Re: [Ace] draft-friel-tls-atls-02
"Owen Friel (ofriel)" <ofriel@cisco.com> Tue, 12 March 2019 15:54 UTC
Return-Path: <ofriel@cisco.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A0A2124B91; Tue, 12 Mar 2019 08:54:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tza4c7Jj5wq3; Tue, 12 Mar 2019 08:54:05 -0700 (PDT)
Received: from alln-iport-2.cisco.com (alln-iport-2.cisco.com [173.37.142.89]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B304B1200B3; Tue, 12 Mar 2019 08:54:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=7107; q=dns/txt; s=iport; t=1552406045; x=1553615645; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=qZX8rUFv9XAelA1xsVWMIJwziqmuUlYLvbQmSb4Svjc=; b=KcdzWaYhucaI7n0zw+JDoMyGwkMTTZn03IUQZpAX8z0g1lGuMc6oJ2zW BpzU5GvEHHwifA6NiBASK6THp62C2pFYMkIlYCjiAOzUp2yqx+nPiPzvD dxaQEVLnxvo873t4kPeIsHacExJAXWPtoGrYK1kfpq1Y0z8313rDR3rQ6 E=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ADAACX1Ydc/5RdJa1kGQEBAQEBAQEBAQEBAQcBAQEBAQGBUQQBAQEBAQsBgQ1TBSpogQMnCowajUWSNoV1FIFnCwEBI4RJAoQ5IjQJDQEBAwEBCQEDAm0cDIVKAQEBBC1DCRACAQgRBAEBLzIdCAEBBAENBQiDG4ERZA+yAIQ0AoYDBYEvAYoOgR4XgUA/JmuDEoMeAQEDgSsBEgEtKoUpA4oChlaTVgkCh1OHP4N5IYF5KYU9i12KeoEThFeMaQIRFYEoHzhlcXAVgyeDLQECh1yFP0ExjwGBH4EfAQE
X-IronPort-AV: E=Sophos;i="5.58,471,1544486400"; d="scan'208,217";a="244391686"
Received: from rcdn-core-12.cisco.com ([173.37.93.148]) by alln-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 12 Mar 2019 15:54:04 +0000
Received: from XCH-RCD-013.cisco.com (xch-rcd-013.cisco.com [173.37.102.23]) by rcdn-core-12.cisco.com (8.15.2/8.15.2) with ESMTPS id x2CFs45h015323 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 12 Mar 2019 15:54:04 GMT
Received: from xch-rcd-012.cisco.com (173.37.102.22) by XCH-RCD-013.cisco.com (173.37.102.23) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 12 Mar 2019 10:54:03 -0500
Received: from xch-rcd-012.cisco.com ([173.37.102.22]) by XCH-RCD-012.cisco.com ([173.37.102.22]) with mapi id 15.00.1473.003; Tue, 12 Mar 2019 10:54:04 -0500
From: "Owen Friel (ofriel)" <ofriel@cisco.com>
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, "atlas@ietf.org" <atlas@ietf.org>
CC: "secdispatch@ietf.org" <secdispatch@ietf.org>, "ace@ietf.org" <ace@ietf.org>
Thread-Topic: draft-friel-tls-atls-02
Thread-Index: AdTYxOeLIgAmGEMdRQyFONoF0KW1wwAJWMjw
Date: Tue, 12 Mar 2019 15:54:04 +0000
Message-ID: <e600597ce81b47019f2733b21a3843a8@XCH-RCD-012.cisco.com>
References: <VI1PR0801MB2112453F8C6BE320DC407BD3FA490@VI1PR0801MB2112.eurprd08.prod.outlook.com>
In-Reply-To: <VI1PR0801MB2112453F8C6BE320DC407BD3FA490@VI1PR0801MB2112.eurprd08.prod.outlook.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.230.20.234]
Content-Type: multipart/alternative; boundary="_000_e600597ce81b47019f2733b21a3843a8XCHRCD012ciscocom_"
MIME-Version: 1.0
X-Outbound-SMTP-Client: 173.37.102.23, xch-rcd-013.cisco.com
X-Outbound-Node: rcdn-core-12.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/BY7jlMv_4HsqbUrn8pXSzgXromY>
Subject: Re: [Ace] draft-friel-tls-atls-02
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Mar 2019 15:54:08 -0000
cc: secdispatch and ace as this is related to the ongoing cTLS and EDHOC discussions. From: Hannes Tschofenig <Hannes.Tschofenig@arm.com> Sent: 12 March 2019 11:22 To: atlas@ietf.org Cc: Owen Friel (ofriel) <ofriel@cisco.com> Subject: draft-friel-tls-atls-02 Hi all, We submitted an update of the ATLS draft, which now contains text about conveying the TLS handshake over CoAP. This part was missing in -01. This new version also supports establishment of OSCORE security contexts based on the TLS/DTLS handshake. While this is still a bit experimental it was something that was suggested to use in the IETF. We are looking forward to see how this document plays out in context of https://tools.ietf.org/html/draft-schaad-ace-tls-cbor-handshake-00 and https://tools.ietf.org/html/draft-rescorla-tls-ctls-01. Unlike regular TLS usage where there are limits to what can be done to the TLS record layer and the TLS handshake thanks to existing middleboxes the use of ATLS makes these optimizations possible. Ciao Hannes IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
- Re: [Ace] draft-friel-tls-atls-02 Owen Friel (ofriel)