Re: [Ace] [Secdispatch] FW: [secdir] EDHOC and Transports

Göran Selander <goran.selander@ericsson.com> Mon, 18 February 2019 17:10 UTC

Return-Path: <goran.selander@ericsson.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D6C5129A87 for <ace@ietfa.amsl.com>; Mon, 18 Feb 2019 09:10:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.322
X-Spam-Level:
X-Spam-Status: No, score=-3.322 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_EXCESS_BASE64=0.979, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com header.b=V3NgK7/g; dkim=pass (1024-bit key) header.d=ericsson.com header.b=LUsQbAZj
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PUsFZPBdmBqK for <ace@ietfa.amsl.com>; Mon, 18 Feb 2019 09:10:38 -0800 (PST)
Received: from sesbmg22.ericsson.net (sesbmg22.ericsson.net [193.180.251.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BADAE130F6A for <ace@ietf.org>; Mon, 18 Feb 2019 09:09:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/relaxed; q=dns/txt; i=@ericsson.com; t=1550509790; x=1553101790; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=Yvnv6uETaO18EsMmr08i0EcVjgQKrlnIQkCcs8cyWto=; b=V3NgK7/gmG1+Dh+zLg/mkx7LLhGUa+b+3MQ1Qs4d5HJUN8W1M30jD5QBA3cWfxi7 9PLc1ChBMXgmd/8hP47gbG0NrmoA60fNDlu1JzIhkt8pWbDyOg8b45ceAkCt9bM4 lrsnwUr7LneBV4750TB20UTvibge1oGNuBFICIOjrBM=;
X-AuditID: c1b4fb30-fabff7000000355c-ce-5c6ae6de6123
Received: from ESESSMB501.ericsson.se (Unknown_Domain [153.88.183.119]) by sesbmg22.ericsson.net (Symantec Mail Security) with SMTP id 99.E2.13660.ED6EA6C5; Mon, 18 Feb 2019 18:09:50 +0100 (CET)
Received: from ESESBMB501.ericsson.se (153.88.183.168) by ESESSMB501.ericsson.se (153.88.183.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Mon, 18 Feb 2019 18:09:50 +0100
Received: from EUR02-HE1-obe.outbound.protection.outlook.com (153.88.183.157) by ESESBMB501.ericsson.se (153.88.183.168) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3 via Frontend Transport; Mon, 18 Feb 2019 18:09:50 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Yvnv6uETaO18EsMmr08i0EcVjgQKrlnIQkCcs8cyWto=; b=LUsQbAZjLOrZcwYUstRTWcwQCzA5SwhhVGAyAoi395LDvag0Gob2e2TgwyE4lMeaoonjWcyxAY5KVjjPXpGyaNRYrwDlWSCnBlagD3k9T1a3zaHGWtCN/2CqkOtv5KHh43oE0l6YrF5WG/YBDOBUWFULzsN5O9OfeV49YEf9HVs=
Received: from HE1PR07MB4172.eurprd07.prod.outlook.com (20.176.166.25) by HE1PR07MB0956.eurprd07.prod.outlook.com (10.162.27.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1643.11; Mon, 18 Feb 2019 17:09:49 +0000
Received: from HE1PR07MB4172.eurprd07.prod.outlook.com ([fe80::68c4:9b7b:a2ad:8b5a]) by HE1PR07MB4172.eurprd07.prod.outlook.com ([fe80::68c4:9b7b:a2ad:8b5a%3]) with mapi id 15.20.1643.012; Mon, 18 Feb 2019 17:09:49 +0000
From: =?utf-8?B?R8O2cmFuIFNlbGFuZGVy?= <goran.selander@ericsson.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>
CC: "secdispatch@ietf.org" <secdispatch@ietf.org>, "ace@ietf.org" <ace@ietf.org>
Thread-Topic: [Ace] [Secdispatch] FW: [secdir] EDHOC and Transports
Thread-Index: AQHUthCDhebyfOSbN02uG8xy8Azf6aXfi4+AgAFqk4CAADIRgIADwAWAgAEV6wA=
Date: Mon, 18 Feb 2019 17:09:49 +0000
Message-ID: <3F4AC6C7-0F6A-41C7-B171-F90B6A3EB961@ericsson.com>
References: <4FA72889-F601-4255-962E-9A13E932EE21@ericsson.com> <CAL02cgTM93+ij+ottP_xR+OTvdj3S+pCKNOAAjEsj8Srt7EeYA@mail.gmail.com> <998ABFEF-7E5B-4B91-80DB-20ED43DE9A5C@ericsson.com> <CAL02cgQFyB4YOMr=hDdTVQ6Vc8LFo+RxVB9JA2EucdRK8_-wbA@mail.gmail.com> <12390.1550453705@localhost>
In-Reply-To: <12390.1550453705@localhost>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.15.0.190117
authentication-results: spf=none (sender IP is ) smtp.mailfrom=goran.selander@ericsson.com;
x-originating-ip: [192.176.1.95]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 431aa076-0f01-4aa3-e55c-08d695c3e3d9
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605104)(2017052603328)(7153060)(7193020); SRVR:HE1PR07MB0956;
x-ms-traffictypediagnostic: HE1PR07MB0956:
x-ms-exchange-purlcount: 1
x-microsoft-exchange-diagnostics: =?utf-8?B?MTtIRTFQUjA3TUIwOTU2OzIzOlVjZDZpdUFyR0hvUGcvNkkwUWZOMUtpTUdi?= =?utf-8?B?Q2p0MDU0bWRYalU2a2hzdWFQOFJkV3M4ZnVvU0hyN0VvYjN4RG5KNVlkb05C?= =?utf-8?B?WVA3U3EwY3JibVR0RnUvdm1jR1RheXdUalRmSlhGODBoODQ2WDVEOEgvMXQ5?= =?utf-8?B?WVBOY0pwZ3BrcGpOTlI4aHVweFE5UHZTWXdlYURnQXBHRFRWRjVIK2dJbEh5?= =?utf-8?B?TUZFNmpDeGhWQU1ZcjVJS2NScHVpVDJWRE9rWElyY0RybHdaM3RVY242SVg3?= =?utf-8?B?SHF6ckVNVU5xMzJ1MzJWelZlUGtnRXIva2pRRXR3MjlRZUxoa3kremxJaEtV?= =?utf-8?B?L1RhbCtzQmhHSTZlNzE3b3BidVJ5UFExdTI1aTM1TkJGa1lYdzgrZlhwMm8w?= =?utf-8?B?aU5YNXlaOE9wNkFQeU5VYnJOMlRFVXAyZWk3VUJINFEwMGR0T1lHKzA5TEdJ?= =?utf-8?B?TllYV0xtekdWQWdOOHIrRlk5WDRRWXJwSmtuUzhKV1MrWUtJZVpSZEpQWFo2?= =?utf-8?B?anpxVm9DLzNSZ0hQYkVoUWlGVXpDdmxBZmZIVEZYK1VzVHA5MUVPYXVoWnJC?= =?utf-8?B?aWpzTkh4QVBkSFdPejFROXBvd0M4UzFQbmNWUzVxZmVpdjk4YTk2N3Exem1o?= =?utf-8?B?eWZBMFFnWGw1OGVNU0FVdE5PK3JoVGpKQTk0YmExRm8rLy9KUEk5Z3NCTWlt?= =?utf-8?B?eFhEbWM4WkpmUTlteXZ1bnFlZEt6NGpHMmNTVWNYK2hVVEpFYWwzc21rTGRN?= =?utf-8?B?ZnJrQld3N25FbXZpK2p1cGl3QVVjK2pnVmpUQ3N2ZHlDbENCMUROdFNkblFR?= =?utf-8?B?NXBpVGVKMmJZQWo0TmNOeTJ0T3JKVDIyZ1Z3ZVA4eVE0UXVGSW9JM3hpeUIw?= =?utf-8?B?bGlpbjJHUGRXSitsdFM1TlpwWHBPdEhQS2ZWUXAyUkF0WjEyRzBaTUdoTXZM?= =?utf-8?B?MDR3OUpwZUNNckUrR2JTb1p4d0xCdUFOVmQzbXNZUnk5QVM5Q1pSQlVVNGtX?= =?utf-8?B?NjQrbzRuYlh4bFoyYmNsS2RLRUxOVU9KOGlJKzN6YXI3KzlTalpqN1Ard2dD?= =?utf-8?B?L3ZnZ2pQbHRjemNoK1d2RXJUckFIMDFQcW9jZFdKaWlXV2l2TzFYeXZ4elJi?= =?utf-8?B?MjN1Qi9HcTRXMU1EbkhYU3Y3emxsNWVZNHJTWXdTVTY4cUtNR2NZMzFOcnFo?= =?utf-8?B?NlA4N2lldmo4SGlzeGVRZ3Y1dFArK2ppbkpkUVQvekk5ZWM5ZmhYUlY5SFkz?= =?utf-8?B?cHdpRGYxTWtieWsvQXBqRWxvS2p4cCthV2dDaVpneHlCdUIyY0lBRVJBVTNZ?= =?utf-8?B?T01uUU04TGRacEx4NmhrVmVrUGJhZmdFbTZkek1HTXRhMk9Pc0l1TEFRazNP?= =?utf-8?B?eXZ6SlVYaGd2U3RyZC81M1crd2pObm9zWGY1Z3JteklVNk5zQi80ck1tRnZL?= =?utf-8?B?RGtPUDZjV1lpZlM0U3A4bnNVbGZrdlM5bGJ4N2VCTUplQ2pnblZxb21DVktm?= =?utf-8?B?ZUtUOEduaUFtZ3oyMmtYWklwTnJzekh2LzkwT0VVOVpwUW5ldndVbnlIc0JM?= =?utf-8?B?Z3BmK01ORHlYK1FTOXVRWDRDdFVKQ3c2QlRPRGN1RllyZjJLT1VHd0IyM2lB?= =?utf-8?B?UWFyZmovbzgyeDdmcldEcXZnM2JoaHJudkhpY2FJdXVuZ2F5YTFQQS8rRmdq?= =?utf-8?B?THZPTThEeDNKOEdkSWt5OHlKSzRYL1ZMcEpUaFFHaW4ya3IxK1dVRjZadlh3?= =?utf-8?B?M1EzellZTHYxYVY3K0tSWFNlYkFOa29HSzRSYWpTWTV4T0xsazB1Rm5rN0RR?= =?utf-8?B?RVk3YTEybXkwWUlBdW1odnk4NisxMUpSVDM1SmR2SFBBK3RNQUpGTGZiZWxK?= =?utf-8?Q?inUKYk1reCw=3D?=
x-microsoft-antispam-prvs: <HE1PR07MB0956EB3743AB733F8E0D90B4F4630@HE1PR07MB0956.eurprd07.prod.outlook.com>
x-forefront-prvs: 09525C61DB
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(366004)(376002)(39860400002)(396003)(346002)(189003)(199004)(478600001)(5660300002)(105586002)(486006)(2616005)(58126008)(6306002)(446003)(966005)(82746002)(25786009)(7736002)(305945005)(106356001)(85202003)(81156014)(81166006)(6512007)(8676002)(66574012)(2906002)(476003)(11346002)(4744005)(6436002)(229853002)(6246003)(36756003)(6486002)(102836004)(6116002)(76176011)(3846002)(186003)(99286004)(26005)(83716004)(71200400001)(71190400001)(8936002)(68736007)(14454004)(85182001)(86362001)(53936002)(4326008)(54906003)(256004)(33656002)(66066001)(6506007)(316002)(97736004)(93886005); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR07MB0956; H:HE1PR07MB4172.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: RA4JylvBZSpTjTHIXd9rnGxZ9X6Ps1W25FW8sqnOFzSCeFRoWpWRa81GLcgiCOHpLAzgLd7jhzxz2LgBJnyfbGVuMwRpQMwHdYIgK/8FP0O4vxtePO1Gv+dYyxY87+siiMGXSiVfX7E3L6EBMgCKhUwSFAlqKyh5sX7lm058r1AAcBA/mxHDAPWJFlfIrfAdlRTommRs3qMqk6fWbftwoEjXpI0XPTvtJbM66lfQlCofx3IlFwJs7WUQcgfct34/x9EWebUBNwY8aAVYOJL0+lUAKclDqZ0lfgi87sLbuzgWz+o48Wz62r5pcw9At1PAKOzcy0Ot5HgoZDo/lf9djyOafv6r8EN+fR+3e8P1fSukm0MG4/8BnLxlbVOKd0Yv4TqSswbhlzhGcKaLYsVXtKZBQB4wOZbiAY0Zt8oEbeM=
Content-Type: text/plain; charset="utf-8"
Content-ID: <B1F80F6CED88274C893C973AC55866D5@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 431aa076-0f01-4aa3-e55c-08d695c3e3d9
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Feb 2019 17:09:49.1501 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB0956
X-OriginatorOrg: ericsson.com
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprMKsWRmVeSWpSXmKPExsUyM2J7ue69Z1kxBucmalh8/9bDbNFzqJ/d Ys2166wOzB5Llvxk8miZs4c5gCmKyyYlNSezLLVI3y6BK+PRv59MBbu4K369dmlgnMLdxcjJ ISFgItG+ehlTFyMXh5DAEUaJBac+MkM43xglbvy5yALhLGGSuHFiMyuIwyIwgVli/csuNpB+ IYFJTBLzGmsgqh4xSrT938gIkmATcJF40PCICcQWEdCTWH7kGVicWSBI4n7LPWYQW1jASeLG +5nMEDXOEgca/kDZfhI3Ts4CWsABtE1V4nOLBUiYV8BeonViB9RFi5gkvrw4wwKS4BTQlNi5 5wDYQYwCYhLfT61hgtglLnHryXwmiEcFJJbsOc8MYYtKvHz8jxXEFhXQl/i9/DQLRG+cRNO6 BjaIGgWJzgNvoHplJS7N72YEuUdCwFdi61dlkBskBG4ySux9chWqXkuir2stC4QtJXHi4lFW iKKLQhITDx2HWpwt0XVyATPEIBmJHZ/MJzAazEJy6iygDDPQO+t36UOEPSR+dU9ihbAVJaZ0 P2SfBQ4KQYmTM5+wLGBkXcUoWpxanJSbbmSkl1qUmVxcnJ+nl5dasokRmFQObvltsIPx5XPH Q4wCHIxKPLznrmXFCLEmlhVX5h5ilOBgVhLhPXYDKMSbklhZlVqUH19UmpNafIhRmoNFSZz3 j5BgjJBAemJJanZqakFqEUyWiYNTqoExxHtqDvvi/1edPKY+TjIVlc6N6Xtn+GvJwpu9l60k o3c5Mp1n+fS47YDH4rsh2xy7RT/ON0mdaTk/4rx4At8RM6uUMpvOXU9NLjGsyDycWl205p/q 7nbmfFeP9J8OFhumHD7c3/GKvWl6G3/vRq7p/1YWiavy2a4OTJY3rJ7ipxu6sDN9wSwlluKM REMt5qLiRACQTHxIJgMAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/AlylDvG4mNwLyAslBmB3F5nAvqA>
Subject: Re: [Ace] [Secdispatch] FW: [secdir] EDHOC and Transports
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Feb 2019 17:10:41 -0000

Hi Michael,

On 2019-02-18, 02:35, "Ace on behalf of Michael Richardson" <ace-bounces@ietf.org on behalf of mcr+ietf@sandelman.ca> wrote:

    Richard Barnes <rlb@ipv.sx> wrote:
        > Finally, to be totally honest, I find the EDHOC spec pretty inscrutable. A
        > little more prose to explain what's going on would go a long way toward
        > helping this discussion be productive.
    
    Sure.
    Find a WG to adopt it, and we can make the text beautiful.

I believe this is what the SecDispatch chairs are considering. I know of others sharing your impatience too.

    The packets are all there, and the references pretty much explain all the crypto.
    This stuff is not any newer than IKEv2.
   
EDHOC is neither TLS 1.3 nor IKEv2. The similarity with other AKEs comes from being based on same SIGMA protocol. Current version of EDHOC is based on Sigma-I, but the Sigma-R version discussed in a parallel thread is similar to IKEv2:
https://mailarchive.ietf.org/arch/msg/ace/ZDHYEhvI0PenU6nGrhGlULIz0oQ


Göran