IETF Logo Mail Archive

Re: [Ace] Adoption of Low Latency Group Communication Security Work in ACE

Ludwig Seitz <ludwig@sics.se> Thu, 21 July 2016 09:29 UTC

Return-Path: <ludwig@sics.se>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1FC8D12D12D for <ace@ietfa.amsl.com>; Thu, 21 Jul 2016 02:29:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sics-se.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fIUvjvgJYjhX for <ace@ietfa.amsl.com>; Thu, 21 Jul 2016 02:29:44 -0700 (PDT)
Received: from mail-wm0-x22d.google.com (mail-wm0-x22d.google.com [IPv6:2a00:1450:400c:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D976512B004 for <ace@ietf.org>; Thu, 21 Jul 2016 02:29:43 -0700 (PDT)
Received: by mail-wm0-x22d.google.com with SMTP id q128so15402554wma.1 for <ace@ietf.org>; Thu, 21 Jul 2016 02:29:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sics-se.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to; bh=/MF1UvdocV5JwsccNfYhPcwIKO/HPH08dBIm9z68HYM=; b=mfxWpxP6kvTHZyBfGLZV3oqMaGF5p8fmG7V8Td8xf/Ybnt8xJNsvtnba/VWKJJmunx n2+a4wWvYV+2BdDN5telwj8VTzaBOlYqrT7a5id339C1ffXccWh1QfitzQIpb30QUOkn tTGfteZ0NnlCY+arjWhexPciMfw2F7zVmD7o/3b2xMayoc1eOo5+UPg3JU10les6qxaD skzojw7HLmP3wkl6cW2yS3l+Lg9nTg88qQLoK9ZQywmE4wC1cc8ppNWibTJoe7C7UPVb SIZXpF2mVLQ4q4yS1cZS0u7N8HjYsd3gyeW2eTv/sLNsWPvsEuRvIlCaUqekgAn4HYWI XaUQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to; bh=/MF1UvdocV5JwsccNfYhPcwIKO/HPH08dBIm9z68HYM=; b=LLC7x7dijhUkP7iSi9zcAupSG0mp1p711dV4SkBuK6AdnRLt7Z7BzpEi0a0wFXBwf0 IATj8/yTMQjKeUQPZWdPtZPvfBcpq86Yd2mXp6CyIhQj09If1N306ow8dB+5YcSZTOiD abSwKZH/11yaGPpFPg7jG8GGUn6fiwz4nWG4bOGOjuRpcFWbzO6b8blJxW9DI4J+ybxC 7rVsU5slp/InmNSRL+wFJPoyodBjvyCO6toV6dk5LzoX2+DgyuKFUGarabqcSWxiRX6P xVaYEC2RVuOQ7DVH0xUnu8OgTHreSaY0TLUTjIBljrUePDp8dWYYhzToE5qTFrbqaecc H0Bg==
X-Gm-Message-State: ALyK8tL1akqDKsJGtNmpkCEOCCeO4Rc/yMGlTen8lvi8O4m7fADrGxdxc/q+w+y2AGL+PvnW
X-Received: by 10.28.63.8 with SMTP id m8mr17020016wma.88.1469093382219; Thu, 21 Jul 2016 02:29:42 -0700 (PDT)
Received: from ?IPv6:2001:67c:370:160:4d2a:de06:a61e:cc49? ([2001:67c:370:160:4d2a:de06:a61e:cc49]) by smtp.gmail.com with ESMTPSA id d62sm2506360wmd.7.2016.07.21.02.29.41 for <ace@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 21 Jul 2016 02:29:41 -0700 (PDT)
To: ace@ietf.org
References: <578F4D59.8050005@gmx.net> <5E393DF26B791A428E5F003BB6C5342AB3716D64@OC11EXPO33.exchange.mit.edu> <23666.1469091857@obiwan.sandelman.ca>
From: Ludwig Seitz <ludwig@sics.se>
Message-ID: <95b0103c-ba2d-6cd8-6241-228df46e530b@sics.se>
Date: Thu, 21 Jul 2016 11:29:41 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <23666.1469091857@obiwan.sandelman.ca>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms050300000606080808030204"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/DRHUzlwub0cBIOUJfFhurhgWF6E>
Subject: Re: [Ace] Adoption of Low Latency Group Communication Security Work in ACE
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Jul 2016 09:29:46 -0000

On 2016-07-21 11:04, Michael Richardson wrote:
>
> Why will ACE succeed when DICE failed?
> Does ACE now have some knowledge or mechanism that DICE couldn't have created
> because it was out of scope?
>

ACE is (also) about authorization, which DICE wasn't. A compromised 
lightbulb might well have the possibility to talk to a door lock (using 
it's group key), but it would lack the authorization to do anything with 
the lock.

IMHO that's what ACE add that DICE didn't have (and wasn't chartered to 
have).

/Ludwig


-- 
Ludwig Seitz, PhD
SICS Swedish ICT AB
Ideon Science Park
Building Beta 2
Scheelevägen 17
SE-223 70 Lund

Phone +46(0)70-349 92 51
http://www.sics.se

v2.39.1 | Report a Bug | By Email | System Status