Zero Touch Provisioning for Networking DevicesJuniper Networkskwatsen@juniper.netT-Systemsmikael.abrahamsson@t-systems.seDeutsche Telekom AGian.farrer@telekom.de
Operations
NETCONF Working GroupzerotouchbootstrapsztpztpThis draft presents a technique to securely provision a networking
device when it is booting in a factory-default state. Variations
in the solution enables it to be used on both public and private
networks. The provisioning steps are able to update the boot image,
commit an initial configuration, and execute arbitrary scripts to
address auxiliary needs. The updated device is subsequently able
to establish secure connections with other systems. For instance,
a device may establish NETCONF (RFC 6241) and/or RESTCONF (RFC 8040)
connections with deployment-specific network management systems.This draft contains many placeholder values that need to be replaced
with finalized values at the time of publication. This note summarizes
all of the substitutions that are needed. No other
RFC Editor instructions are specified elsewhere in this document.Artwork in the IANA Considerations section contains placeholder
values for DHCP options pending IANA assignment. Please apply the
following replacements:
TBD1 --> the assigned value for id-ct-zerotouchInformationXMLTBD2 --> the assigned value for id-ct-zerotouchInformationJSONArtwork in this document contains shorthand references to drafts in
progress. Please apply the following replacements:
XXXX --> the assigned numerical RFC value for this draftArtwork in this document contains placeholder values for the date of publication of this
draft. Please apply the following replacement:
2018-09-05 --> the publication date of this draftThe following one Appendix section is to be removed prior to publication:
Appendix A. Change LogA fundamental business requirement for any network operator is
to reduce costs where possible. For network operators, deploying
devices to many locations can be a significant cost, as sending
trained specialists to each site for installations is both cost
prohibitive and does not scale.This document defines Secure Zero Touch Provisioning (SZTP),
a bootstrapping strategy enabling devices to securely obtain
bootstrapping data with no installer action beyond physical
placement and connecting network and power cables. As such,
SZTP enables non-technical personnel to bring up devices in
remote locations without the need for any operator input.The SZTP solution includes updating the boot image,
committing an initial configuration, and executing arbitrary scripts to
address auxiliary needs. The updated device is subsequently able to
establish secure connections with other systems. For instance, a
devices may establish NETCONF and/or RESTCONF
connections with deployment-specific network
management systems.This document primarily regards physical devices, where the setting
of the device's initial state, described in ,
occurs during the device's manufacturing process. The SZTP solution
may be extended to support virtual machines or other such logical
constructs, but details for how this can be accomplished is left
for future work.Device connecting to a remotely administered network
This use-case involves scenarios, such as a remote branch office
or convenience store, whereby a device connects as an access gateway
to an ISP's network. Assuming it is not possible to customize the
ISP's network to provide any bootstrapping support, and with no other
nearby device to leverage, the device has no recourse but to reach
out to an Internet-based bootstrap server to bootstrap from.Device connecting to a locally administered network
This use-case covers all other scenarios and differs only in that
the device may additionally leverage nearby devices, which may direct
it to use a local service to bootstrap from. If no such information
is available, or the device is unable to use the information provided,
it can then reach out to the network just as it would for the remotely
administered network use-case.Conceptual workflows for how SZTP might be deployed are
provided in .This document uses the following terms (sorted by name):
The term "artifact" is used throughout to represent
any of the three artifacts defined in (zero touch
information, ownership voucher, and owner certificate). These artifacts
collectively provide all the bootstrapping data a device may use.The term "bootstrapping data" is used
throughout this document to refer to the collection of data that a device
may obtain during the bootstrapping process. Specifically, it refers
to the three artifacts zero touch information, owner certificate, and
ownership voucher, as described in . The term "bootstrap server" is used within
this document to mean any RESTCONF server implementing the YANG module
defined in .The term "device" is used throughout this document
to refer to a network element that needs to be bootstrapped. See
for more information about devices.The term "manufacturer" is used herein to
refer to the manufacturer of a device or a delegate of the manufacturer.The acronym "NMS" is used
throughout this document to refer to the deployment specific management
system that the bootstrapping process is responsible for introducing devices to.
From a device's perspective, when the bootstrapping process has completed,
the NMS is a NETCONF or RESTCONF client.The term "onboarding information" is used
herein to refer to one of the two types of "zero touch information"
defined in this document, the other being "redirect information". Onboarding
information is formally defined by the "onboarding-information" YANG-data
structure in .The term "onboarding server" is used
herein to refer to a bootstrap server that only returns onboarding
information.The term "owner" is used throughout this document
to refer to the person or organization that purchased or otherwise owns
a device.The term "owner certificate" is used in
this document to represent an X.509 certificate that binds an owner identity
to a public key, which a device can use to validate a signature over the
zero touch information artifact. The owner certificate may be communicated
along with its chain of intermediate certificates leading up to a known
trust anchor. The owner certificate is one of the three bootstrapping
artifacts described in .The term "ownership voucher" is used in
this document to represent the voucher artifact defined in . The ownership voucher is used to
assign a device to an owner. The ownership voucher is one of
the three bootstrapping artifacts described in .The term "redirect information" is used
herein to refer to one of the two types of "zero touch information"
defined in this document, the other being "onboarding information". Redirect
information is formally defined by the "redirect-information" YANG-data
structure in .The term "redirect server" is used to refer
to a bootstrap server that only returns redirect information. A redirect
server is particularly useful when hosted by a manufacturer, as a
well-known (e.g., Internet-based) resource to redirect devices to
deployment-specific bootstrap servers.The term "signed data" is used throughout to mean
zero touch information that has been signed, specifically by a private key
possessed by a device's owner.The term "unsigned data" is used throughout to mean
zero touch information that has not been signed.The term "zero touch information" is used
herein to refer either redirect information or onboarding information.
Zero touch information is one of the three bootstrapping artifacts described in
.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED",
"MAY", and "OPTIONAL" in this document are to be interpreted as
described in BCP 14
when, and only when, they appear in all capitals, as shown here.Tree diagrams used in this document follow the notation
defined in .This document defines two types of information that devices can access during
the bootstrapping process. These information types are described in
this section. Examples are provided in Redirect information redirects a device to
another bootstrap server. Redirect information encodes a list of bootstrap
servers, each specifying the bootstrap server's hostname (or IP address),
an optional port, and an optional trust anchor certificate that the device
can use to authenticate the bootstrap server with.Redirect information is YANG modeled data formally defined by the
"redirect-information" container in the YANG module presented in
. This container has the tree
diagram shown below.Redirect information may be trusted or untrusted. The redirect information
is trusted whenever it is obtained via a secure connection to a trusted bootstrap
server, or whenever it is signed by the device's owner. In all other
cases, the redirect information is untrusted.Trusted redirect information is useful for enabling a device to establish
a secure connection to a specified bootstrap server, which is possible when the redirect
information includes the bootstrap server's trust anchor certificate.Untrusted redirect information is useful for directing a device to a bootstrap
server where signed data has been staged for it to obtain. Note that, when the
redirect information is untrusted, devices discard any potentially included trust
anchor certificates.How devices process redirect information is described in
.Onboarding information provides data necessary for a device
to bootstrap itself and establish secure connections with other
systems. As defined in this document, onboarding information can
specify details about the boot image a device must be running,
specify an initial configuration the device must commit, and
specify scripts that the device must successfully execute.Onboarding information is YANG modeled data formally defined by the
"onboarding-information" container in the YANG module presented in
. This container has the tree diagram
shown below.Onboarding information must be trusted for it to be of any use to a device.
There is no option for a device to process untrusted onboarding information.Onboarding information is trusted whenever it is obtained via a secure connection
to a trusted bootstrap server, or whenever it is signed by the device's
owner. In all other cases, the onboarding information is untrusted.How devices process onboarding information is described in
.This document defines three artifacts that can be made available
to devices while they are bootstrapping. Each source of bootstrapping
information specifies how it provides the artifacts
defined in this section (see ).The zero touch information artifact encodes the essential bootstrapping
data for the device. This artifact is used to encode the redirect
information and onboarding information types discussed in .The zero touch information artifact is a CMS structure, as described
in , encoded using ASN.1 distinguished encoding
rules (DER), as specified in ITU-T X.690 .
The CMS structure MUST contain content conforming to the
YANG module specified in .The zero touch information CMS structure may encode signed or
unsigned bootstrapping data. When the bootstrapping data is signed,
it may also be encrypted but, from a terminology perspective, it
is still "signed data" .When the zero touch information artifact is unsigned, as it might
be when communicated over trusted channels, the CMS structure's
top-most content type MUST be one of the OIDs described in
, or the OID id-data (1.2.840.113549.1.7.1),
in which case the encoding (JSON, XML, etc.) SHOULD be communicated
externally. In either case, the associated content is an octet
string containing "zerotouch-information" data in the expected
encoding.When the zero touch information artifact is signed, as it might
be when communicated over untrusted channels, the CMS structure's
top-most content type MUST be the OID id-signedData (1.2.840.113549.1.7.2),
and its inner eContentType MUST be one of the OIDs described in
, or the OID id-data (1.2.840.113549.1.7.1),
in which case the encoding (JSON, XML, etc.) SHOULD be communicated
externally. In either case, the associated content or eContent is
an octet string containing "zerotouch-information" data in the
expected encoding.When the zero touch information artifact is signed and encrypted,
as it might be when communicated over untrusted channels and
privacy is important, the CMS structure's top-most content type
MUST be the OID id-envelopedData (1.2.840.113549.1.7.3), and
the encryptedContentInfo's content type MUST be the OID id-signedData
(1.2.840.113549.1.7.2), whose eContentType MUST be one of the OIDs
described in , or the OID id-data
(1.2.840.113549.1.7.1), in which case the encoding (JSON, XML, etc.)
SHOULD be communicated externally. In either case, the associated
content or eContent is an octet string containing "zerotouch-information"
data in the expected encoding.The owner certificate artifact is an X.509 certificate
that is used to identify an "owner" (e.g.,
an organization). The owner certificate can be signed by any
certificate authority (CA). The owner certificate either MUST have
no Key Usage specified or the Key Usage MUST at least set the
"digitalSignature" bit. The values for the owner certificate's
"subject" and/or "subjectAltName" are not constrained by this
document.The owner certificate is used by a device to verify the signature over
the zero touch information artifact ()
that the device should have also received, as described in
. In particular, the device
verifies the signature using the public key in the owner certificate
over the content contained within the zero touch information artifact.The owner certificate artifact is formally a CMS structure, as
specified by , encoded using ASN.1
distinguished encoding rules (DER), as specified in ITU-T X.690
.The owner certificate CMS structure MUST contain the owner
certificate itself, as well as all intermediate certificates leading
to the "pinned-domain-cert" certificate specified in the ownership
voucher. The owner certificate artifact MAY optionally include the
"pinned-domain-cert" as well.In order to support devices deployed on private networks,
the owner certificate CMS structure MAY also contain suitably fresh,
as determined by local policy, revocation objects (e.g., CRLs).
Having these revocation objects stapled to the owner certificate may
obviate the need for the device to have to download them dynamically
using the CRL distribution point or an OCSP responder specified in
the associated certificates.When unencrypted, the owner certificate artifact's CMS structure's
top-most content type MUST be the OID id-signedData (1.2.840.113549.1.7.2).
The inner SignedData structure is the degenerate form, whereby there
are no signers, that is commonly used to disseminate certificates and
revocation objects.When encrypted, the owner certificate artifact's CMS structure's
top-most content type MUST be the OID id-envelopedData
(1.2.840.113549.1.7.3), and the encryptedContentInfo's content type
MUST be the OID id-signedData (1.2.840.113549.1.7.2), whereby the
inner SignedData structure is the degenerate form that has no signers
commonly used to disseminate certificates and revocation objects.The ownership voucher artifact is used to securely identify a device's
owner, as it is known to the manufacturer. The ownership voucher is signed
by the device's manufacturer.The ownership voucher is used to verify the owner certificate
() that the device should have also
received, as described in . In
particular, the device verifies that the owner certificate has a chain
of trust leading to the trusted certificate included in the ownership
voucher ("pinned-domain-cert"). Note that this relationship holds
even when the owner certificate is a self-signed certificate, and
hence also the pinned-domain-cert.When unencrypted, the ownership voucher artifact is as defined
in . As described, it is
a CMS structure whose top-most content type MUST be the OID
id-signedData (1.2.840.113549.1.7.2), whose eContentType MUST
be OID id-ct-animaJSONVoucher (1.2.840.113549.1.9.16.1), or the
OID id-data (1.2.840.113549.1.7.1), in which case the encoding
(JSON, XML, etc.) SHOULD be communicated externally. In either
case, the associated content is an octet string containing
ietf-voucher data in the expected encoding.When encrypted, the ownership voucher artifact's CMS structure's
top-most content type MUST be the OID id-envelopedData
(1.2.840.113549.1.7.3), and the encryptedContentInfo's content type
MUST be the OID id-signedData (1.2.840.113549.1.7.2), whose eContentType
MUST be OID id-ct-animaJSONVoucher (1.2.840.113549.1.9.16.1), or the OID
id-data (1.2.840.113549.1.7.1), in which case the encoding (JSON,
XML, etc.) SHOULD be communicated externally. In either case, the
associated content is an octet string containing ietf-voucher data
in the expected encoding.Each of the three artifacts MAY be individually encrypted. Encryption
may be important in some environments where the content is considered
sensitive.Each of the three artifacts are encrypted in the same way, by the
unencrypted form being encapsulated inside a CMS EnvelopedData type.As a consequence, both the zerotouch information and ownership
voucher artifacts are signed and then encrypted, never encrypted
and then signed.This sequencing has the advantage of shrouding the signer's
certificate, and ensuring that the owner knows the content being
signed. This sequencing further enables the owner to inspect an
unencrypted voucher obtained from a manufacturer and then encrypt
the voucher later themselves, perhaps while also stapling in
current revocation objects, when ready to place the artifact
in an unsafe location.When encrypted, the CMS MUST be encrypted using a secure device
identity certificate for the device. This certificate MAY be the
same as the TLS-level client certificate the device uses when
connecting to bootstrap servers. The owner must possess the
device's identity certificate at the time of encrypting the data.
How the owner comes to posses the device's identity certificate
for this purpose is outside the scope of this document.The previous sections discussed the bootstrapping artifacts,
but only certain groupings of these artifacts make sense to return in the
various bootstrapping situations described in this document. These groupings
are:
This grouping is useful for cases
when transport level security can be used to convey trust (e.g., HTTPS),
or when the information can be processed in a provisional manner (i.e.
unsigned redirect information).This grouping
is useful when signed information is needed, because it is obtained
from an untrusted source, and it cannot be processed provisionally,
and yet either revocations are not needed or they can be obtained
dynamically.This grouping
is useful when signed information is needed, because it is obtained
from an untrusted source, and it cannot be processed provisionally,
and revocations are needed and cannot be obtained dynamically.The artifacts associated with these groupings are described below:
This section defines some sources for bootstrapping data that a device
can access. The list of sources defined here is not meant to be exhaustive.
It is left to future documents to define additional sources for obtaining
bootstrapping data.For each source of bootstrapping data defined in this section, details
are given for how the three artifacts listed in
are provided.A directly attached removable storage device (e.g., a USB flash drive)
MAY be used as a source of zero touch bootstrapping data.Use of a removable storage device is compelling, as it does not require
any external infrastructure to work. It is notable that the raw boot
image file can also be located on the removable storage device, enabling
a removable storage device to be a fully self-standing bootstrapping
solution.To use a removable storage device as a source of bootstrapping data,
a device need only detect if the removable storage device is plugged in
and mount its filesystem.A removable storage device is an untrusted source of bootstrapping data.
This means that the information stored on the removable storage device
either MUST be signed or MUST be information that can be processed
provisionally (e.g., unsigned redirect information).From an artifact perspective, since a removable storage device presents
itself as a filesystem, the bootstrapping artifacts need to be presented
as files. The three artifacts defined in are
mapped to files below.Artifact to File Mapping:
Mapped to a file containing
the binary artifact described in
(e.g., zerotouch-information.cms).Mapped to a file containing the
binary artifact described in
(e.g., owner-certificate.cms).Mapped to a file containing the
binary artifact described in
(e.g., ownership-voucher.cms or ownership-voucher.vcj).The format of the removable storage device's filesystem and the naming of the
files are outside the scope of this document. However, in order to facilitate
interoperability, it is RECOMMENDED devices support open and/or standards based
filesystems. It is also RECOMMENDED that devices assume a file naming convention
that enables more than one instance of bootstrapping data (i.e., for different
devices) to exist on a removable storage device. The file naming convention
SHOULD additionally be unique to the manufacturer, in order to enable bootstrapping
data from multiple manufacturers to exist on a removable storage device.A DNS server MAY be used as a source of zero touch bootstrapping data.Using a DNS server may be a compelling option for deployments having
existing DNS infrastructure, as it enables a touchless bootstrapping option
that does not entail utilizing an Internet based resource hosted by a
3rd-party.To use a DNS server as a source of bootstrapping data, a device MAY
perform a multicast DNS query searching for the
service "_zerotouch._tcp.local.". Alternatively the device MAY perform
DNS-SD via normal DNS operation, using the domain
returned to it from the DHCP server; for example, searching for the service
"_zerotouch._tcp.example.com".Unsigned DNS records (e.g., not using DNSSEC as described in )
are an untrusted source of bootstrapping data. This means that the information
stored in the DNS records either MUST be signed, or MUST be information
that can be processed provisionally (e.g., unsigned redirect information).From an artifact perspective, since a DNS server presents resource records
(Section 3.2.1 of ), the bootstrapping artifacts need
to be presented as resource records. The three artifacts defined in
are mapped to resource records below.Artifact to Resource Record Mapping:
Mapped to a TXT record called "zt-info"
containing the base64-encoding of the binary artifact described in
.Mapped to a TXT record called
"zt-cert" containing the base64-encoding of the binary artifact
described in .Mapped to a TXT record called
"zt-voucher" containing the base64-encoding of the binary artifact
described in .TXT records have an upper size limit of 65535 bytes (Section 3.2.1
in RFC1035), since "RDLENGTH" is a 16-bit field. Please see Section
3.1.3 in RFC4408 for how a TXT record can achieve this size. Due to this
size limitation, some zero touch information artifacts may not fit. In particular,
onboarding information could hit this upper bound, depending
on the size of the included configuration and scripts.A DHCP server MAY be used as a source of zero touch bootstrapping data.Using a DHCP server may be a compelling option for deployments having
existing DHCP infrastructure, as it enables a touchless bootstrapping option
that does not entail utilizing an Internet based resource hosted by a
3rd-party.A DHCP server is an untrusted source of bootstrapping data. Thus the
information stored on the DHCP server either MUST be signed, or it MUST
be information that can be processed provisionally (e.g., unsigned redirect
information).However, unlike other sources of bootstrapping data described
in this document, the DHCP protocol (especially DHCP for IPv4) is very
limited in the amount of data that can be conveyed, to the extent that
signed data cannot be communicated. This means that only unsigned
redirect information can be conveyed via DHCP.Since the redirect information is unsigned, it SHOULD NOT include the
optional trust anchor certificate, as it takes up space in the DHCP
message, and the device would have to discard it anyway. For this
reason, the DHCP options defined in do
not enable the trust anchor certificate to be encoded.From an artifact perspective, the three artifacts defined in
are mapped to the DHCP fields specified in
as follows:
This artifact is not supported
directly. Instead, the essence of unsigned redirect information is
mapped to the DHCP options described in .Not supported. There is not enough
space in the DHCP packet to hold an owner certificate artifact.Not supported. There is not enough
space in the DHCP packet to hold an ownership voucher artifact.A bootstrap server MAY be used as a source of zero touch bootstrapping data.
A bootstrap server is defined as a RESTCONF
server implementing the YANG module provided in .Using a bootstrap server as a source of bootstrapping data is a compelling
option as it MAY use transport-level security, obviating the need for signed
data, which may be easier to deploy in some situations.Unlike any other source of bootstrapping data described in this document,
a bootstrap server is not only a source of data, but it can also receive data
from devices using the YANG-defined "report-progress" RPC defined in the YANG
module (). The "report-progress" RPC enables
visibility into the bootstrapping process (e.g., warnings and errors), and
provides potentially useful information upon completion (e.g., the device's
SSH host-keys).A bootstrap server may be a trusted or an untrusted source of bootstrapping
data, depending on if the device learned about the bootstrap server's trust
anchor from a trusted source. When a bootstrap server is trusted, the
information returned from it MAY be signed. However, when the server is
untrusted, in order for its information to be of any use to the device, the
bootstrap information either MUST be signed or MUST be information that can be
processed provisionally (e.g., unsigned redirect information).From an artifact perspective, since a bootstrap server presents data
conforming to a YANG data model, the bootstrapping artifacts need to be
mapped to YANG nodes. The three artifacts defined in
are mapped to "output" nodes of the "get-bootstrapping-data" RPC defined
in below.Artifact to Bootstrap Server Mapping:
Mapped to the "zerotouch-information"
leaf in the output of the "get-bootstrapping-data" RPC.Mapped to the "owner-certificate"
leaf in the output of the "get-bootstrapping-data" RPC.Mapped to the "ownership-voucher"
leaf in the output of the "get-bootstrapping-data" RPC.Zero touch bootstrap servers have only two endpoints, one for the
"get-bootstrapping-data" RPC and one for the "report-progress" RPC.
These RPCs use the authenticated RESTCONF username to isolate the
execution of the RPC from other devices.Devices supporting the bootstrapping strategy described in this
document MUST have the preconfigured state and bootstrapping logic
described in the following sections.Each numbered item below corresponds to a numbered item in the diagram above.
Devices MUST have a configurable variable that is used to enable/disable
zerotouch bootstrapping. This variable MUST be enabled by default in
order for zerotouch bootstrapping to run when the device first powers on.
Because it is a goal that the configuration installed by the bootstrapping
process disables zerotouch bootstrapping, and because the
configuration may be merged into the existing configuration, using a
configuration node that relies on presence is NOT RECOMMENDED, as it
cannot be removed by the merging process.Devices that support loading bootstrapping data from bootstrap servers
(see ) SHOULD possess a TLS-level client
certificate and any intermediate certificates leading to the certificate's
well-known trust-anchor. The well-known trust anchor certificate may
be an intermediate certificate or a self-signed root certificate. To
support devices not having a client certificate, devices MAY, alternatively
or in addition to, identify and authenticate themselves to the bootstrap
server using an HTTP authentication scheme, as allowed by Section 2.5 in
; however, this document does not define a
mechanism for operator input enabling, for example, the entering of
a password.Devices that support loading bootstrapping data from well-known
bootstrap servers MUST possess a list of the well-known bootstrap servers.
Consistent with redirect information (,
each bootstrap server can be identified by its hostname or IP address, and
an optional port.Devices that support loading bootstrapping data from well-known
bootstrap servers MUST also possess a list of trust anchor certificates
that can be used to authenticate the well-known bootstrap servers. For
each trust anchor certificate, if it is not itself a self-signed root
certificate, the device SHOULD also possess the chain of intermediate
certificates leading up to and including the self-signed root certificate.Devices that support loading signed data (see )
MUST possess the trust anchor certificates for validating ownership vouchers.
For each trust anchor certificate, if it is not itself a self-signed
root certificate, the device SHOULD also possess the chain of intermediate
certificates leading up to and including the self-signed root certificate.Devices that support using a TLS-level client certificate to identify
and authenticate themselves to a bootstrap server MUST possess the
private key that corresponds to the public key encoded in the TLS-level
client certificate. This private key SHOULD be securely stored, ideally
in a cryptographic processor (e.g., a TPM).Devices that support decrypting zerotouch artifacts MUST posses the
private key that corresponds to the public key encoded in the secure
device identity certificate used when encrypting the artifacts. This
private key SHOULD be securely stored, ideally in a cryptographic
processor (e.g., a TPM). This private key MAY be the same as the one
associated to the TLS-level client certificate used when connecting
to bootstrap servers.A YANG module representing this data is provided in
.A device claiming to support the bootstrapping strategy defined in this
document MUST support the boot sequence described in this section.Each numbered item below corresponds to a numbered item in the diagram above.
When the device powers on, it first checks to see if zerotouch bootstrapping
is configured, as is expected to be the case for the device's preconfigured
initial state. If zerotouch bootstrapping is not configured, then the device
boots normally.The device iterates over its list of sources for
bootstrapping data (). Details for
how to processes a source of bootstrapping data are provided
in .If the device is able to bootstrap itself from any of
the sources of bootstrapping data, it runs with the new
bootstrapped configuration.Otherwise the device MAY loop back through the list of
bootstrapping sources again and/or wait for manual provisioning.This section describes a recursive algorithm that devices can use to,
ultimately, obtain onboarding information. The algorithm is recursive
because sources of bootstrapping data may return redirect information,
which causes the algorithm to run again, for the newly discovered sources
of bootstrapping information. An expression that captures all possible
successful sequences of bootstrapping information is zero or more redirect
information responses, followed by one onboarding information response.An important aspect of the algorithm is knowing when data needs to be
signed or not. The following figure provides a summary of options:
The recursive algorithm uses a conceptual global-scoped variable
called "trust-state". The trust-state variable is initialized to FALSE.
The ultimate goal of this algorithm is for the device to process
onboarding information ()
while the trust-state variable is TRUE.If the source of bootstrapping data () is a
bootstrap server (), and the device is
able to authenticate the bootstrap server using X.509 certificate path
validation (, Section 6) to one of the device's
preconfigured trust anchors, or to a trust anchor that it learned
from a previous step, then the device MUST set trust-state to TRUE.When establishing a connection to a bootstrap server, whether
trusted or untrusted, the device MUST identify and authenticate
itself to the bootstrap server using a TLS-level client certificate
and/or an HTTP authentication scheme, per Section 2.5 in
. If both authentication mechanisms
are used, they MUST both identify the same serial number.When sending a client certificate, the device MUST also send all of
the intermediate certificates leading up to, and optionally including,
the client certificate's well-known trust anchor certificate.For any source of bootstrapping data (e.g., ),
if any artifact obtained is encrypted, the device MUST first decrypt it
using the private key associated with the device certificate used to
encrypt the artifact.If the zero touch information artifact is signed, and the device
is able to validate the signed data using the algorithm described in
, then the device MUST set
trust-state to TRUE; otherwise, if the device is unable to validate
the signed data, the device MUST set trust-state to FALSE. Note,
this is worded to cover the special case when signed data is returned
even from a trusted bootstrap server.If the zero touch information artifact contains onboarding information, and
trust-state is FALSE, the device MUST exit the recursive algorithm (as
this is not allowed, see the figure above), returning to the bootstrapping sequence
described in . Otherwise, the device MUST
attempt to process the onboarding information as described in
. In either case, success
or failure, the device MUST exit the recursive algorithm, returning to
the bootstrapping sequence described in , the only
difference being in how it responds to the "Able to bootstrap from any
source?" conditional described in the figure in the section.If the zero touch information artifact contains redirect information,
the device MUST, within limits of how many recursive loops the device
allows, process the redirect information as described in
. This is the recursion
step, it will cause the device to reenter this algorithm, but this time
the data source will definitely be a bootstrap server, as that is all
redirect information is able to redirect a device to.Whenever a device is presented signed data, it MUST validate the
signed data as described in this section. This includes the case
where the signed data is provided by a trusted source.Whenever there is signed data, the device MUST also be provided
an ownership voucher and an owner certificate. How all the needed
artifacts are provided for each source of bootstrapping data is
described in .In order to validate signed data, the device MUST first
authenticate the ownership voucher by validating its signature to one
of its preconfigured trust anchors (see ),
which may entail using additional intermediate certificates attached
to the ownership voucher. If the device has an accurate clock,
it MUST verify that the ownership voucher was created in the past
(i.e., "created-on" < now) and, if the "expires-on" leaf is present,
the device MUST verify that the ownership voucher has not yet expired
(i.e., now < "expires-on"). The device MUST verify that the ownership
voucher's "assertion" value is acceptable (e.g., some devices may only
accept the assertion value "verified"). The device MUST verify that
the ownership voucher specifies the device's serial number in the
"serial-number" leaf. If the "idevid-issuer" leaf is present, the
device MUST verify that the value is set correctly. If the authentication
of the ownership voucher is successful, the device extracts the
"pinned-domain-cert" node, an X.509 certificate, that is
needed to verify the owner certificate in the next step.The device MUST next authenticate the owner certificate by performing
X.509 certificate path verification to the trusted certificate extracted
from the ownership voucher's "pinned-domain-cert" node. This verification
may entail using additional intermediate certificates attached to the
owner certificate artifact. If the ownership voucher's
"domain-cert-revocation-checks" node's value is set to "true", the device
MUST verify the revocation status of the certificate chain used to sign
the owner certificate and, if suitably-fresh revocation status is unattainable or
if it is determined that a certificate has been revoked, the device
MUST NOT validate the owner certificate.Finally the device MUST verify the zero touch information
artifact was signed by the validated owner certificate.If any of these steps fail, the device MUST invalidate the
signed data and not perform any subsequent steps.In order to process redirect information (),
the device MUST follow the steps presented in this section.Processing redirect information is straightforward, the device sequentially
steps through the list of provided bootstrap servers until it can find one it
can bootstrap from.If a hostname is provided, and the hostname's DNS resolution is to more
than one IP address, the device MUST attempt to connect to all of the DNS
resolved addresses at least once, before moving on to the next bootstrap
server. If the device is able to obtain bootstrapping data from any of the
DNS resolved addresses, it MUST immediately process that data, without
attempting to connect to any of the other DNS resolved addresses.If the redirect information is trusted (e.g., trust-state is TRUE), and the
bootstrap server entry contains a trust anchor certificate, then the device MUST
authenticate the specified bootstrap server's TLS server certificate
using X.509 certificate path validation (, Section 6)
to the specified trust anchor. If the bootstrap server entry does not contain
a trust anchor certificate device, the device MUST establish a provisional
connection to the bootstrap server (i.e., by blindly accepting its server
certificate), and set trust-state to FALSE.If the redirect information is untrusted (e.g., trust-state is FALSE), the
device MUST discard any trust anchors provided by the redirect information and
establish a provisional connection to the bootstrap server (i.e., by blindly
accepting its TLS server certificate).In order to process onboarding information (),
the device MUST follow the steps presented in this section.When processing onboarding information, the device MUST first process the
boot image information (if any), then execute the pre-configuration script
(if any), then commit the initial configuration (if any), and then execute
the post-configuration script (if any), in that order.When the onboarding information is obtained from a trusted bootstrap server,
the device MUST send the "bootstrap-initiated" progress report, and send either
a terminating "boot-image-installed-rebooting", "bootstrap-complete", or error
specific progress report. If the bootstrap server's "get-bootstrapping-data"
RPC-reply's "reporting-level" node is set to "verbose", the device MUST
additionally send all appropriate non-terminating progress reports (e.g.,
initiated, warning, complete, etc.). Regardless the reporting-level indicated
by the bootstrap server, the device MAY send progress reports beyond the
mandatory ones specified for the given reporting level.When the onboarding information is obtained from an untrusted bootstrap
server, the device MUST NOT send any progress reports to the bootstrap server.If the device encounters an error at any step, it MUST stop processing the
onboarding information and return to the bootstrapping sequence described in
. In the context of a recursive algorithm, the
device MUST return to the enclosing loop, not back to the very beginning.
Some state MAY be retained from the bootstrapping process (e.g., updated
boot image, logs, remnants from a script, etc.). However, the retained
state MUST NOT be active in any way (e.g., no new configuration or running
of software), and MUST NOT hinder the ability for the device to continue
the bootstrapping sequence (i.e., process onboarding information from
another bootstrap server).At this point, the specific ordered sequence of actions the device MUST
perform is described.If the onboarding information is obtained from a trusted bootstrap server,
the device MUST send a "bootstrap-initiated" progress report. It is an error
if the device does not receive back the "204 No Content" HTTP status line.
If an error occurs, the device MUST try to send a "bootstrap-error" progress
report before exiting.The device MUST parse the provided onboarding information document, to
extract values used in subsequent steps. Whether using a stream-based parser
or not, if there is an error when parsing the onboarding information, and the
device is connected to a trusted bootstrap server, the device MUST try to send
a "parsing-error" progress report before exiting.If boot image criteria are specified, the device MUST first determine if the
boot image it is running satisfies the specified boot image criteria. If the
device is already running the specified boot image, then it skips the remainder
of this step. If the device is not running the specified boot image, then it
MUST download, verify, and install, in that order, the specified boot
image, and then reboot. If connected to a trusted bootstrap server, the
device MAY try to send a "boot-image-mismatch" progress report. To download
the boot image, the device MUST only use the URIs supplied by the onboarding
information. To verify the boot image, the device MUST either use one of the
verification fingerprints supplied by the onboarding information, or use a
cryptographic signature embedded into the boot image itself using a mechanism
not described by this document. Before rebooting, if connected to a trusted
bootstrap server, the device MUST try to send a "boot-image-installed-rebooting"
progress report. Upon rebooting, the bootstrapping process runs again, which
will eventually come to this step again, but then the device will be running
the specified boot image, and thus will move to processing the next step. If
an error occurs at any step while the device is connected to a trusted
bootstrap server (i.e., before the reboot), the device MUST try to send
a "boot-image-error" progress report before exiting.If a pre-configuration script has been specified, the device MUST execute the
script, capture any output emitted from the script, and check if the script had
any warnings or errors. If an error occurs while the device is connected to a
trusted bootstrap server, the device MUST try to send a "pre-script-error"
progress report before exiting.If an initial configuration has been specified, the device MUST atomically
commit the provided initial configuration, using the approach specified by the
"configuration-handling" leaf. If an error occurs while the device is connected
to a trusted bootstrap server, the device MUST try to send a "config-error"
progress report before exiting.If a post-configuration script has been specified, the device MUST execute the
script, capture any output emitted from the script, and check if the script had
any warnings or errors. If an error occurs while the device is connected to a
trusted bootstrap server, the device MUST try to send a "post-script-error"
progress report before exiting.If the onboarding information was obtained from a trusted bootstrap server,
and the result of the bootstrapping process did not disable the "flag to enable
zerotouch bootstrapping" described in , the device
SHOULD send an "bootstrap-warning" progress report.If the onboarding information was obtained from a trusted bootstrap server,
the device MUST send a "bootstrap-complete" progress report. It is an error
if the device does not receive back the "204 No Content" HTTP status line.
If an error occurs, the device MUST try to send a "bootstrap-error" progress
report before exiting.At this point, the device has completely processed the bootstrapping
data.The device is now running its initial configuration. Notably,
if NETCONF Call Home or RESTCONF Call Home is
configured, the device initiates trying to establish the call home
connections at this time.Implementation Notes:
Implementations may vary in how to ensure no unwanted state is retained
when an error occurs.Following are some guidelines for if the implementation chooses to undo
previous steps:
When an error occurs, the device must roll out of the current step and
any previous steps.Most steps are atomic. For instance, when a commit fails, it is
expected to have no impact on the configuration. Similarly, if the
error occurs when executing a script, the script will gracefully exit.In case the error occurs after the initial configuration was committed,
the device must restore the configuration to the configuration that
existed prior to the configuration being committed.In case the error occurs after a script had executed successfully,
it may be helpful for the implementation to define scripts as being
able to take a conceptual input parameter indicating that the script
should remove its previously set state.This section defines a YANG 1.1 module that is used to
define the data model for the zero touch information artifact described in
. This data model uses the "yang-data"
extension statement defined in .
Examples illustrating this data model are provided in
.The following tree diagram provides an overview of the data model for the
zero touch information artifact.The following example illustrates how redirect information
() can be encoded using JSON.The following example illustrates how onboarding information
() can be encoded using JSON.The zero touch information data model is defined
by the YANG module presented in this section.This module uses data types defined in ,
, , and
, an extension statement from
, and an
encoding defined in .This section defines the API for bootstrap servers. The API is
defined as that produced by a RESTCONF
server that supports the YANG 1.1 module
defined in this section.The following tree diagram provides an overview for the bootstrap server
RESTCONF API.This section presents three examples illustrating the bootstrap server's
API. Two examples are provided for the "get-bootstrapping-data" RPC (once
to an untrusted bootstrap server, and again to a trusted bootstrap server),
and one example for the "report-progress" RPC.The following example illustrates a device using the API to fetch its
bootstrapping data from a untrusted bootstrap server. In this example, the
device sends the "untrusted-connection" input parameter and receives signed
data in the response.The following example illustrates a device using the API to fetch its
bootstrapping data from a trusted bootstrap server. In this example, the
device sends addition input parameters to the bootstrap server, which it
may use when formulating its response to the device.The following example illustrates a device using the API to post
a progress report to a bootstrap server. Illustrated below is
the "bootstrap-complete" message, but the device may send other
progress reports to the server while bootstrapping. In this
example, the device is sending both its SSH host keys and a TLS
server certificate, which the bootstrap server may, for example,
pass to an NMS, as discussed in .The bootstrap server's device-facing API is normatively defined
by the YANG module defined in this section.This module uses data types defined in ,
, ,
, and , and uses
an encoding defined in .This section defines two DHCP options, one for DHCPv4 and one for
DHCPv6. These two options are semantically the same, though syntactically
different.
  The DHCPv4 Zero Touch Option is used to provision the client
with one or more URIs for bootstrap servers that can be
contacted to attempt further configuration.DHCPv4 Client BehaviorClients MAY request the OPTION_V4_ZEROTOUCH_REDIRECT by including its
option code in the Parameter Request List (55) in DHCP request messages.On receipt of a DHCPv4 Reply message which contains the
OPTION_V4_ZEROTOUCH_REDIRECT, the client processes the response according
to , with the understanding
that the "address" and "port" values are encoded in the URIs.Any invalid URI entries received in the uri-data field are ignored by
the client. If OPTION_V4_ZEROTOUCH_REDIRECT does not contain at least one
valid URI entry in the uri-data field, then the client MUST discard the
option.As the list of URIs may exceed the maximum allowed length of
a single DHCPv4 option (255 octets), the client MUST implement
, allowing the URI list to be split
across a number of OPTION_V4_ZEROTOUCH_REDIRECT option
instances.
DHCPv4 Server BehaviorThe DHCPv4 server MAY include a single instance of Option
OPTION_V4_ZEROTOUCH_REDIRECT in DHCP messages it sends. Â Servers MUST
NOT send more than one instance of the OPTION_V4_ZEROTOUCH_REDIRECT option.
As the list of URIs may exceed the maximum allowed length of
a single DHCPv4 option (255 octets), the server MUST implement
, allowing the URI list to be split
across a number of OPTION_V4_ZEROTOUCH_REDIRECT option
instances.
The DHCPv6 Zero Touch Option is used to provision the client with
one or more URIs for bootstrap servers that can be contacted to
attempt further configuration.DHCPv6 Client BehaviorClients MAY request the OPTION_V6_ZEROTOUCH_REDIRECT option, as defined
in , Sections 17.1.1, 18.1.1, 18.1.3, 18.1.4,
18.1.5, and 22.7. Â As a convenience to the reader, we mention here that
the client includes requested option codes in the Option Request Option.On receipt of a DHCPv6 Reply message which contains the
OPTION_V6_ZEROTOUCH_REDIRECT, the client processes the response according
to , with the understanding
that the "address" and "port" values are encoded in the URIs.Any invalid URI entries received in the uri-data field are ignored
by the client. If OPTION_V6_ZEROTOUCH_REDIRECT does not contain at least
one valid URI entry in the uri-data field, then the client MUST discard
the option.DHCPv6 Server BehaviorSections 17.2.2 and 18.2 of govern server
operation in regard to option assignment.  As a convenience to the
reader, we mention here that the server will send a particular option
code only if configured with specific values for that option code and
if the client requested it.Option OPTION_V6_ZEROTOUCH_REDIRECT is a singleton.  Servers MUST
NOT send more than one instance of the OPTION_V6_ZEROTOUCH_REDIRECT
option.Both of the DHCPv4 and DHCPv6 options defined in this section
encode a list of bootstrap server URIs. The "URI" structure is
an option that can contain multiple URIs (see ,
Section 5.7).The solution in this document relies on TLS certificates,
owner certificates, and ownership vouchers, all of which
require an accurate clock in order to be processed
correctly (e.g., to test validity dates and revocation
status). Implementations SHOULD ensure devices have an
accurate clock when shipped from manufacturing facilities,
and take steps to prevent clock tampering.If it is not possible to ensure clock accuracy, it is
RECOMMENDED that implementations disable the aspects of the
solution having clock sensitivity. In particular, such
implementations should assume that TLS certificates,
ownership vouchers, and owner certificates never expire
and are not revokable. From an ownership voucher
perspective, manufacturers SHOULD issue a single
ownership voucher for the lifetime of such devices.Implementations SHOULD NOT rely on NTP for time, as
NTP is not a secure protocol.IDevID certificates, as defined in ,
are RECOMMENDED, both for the TLS-level client certificate used
by devices when connecting to a bootstrap server, as well as for
the device identity certificate used by owners when encrypting
the zero touch artifacts.Devices MUST ensure that all their trust anchor certificates,
including those for connecting to bootstrap servers and verifying
ownership vouchers, are protected from external modification.It may be necessary to update these certificates over time
(e.g., the manufacturer wants to delegate trust to a new CA).
It is therefore expected that devices MAY update these trust
anchors when needed through a verifiable process, such as a
software upgrade using signed software images.Manufacturer-generated device identifiers may have very long
lifetimes. For instance,
recommends using the "notAfter" value 99991231235959Z in IDevID
certificates. Given the long-lived nature of these private keys,
it is paramount that they are stored so as to resist discovery,
such as in a secure cryptographic processor (e.g., a TPM).This document allows a device to blindly authenticate a
bootstrap server's TLS certificate. It does so to allow
for cases where the redirect information may be obtained
in an unsecured manner, which is desirable to support
in some cases.To compensate for this, this document requires that
devices, when connected to an untrusted bootstrap server,
assert that data downloaded from the server is signed.This document allows devices to establish connections to
untrusted bootstrap servers. However, since the bootstrap
server is untrusted, it may be under the control of an
adversary, and therefore devices SHOULD be cautious about
the data they send to the bootstrap server in such cases.Devices send different data to bootstrap servers at each
of the protocol layers TCP, TLS, HTTP, and RESTCONF.At the TCP protocol layer, devices may relay their IP address,
subject to network translations. Disclosure of this information
is not considered a security risk.At the TLS protocol layer, devices may use a client certificate
to identify and authenticate themselves to untrusted bootstrap
servers. At a minimum, the client certificate must disclose
the device's serial number, and may disclose additional information
such as the device's manufacturer, hardware model, public key, etc.
Knowledge of this information may provide an adversary with details
needed to launch an attack. It is RECOMMENDED that secrecy of the
network constituency is not relied on for security.At the HTTP protocol layer, devices may use an HTTP authentication
scheme to identify and authenticate themselves to untrusted bootstrap
servers. At a minimum, the authentication scheme must disclose the
device's serial number and, concerningly, may, depending on the
authentication mechanism used, reveal a secret that is only supposed
to be known to the device (e.g., a password). Devices SHOULD NOT use
an HTTP authentication scheme (e.g., HTTP Basic) with an untrusted
bootstrap server that reveals a secret that is only supposed to be
known to the device.At the RESTCONF protocol layer, devices use the "get-bootstrapping-data"
RPC, but not the "report-progress" RPC, when connected to an untrusted
bootstrap server. The "get-bootstrapping-data" RPC allows additional
input parameters to be passed to the bootstrap server (e.g., "os-name",
"os-version", "hw-model"). It is RECOMMENDED that devices only pass
the "untrusted-connection" input parameter to an untrusted bootstrap
server. While it is okay for a bootstrap server to immediately
return signed onboarding information, it is RECOMMENDED that
bootstrap servers instead promote the untrusted connection to a
trusted connection, as described in ,
thus enabling the device to use the "report-progress" RPC while
processing the onboarding information.For devices supporting more than one source for bootstrapping
data, no particular sequencing order has to be observed for
security reasons, as the solution for each source is considered
equally secure. However, from a privacy perspective, it is
RECOMMENDED that devices access local sources before accessing
remote sources.The solution presented in this document enables bootstrapping
data to be trusted in two ways, either through transport level
security or through the signing of artifacts.When transport level security (i.e., a trusted bootstrap server)
is used, the private key for the end-entity certificate must be
online in order to establish the TLS connection.When artifacts are signed, the signing key is required to be
online only when the bootstrap server is returning a dynamically
generated signed-data response. For instance, a bootstrap server,
upon receiving the "untrusted-connection" input parameter to the
"get-bootstrapping-data" RPC, may dynamically generate a response
that is signed.Bootstrap server administrators are RECOMMENDED to follow best
practice to protect the private key used for any online operation.
Use of an hardware security module (HSM) is RECOMMENDED. If an
HSM is not used, frequent private key refreshes are RECOMMENDED.For best security, it is RECOMMENDED that owners only provide
bootstrapping data that has been signed, using a private key that
is not accessible to a network of questionable integrity, and
encrypted, using the device's public key from its secure device
identity certificate.The recursive algorithm described in this document enables
redirect information to lead to more redirect information,
which may cause a device to redirect forever.Whilst a trusted bootstrap server may be misconfigured
to cause a device to return to it again ad infitum, the
greater concern is that any untrusted source of bootstrapping
data could be used by an adversary to purposely cause this.Infinite redirections are most easily constructed via
loops, where some bootstrap server redirects back to a
previously visited bootstrap server. Infinite redirections
can also be created without a loop by an adversary dynamically
instantiated bootstrap servers on the fly.Implementations SHOULD limit the maximum number of recursive
redirects allowed; no more than a half dozen seems reasonable.The zero touch bootstrapping protocol presented in this document shifts
some control of initial configuration away from the rightful owner of the
device and towards the manufacturer and its delegates.The manufacturer maintains the list of well-known bootstrap servers
its devices will trust. By design, if no bootstrapping data is found via
other methods first, the device will try to reach out to the well-known
bootstrap servers. There is no mechanism to prevent this from occurring
other than by using an external firewall to block such connections.
Concerns related to trusted bootstrap servers are discussed in
.Similarly, the manufacturer maintains the list of voucher signing
authorities its devices will trust. The voucher signing authorities
issue the vouchers that enable a device to trust an owner's domain
certificate. It is vital that manufacturers ensure the integrity
of these voucher signing authorities, so as to avoid incorrect
assignments.Operators should be aware that this system assumes that they trust
all the pre-configured bootstrap servers and voucher signing authorities
designated by the manufacturers.Trusted bootstrap servers, whether well-known or discovered,
have the potential to cause problems, such as the following.
A trusted bootstrap server that has been compromised may be
modified to return unsigned data of any sort. For instance, a
bootstrap server that is only suppose to return redirect
information might be modified to return onboarding information.
Similarly, a bootstrap server that is only supposed to return
signed data, may be modified to return unsigned data. In both
cases, the device will accept the response, unaware that it
wasn't supposed to be any different. It is RECOMMENDED that
maintainers of trusted bootstrap servers ensure that their
systems are not easily compromised and, in case of compromise,
have mechanisms in place to detect and remediate the compromise
as expediently as possible.A trusted bootstrap server hosting either unsigned or signed
but not encrypted data may disclose information to unwanted parties
(e.g., an administrator of the bootstrap server). This is a privacy
issue only, but could reveal information that might be used in a
subsequent attack. Disclosure of redirect information has limited
exposure (it is just a list of bootstrap servers), whereas disclosure
of onboarding information could be highly revealing (e.g., network
topology, firewall policies, etc.). It is RECOMMENDED that operators
encrypt the bootstrapping data when its contents are considered
sensitive, even to the administrators of a bootstrap server.Zero touch information does not specify a validity period. For
instance, neither redirect information nor onboarding information
enable "not-before" or "not-after" values to be specified, and
neither artifact alone can be revoked.For unsigned data provided by an untrusted source of bootstrapping
data, it is not meaningful to discuss its validity period when the
information itself has no authenticity and may have come from anywhere.For unsigned data provided by a trusted source of bootstrapping
data (i.e., a bootstrap server), the availability of the data
is the only measure of it being current. Since the untrusted data
comes from a trusted source, its current availability is meaningful
and, since bootstrap servers use TLS, the contents of the exchange
cannot be modified or replayed.For signed data, whether provided by an untrusted or trusted
source of bootstrapping data, the validity is constrained by
the validity of the both the ownership voucher and owner
certificate used to authenticate it.The ownership voucher's validity is primarily constrained by
the ownership voucher's "created-on" and "expires-on" nodes.
While recommends short-lived vouchers
(see Section 6.1), the "expires-on" node may be set to any point
in the future, or omitted altogether to indicate that the voucher
never expires. The ownership voucher's validity is secondarily
constrained by the manufacturer's PKI used to sign the voucher;
whilst an ownership voucher cannot be revoked directly, the PKI
used to sign it may be.The owner certificate's validity is primarily constrained by
the X.509's validity field, the "notBefore" and "notAfter" values,
as specified by the certificate authority that signed it. The
owner certificate's validity is secondarily constrained by the
validity of the PKI used to sign the voucher. Owner certificates
may be revoked directly.For owners that wish to have maximum flexibility in their
ability to specify and constrain the validity of signed data,
it is RECOMMENDED that a unique owner certificate is created
for each signed artifact. Not only does this enable a
validity period to be specified, for each artifact, but it
also enables to the validity of each artifact to be revoke.The ietf-zerotouch-information module defined in this document
defines a data structure that is always wrapped by a CMS structure.
When accessed by a secure mechanism (e.g., protected by TLS), then the
CMS structure may be unsigned. However, when accessed by an insecure
mechanism (e.g., removable storage device), then the CMS structure
must be signed, in order for the device to trust it.Implementations should be aware that signed bootstrapping data
only protects the data from modification, the contents are still
visible to others. This doesn't affect security so much as privacy.
That the contents may be read by unintended parties when accessed by
insecure mechanisms is considered next.The ietf-zerotouch-information module defines a top-level "choice"
statement that declares the contents are either "redirect-information"
or "onboarding-information". Each of these two cases are now considered.When the content of the CMS structure is redirect-information,
an observer can learn about the bootstrap servers the device is being
directed to, their IP addresses or hostnames, ports, and trust anchor
certificates. Knowledge of this information could provide an observer
some insight into a network's inner structure.When the content of the CMS structure is onboarding-information,
an observer could learn considerable information about how the device
is to be provisioned. This information includes the operating system
version, initial configuration, and script contents. This information
should be considered sensitive and precautions should be taken to
protect it (e.g., encrypt artifact with device public key).The ietf-zerotouch-bootstrap-server module defined in this document
specifies an API for a RESTCONF . The lowest
RESTCONF layer is HTTPS, and the mandatory-to-implement secure transport
is TLS .The NETCONF Access Control Model (NACM)
provides the means to restrict access for particular users
to a preconfigured subset of all available protocol operations
and content.This module presents no data nodes (only RPCs). There is no need
to discuss the sensitivity of data nodes.This module defines two RPC operations that may be considered
sensitive in some network environments. These are the operations
and their sensitivity/vulnerability:
This RPC is used by devices
to obtain their bootstrapping data. By design, each device, as
identified by its authentication credentials (e.g. client
certificate), can only obtain its own data. NACM is not needed
to further constrain access to this RPC.This RPC is used by devices
to report their bootstrapping progress. By design, each device,
as identified by its authentication credentials (e.g. client
certificate), can only report data for itself. NACM is not
needed to further constrain access to this RPC.This document registers two URIs in the IETF XML
registry . Following the format in
, the following registrations are
requested:This document registers two YANG modules in the
YANG Module Names registry .
Following the format defined in , the
the following registrations are requested:IANA is kindly requested to two entries in the "SMI Security for
S/MIME CMS Content Type" registry (1.2.840.113549.1.9.16.1), with
values as follows:id-ct-zerotouchInformationXML indicates that the "zerotouch-
information" is encoded using XML. id-ct-zerotouchInformationJSON
indicates that the "zerotouch-information" is encoded using JSON.IANA is kindly requested to make permanent the following early code point
allocation in the "BOOTP Manufacturer Extensions and DHCP Options" registry
maintained at http://www.iana.org/assignments/bootp-dhcp-parameters:
And the following early code point allocation in the "Dynamic Host
Configuration Protocol for IPv6 (DHCPv6)" registry maintained at
http://www.iana.org/assignments/dhcpv6-parameters:
Information Technology - ASN.1 encoding rules: Specification of Basic
Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished
Encoding Rules (DER)International Telecommunication UnionIEEE Standard for Local and metropolitan area networks - Secure Device IdentityIEEE SA-Standards BoardThis section defines a non-normative data model that
enables the configuration of zerotouch bootstrapping and
discovery of what parameters are used by a device's bootstrapping logic.The following tree diagram provides an overview for the zerotouch
device data model.In the above diagram, notice that there is only one configurable node
"enabled". The expectation is that this node would be set to "true" in
device's factory default configuration and that it would either be set
to "false" or deleted when the zerotouch bootstrapping is longer needed.Following is an instance example for this data model.The device model is defined by the YANG module
defined in this section.This module uses data types defined in ,
, and
.The following diagram illustrates a sequence of
bootstrapping activities that promote an untrusted
connection to a bootstrap server to a trusted connection
to the same bootstrap server. This enables a device
to limit the amount of information it might disclose
to an adversary hosting an untrusted bootstrap server.The interactions in the above diagram are described below.The device initiates an untrusted connection to a bootstrap
server, as is indicated by putting "HTTPS" in double quotes
above. It is still an HTTPS connection, but the device is
unable to authenticate the bootstrap server's TLS certificate.
Because the device is unable to trust the bootstrap server, it
sends the "untrusted-connection" input parameter, and optionally
also the "nonce" input parameter, in the "get-bootstrapping-data"
RPC. The "untrusted-connection" parameter informs the
bootstrap server that the device does not trust it and may
be holding back some additional input parameters from the
server (e.g., other input parameters, progress reports, etc.).
The "nonce" input parameter enables the bootstrap server to
dynamically obtain an ownership voucher from a MASA, which
may be important for devices that do not have a reliable clock.The bootstrap server, seeing the "untrusted-connection"
input parameter, knows that it can either send unsigned
redirect information or signed data of any type. But, in
this case, the bootstrap server has the ability to sign
data and chooses to respond with signed redirect information,
not signed onboarding information as might be expected,
securely redirecting the device back to it again. Not
displayed but, if the "nonce" input parameter was passed,
the bootstrap server could dynamically connect to a
download a voucher from the MASA having the nonce value
in it. Details regarding a protocol enabling this integration
is outside the scope of this document.Upon validating the signed redirect information, the
device establishes a secure connection to the bootstrap
server. Unbeknownst to the device, it is the same bootstrap
server it was connected to previously but, because the device
is able to authenticate the bootstrap server this time, it sends its
normal "get-bootstrapping-data" request (i.e., with additional
input parameters) as well as its progress reports (not depicted).This time, because the "untrusted-connection" parameter was
not passed, having access to all of the device's input parameters,
the bootstrap server returns, in this example, unsigned onboarding
information to the device.The zero touch solution presented in this document is conceptualized
to be composed of the non-normative workflows described in this section.
Implementation details are expected to vary. Each diagram is followed
by a detailed description of the steps presented in the diagram, with
further explanation on how implementations may vary.The following diagram illustrates key interactions that may occur from when a
prospective owner enrolls in a manufacturer's zero touch program to when the
manufacturer ships devices for an order placed by the prospective owner.Each numbered item below corresponds to a numbered item
in the diagram above.
A prospective owner of a manufacturer's devices initiates an
enrollment process with the manufacturer. This process includes
the following:
Regardless how the prospective owner intends to bootstrap their devices,
they will always obtain from the manufacturer the trust anchor
certificate for the IDevID certificates. This certificate will
is installed on the prospective owner's NMS so that the NMS can
authenticate the IDevID certificates when they are presented to
subsequent steps.If the manufacturer hosts an Internet based bootstrap server (e.g., a
redirect server) such as described in ,
then credentials necessary to configure the bootstrap server would be
provided to the prospective owner. If the bootstrap server is
configurable through an API (outside the scope of this document), then
the credentials might be installed on the prospective owner's NMS so
that the NMS can subsequently configure the manufacturer-hosted
bootstrap server directly.If the manufacturer's devices are able to validate signed data
(), and assuming that the
prospective owner's NMS is able to prepare and sign the bootstrapping
data itself, the prospective owner's NMS might set a trust anchor
certificate onto the manufacturer's bootstrap server, using the
credentials provided in the previous step. This certificate is the
trust anchor certificate that the prospective owner would like the
manufacturer to place into the ownership vouchers it generates, thereby
enabling devices to trust the owner's owner certificate. How this trust
anchor certificate is used to enable devices to validate signed bootstrapping
data is described in .Some time later, the prospective owner places an order
with the manufacturer, perhaps with a special
flag checked for zero touch handling. At this time, or
perhaps before placing the order, the owner may model
the devices in their NMS, creating virtual objects for the
devices with no real-world device associations. For instance
the model can be used to simulate the device's location in the
network and the configuration it should have when fully
operational.When the manufacturer fulfills the order, shipping
the devices to their intended locations, they may notify the owner
of the devices' serial numbers and shipping destinations, which
the owner may use to stage the network for when the devices power
on. Additionally, the manufacturer may send one or more ownership
vouchers, cryptographically assigning ownership of those devices to
the owner. The owner may set this information on their NMS, perhaps
binding specific modeled devices to the serial numbers and ownership
vouchers.The following diagram illustrates how an owner might stage the
network for bootstrapping devices.Each numbered item below corresponds to a numbered item
in the diagram above.
Having previously modeled the devices, including setting their
fully operational configurations and associating device serial
numbers and (optionally) ownership vouchers, the owner might "activate" one or
more modeled devices. That is, the owner tells the NMS to perform
the steps necessary to prepare for when the real-world devices
power up and initiate the bootstrapping process. Note that,
in some deployments, this step might be combined with the last step
from the previous workflow. Here it is depicted that an NMS performs
the steps, but they may be performed manually or through some other
mechanism.If it is desired to use a deployment specific bootstrap server,
it must be configured to provide the bootstrapping information for
the specific devices. Configuring the bootstrap server may occur
via a programmatic API not defined by this document. Illustrated
here as an external component, the bootstrap server may be
implemented as an internal component of the NMS itself.If it is desired to use a manufacturer hosted bootstrap
server, it must be configured to provide the bootstrapping information
for the specific devices. The configuration must be either redirect or
onboarding information. That is, either the manufacturer hosted bootstrap
server will redirect the device to another bootstrap server, or provide
the device with the onboarding information itself. The types of
bootstrapping information the manufacturer hosted bootstrap server
supports may vary by implementation; some implementations may only
support redirect information, or only support onboarding information,
or support both redirect and onboarding information. Configuring the
bootstrap server may occur via a programmatic API not defined by this
document.If it is desired to use a DNS server to supply bootstrapping
information, a DNS server needs to be configured. If multicast
DNS-SD is desired, then the server must reside on the local network,
otherwise the DNS server may reside on a remote network. Please see
for more information about how to
configure DNS servers. Configuring the DNS server may occur via
a programmatic API not defined by this document.If it is desired to use a DHCP server to supply bootstrapping
data, a DHCP server needs to be configured. The DHCP server may
be accessed directly or via a DHCP relay. Please see
for more information about how to
configure DHCP servers. Configuring the DHCP server may occur
via a programmatic API not defined by this document.If it is desired to use a removable storage device (e.g., USB flash
drive) to supply bootstrapping information, the information would need
to be placed onto it. Please see
for more information about how to configure a removable storage device.The following diagram illustrates the sequence of activities
that occur when a device powers on.
The interactions in the above diagram are described below.
Upon power being applied, the device checks to see if zerotouch
bootstrapping is configured, such as must be the case when running its
"factory default" configuration. If zerotouch bootstrapping is
not configured, then the bootstrapping logic exits and none of the
following interactions occur.For each source of bootstrapping data the device supports, preferably
in order of closeness to the device (e.g., removable storage before
Internet based servers), the device checks to see if there is any
bootstrapping data for it there.If onboarding information is found, the device initializes
itself accordingly (e.g., installing a boot-image and committing an
initial configuration). If the source is a bootstrap server, and the
bootstrap server can be trusted (i.e., TLS-level authentication), the
device also sends progress reports to the bootstrap server.
The contents of the initial configuration should configure
an administrator account on the device (e.g., username, ssh-rsa
key, etc.), and should configure the device either to listen for
NETCONF or RESTCONF connections or to initiate call home connections
, and should disable the zerotouch
bootstrapping service (e.g., the "enabled" leaf in data model
presented in ).If the bootstrap server supports forwarding device progress reports
to external systems (e.g., via a webhook), a "bootstrap-complete"
progress report () informs the external
system to know when it can, for instance, initiate a connection to
the device. To support this scenario further, the "bootstrap-complete"
progress report may also relay the device's SSH host keys and/or TLS
certificates, with which the external system can use to authenticate
subsequent connections to the device.
If the device successfully completes the bootstrapping process,
it exits the bootstrapping logic without considering any additional
sources of bootstrapping data.
Otherwise, if redirect information is found, the device iterates
through the list of specified bootstrap servers, checking to see if
it has bootstrapping data for the device. If the bootstrap server
returns more redirect information, then the device processes it recursively.
Otherwise, if the bootstrap server returns onboarding information,
the device processes it following the description provided in (3) above.After having tried all supported sources of bootstrapping data, the
device may retry again all the sources and/or provide manageability
interfaces for manual configuration (e.g., CLI, HTTP, NETCONF, etc.).
If manual configuration is allowed, and such configuration is provided,
the configuration should also disable the zerotouch bootstrapping service,
as the need for bootstrapping would no longer be present.Major structural update; the essence is the same.
Most every section was rewritten to some degree.Added a Use Cases sectionAdded diagrams for "Actors and Roles" and
"NMS Precondition" sections, and greatly improved
the "Device Boot Sequence" diagramRemoved support for physical presence or any
ability for configlets to not be signed.Defined the Zero Touch Information DHCP optionAdded an ability for devices to also download
images from configuration serversAdded an ability for configlets to be encryptedNow configuration servers only have to support
HTTP/S - no other schemes possibleAdded boot-image and validate-owner annotations
to the "Actors and Roles" diagram.Fixed 2nd paragraph in section 7.1 to reflect
current use of anyxml.Added encrypted and signed-encrypted examplesReplaced YANG module with XSD schemaAdded IANA request for the Zero Touch Information DHCP OptionAdded IANA request for media types for boot-image and configurationReplaced the need for a configuration signer with the
ability for each NMS to be able to sign its own configurations,
using manufacturer signed ownership vouchers and owner certificates.Renamed configuration server to bootstrap server, a more
representative name given the information devices download from it.Replaced the concept of a configlet by defining a southbound
interface for the bootstrap server using YANG.Removed the IANA request for the boot-image and configuration
media typesMinor update, mostly just to add an Editor's Note to show how this
draft might integrate with the draft-pritikin-anima-bootstrapping-keyinfra.Major update formally introducing unsigned data and support for
Internet-based redirect servers.Added many terms to Terminology section.Added all new "Guiding Principles" section.Added all new "Sources for Bootstrapping Data" section.Rewrote the "Interactions" section and renamed it "Workflow Overview".Semi-major update, refactoring the document into more logical partsCreated new section for information typesAdded support for DNS serversNow allows provisional TLS connectionsBootstrapping data now supports scriptsDevice Details section overhauledSecurity Considerations expandedFilled in enumerations for notification typesMinor updateAdded many Normative and Informative references.Added new section Other Considerations.Minor updateAdded an Editorial Note section for RFC Editor.Updated the IANA Considerations section.Minor updateUpdated to reflect review from Michael Richardson.Added in missing "Signature" artifact example.Added recommendation for manufacturers to use interoperable
formats and file naming conventions for removable storage devices.Added configuration-handling leaf to guide if config should be
merged, replaced, or processed like an edit-config/yang-patch document.Added a pre-configuration script, in addition to the
post-configuration script from -05 (issue #15).Factored ownership voucher and voucher revocation to a
separate document: draft-kwatsen-netconf-voucher. (issue #11)Removed <configuration-handling> options "edit-config" and
"yang-patch". (issue #12)Defined how a signature over signed-data returned from a
bootstrap server is processed. (issue #13)Added recommendation for removable storage devices to use
open/standard file systems when possible. (issue #14)Replaced notifications "script-[warning/error]" with
"[pre/post]-script-[warning/error]". (goes with issue #15)switched owner-certificate to be encoded using the PKCS #7
format. (issue #16)Replaced md5/sha1 with sha256 inside a choice statement, for
future extensibility. (issue #17)A ton of editorial changes, as I went thru the entire draft
with a fine-toothed comb.fixed yang validation issues found by IETFYANGPageCompilation.
note: these issues were NOT found by pyang --ietf or by the
submission-time validator...fixed a typo in the yang module, someone the config false statement
was removed.fixed typo that prevented Appendix B from loading the
examples correctly.fixed more yang validation issues found by
IETFYANGPageCompilation. note: again, these issues were
NOT found by pyang --ietf or by the submission-time
validator...updated a few of the notification enumerations to be
more consistent with the other enumerations (following the
warning/error pattern).updated the information-type artifact to state how it is
encoded, matching the language that was in Appendix B.defined a standalone artifact to encode the old information-type
into a PKCS #7 structure.standalone information artifact hardcodes JSON encoding (to
match the voucher draft).combined the information and signature PKCS #7 structures into a
single PKCS #7 structure.moved the certificate-revocations into the owner-certificate's
PKCS #7 structure.eliminated support for voucher-revocations, to reflect the
voucher-draft's switch from revocations to renewals.Renamed "bootstrap information" to "onboarding information".Rewrote DHCP sections to address the packet-size limitation
issue, as discussed in Chicago.Added Ian as an author for his text-contributions to the
DHCP sections.Removed the Guiding Principles section.Renamed action "notification" to "update-progress" and, likewise
"notification-type" to "update-type".Updated examples to use "base64encodedvalue==" for binary values.Greatly simplified the "Artifact Groupings" section, and
moved it as a subsection to the "Artifacts" section.Moved the "Workflow Overview" section to the Appendix.Renamed "bootstrap information" to "update information".Removed "Other Considerations" section.Tons of editorial updates.tweaked language to refer to "initial state" rather than "factory
default configuration", so as accommodate white-box scenarios.added a paragraph to Intro regarding how the solution primarily regards
physical machines, but could be extended to VMs by a future document.added a pointer to the Workflow Overview section (recently moved to
the Appendix) to the Intro.added a note that, in order to simplify the verification process,
the "Zerotouch Information" PKCS #7 structure MUST also contain the
signing X.509 certificate.noted that the owner certificate's must either have no Key Usage or
the Key Usage must set the "digitalSignature" bit.noted that the owner certificate's subject and subjectAltName values
are not constrained.moved/consolidated some text from the Artifacts section down to the
Device Details section.tightened up some ambiguous language, for instance, by referring to
specific leaf names in the Voucher artifact.reverted a previously overzealous s/unique-id/serial-number/ change.modified language for when ZTP runs from when factory-default config
is running to when ZTP is configured, which the factory-defaults should set .Added an example for how to promote an untrusted connection to a
trusted connection.Added a "query parameters" section defining some parameters enabling
scenarios raised in last call.Added a "Disclosing Information to Untrusted Servers" section to
the Security Considerations.Added Security Considerations for each YANG module.Reverted back to the device always sending its DevID cert.Moved data tree to "get-bootstrapping-data" RPC.Moved the "update-progress" action to a "report-progress" RPC.Added an "untrusted-connection" parameter to "get-bootstrapping-data" RPC.Added the "ietf-zerotouch-device" module.Lots of small updates.Fixed "must" expressions, by converting "choice" to a "list" of
"image-verification", each of which now points to a base identity
called "hash-algorithm". There's just one algorithm currently
defined (sha-256). Wish there was a standard crypto module that
could identify such identities.Now references I-D.ietf-netmod-yang-tree-diagrams.Fixed tree-diagrams in Section 2 to always reflect
current YANG (now they are now dynamically generated).The "redirect-information" container's "trust-anchor"
is now a CMS structure that can contain a chain of
certificates, rather than a single certificate.The "onboarding-information" container's support
for image verification reworked to be extensible.Added a reference to the "Device Details" section to
the new example-zerotouch-device module.Clarified that the device must always pass its IDevID
certificate, even for untrusted bootstrap servers.Fixed the description statement for the "script" typedef
to refer to the [pre/post]-script-[warning/error] enums,
rather than the legacy script-[warning/error] enums.For the get-bootstrapping-data RPC's input, removed
the "remote-id" and "circuit-id" fields, and added a
"hw-model" field.Improved DHCP error handling text.Added MUST requirement for DHCPv6 client and server
implementing to handle URI lists
longer than 255 octets.Changed the "configuration" value in onboarding-information
to be type "binary" instead of "anydata".Moved everything from PKCS#7 to CMS (this shows up
as a big change).Added the early code point allocation assignments for the
DHCP Options in the IANA Considerations section, and updated
the RFC Editor note accordingly.Added RFC Editor request to replace the assigned values for
the CMS content types.Relaxed auth requirements from device needing to always
send IDevID cert to device needing to always send authentication
credentials, as this better matches what RFC 8040 Section 2.5 says.Moved normative module "ietf-zerotouch-device" to non-normative
module "example-zerotouch-device".Updated Title, Abstract, and Introduction per discussion on list.Now any of the three artifact can be encrypted.Fixed some line-too-long issues.Removed specifics around how scripts indicate warnings
or errors and how scripts emit output.Moved the Zero Touch Device Data Model section to
the Appendix.Modified the YANG module in the Zero Touch Device Data
Model section to reflect the latest trust-anchors and
keystore drafts.Modified types in other YANG modules to more closely
emulate what is in draft-ietf-netconf-crypto-types.Rewrote section 5.6 (processing onboboarding information)
to be clearer about error handling and retained state.
Specifically:
Clarified that a script, upon having an error, must
gracefully exit, cleaning up any state that might hinder
subsequent executions.Added ability for scripts to be executed again with a
flag enabling them to clean up state from a previous
execution.Clarified that the conifguration commit is atomic.Clarified that any error encountered after committing the
configuration (e.g., in the "post-configuration-script")
must rollback the configuration to the previous
configuration.Clarified that failure to successfully deliver the
"bootstrap-initiated" and "bootstrap-complete" progress
types must be treated as an error.Clarified that "return to bootstrapping sequence" is to be
interpreted in the recursive context. Meaning that the
device rolls-back one loop, rather than start over from
scratch.Changed how a device verifies a boot-image from just "MUST
match one of the supplied fingerprints" to also allow for
the verification to use an cryptographic signature embedded
into the image itself.Added more "progress-type" enums for visibility reasons,
enabling more strongly-typed debug information to be sent
to the bootstrap server.Added Security Considerations based on early SecDir review.Added recommendation for device to send warning if the
initial config does not disable the bootstrapping process.Follow-ups from SecDir and Shepherd.Added "boot-image-complete" enumeration.The authors would like to thank for following for
lively discussions on list and in the halls (ordered
by last name):
Michael Behringer,
Dean Bogdanovic,
Martin Bjorklund,
Joe Clarke,
Toerless Eckert,
Stephen Farrell,
Stephen Hanna,
Wes Hardaker,
David Harrington,
Radek Krejci,
David Mandelberg,
Russ Mundy,
Reinaldo Penno,
Randy Presuhn,
Max Pritikin,
Michael Richardson,
Phil Shafer,
Juergen Schoenwaelder.Special thanks goes to Steve Hanna, Russ Mundy, and
Wes Hardaker for brainstorming the original I-D's solution
during the IETF 87 meeting in Berlin.