Re: [6tisch] Progress zero-touch document

"Pascal Thubert (pthubert)" <pthubert@cisco.com> Tue, 02 April 2019 13:34 UTC

Return-Path: <pthubert@cisco.com>
X-Original-To: 6tisch@ietfa.amsl.com
Delivered-To: 6tisch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC89A120135 for <6tisch@ietfa.amsl.com>; Tue, 2 Apr 2019 06:34:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=BTP/6mtE; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=OjBHF1WW
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AzfefLL209b4 for <6tisch@ietfa.amsl.com>; Tue, 2 Apr 2019 06:34:52 -0700 (PDT)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9001A120130 for <6tisch@ietf.org>; Tue, 2 Apr 2019 06:34:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3360; q=dns/txt; s=iport; t=1554212092; x=1555421692; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=LIJ7ceW9YK6TlEzQiRMHcqfi3+padIVzfiVACSf8JjY=; b=BTP/6mtE7zNYdtuoYNdEnRigkv4uAUbf3BoND+blmE4RFCZSntAsHo0P 9xWczA6vmu6hleW9iMh4jZczmVEGB7vllYIcGOF3obDIOJZv6qt+koMUC 86WbH0E9xKZsyGc3ldlha6eUv2YyOPEWPXhjfXCDOORFZPRbPvcPBVzUf k=;
IronPort-PHdr: =?us-ascii?q?9a23=3AHnyMChFMsFS115ldsRqjiZ1GYnJ96bzpIg4Y7I?= =?us-ascii?q?YmgLtSc6Oluo7vJ1Hb+e4z1Q3SRYuO7fVChqKWqK3mVWEaqbe5+HEZON0pNV?= =?us-ascii?q?cejNkO2QkpAcqLE0r+eeb2bzEwEd5efFRk5Hq8d0NSHZW2ag=3D=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0BDAADdYqNc/4ENJK1lGQEBAQEBAQE?= =?us-ascii?q?BAQEBAQcBAQEBAQGBZYE+UANodAQLJ4QOg0cDjzWCV5cRglIDVA4BARgNB4N?= =?us-ascii?q?6RgIXhSUiOBIBAQMBAQkBAgECbRwMhUoBAQEBAwEBIREMAQElBwsBBAcEAgE?= =?us-ascii?q?IEQEDAQEDAiYCAgIlCxUCBggCBAENBQgTgwiBXQMVAQIMolkCihRxgS+CeQE?= =?us-ascii?q?BBYExARNBgwsYggwDBYELJIRehlUXgUA/gRFGgkw+gmEBAQIBAYFfgwgxggQ?= =?us-ascii?q?ijQWYUgkCh3KMDpQ4i0aGFo1GAgQCBAUCDgEBBYFkIYFWcBU7gmyCCoNuhRS?= =?us-ascii?q?FP3IMgRyPMQEB?=
X-IronPort-AV: E=Sophos;i="5.60,300,1549929600"; d="scan'208";a="542157335"
Received: from alln-core-9.cisco.com ([173.36.13.129]) by rcdn-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 02 Apr 2019 13:34:50 +0000
Received: from XCH-RCD-003.cisco.com (xch-rcd-003.cisco.com [173.37.102.13]) by alln-core-9.cisco.com (8.15.2/8.15.2) with ESMTPS id x32DYoW9002486 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 2 Apr 2019 13:34:50 GMT
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by XCH-RCD-003.cisco.com (173.37.102.13) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 2 Apr 2019 08:34:49 -0500
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 2 Apr 2019 09:34:48 -0400
Received: from NAM01-BN3-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 2 Apr 2019 09:34:48 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector1-cisco-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LIJ7ceW9YK6TlEzQiRMHcqfi3+padIVzfiVACSf8JjY=; b=OjBHF1WWwmfKd+y1Qe1QnkZcxr89eoqxZIuJJC0OduSSHbkhVjeYIWf53kXL4Kcfam5v3DNEd6ipC/FN1S/SPLwq6I+FpbP4D+Qj8M4jjf1VBjyCfnS6S1HcHsbLRq3z56XvGpHzWDNti4x+Xo9JzKXVcWR2/f940U984tCpWBY=
Received: from MN2PR11MB3565.namprd11.prod.outlook.com (20.178.250.159) by MN2PR11MB4029.namprd11.prod.outlook.com (10.255.181.223) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1750.22; Tue, 2 Apr 2019 13:34:47 +0000
Received: from MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::975:4644:7891:e2b1]) by MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::975:4644:7891:e2b1%3]) with mapi id 15.20.1750.017; Tue, 2 Apr 2019 13:34:47 +0000
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: =?utf-8?B?TWFsacWhYSBWdcSNaW5pxIc=?= <malisa.vucinic@inria.fr>, "Michael Richardson" <mcr+ietf@sandelman.ca>
CC: 6tisch <6tisch@ietf.org>
Thread-Topic: [6tisch] Progress zero-touch document
Thread-Index: AQHU6VNtE8HY08QcQki/mXT6U/kPJaYo261Q
Date: Tue, 2 Apr 2019 13:34:38 +0000
Deferred-Delivery: Tue, 2 Apr 2019 13:34:24 +0000
Message-ID: <MN2PR11MB35658B0DF7F6F9B1BB98DFA7D8560@MN2PR11MB3565.namprd11.prod.outlook.com>
References: <800982CD-FCE1-48AC-A4BB-0FE249685806@inria.fr>
In-Reply-To: <800982CD-FCE1-48AC-A4BB-0FE249685806@inria.fr>
Accept-Language: fr-FR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pthubert@cisco.com;
x-originating-ip: [2001:420:44f3:1300:552f:ff32:b86:aad7]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 5a0169c6-7404-4848-b28b-08d6b76ff96f
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600139)(711020)(4605104)(2017052603328)(7193020); SRVR:MN2PR11MB4029;
x-ms-traffictypediagnostic: MN2PR11MB4029:
x-ms-exchange-purlcount: 5
x-microsoft-antispam-prvs: <MN2PR11MB4029351CDAB1F1418AB1E5D2D8560@MN2PR11MB4029.namprd11.prod.outlook.com>
x-forefront-prvs: 0995196AA2
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(376002)(346002)(396003)(136003)(39860400002)(199004)(189003)(13464003)(52054003)(6306002)(486006)(478600001)(66574012)(305945005)(6436002)(316002)(6246003)(55016002)(81156014)(76176011)(4326008)(81166006)(52536014)(8936002)(7696005)(68736007)(53936002)(14444005)(8676002)(966005)(256004)(9686003)(2906002)(6666004)(71200400001)(53546011)(25786009)(6506007)(71190400001)(102836004)(5660300002)(46003)(229853002)(7736002)(446003)(86362001)(186003)(97736004)(6116002)(110136005)(106356001)(74316002)(11346002)(99286004)(476003)(14454004)(105586002)(33656002); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB4029; H:MN2PR11MB3565.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: I9UrbEaa8UYOWXxbMfSonFrenxD+MXMdoFi+5sOtpwG6IW1gHoQQ4nskUF8y43POuyBk89/hu+MLvfaSbr+IN3oCrL6GmRZg5l1ABPYl3eUPon1Z5m3Eg1UFiEydTavF9saBCqPYJvXTblIlEf652b4UxbwI4B86OxwhBY6w4Knmgb7s3+tKMFo9nYM5A1aEO22WxbW3upJPazVUdE8vd3vdYaPu/gda0gBqhzKsz7/H6CPoSGKHn1696FVxRpapSCabVK2sLXl0pc9Lp7LFKyzvTu8zZ797uQacqENw4yb1uxhdGhQiu4rAafYFM6AvbGfpkTEJrgUBN5OXEdSV2u6w/m5uQC2SNiNaE8nUaohgnRZUHVoqxqNYQYjRYSsrsLkWi+MWJ6Q4bNUGilDM5iGZY1X5NpBpDpqwBx0evuE=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 5a0169c6-7404-4848-b28b-08d6b76ff96f
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Apr 2019 13:34:47.1752 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4029
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.13, xch-rcd-003.cisco.com
X-Outbound-Node: alln-core-9.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/6tisch/MW5Pe8PWceP62b5GIP6A-ovRen0>
Subject: Re: [6tisch] Progress zero-touch document
X-BeenThere: 6tisch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discuss link layer model for Deterministic IPv6 over the TSCH mode of IEEE 802.15.4e, and impacts on RPL and 6LoWPAN such as resource allocation" <6tisch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tisch>, <mailto:6tisch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6tisch/>
List-Post: <mailto:6tisch@ietf.org>
List-Help: <mailto:6tisch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tisch>, <mailto:6tisch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Apr 2019 13:34:55 -0000

Hello Malisa

Speaking for myself here, I'm happy that you start on that direction already; but would like to see the edhoc group formed and progressing before committing fully to it.

All the best,

Pascal

> -----Original Message-----
> From: 6tisch <6tisch-bounces@ietf.org> On Behalf Of Mališa Vucinic
> Sent: mardi 2 avril 2019 14:55
> To: Michael Richardson <mcr+ietf@sandelman.ca>
> Cc: 6tisch <6tisch@ietf.org>
> Subject: [6tisch] Progress zero-touch document
> 
> Michael, all,
> 
> With the EDHOC specification finally seeing progress (see [1]), it seems like a
> good time to restart the work on zero touch and progress the adopted working
> group document.
> 
> Reading the current version of draft-ietf-6tisch-dtsecurity-zerotouch-join-03, it
> seems that there are many options available, including the choice between
> DTLS and EDHOC for authentication. Many available options may pose
> interoperability challenges and also add unnecessary code complexity. Given
> that the working group decided on using OSCORE during network access [2], as
> well as for application purposes [3], the implementation of the 6TiSCH stack
> includes the CBOR/COSE primitives in the footprint, as well as the support to
> go through an application-layer proxy as specified in [2]. EDHOC protocol is
> built on these primitives, can be easily carried within messages specified in [2]
> for network access to go through an application-layer proxy, and is quite
> efficient when it comes to the encoding overhead using CBOR resulting in a
> small number of L2 frames to complete the key exchange. It seems as a natural
> way forward for the working group to focus on using EDHOC in [4].
> 
> Therefore, I would like to propose to keep track of the EDHOC progress and to
> work on a more streamlined zero-touch solution. Doing these changes in [4]
> seems to make the most sense at this point.
> 
> What are your thoughts on this?
> 
> Mališa
> 
> [1]
> https://mailarchive.ietf.org/arch/msg/secdispatch/Kz_6y6Jq4HsWxglsUHafWj
> XIm0c
> [2] https://datatracker.ietf.org/doc/draft-ietf-6tisch-minimal-security/
> [3] https://datatracker.ietf.org/doc/draft-ietf-6tisch-architecture/
> [4] https://datatracker.ietf.org/doc/draft-ietf-6tisch-dtsecurity-zerotouch-
> join/
> _______________________________________________
> 6tisch mailing list
> 6tisch@ietf.org
> https://www.ietf.org/mailman/listinfo/6tisch