[Ace] 4. Security modes (Re: Open Issues)
Carsten Bormann <cabo@tzi.org> Fri, 17 January 2014 08:48 UTC
Return-Path: <cabo@tzi.org>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 82FDF1AD0EA for <ace@ietfa.amsl.com>; Fri, 17 Jan 2014 00:48:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.551
X-Spam-Level:
X-Spam-Status: No, score=-1.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, SPF_HELO_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Zxux2eTK5cNI for <ace@ietfa.amsl.com>; Fri, 17 Jan 2014 00:48:56 -0800 (PST)
Received: from informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) by ietfa.amsl.com (Postfix) with ESMTP id 7CDDF1ACCFA for <ace@ietf.org>; Fri, 17 Jan 2014 00:48:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de
Received: from smtp-fb3.informatik.uni-bremen.de (smtp-fb3.informatik.uni-bremen.de [134.102.224.120]) by informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id s0H8mgc5006460 for <ace@ietf.org>; Fri, 17 Jan 2014 09:48:42 +0100 (CET)
Received: from [172.20.10.3] (ip-109-47-3-18.web.vodafone.de [109.47.3.18]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by smtp-fb3.informatik.uni-bremen.de (Postfix) with ESMTPSA id BE39FDC7; Fri, 17 Jan 2014 09:48:40 +0100 (CET)
Mime-Version: 1.0 (Mac OS X Mail 7.1 \(1827\))
Content-Type: text/plain; charset="windows-1252"
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <52D80D48.3090805@tzi.de>
Date: Fri, 17 Jan 2014 09:48:36 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <ED142857-F784-4292-8DBB-AF09BE9E0F32@tzi.org>
References: <52D7FA4C.701@tzi.de> <52D7FF29.70103@sics.se> <52D80D48.3090805@tzi.de>
To: Stefanie Gerdes <gerdes@tzi.de>
X-Mailer: Apple Mail (2.1827)
Cc: ace@ietf.org
Subject: [Ace] 4. Security modes (Re: Open Issues)
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Jan 2014 08:48:58 -0000
On 16 Jan 2014, at 17:48, Stefanie Gerdes <gerdes@tzi.de> wrote: >>> 4. Security modes for CoAP >>> (http://www.ietf.org/mail-archive/web/ace/current/msg00104.html). Is it >>> in the scope of ACE to define security modes for CoAP? >> >> I'm obviously biased here, since it's the title of my draft. My main >> argument for including this is that the security modes are the first >> authorization step. What you do is to authorize the client to establish >> a DTLS connection in the first place. >> > > I think it is interesting to think about the various possible solutions > for authenticating the authorization information such as symmetric and > asymmetric key approaches or even object security. I am not sure, > however, if we need new security modes for CoAP for that. Don't we just > need to define how we use the existing ones? I think that’s mostly a matter of “semantics” (understanding of terms). Some people read the section 9 about security modes in the CoAP spec and derive a very literal understanding of what these security modes are. Some others read them as building blocks. The first group would think they are defining new security modes when the second group thinks they are applying the existing security modes in scenarios that are more complex than those used to explain the modes in the spec. There is, of course, a big difference between NoSec and the other modes. What the other modes materially differ in is what TLS cipher suite was used to set up the DTLS connection and what the keying materials used for setting them up can be used for. The two PK modes (RPK and cert) also have a key that can be used as an identity of the server (the text doesn’t discuss whether you have to use the same kind in both directions or you have to use a client key at all). Since a device can have multiple such identities, CoAP suggests using SNI, so a device with multiple public keys also needs a hostname-like name (or anything that can be put in a RFC 6066 ServerName). The CoAP modes do not say what the authorization implication of these keys/identities are or how they are used in an authorization protocol. draft-seitz-core-security-modes adds some ways to use them and calls them additional CoAP modes. This terminology may confuse some who think we are extending TLS with fundamentally new cipher suites. It may also be more useful to define the entire authorization protocol instead of just the “CoAP mode” aspect of it. Grüße, Carsten
- [Ace] Open Issues Stefanie Gerdes
- Re: [Ace] Open Issues Ludwig Seitz
- Re: [Ace] Open Issues Corinna Schmitt
- Re: [Ace] Open Issues Göran Selander
- Re: [Ace] Open Issues Stefanie Gerdes
- Re: [Ace] Open Issues Bert Greevenbosch
- Re: [Ace] Open Issues Göran Selander
- Re: [Ace] Open Issues Ludwig Seitz
- [Ace] 4. Security modes (Re: Open Issues) Carsten Bormann
- Re: [Ace] 4. Security modes (Re: Open Issues) Ludwig Seitz
- Re: [Ace] Open Issues Likepeng