (SAN) parameters in the IDevID. The unique
identification of a pledge in the voucher objects are derived
from those parameters as described below. Section 10.3 discusses
privacy implications of the identifier.
2. Provides a cryptographic authentication of the pledge to the
Registrar (see Section 5.3).
3. Secure auto-discovery of the pledge's MASA by the registrar (see
Section 2.8).
4. Signing of voucher-request by the pledge's IDevID (see
Section 3).
5. Provides a cryptographic authentication of the pledge to the MASA
(see Section 5.5.5).
Section 7.2.13 (2009 edition) and section 8.10.3 (2018 edition) of
[IDevID] discusses keyUsage and extendedKeyUsage extensions in the
IDevID certificate. [IDevID] acknowledges that adding restrictions
in the certificate limits applicability of these long-lived
certificates. This specification emphasizes this point, and
therefore RECOMMENDS that no key usage restrictions be included.
This is consistent with [RFC5280] section 4.2.1.3, which does not
require key usage restrictions for end entity certificates.
Pritikin, et al. Expires 29 August 2020 [Page 17]
Internet-Draft BRSKI February 2020
2.3.1. Identification of the Pledge
In the context of BRSKI, pledges have a 1:1 relationship with a
"serial-number". This serial-number is used both in the "serial-
number" field of voucher or voucher-requests (see Section 3) and in
local policies on registrar or MASA (see Section 5).
The serialNumber field is defined in [RFC5280]. That specification
allows for the field to be omitted if there is a good technical
reason. IDevID certificates for use with this protocol are REQUIRED
to include the "serialNumber" attribute with the device's unique
serial number (from [IDevID] section 7.2.8, and [RFC5280] section
4.1.2.2's list of standard attributes).
The serialNumber field is used as follows by the pledge to build the
"serial-number" that is placed in the voucher-request. In order to
build it, the fields need to be converted into a serial-number of
"type string".
An example of a printable form of the "serialNumber" field is
provided in [RFC4519] section 2.31 ("WI-3005"). That section further
provides equality and syntax attributes.
Due to the reality of existing device identity provisioning
processes, some manufacturers have stored serial-numbers in other
fields. Registrar's SHOULD be configurable, on a per-manufacturer
basis, to look for serial-number equivalents in other fields.
As explained in Section 5.5 the Registrar MUST extract the serial-
number again itself from the pledge's TLS certificate. It can
consult the serial-number in the pledge-request if there are any
possible confusion about the source of the serial-number.
2.3.2. MASA URI extension
This document defines a new PKIX non-critical certificate extension
to carry the MASA URI. This extension is intended to be used in the
IDevID certificate. The URI is represented as described in
Section 7.4 of [RFC5280].
The URI provides the authority information. The BRSKI "/.well-known"
tree ([RFC5785]) is described in Section 5.
A complete URI MAY be in this extension, including the 'scheme',