idnits 2.17.1 draft-hallambaker-mesh-security-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The abstract seems to contain references ([1]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (April 4, 2019) is 1849 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- -- Looks like a reference, but probably isn't: '1' on line 1518 Summary: 1 error (**), 0 flaws (~~), 1 warning (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group P. Hallam-Baker 3 Internet-Draft April 4, 2019 4 Intended status: Informational 5 Expires: October 6, 2019 7 Mathematical Mesh Part VII: Security Considerations 8 draft-hallambaker-mesh-security-00 10 Abstract 12 The Mathematical Mesh 'The Mesh' is an end-to-end secure 13 infrastructure that facilitates the exchange of configuration and 14 credential data between multiple user devices. The core protocols of 15 the Mesh are described with examples of common use cases and 16 reference data. 18 This document is also available online at 19 http://mathmesh.com/Documents/draft-hallambaker-mesh-security.html 20 [1] . 22 Status of This Memo 24 This Internet-Draft is submitted in full conformance with the 25 provisions of BCP 78 and BCP 79. 27 Internet-Drafts are working documents of the Internet Engineering 28 Task Force (IETF). Note that other groups may also distribute 29 working documents as Internet-Drafts. The list of current Internet- 30 Drafts is at https://datatracker.ietf.org/drafts/current/. 32 Internet-Drafts are draft documents valid for a maximum of six months 33 and may be updated, replaced, or obsoleted by other documents at any 34 time. It is inappropriate to use Internet-Drafts as reference 35 material or to cite them other than as "work in progress." 37 This Internet-Draft will expire on October 6, 2019. 39 Copyright Notice 41 Copyright (c) 2019 IETF Trust and the persons identified as the 42 document authors. All rights reserved. 44 This document is subject to BCP 78 and the IETF Trust's Legal 45 Provisions Relating to IETF Documents 46 (https://trustee.ietf.org/license-info) in effect on the date of 47 publication of this document. Please review these documents 48 carefully, as they describe your rights and restrictions with respect 49 to this document. Code Components extracted from this document must 50 include Simplified BSD License text as described in Section 4.e of 51 the Trust Legal Provisions and are provided without warranty as 52 described in the Simplified BSD License. 54 Table of Contents 56 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 5 57 2. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 5 58 2.1. Requirements Language . . . . . . . . . . . . . . . . . . 5 59 2.2. Defined Terms . . . . . . . . . . . . . . . . . . . . . . 5 60 2.3. Related Specifications . . . . . . . . . . . . . . . . . 5 61 2.4. Implementation Status . . . . . . . . . . . . . . . . . . 5 62 2.5. Shared Classes . . . . . . . . . . . . . . . . . . . . . 5 63 2.5.1. Structure: PublicKey . . . . . . . . . . . . . . . . 5 64 2.6. Mesh Profile Objects . . . . . . . . . . . . . . . . . . 6 65 2.6.1. Structure: Profile . . . . . . . . . . . . . . . . . 6 66 2.6.2. Keyset Classes . . . . . . . . . . . . . . . . . . . 6 67 2.6.3. Structure: EscrowedKeySet . . . . . . . . . . . . . . 6 68 2.6.4. Profile Classes . . . . . . . . . . . . . . . . . . . 6 69 2.6.5. Structure: ProfileMaster . . . . . . . . . . . . . . 6 70 2.6.6. Structure: ProfileDevice . . . . . . . . . . . . . . 7 71 2.6.7. Structure: ProfileApplication . . . . . . . . . . . . 7 72 2.6.8. Structure: ProfileMesh . . . . . . . . . . . . . . . 7 73 2.6.9. Structure: ProfileMeshDevicePublic . . . . . . . . . 8 74 2.6.10. Structure: ProfileMeshDevicePrivate . . . . . . . . . 8 75 2.6.11. Structure: DeviceRecryptionKey . . . . . . . . . . . 8 76 2.7. Common Structures . . . . . . . . . . . . . . . . . . . . 8 77 2.7.1. Structure: Permission . . . . . . . . . . . . . . . . 8 78 2.7.2. Structure: Contact . . . . . . . . . . . . . . . . . 9 79 2.7.3. Structure: Role . . . . . . . . . . . . . . . . . . . 10 80 2.7.4. Structure: Address . . . . . . . . . . . . . . . . . 10 81 2.7.5. Structure: Location . . . . . . . . . . . . . . . . . 10 82 2.7.6. Structure: Reference . . . . . . . . . . . . . . . . 11 83 2.8. Catalog Entries . . . . . . . . . . . . . . . . . . . . . 11 84 2.8.1. Structure: CatalogEntry . . . . . . . . . . . . . . . 11 85 2.8.2. Structure: CatalogEntryDevice . . . . . . . . . . . . 11 86 2.8.3. Structure: CatalogEntryCredential . . . . . . . . . . 11 87 2.8.4. Structure: CatalogEntryNetwork . . . . . . . . . . . 12 88 2.8.5. Structure: CatalogEntryContact . . . . . . . . . . . 12 89 2.8.6. Structure: CatalogEntryContactRecryption . . . . . . 13 90 2.8.7. Structure: CatalogEntryBookmark . . . . . . . . . . . 13 91 2.8.8. Structure: CatalogEntryTask . . . . . . . . . . . . . 13 92 2.8.9. Structure: Task . . . . . . . . . . . . . . . . . . . 13 93 2.8.10. Structure: CatalogEntryApplication . . . . . . . . . 14 94 2.8.11. Structure: CatalogEntryApplicationEntry . . . . . . . 15 95 2.8.12. Structure: CatalogEntryApplicationRecryption . . . . 15 96 2.8.13. Structure: CatalogEntryApplicationSSH . . . . . . . . 15 97 2.8.14. Structure: CatalogEntryApplicationMail . . . . . . . 15 98 2.8.15. Structure: CatalogEntryApplicationNetwork . . . . . . 15 99 2.9. Messages . . . . . . . . . . . . . . . . . . . . . . . . 15 100 2.9.1. Structure: MeshMessage . . . . . . . . . . . . . . . 15 101 2.9.2. Structure: MeshMessageComplete . . . . . . . . . . . 15 102 2.9.3. Structure: MessageConnectionRequest . . . . . . . . . 16 103 2.9.4. Structure: MessageConnectionPIN . . . . . . . . . . . 16 104 2.9.5. Structure: MessageContactRequest . . . . . . . . . . 17 105 2.9.6. Structure: MessageConfirmationRequest . . . . . . . . 17 106 2.9.7. Structure: MessageConfirmationResponse . . . . . . . 17 107 2.9.8. Structure: MessageTaskRequest . . . . . . . . . . . . 17 108 3. Mesh Portal Service Reference . . . . . . . . . . . . . . . . 17 109 3.1. Request Messages . . . . . . . . . . . . . . . . . . . . 18 110 3.1.1. Message: MeshRequest . . . . . . . . . . . . . . . . 18 111 3.2. Response Messages . . . . . . . . . . . . . . . . . . . . 18 112 3.2.1. Message: MeshResponse . . . . . . . . . . . . . . . . 18 113 3.3. Imported Objects . . . . . . . . . . . . . . . . . . . . 18 114 3.4. Common Structures . . . . . . . . . . . . . . . . . . . . 18 115 3.4.1. Structure: KeyValue . . . . . . . . . . . . . . . . . 18 116 3.4.2. Structure: SearchConstraints . . . . . . . . . . . . 19 117 3.5. Transaction: Hello . . . . . . . . . . . . . . . . . . . 19 118 3.6. Transaction: ValidateAccount . . . . . . . . . . . . . . 19 119 3.6.1. Message: ValidateRequest . . . . . . . . . . . . . . 20 120 3.6.2. Message: ValidateResponse . . . . . . . . . . . . . . 20 121 3.7. Transaction: CreateAccount . . . . . . . . . . . . . . . 21 122 3.7.1. Message: CreateRequest . . . . . . . . . . . . . . . 21 123 3.7.2. Message: CreateResponse . . . . . . . . . . . . . . . 21 124 3.8. Transaction: DeleteAccount . . . . . . . . . . . . . . . 21 125 3.8.1. Message: DeleteRequest . . . . . . . . . . . . . . . 22 126 3.8.2. Message: DeleteResponse . . . . . . . . . . . . . . . 22 127 3.9. Transaction: Get . . . . . . . . . . . . . . . . . . . . 22 128 3.9.1. Message: GetRequest . . . . . . . . . . . . . . . . . 22 129 3.9.2. Message: GetResponse . . . . . . . . . . . . . . . . 23 130 3.10. Transaction: Publish . . . . . . . . . . . . . . . . . . 23 131 3.10.1. Message: PublishRequest . . . . . . . . . . . . . . 23 132 3.10.2. Message: PublishResponse . . . . . . . . . . . . . . 24 133 3.11. Transaction: Status . . . . . . . . . . . . . . . . . . . 24 134 3.11.1. Message: StatusRequest . . . . . . . . . . . . . . . 24 135 3.11.2. Message: StatusResponse . . . . . . . . . . . . . . 24 136 3.12. Transaction: ConnectStart . . . . . . . . . . . . . . . . 25 137 3.12.1. Message: ConnectStartRequest . . . . . . . . . . . . 25 138 3.12.2. Message: ConnectStartResponse . . . . . . . . . . . 25 139 3.13. Transaction: ConnectStatus . . . . . . . . . . . . . . . 25 140 3.13.1. Message: ConnectStatusRequest . . . . . . . . . . . 26 141 3.13.2. Message: ConnectStatusResponse . . . . . . . . . . . 26 142 3.14. Transaction: ConnectPending . . . . . . . . . . . . . . . 26 143 3.14.1. Message: ConnectPendingRequest . . . . . . . . . . . 26 144 3.14.2. Message: ConnectPendingResponse . . . . . . . . . . 27 146 3.15. Transaction: ConnectComplete . . . . . . . . . . . . . . 27 147 3.15.1. Message: ConnectCompleteRequest . . . . . . . . . . 27 148 3.15.2. Message: ConnectCompleteResponse . . . . . . . . . . 27 149 3.16. Transaction: Transfer . . . . . . . . . . . . . . . . . . 28 150 3.16.1. Message: TransferRequest . . . . . . . . . . . . . . 28 151 3.16.2. Message: TransferResponse . . . . . . . . . . . . . 28 152 4. Assets . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 153 4.1. Data . . . . . . . . . . . . . . . . . . . . . . . . . . 28 154 4.2. Credentials . . . . . . . . . . . . . . . . . . . . . . . 29 155 4.3. Reputation . . . . . . . . . . . . . . . . . . . . . . . 29 156 4.3.1. Outbound Messaging Abuse () . . . . . . . . . . . . . 29 157 5. Risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 158 5.1. Confidentiality . . . . . . . . . . . . . . . . . . . . . 29 159 5.1.1. Privacy . . . . . . . . . . . . . . . . . . . . . . . 29 160 5.2. Integrity . . . . . . . . . . . . . . . . . . . . . . . . 29 161 5.3. Availability . . . . . . . . . . . . . . . . . . . . . . 29 162 5.3.1. Data loss . . . . . . . . . . . . . . . . . . . . . . 29 163 5.3.2. Partial data survivability . . . . . . . . . . . . . 29 164 5.4. Inbound Messaging Abuse (Spam) . . . . . . . . . . . . . 29 165 6. Threats . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 166 6.1. End point Compromise . . . . . . . . . . . . . . . . . . 29 167 6.2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 168 7. Controls . . . . . . . . . . . . . . . . . . . . . . . . . . 30 169 7.1. Cryptographic . . . . . . . . . . . . . . . . . . . . . . 30 170 7.1.1. Triple lock . . . . . . . . . . . . . . . . . . . . . 30 171 7.1.2. Key Protection . . . . . . . . . . . . . . . . . . . 30 172 7.1.3. Key and Nonce Generation . . . . . . . . . . . . . . 31 173 7.1.4. Key Escrow and Recovery . . . . . . . . . . . . . . . 31 174 7.1.5. Profile Verification . . . . . . . . . . . . . . . . 31 175 7.1.6. Identity Validation . . . . . . . . . . . . . . . . . 31 176 7.1.7. Trust Broker Accountability . . . . . . . . . . . . . 31 177 7.2. Mesh Messaging . . . . . . . . . . . . . . . . . . . . . 31 178 7.2.1. Ingress Control . . . . . . . . . . . . . . . . . . . 31 179 7.2.2. Egress Control . . . . . . . . . . . . . . . . . . . 32 180 7.2.3. Security Signal . . . . . . . . . . . . . . . . . . . 32 181 7.2.4. Accountability . . . . . . . . . . . . . . . . . . . 32 182 8. Security Considerations . . . . . . . . . . . . . . . . . . . 32 183 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32 184 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 32 185 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 33 186 11.1. Normative References . . . . . . . . . . . . . . . . . . 33 187 11.2. Informative References . . . . . . . . . . . . . . . . . 33 188 11.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 33 189 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 33 191 1. Introduction 193 2. Definitions 195 This section presents the related specifications and standard, the 196 terms that are used as terms of art within the documents and the 197 terms used as requirements language. 199 2.1. Requirements Language 201 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 202 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 203 document are to be interpreted as described in [RFC2119] . 205 2.2. Defined Terms 207 The terms of art used in this document are described in the Mesh 208 Architecture Guide [draft-hallambaker-mesh-architecture] . 210 2.3. Related Specifications 212 The architecture of the Mathematical Mesh is described in the Mesh 213 Architecture Guide [draft-hallambaker-mesh-architecture] . The Mesh 214 documentation set and related specifications are described in this 215 document. 217 2.4. Implementation Status 219 The implementation status of the reference code base is described in 220 the companion document [draft-hallambaker-mesh-developer] . 222 2.5. Shared Classes 224 The following classes are used as common elements in Mesh profile 225 specifications.a 227 2.5.1. Structure: PublicKey 229 The PublicKey class is used to describe public key pairs and trust 230 assertions associated with a public key. 232 UDF: String (Optional) UDF fingerprint of the public key parameters/ 234 X509Certificate: Binary (Optional) List of X.509 Certificates 236 X509Chain: Binary [0..Many] X.509 Certificate chain. 238 X509CSR: Binary (Optional) X.509 Certificate Signing Request. 240 2.6. Mesh Profile Objects 242 Base class for all Mesh Profile objects. 244 2.6.1. Structure: Profile 246 Parent class from which all profile types are derived 248 Names: String [0..Many] Fingerprints of index terms for profile 249 retrieval. The use of the fingerprint of the name rather than the 250 name itself is a precaution against enumeration attacks and other 251 forms of abuse. 253 Updated: DateTime (Optional) The time instant the profile was last 254 modified. 256 NotaryToken: String (Optional) A Uniform Notary Token providing 257 evidence that a signature was performed after the notary token was 258 created. 260 2.6.2. Keyset Classes 262 2.6.3. Structure: EscrowedKeySet 264 A set of escrowed keys. 266 [No fields] 268 2.6.4. Profile Classes 270 2.6.5. Structure: ProfileMaster 272 Inherits: Profile 274 Describes the long term parameters associated with a personal 275 profile. 277 This profile MUST be signed by 279 MasterSignatureKey: PublicKey (Optional) The root of trust for the 280 Personal PKI, the public key of the PMSK is presented as a self- 281 signed X.509v3 certificate with Certificate Signing use enabled. 282 The PMSK is used to sign certificates for the PMEK, POSK and PKEK 283 keys. 285 MasterEscrowKeys: PublicKey [0..Many] A Personal Profile MAY contain 286 one or more PMEK keys to enable escrow of private keys used for 287 stored data. 289 OnlineSignatureKeys: PublicKey [0..Many] A Personal profile contains 290 at least one OSK which is used to sign device administration 291 application profiles. 293 2.6.6. Structure: ProfileDevice 295 Inherits: Profile 297 Describes a mesh device. 299 This profile MUST be signed by the DeviceSignatureKey 301 Description: String (Optional) Description of the device 303 DeviceSignatureKey: PublicKey (Optional) Key used to sign 304 certificates for the DAK and DEK. The fingerprint of the DSK is 305 the UniqueID of the Device Profile 307 DeviceAuthenticationKey: PublicKey (Optional) Key used to 308 authenticate requests made by the device. 310 DeviceEncryptionKey: PublicKey (Optional) Key used to pass encrypted 311 data to the device such as a DeviceUseEntry 313 2.6.7. Structure: ProfileApplication 315 Inherits: Profile 317 Contains the public description of a Mesh application. 319 [No fields] 321 2.6.8. Structure: ProfileMesh 323 Inherits: ProfileApplication 325 Contains the binding of a device to a MasterProfile. Each device has 326 a separate profile which MUST be signed by an OnlineSignatureKey 328 Account: String (Optional) Account address. 330 MasterProfile: DareMessage (Optional) Master profile of the account 331 being registered. 333 AccountEncryptionKey: PublicKey (Optional) Key used to encrypt data 334 under this profile 336 2.6.9. Structure: ProfileMeshDevicePublic 338 Inherits: ProfileApplication 340 Inherits: ProfileApplication 342 DeviceProfile: DareMessage (Optional) Device profile of the device 343 making the request. 345 Permissions: Permission [0..Many] List of the permissions that the 346 device has been granted. 348 2.6.10. Structure: ProfileMeshDevicePrivate 350 Inherits: ProfileApplication 352 Inherits: ProfileApplication 354 Permissions: Permission [0..Many] List of the permissions that the 355 device has been granted. 357 ProfileNonce: Binary (Optional) Random nonce used to mask the 358 fingerprint of the profile UDF. 360 ProfileWitness: Binary (Optional) Witness value calculated over the 361 ProfileNonce and profile UDF 363 2.6.11. Structure: DeviceRecryptionKey 365 UDF: String (Optional) The fingerprint of the encryption key 367 RecryptionKey: PublicKey (Optional) The recryption key 369 DeviceRecryptionKeyEncrypted: DareMessage (Optional) The decryption 370 key encrypted under the user's device key. 372 2.7. Common Structures 374 2.7.1. Structure: Permission 376 Name: String (Optional) 378 Name: String (Optional) 380 Role: String (Optional) 382 Role: String (Optional) 383 Capabilities: DareMessage (Optional) Keys or key contributions 384 enabling the operation to be performed 386 2.7.2. Structure: Contact 388 Identifier: String (Optional) 390 Identifier: String (Optional) 392 Account: String (Optional) 394 Account: String (Optional) 396 FullName: String (Optional) 398 FullName: String (Optional) 400 Title: String (Optional) 402 Title: String (Optional) 404 First: String (Optional) 406 First: String (Optional) 408 Middle: String (Optional) 410 Middle: String (Optional) 412 Last: String (Optional) 414 Last: String (Optional) 416 Suffix: String (Optional) 418 Suffix: String (Optional) 420 Labels: String [0..Many] 422 Labels: String [0..Many] 424 Addresses: Address [0..Many] 426 Addresses: Address [0..Many] 428 Locations: Location [0..Many] 430 Locations: Location [0..Many] 431 Roles: Role [0..Many] 433 2.7.3. Structure: Role 435 CompanyName: String (Optional) 437 CompanyName: String (Optional) 439 Addresses: Address [0..Many] 441 Addresses: Address [0..Many] 443 Locations: Location [0..Many] 445 2.7.4. Structure: Address 447 URI: String (Optional) 449 URI: String (Optional) 451 Labels: String [0..Many] 453 2.7.5. Structure: Location 455 Appartment: String (Optional) 457 Appartment: String (Optional) 459 Street: String (Optional) 461 Street: String (Optional) 463 District: String (Optional) 465 District: String (Optional) 467 Locality: String (Optional) 469 Locality: String (Optional) 471 County: String (Optional) 473 County: String (Optional) 475 Postcode: String (Optional) 477 Postcode: String (Optional) 478 Country: String (Optional) 480 2.7.6. Structure: Reference 482 MessageID: String (Optional) The received message to which this is a 483 response 485 ResponseID: String (Optional) Message that was generated in response 486 to the original (optional). 488 Relationship: String (Optional) The relationship type. This can be 489 Read, Unread, Accept, Reject. 491 2.8. Catalog Entries 493 2.8.1. Structure: CatalogEntry 495 [No fields] 497 2.8.2. Structure: CatalogEntryDevice 499 Inherits: CatalogEntry 501 Public device entry, indexed under the device ID 503 Account: String (Optional) The Account to which this entry binds 504 this device. 506 UDF: String (Optional) UDF of the signature key 508 AuthUDF: String (Optional) UDF of the authentication ID 510 ProfileMeshDevicePublicSigned: DareMessage (Optional) The device 511 profile 513 ProfileMeshDevicePrivateEncrypted: DareMessage (Optional) The device 514 profile 516 DeviceRecryptionKeys: DeviceRecryptionKey [0..Many] Decryption key 517 entries. 519 2.8.3. Structure: CatalogEntryCredential 521 Inherits: CatalogEntry 523 Inherits: CatalogEntry 525 Protocol: String (Optional) 526 Protocol: String (Optional) 528 Service: String (Optional) 530 Service: String (Optional) 532 Username: String (Optional) 534 Username: String (Optional) 536 Password: String (Optional) 538 2.8.4. Structure: CatalogEntryNetwork 540 Inherits: CatalogEntry 542 Inherits: CatalogEntry 544 Protocol: String (Optional) 546 Protocol: String (Optional) 548 Service: String (Optional) 550 Service: String (Optional) 552 Username: String (Optional) 554 Username: String (Optional) 556 Password: String (Optional) 558 2.8.5. Structure: CatalogEntryContact 560 Inherits: CatalogEntry 562 Inherits: CatalogEntry 564 Key: String (Optional) Unique key. 566 Permissions: Permission [0..Many] List of the permissions that the 567 contact has been granted. 569 Contact: DareMessage (Optional) The (signed) contact data. 571 2.8.6. Structure: CatalogEntryContactRecryption 573 Inherits: CatalogEntryContact 575 [No fields] 577 2.8.7. Structure: CatalogEntryBookmark 579 Inherits: CatalogEntry 581 Inherits: CatalogEntry 583 Uri: String (Optional) 585 Uri: String (Optional) 587 Title: String (Optional) 589 Title: String (Optional) 591 Path: String (Optional) 593 2.8.8. Structure: CatalogEntryTask 595 Inherits: CatalogEntry 597 Inherits: CatalogEntry 599 Task: DareMessage (Optional) 601 Task: DareMessage (Optional) 603 Key: String (Optional) Unique key. 605 2.8.9. Structure: Task 607 Key: String (Optional) Unique key. 609 Start: DateTime (Optional) 611 Start: DateTime (Optional) 613 Finish: DateTime (Optional) 615 Finish: DateTime (Optional) 617 StartTravel: String (Optional) 618 StartTravel: String (Optional) 620 FinishTravel: String (Optional) 622 FinishTravel: String (Optional) 624 TimeZone: String (Optional) 626 TimeZone: String (Optional) 628 Title: String (Optional) 630 Title: String (Optional) 632 Description: String (Optional) 634 Description: String (Optional) 636 Location: String (Optional) 638 Location: String (Optional) 640 Trigger: String [0..Many] 642 Trigger: String [0..Many] 644 Conference: String [0..Many] 646 Conference: String [0..Many] 648 Repeat: String (Optional) 650 Repeat: String (Optional) 652 Busy: Boolean (Optional) 654 2.8.10. Structure: CatalogEntryApplication 656 Inherits: CatalogEntry 658 Inherits: CatalogEntry 660 Key: String (Optional) 662 2.8.11. Structure: CatalogEntryApplicationEntry 664 [No fields] 666 2.8.12. Structure: CatalogEntryApplicationRecryption 668 [No fields] 670 2.8.13. Structure: CatalogEntryApplicationSSH 672 [No fields] 674 2.8.14. Structure: CatalogEntryApplicationMail 676 [No fields] 678 2.8.15. Structure: CatalogEntryApplicationNetwork 680 [No fields] 682 2.9. Messages 684 2.9.1. Structure: MeshMessage 686 MessageID: String (Optional) 688 MessageID: String (Optional) 690 Sender: String (Optional) 692 Sender: String (Optional) 694 Recipient: String (Optional) 696 Recipient: String (Optional) 698 References: Reference [0..Many] 700 2.9.2. Structure: MeshMessageComplete 702 Inherits: MeshMessage 704 [No fields] 706 2.9.3. Structure: MessageConnectionRequest 708 Inherits: MeshMessage 710 Inherits: MeshMessage 712 Account: String (Optional) 714 Account: String (Optional) 716 DeviceProfile: DareMessage (Optional) Device profile of the device 717 making the request. 719 ClientNonce: Binary (Optional) 721 ClientNonce: Binary (Optional) 723 ServerNonce: Binary (Optional) 725 ServerNonce: Binary (Optional) 727 Witness: String (Optional) 729 Witness: String (Optional) 731 PinID: String (Optional) Pin identifier used to identify a PIN 732 authenticated request. 734 2.9.4. Structure: MessageConnectionPIN 736 Inherits: MeshMessage 738 Inherits: MeshMessage 740 Account: String (Optional) 742 Account: String (Optional) 744 Expires: DateTime (Optional) 746 Expires: DateTime (Optional) 748 PIN: String (Optional) 750 2.9.5. Structure: MessageContactRequest 752 Inherits: MeshMessage 754 Inherits: MeshMessage 756 Contact: DareMessage (Optional) The contact data. 758 2.9.6. Structure: MessageConfirmationRequest 760 Inherits: MeshMessage 762 Inherits: MeshMessage 764 Text: String (Optional) 766 2.9.7. Structure: MessageConfirmationResponse 768 Inherits: MeshMessage 770 Inherits: MeshMessage 772 ResponseID: String (Optional) 774 ResponseID: String (Optional) 776 Accept: Boolean (Optional) 778 2.9.8. Structure: MessageTaskRequest 780 Inherits: MeshMessage 782 [No fields] 784 3. Mesh Portal Service Reference 786 HTTP Well Known Service Prefix: /.well-known/mmm 788 Every Mesh Portal Service transaction consists of exactly one request 789 followed by exactly one response. Mesh Service transactions MAY 790 cause modification of the data stored in the Mesh Portal or the Mesh 791 itself but do not cause changes to the connection state. The 792 protocol itself is thus idempotent. There is no set sequence in 793 which operations are required to be performed. It is not necessary 794 to perform a Hello transaction prior to a ValidateAccount, Publish or 795 any other transaction. 797 3.1. Request Messages 799 A Mesh Portal Service request consists of a payload object that 800 inherits from the MeshRequest class. When using the HTTP binding, 801 the request MUST specify the portal DNS address in the HTTP Host 802 field. 804 3.1.1. Message: MeshRequest 806 Base class for all request messages. 808 Portal: String (Optional) Name of the Mesh Portal Service to which 809 the request is directed. 811 3.2. Response Messages 813 A Mesh Portal Service response consists of a payload object that 814 inherits from the MeshResponse class. When using the HTTP binding, 815 the response SHOULD report the Status response code in the HTTP 816 response message. However the response code returned in the payload 817 object MUST always be considered authoritative. 819 3.2.1. Message: MeshResponse 821 Base class for all response messages. Contains only the status code 822 and status description fields. 824 [No fields] 826 3.3. Imported Objects 828 The Mesh Service protocol makes use of JSON objects defined in the 829 JOSE Signatgure and Encryption specifications. 831 3.4. Common Structures 833 The following common structures are used in the protocol messages: 835 3.4.1. Structure: KeyValue 837 Describes a Key/Value structure used to make queries for records 838 matching one or more selection criteria. 840 Key: String (Optional) The data retrieval key. 842 Value: String (Optional) The data value to match. 844 3.4.2. Structure: SearchConstraints 846 Specifies constraints to be applied to a search result. These allow 847 a client to limit the number of records returned, the quantity of 848 data returned, the earliest and latest data returned, etc. 850 NotBefore: DateTime (Optional) Only data published on or after the 851 specified time instant is requested. 853 Before: DateTime (Optional) Only data published before the specified 854 time instant is requested. This excludes data published at the 855 specified time instant. 857 MaxEntries: Integer (Optional) Maximum number of data entries to 858 return. 860 MaxBytes: Integer (Optional) Maximum number of data bytes to return. 862 PageKey: String (Optional) Specifies a page key returned in a 863 previous search operation in which the number of responses 864 exceeded the specified bounds. 866 When a page key is specified, all the other search parameters 867 except for MaxEntries and MaxBytes are ignored and the service 868 returns the next set of data responding to the earlier query. 870 3.5. Transaction: Hello 872 Request: HelloRequest 874 Request: HelloRequest 876 Response: HelloResponse 878 Report service and version information. 880 The Hello transaction provides a means of determining which protocol 881 versions, message encodings and transport protocols are supported by 882 the service. 884 3.6. Transaction: ValidateAccount 886 Request: ValidateRequest 888 Request: ValidateRequest 890 Response: ValidateResponse 891 Request validation of a proposed name for a new account. 893 For validation of a user's account name during profile creation. 895 3.6.1. Message: ValidateRequest 897 Inherits: MeshRequest 899 Describes the proposed account properties. Currently, these are 900 limited to the account name but could be extended in future versions 901 of the protocol. 903 Account: String (Optional) Account name requested 905 Reserve: Boolean (Optional) If true, request a reservation for the 906 specified account name. Note that the service is not obliged to 907 honor reservation requests. 909 Language: String [0..Many] List of ISO language codes in order of 910 preference. For creating explanatory text. 912 3.6.2. Message: ValidateResponse 914 Inherits: MeshResponse 916 States whether the proposed account properties are acceptable and 917 (optional) returns an indication of what properties are valid. 919 Note that receiving a 'Valid' responseto a Validate Request does not 920 guarantee creation of the account. In addition to the possibility 921 that the account namecould be requested by another user between the 922 Validate and Create transactions, a portal service MAY perform more 923 stringent validation criteria when an account is actually being 924 created. For example, checking with the authoritative list of 925 current accounts rather than a cached copy. 927 Valid: Boolean (Optional) If true, the specified account identifier 928 is acceptable. If false, the account identifier is rejected. 930 Minimum: Integer (Optional) Specifies the minimum length of an 931 account name. 933 Maximum: Integer (Optional) Specifies the maximum length of an 934 account name. 936 InvalidCharacters: String (Optional) A list of characters that the 937 service does not accept in account names. The list of characters 938 MAY not be exhaustive but SHOULD include any illegal characters in 939 the proposed account name. 941 Reason: String (Optional) Text explaining the reason an account name 942 was rejected. 944 3.7. Transaction: CreateAccount 946 Request: CreateRequest 948 Request: CreateRequest 950 Response: CreateResponse 952 Request creation of a new portal account. 954 Unlike a profile, a mesh account is specific to a particular Mesh 955 portal. A mesh account must be created and accepted before a profile 956 can be published. 958 3.7.1. Message: CreateRequest 960 Request creation of a new portal account. The request specifies the 961 requested account identifier and the Mesh profile to be associated 962 with the account. 964 Inherits: MeshRequest 966 Inherits: MeshRequest 968 Account: String (Optional) Account identifier requested. 970 3.7.2. Message: CreateResponse 972 Inherits: MeshResponse 974 Reports the success or failure of a Create transaction. 976 [No fields] 978 3.8. Transaction: DeleteAccount 980 Request: DeleteRequest 982 Request: DeleteRequest 984 Response: DeleteResponse 985 Request deletion of a portal account. 987 Deletes a portal account but not the underlying profile. Once 988 registered, profiles are permanent. 990 3.8.1. Message: DeleteRequest 992 Request deletion of a new portal account. The request specifies the 993 requested account identifier. 995 Inherits: MeshRequest 997 Inherits: MeshRequest 999 Account: String (Optional) Account identifier to be deleted. 1001 3.8.2. Message: DeleteResponse 1003 Inherits: MeshResponse 1005 Reports the success or failure of a Delete transaction. 1007 [No fields] 1009 3.9. Transaction: Get 1011 Request: GetRequest 1013 Request: GetRequest 1015 Response: GetResponse 1017 Search for data in the mesh that matches a set of properties 1018 described by a sequence of key/value pairs. 1020 3.9.1. Message: GetRequest 1022 Describes the Portal or Mesh data to be retreived. 1024 Inherits: MeshRequest 1026 Inherits: MeshRequest 1028 Identifier: String (Optional) Lookup by profile ID 1030 Account: String (Optional) Lookup by Account ID 1031 KeyValues: KeyValue [0..Many] List of KeyValue pairs specifying the 1032 conditions to be met 1034 SearchConstraints: SearchConstraints (Optional) Constrain the search 1035 to a specific time interval and/or limit the number and/or total 1036 size of data records returned. 1038 Multiple: Boolean (Optional) If true return multiple responses if 1039 available 1041 Full: Boolean (Optional) If true, the client requests that the full 1042 Mesh data record be returned containing both the Mesh entry itself 1043 and the Mesh metadata that allows the date and time of the 1044 publication of the Mesh entry to be verified. 1046 3.9.2. Message: GetResponse 1048 Reports the success or failure of a Get transaction. If a Mesh entry 1049 matching the specified profile is found, containsthe list of entries 1050 matching the request. 1052 Inherits: MeshResponse 1054 Inherits: MeshResponse 1056 DataItems: DataItem [0..Many] List of mesh data records matching the 1057 request. 1059 PageKey: String (Optional) If non-null, indicates that the number 1060 and/or size of the data records returned exceeds either the 1061 SearchConstraints specified in the request or internal server 1062 limits. 1064 3.10. Transaction: Publish 1066 Request: PublishRequest 1068 Request: PublishRequest 1070 Response: PublishResponse 1072 Publish a profile or key escrow entry to the mesh. 1074 3.10.1. Message: PublishRequest 1076 Requests publication of the specified Mesh entry. 1078 Inherits: MeshRequest 1080 [No fields] 1082 3.10.2. Message: PublishResponse 1084 Reports the success or failure of a Publish transaction. 1086 Inherits: MeshResponse 1088 [No fields] 1090 3.11. Transaction: Status 1092 Request: StatusRequest 1094 Request: StatusRequest 1096 Response: StatusResponse 1098 Request the current status of the mesh as seen by the portal to which 1099 it is directed. 1101 The response to the status request contains the last signed 1102 checkpoint and proof chains for each of the peer portals that have 1103 been checkpointed. 1105 [Not currently implemented] 1107 3.11.1. Message: StatusRequest 1109 Inherits: MeshRequest 1111 Initiates a status transaction. 1113 [No fields] 1115 3.11.2. Message: StatusResponse 1117 Reports the success or failure of a Status transaction. 1119 Inherits: MeshResponse 1121 Inherits: MeshResponse 1123 LastWriteTime: DateTime (Optional) Time that the last write update 1124 was made to the Mesh 1126 LastCheckpointTime: DateTime (Optional) Time that the last Mesh 1127 checkpoint was calculated. 1129 NextCheckpointTime: DateTime (Optional) Time at which the next Mesh 1130 checkpoint should be calculated. 1132 CheckpointValue: String (Optional) Last checkpoint value. 1134 3.12. Transaction: ConnectStart 1136 Request: ConnectStartRequest 1138 Request: ConnectStartRequest 1140 Response: ConnectStartResponse 1142 Request connection of a new device to a mesh profile 1144 3.12.1. Message: ConnectStartRequest 1146 Inherits: MeshRequest 1148 Initial device connection request. 1150 SignedRequest: SignedConnectionRequest (Optional) Device connection 1151 request signed by thesignature key of the device requesting 1152 connection. 1154 AccountID: String (Optional) Account identifier of account to which 1155 the device is requesting connection. 1157 3.12.2. Message: ConnectStartResponse 1159 Reports the success or failure of a ConnectStart transaction. 1161 Inherits: MeshRequest 1163 [No fields] 1165 3.13. Transaction: ConnectStatus 1167 Request: ConnectStatusRequest 1169 Request: ConnectStatusRequest 1171 Response: ConnectStatusResponse 1173 Request status of pending connection request of a new device to a 1174 mesh profile 1176 3.13.1. Message: ConnectStatusRequest 1178 Inherits: MeshRequest 1180 Request status information for a pending request posted previously. 1182 AccountID: String (Optional) Account identifier for which pending 1183 connection information is requested. 1185 DeviceID: String (Optional) Device identifier of device requesting 1186 status information. 1188 3.13.2. Message: ConnectStatusResponse 1190 Reports the success or failure of a ConnectStatus transaction. 1192 Inherits: MeshRequest 1194 Inherits: MeshRequest 1196 Result: SignedConnectionResult (Optional) The signed 1197 ConnectionResult object. 1199 3.14. Transaction: ConnectPending 1201 Request: ConnectPendingRequest 1203 Request: ConnectPendingRequest 1205 Response: ConnectPendingResponse 1207 Request a list of pending requests for an administration profile. 1209 3.14.1. Message: ConnectPendingRequest 1211 Inherits: MeshRequest 1213 Specify the criteria for pending requests. 1215 AccountID: String (Optional) The account identifier of the account 1216 for which pending connection requests are requested. 1218 SearchConstraints: SearchConstraints (Optional) Constrain the search 1219 to a specific time interval and/or limit the number and/or total 1220 size of data records returned. 1222 3.14.2. Message: ConnectPendingResponse 1224 Reports the success or failure of a ConnectPending transaction. 1226 Inherits: MeshRequest 1228 Inherits: MeshRequest 1230 Pending: SignedConnectionRequest [0..Many] A list of pending 1231 requests satisfying the criteria set out in the request. 1233 PageKey: String (Optional) If non-null, indicates that the number 1234 and/or size of the data records returned exceeds either the 1235 SearchConstraints specified in the request or internal server 1236 limits. 1238 3.15. Transaction: ConnectComplete 1240 Request: ConnectCompleteRequest 1242 Request: ConnectCompleteRequest 1244 Response: ConnectCompleteResponse 1246 Post response to a pending connection request. 1248 3.15.1. Message: ConnectCompleteRequest 1250 Reports the success or failure of a ConnectComplete transaction. 1252 Inherits: MeshRequest 1254 Inherits: MeshRequest 1256 Result: SignedConnectionResult (Optional) The connection result to 1257 be posted to the portal. The result MUST be signed by a valid 1258 administration key for the Mesh profile. 1260 AccountID: String (Optional) The account identifier to which the 1261 connection result is posted. 1263 3.15.2. Message: ConnectCompleteResponse 1265 Inherits: MeshRequest 1267 Reports the success or failure of a ConnectComplete transaction. 1269 [No fields] 1271 3.16. Transaction: Transfer 1273 Request: TransferRequest 1275 Request: TransferRequest 1277 Response: TransferResponse 1279 Perform a bulk transfer of the log between the specified transaction 1280 identifiers. Requires appropriate authorization 1282 [Not currently implemented] 1284 3.16.1. Message: TransferRequest 1286 Request a bulk transfer of the log between the specified transaction 1287 identifiers. Requires appropriate authorization 1289 Inherits: MeshRequest 1291 Inherits: MeshRequest 1293 SearchConstraints: SearchConstraints (Optional) Constrain the search 1294 to a specific time interval and/or limit the number and/or total 1295 size of data records returned. 1297 3.16.2. Message: TransferResponse 1299 Inherits: MeshResponse 1301 Reports the success or failure of a Transfer transaction. If 1302 successful, contains the list of Mesh records to be transferred. 1304 DataItems: DataItem [0..Many] List of mesh data records matching the 1305 request. 1307 PageKey: String (Optional) If non-null, indicates that the number 1308 and/or size of the data records returned exceeds either the 1309 SearchConstraints specified in the request or internal server 1310 limits. 1312 4. Assets 1314 4.1. Data 1315 4.2. Credentials 1317 4.3. Reputation 1319 4.3.1. Outbound Messaging Abuse () 1321 5. Risks 1323 5.1. Confidentiality 1325 Is a regulatory requirement GDPR/HIPPA 1327 5.1.1. Privacy 1329 Stronger requirement, given data but with restrictions on use 1331 Unintended use within an organization may put it in default 1333 GDPR 1335 HIPPA 1337 5.2. Integrity 1339 Modification of data enables control breaches 1341 5.3. Availability 1343 5.3.1. Data loss 1345 Loss of the pictures of the kids at 5 1347 5.3.2. Partial data survivability 1349 Where they buried Aunt Agatha's jewelry but not where they buried 1350 Aunt Agatha. 1352 5.4. Inbound Messaging Abuse (Spam) 1354 6. Threats 1356 6.1. End point Compromise 1358 6.2. 1360 7. Controls 1362 7.1. Cryptographic 1364 7.1.1. Triple lock 1366 7.1.1.1. Transport Security 1368 Traffic analysis protection 1370 7.1.1.2. Message Security 1372 Access control 1374 Authentication / Integrity 1376 7.1.1.3. Data Level Security 1378 Data Confidentiality 1380 Non-Repudiation 1382 7.1.2. Key Protection 1384 Use of platform provided facilities to bind private keys in the 1385 Device profile to the device is highly desirable. Ideally, private 1386 keys should be protected against extraction by hardware techniques 1387 presenting a high degree of resistance. 1389 7.1.2.1. Windows 1391 Use encrypted key store 1393 Preferably use BitLocker 1395 7.1.2.2. OSX 1397 Use Key Ring 1399 7.1.2.3. iOS 1401 Use ??? 1403 7.1.2.4. Linux 1405 Use the DBUS mechanism 1407 7.1.2.5. Android 1409 Hope and prayers. 1411 7.1.3. Key and Nonce Generation 1413 Use strong mechanisms as described in RFC??? 1415 Use of key co-generation as described in part 8 is advised 1417 7.1.4. Key Escrow and Recovery 1419 Master profile keys should be escrowed 1421 Escrow strategies for DARE should take account of the fact that users 1422 may want some but not all their data assets to survive them. 1424 7.1.5. Profile Verification 1426 Check that the device credential has been signed by an administration 1427 device and that the administration device was properly authorized by 1428 the master profile. 1430 Device catalog MUST be signed by the admin device. 1432 Future ? provide protection against rollback attacks. 1434 7.1.6. Identity Validation 1436 See the separate document on the trust model 1438 7.1.7. Trust Broker Accountability 1440 Cert transparency type techniques 1442 7.2. Mesh Messaging 1444 7.2.1. Ingress Control 1446 Every message is subject to access control 1448 Mesh Services should perform abuse filtering on inbound mail 1450 Mesh Services MUST apply user specified ingress control as specified 1451 in their contacts catalog. 1453 7.2.2. Egress Control 1455 Some applications may require egress control 1457 For example, classified environments 1459 Mail too stupid to send 1461 7.2.3. Security Signal 1463 Confirmation messages requiring payments 1465 Need Accountability 1467 Need to know the source of the accountability assertions 1469 Should be distinguished from sender controlled part of a message 1471 7.2.3.1. Brand 1473 If messages are being sent on behalf of a corporate entity, this 1474 should be signaled to both sender and receiver 1476 Sender ? remind them that they are speaking on behalf of another 1477 party 1479 Receiver ? establish who is speaking by the familiar technique. 1481 7.2.4. Accountability 1483 Authentication and consequences 1485 8. Security Considerations 1487 This document comprises the security considerations for the use and 1488 implementation of the Mathematical Mesh. 1490 9. IANA Considerations 1492 All the IANA considerations for the Mesh documents are specified in 1493 this document 1495 10. Acknowledgements 1496 11. References 1498 11.1. Normative References 1500 [draft-hallambaker-mesh-architecture] 1501 Hallam-Baker, P., "Mathematical Mesh Part I: Architecture 1502 Guide", draft-hallambaker-mesh-architecture-06 (work in 1503 progress), August 2018. 1505 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1506 Requirement Levels", BCP 14, RFC 2119, 1507 DOI 10.17487/RFC2119, March 1997. 1509 11.2. Informative References 1511 [draft-hallambaker-mesh-developer] 1512 Hallam-Baker, P., "Mathematical Mesh: Reference 1513 Implementation", draft-hallambaker-mesh-developer-07 (work 1514 in progress), April 2018. 1516 11.3. URIs 1518 [1] http://mathmesh.com/Documents/draft-hallambaker-mesh- 1519 security.html 1521 Author's Address 1523 Phillip Hallam-Baker 1525 Email: phill@hallambaker.com