[6tisch] Fwd: Protocol Action: 'Constrained Join Protocol (CoJP) for 6TiSCH' to Proposed Standard (draft-ietf-6tisch-minimal-security-15.txt)

"Pascal Thubert (pthubert)" <pthubert@cisco.com> Wed, 11 December 2019 21:28 UTC

Return-Path: <pthubert@cisco.com>
X-Original-To: 6tisch@ietfa.amsl.com
Delivered-To: 6tisch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 80E6612010F for <6tisch@ietfa.amsl.com>; Wed, 11 Dec 2019 13:28:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.499
X-Spam-Level:
X-Spam-Status: No, score=-14.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=PGlHMvWA; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=K1mr8jVH
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z3gZo5u5eULY for <6tisch@ietfa.amsl.com>; Wed, 11 Dec 2019 13:28:29 -0800 (PST)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F25C12004C for <6tisch@ietf.org>; Wed, 11 Dec 2019 13:28:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=11167; q=dns/txt; s=iport; t=1576099709; x=1577309309; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=Sk7iqYvX4vHCu3DmuEMYZdkNMcrkccf5DrWi5guPUcc=; b=PGlHMvWArTHhKwuhx4CE8g3+3rIkxru06IP5I685dTyB7jMIz49VWaHy uxaqDBxRwMKk7Xln8aw1SB4B2m5fzQuU2Cq/dpuLFd2d8wocs0qaGXPe6 I21EXrvg5pqE/v8vgctiG8kXLL1sl0a3oSFLelX/Lvdl4/zTZY9L7P7PA k=;
IronPort-PHdr: 9a23:3IRtOBdPf+PPIpn/AwRiSZ5plGMj4e+mNxMJ6pchl7NFe7ii+JKnJkHE+PFxlwGQD57D5adCjOzb++D7VGoM7IzJkUhKcYcEFnpnwd4TgxRmBceEDUPhK/u/dzA6Ac5PTkNN9HCgOk8TE8H7NBXf
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0DVCQCxXvFd/5hdJa1lHAEBAQEBBwEBEQEEBAEBgX6BS1AFbFggBAsqg0NAg0YDiwpOgWwlkySEYoFCgRADVAkBAQEMAQEjCgIBAYRAAheBbiQ4EwIDDQEBBAEBAQIBBQRthTcBC4VfAgEDDAYRHQEBOA8CAQYWJwcCAgIwGwoCBBMigwABgXlNAy4BAgySUJBkAoE4iGF1gTKCfgEBBYE1ARNBgnoYghcDBoE2gRKLBhqBQT+BEScMFIJMPoJkAgECAYEjHAEBCC0JgnAygiyQLYVUmG4Kgi+HJI5SG5pAjkqISZFvAgQCBAUCDgEBBYFpIoFYcBVlAYJBUBEUjGY4gzuFFIU/dAEBCoEci0qCMgEB
X-IronPort-AV: E=Sophos;i="5.69,303,1571702400"; d="scan'208,217";a="685314778"
Received: from rcdn-core-1.cisco.com ([173.37.93.152]) by rcdn-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 11 Dec 2019 21:28:26 +0000
Received: from XCH-RCD-001.cisco.com (xch-rcd-001.cisco.com [173.37.102.11]) by rcdn-core-1.cisco.com (8.15.2/8.15.2) with ESMTPS id xBBLSPDB011328 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL) for <6tisch@ietf.org>; Wed, 11 Dec 2019 21:28:26 GMT
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by XCH-RCD-001.cisco.com (173.37.102.11) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 11 Dec 2019 15:28:25 -0600
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 11 Dec 2019 15:28:25 -0600
Received: from NAM04-CO1-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Wed, 11 Dec 2019 15:28:24 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MYouc0Hx+PPsZRvquG1YJX/PncUzfD8RznGoNlP+H5AlUgF83BUDWcYpCBIf3MPTVSgAZZhjxLmQqF3KNjlWkJlEywj+BMmSpeVL7d9BMT8tPukfa7OX5klyAimQSWWwjXT4xxeGU5BvsN8TVZWL6HSio+BB91TSVpnL6nIBueJvPzBzlDibPnVDtsiOGV5pH3PVYAL53Xo1EuCavqYb6Agny3l1hvAoCnRMFqGbiS0F2RHhJ70gyT1isdUvo8nzFH52/Z74bRUS2PbeBNCavhq57okKD7OjlVTuGysTX1oQ/lBBrAj+6qXn/em/9C6N9VJN3oLmt0107QmnWXTkeA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Sk7iqYvX4vHCu3DmuEMYZdkNMcrkccf5DrWi5guPUcc=; b=fSjCc2N1VHgeGpu1EyAoIW1lM4Dw/ykkJDwG+NFnrGomUmFHx4aFl0MbA+2w9/4kIx56YzUISisUcM2PqsWycm8Gol2aHWkGlVODO+jX8Zdt18UFizsRtKftTa9ulXLYdANi331vAInmjMajeUm+zBdJ2oAd891F5XkBRPDDua5QFfGinKN6ptXw7tduNy1Y/q/AnnQ7het82LEovTPQwgv+L+hQVOzPTDiEx/UKvSLdu3GdmYpUdENM3KbK4qeBhElYEiDGrXI3X17unkjQYa32KV5yymEhPhkd3X2+ncRXmiL1CV2VnX2TxPbk41sxcnkVW8s1JUJjxTTojkhQwA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Sk7iqYvX4vHCu3DmuEMYZdkNMcrkccf5DrWi5guPUcc=; b=K1mr8jVHR6y8z52CiHbfNMwk2w+83t20t5rsPaJvOLmmpeh8MAJXRuVLjEL9IN5SIhkDrSJw6DmPF9HxGzxHJ5qAG5sZMx5+zKjsfKnXOgVJZwvN8Wm0fQnWjI8OiP2TU9gcHkBAWhdkIzzh66Ai68UCmOHU3EwI8u6yeMdpoeU=
Received: from MN2PR11MB3565.namprd11.prod.outlook.com (20.178.250.159) by MN2PR11MB4160.namprd11.prod.outlook.com (20.179.151.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2516.14; Wed, 11 Dec 2019 21:28:24 +0000
Received: from MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::3037:66f1:dc79:b564]) by MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::3037:66f1:dc79:b564%7]) with mapi id 15.20.2538.016; Wed, 11 Dec 2019 21:28:24 +0000
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: "6tisch@ietf.org" <6tisch@ietf.org>
Thread-Topic: Protocol Action: 'Constrained Join Protocol (CoJP) for 6TiSCH' to Proposed Standard (draft-ietf-6tisch-minimal-security-15.txt)
Thread-Index: AQHVsF7xcz5joybB40CThciUU1St9ae1cxfZ
Date: Wed, 11 Dec 2019 21:28:23 +0000
Message-ID: <26372EE1-5FE6-4144-A26B-59D2C54D791E@cisco.com>
References: <157609493643.11559.3451007525505859417.idtracker@ietfa.amsl.com>
In-Reply-To: <157609493643.11559.3451007525505859417.idtracker@ietfa.amsl.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pthubert@cisco.com;
x-originating-ip: [2a01:cb1d:4df:6600:34d4:d763:50f4:155]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 494a06a3-e440-4d06-39f6-08d77e810d9a
x-ms-traffictypediagnostic: MN2PR11MB4160:
x-microsoft-antispam-prvs: <MN2PR11MB416070D338B40BC1A42A9B9AD85A0@MN2PR11MB4160.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 024847EE92
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(396003)(346002)(366004)(39860400002)(136003)(199004)(189003)(6512007)(2616005)(316002)(6916009)(5660300002)(966005)(6486002)(81166006)(8936002)(8676002)(81156014)(2906002)(478600001)(91956017)(66476007)(66446008)(36756003)(66556008)(66946007)(6506007)(15650500001)(86362001)(64756008)(186003)(33656002)(76116006)(71200400001)(66574012)(244885003); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB4160; H:MN2PR11MB3565.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: IADA7sxY3TUfrMfKqLQuiYqJoQUHP/NdXpHfrFZWRA0x7DbST4RUr7xG67Jb5sZnSdmBGDFKiHJ0nrjAk3hwu7ehc2Sp8/o/BJl8KAlNXbkMBd0GDgG/s2QXbZKXf2GBamWE4CGi03pbciHzb+hRGFaWBskLJ1SAE8B4BNWbx4A4sLJNurNOM1+MZ+lXIIADjtrFyRkUrUqGs++6YgzXBvQsTfEygK4d4HGwnHZpuyT7y3VllvpkkfFRrJZPWobE5VGPrXpbZb6Zbb+5mE6GXu6ZCccMl30lG+7JTDNWDCCVzO0fTmnbiXQeJHV68O3+kXCYhwBwPSPm/jM5ybzraNNriTNd43n1yK6y4yDFSc4ubJHA6dMhTmjAkwVFp/IpbfIq3K6HuHYidB2eKtJz9JAEUFKfI+yKU1xYc93mkhArnlZjV9v3Gv8dc6EQURPxHtxq9pkx3ICxf6BlAn6m/ASmGV/XudZBaNX6RTJSPuZuRVGDQQp5yeF3epQh0YsbJEOKkiybFX/stKIl4H+vmXSqt30KuCUFgJOTmWOMG0M=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_26372EE15FE64144A26B59D2C54D791Eciscocom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 494a06a3-e440-4d06-39f6-08d77e810d9a
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Dec 2019 21:28:23.8197 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: IkFqTFXvKqlqY4B8gXt/hqPIyMDE0uJMphqw1r9VVgOkLq6PwcmIhzTAsqBVYb5oiz3o1FIaStazIU0RMGIhHQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4160
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.11, xch-rcd-001.cisco.com
X-Outbound-Node: rcdn-core-1.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/6tisch/UsdZJttQs7gfdFpsu596Pa9fk6o>
Subject: [6tisch] Fwd: Protocol Action: 'Constrained Join Protocol (CoJP) for 6TiSCH' to Proposed Standard (draft-ietf-6tisch-minimal-security-15.txt)
X-BeenThere: 6tisch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discuss link layer model for Deterministic IPv6 over the TSCH mode of IEEE 802.15.4e, and impacts on RPL and 6LoWPAN such as resource allocation" <6tisch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tisch>, <mailto:6tisch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6tisch/>
List-Post: <mailto:6tisch@ietf.org>
List-Help: <mailto:6tisch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tisch>, <mailto:6tisch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Dec 2019 21:28:31 -0000

Malisa and all: great work and congrats!!!

Pascal

Début du message transféré :

Expéditeur: The IESG <iesg-secretary@ietf.org>
Date: 11 décembre 2019 à 21:09:50 UTC+1
Destinataire: IETF-Announce <ietf-announce@ietf.org>
Cc: The IESG <iesg@ietf.org>, "Pascal Thubert (pthubert)" <pthubert@cisco.com>, "Pascal Thubert (pthubert)" <pthubert@cisco.com>, "6tisch-chairs@ietf.org" <6tisch-chairs@ietf.org>, "6tisch@ietf.org" <6tisch@ietf.org>, "draft-ietf-6tisch-minimal-security@ietf.org" <draft-ietf-6tisch-minimal-security@ietf.org>, "suresh@kaloom.com" <suresh@kaloom.com>, "rfc-editor@rfc-editor.org" <rfc-editor@rfc-editor.org>
Objet: Protocol Action: 'Constrained Join Protocol (CoJP) for 6TiSCH' to Proposed Standard (draft-ietf-6tisch-minimal-security-15.txt)

The IESG has approved the following document:
- 'Constrained Join Protocol (CoJP) for 6TiSCH'
 (draft-ietf-6tisch-minimal-security-15.txt) as Proposed Standard

This document is the product of the IPv6 over the TSCH mode of IEEE 802.15.4e
Working Group.

The IESG contact persons are Éric Vyncke and Suresh Krishnan.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-6tisch-minimal-security/





Technical Summary

  This document describes a new Constrained Join Protocol (CoJP) and the
  associated framework required for a new device, called "pledge", to
  securely join a 6TiSCH network by leveraging a central server, the JRC.
  The framework requires that the pledge and the JRC share a symmetric key
  before the join process starts (pre-shared key). How this key is
  provisioned is out of scope of this document.

  Through a single CoAP request-response exchange secured by OSCORE, the
  pledge requests admission into the network and the JRC configures it
  with link-layer keying material and other parameters.

  Join Request and Join Response messages defined for this purpose are to
  be used as a generic transport based on CoAP for AKE messages between
  the pledge and the JRC, through a Join Proxy. This enables bidirectional
  communication of the pledge and the JRC, triggered by the pledge.

  What AKE transports within those messages is not very relevant,
  be it PSK, RPK or cert-authenticated DH. Once AKE completes and a
  shared secret is in place at the pledge and the JRC, the join exchange
  from this draft can take place, secured with OSCORE keys derived from
  the shared secret.

Working Group Summary

  There was a controversy on OSCORE that this draft uses. OSCORE is now
  approved by IESG. The draft does not have a dependency on EDHOC.
  The chairs launched a second shorted WGLC after IETF 103.
  More in https://www.mail-archive.com/6tisch@ietf.org/msg02875.html.
  Issues raised by Göran Selander are now solved in -10
  More in https://www.mail-archive.com/6tisch@ietf.org/msg02973.html

Document Quality

 The protocol is implemented in OpenWSN.

Personnel

 Pascal Thubert is the Document Shepherd. Suresh Krishnan is the Responsible Area Director.