Re: [Ace] Comments on draft-tiloca-ace-oscoap-joining
Jim Schaad <ietf@augustcellars.com> Fri, 20 October 2017 16:51 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B3C01342F0; Fri, 20 Oct 2017 09:51:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=augustcellars.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Vb9qQ5qR5x_9; Fri, 20 Oct 2017 09:51:53 -0700 (PDT)
Received: from mail4.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 56FD31321BB; Fri, 20 Oct 2017 09:51:53 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Language: en-us
DKIM-Signature: v=1; a=rsa-sha256; d=augustcellars.com; s=winery; c=simple/simple; t=1508518309; h=from:subject:to:date:message-id; bh=K/b+9wWUsMOtdOJORYzHd07nBHQoW5xa+eLCtE2Nsi0=; b=UcS361nXDFS8HwLzCkZ7l/KXITZ8qWCfpZg1OuiUtJiynB4G5REMadEV24YGZ2JuV9v7S9U3Loa OBiuiw34Y9H5pC2kAxamOplhFm/jyrgvm6VihHNBYDaxdI9NfjvrCspmtcXfN0CmOJzQl9QJcylc4 VTT3xb9pYBCfhKHVaJTLM+JE86zpHmefPAQL45UtqQcLq3qJucdL9a9pB3hD/VM6b1cEbLvjGOr+x RB7umXr2QxqFYoNos9+OlJ19a4MjHRcpZbxY+8O7+/vJcduWa51W3WRfTx92XzAzhdMNIuYMzTDj2 qW5nBBCIedsZOoHspBQZlYn8A9oTe93ZSKlg==
Received: from mail2.augustcellars.com (192.168.1.201) by mail4.augustcellars.com (192.168.1.153) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Fri, 20 Oct 2017 09:51:48 -0700
Received: from Hebrews (192.168.1.162) by mail2.augustcellars.com (192.168.1.201) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Fri, 20 Oct 2017 09:50:30 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: 'Francesca Palombini' <francesca.palombini@ericsson.com>, draft-tiloca-ace-oscoap-joining@ietf.org, draft-palombini-ace-coap-pubsub-profile@ietf.org
CC: ace@ietf.org
References: <00d401d34966$1c9d0260$55d70720$@augustcellars.com> <HE1PR07MB15299B23E446FE9EAE7661D798430@HE1PR07MB1529.eurprd07.prod.outlook.com>
In-Reply-To: <HE1PR07MB15299B23E446FE9EAE7661D798430@HE1PR07MB1529.eurprd07.prod.outlook.com>
Date: Fri, 20 Oct 2017 09:51:22 -0700
Message-ID: <010401d349c3$aabe3980$003aac80$@augustcellars.com>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQJPKWYWWFxnPPkEUpBv4LHAZyWK4wMfwMs8odwzB4A=
X-Originating-IP: [192.168.1.162]
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/FUzoYKpZRzy-AWeWbLxMe2mZud8>
Subject: Re: [Ace] Comments on draft-tiloca-ace-oscoap-joining
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Oct 2017 16:51:55 -0000
Francesca, My first concern is that the messages being send around to do the group communication setup should be, if not identical, highly coordinated in how they are formatted. I don't really want two different sets of messages. I understand, and indeed noted, that the current model of how they are using the authentication structure is different. However, I believe that I could easily map things so that the structures are going to be the same. Consider the following change of the join picture. Kill the current AS entity from the system as not providing new functionality. Rename the current RS entity to be AS2 mapping to the same current functionality as is provided in the pub-sub draft. Create a new collective RS entity which consists of all of the entities (other than me) which are listening to the multicast address. If you do that then the picture of the multicast and pub-sub systems have a great deal in common. The one thing that gets lost is the ability to ask the current RS where the AS lives, but this is the type of information that Ludwig is saying should be able to be placed in the resource directory (see the oauth-authz document). This is where the question of what the resource types and relationships between different elements in the RD would come into focus. It would also be possible that AS2 in the new module would just have a directory of multicast items which it supports. The pub-sub discovery of resources is currently designed to be done via the resource directory, so there is no reason that the multicast ones should not as well. I think that this means that the structure between the two documents is far closer to the same that either of you realize. Jim > -----Original Message----- > From: Francesca Palombini [mailto:francesca.palombini@ericsson.com] > Sent: Friday, October 20, 2017 6:21 AM > To: Jim Schaad <ietf@augustcellars.com>; draft-tiloca-ace-oscoap- > joining@ietf.org; draft-palombini-ace-coap-pubsub-profile@ietf.org > Cc: ace@ietf.org > Subject: RE: Comments on draft-tiloca-ace-oscoap-joining > > Hi Jim, > > I don't think that your statement is correct: as far as I understood the oscoap- > joining document, the RS is the group manager, while in the pubsub > document (even generalizing it and making a group communication profile as > Carsten was suggesting) the entity that does group management is the AS2. > > I consider these differences a reason to have separate documents, yes, they > could be described in the same draft, but I don't see how that simplifies the > specifications. > > One more comment inline. > > Thanks, > Francesca > > > -----Original Message----- > > From: Jim Schaad [mailto:ietf@augustcellars.com] > > Sent: den 20 oktober 2017 07:42 > > To: draft-tiloca-ace-oscoap-joining@ietf.org; > > draft-palombini-ace-coap- pubsub-profile@ietf.org > > Cc: ace@ietf.org > > Subject: Comments on draft-tiloca-ace-oscoap-joining > > > > After the interim meeting, I read this document through in order to > > produce a review. Instead you are going to get a meta-review. > > > > I am having a hard to seeing why this document exists in its current > > form and it is not some type of simple profile of the pub-sub security draft. > > While I am not sure that this document is a sub-set of that document, > > it appears to be about 90-99% a sub set of that document. Consider > > the > > following: > > > > You have both the publisher and subscriber roles as in the pub-sub draft. > > > > You have an entity which is doing key distribution in the system. For > > the pub- sub draft this is AS2 for you it is the RS, but they are > > performing the exact same set of tasks. > > > > Yes, they are performing the same set of tasks on a high level, but they are > using the ACE framework differently in practice. For example the publisher > and subscriber acquire the keys without using the token. > > > The pub-sub draft as and endpoint which holds the encrypted messages, > > in its place you are using the multi-cast UDP channel. In both cases > > they are basically unprotected-untrusted entities to distribute the content > message. > > The only difference is that in the pub-sub model the RS will also > > provide restricted access to publishing which is not enforceable here. > > > > Both of these documents are missing what I would consider to be core > > pieces. > > The pub-sub document does initial key distribution, while this > > document does not. Neither document does any discussion of how > > subsequent key distribution is done to deal with forward and backward > security of messages. > > > > > > This document probably needs to define a new relationship, which might > > be more generally used, to say - this URL is where you get the > > security information for this URL which is published in the directory > > - esp in the case of multi-cast address URLs in the resource > > directory. You might also find that the correct answer is not to use > > a separate resource for each channel, but to allow for the use of URI path > elements to define the security for a resource. > > > > Jim > >
- [Ace] Comments on draft-tiloca-ace-oscoap-joining Jim Schaad
- Re: [Ace] Comments on draft-tiloca-ace-oscoap-joi… Carsten Bormann
- Re: [Ace] Comments on draft-tiloca-ace-oscoap-joi… Francesca Palombini
- Re: [Ace] Comments on draft-tiloca-ace-oscoap-joi… Marco Tiloca
- Re: [Ace] Comments on draft-tiloca-ace-oscoap-joi… Jim Schaad