Re: [Ace] FW: Review of draft-ietf-ace-key-groupcomm-oscore-05
Marco Tiloca <marco.tiloca@ri.se> Mon, 11 May 2020 16:48 UTC
Return-Path: <marco.tiloca@ri.se>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FD773A0ADE for <ace@ietfa.amsl.com>; Mon, 11 May 2020 09:48:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.089
X-Spam-Level:
X-Spam-Status: No, score=-2.089 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ri.se
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nePP4RRBTDhb for <ace@ietfa.amsl.com>; Mon, 11 May 2020 09:48:05 -0700 (PDT)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60076.outbound.protection.outlook.com [40.107.6.76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 95A883A0ACD for <ace@ietf.org>; Mon, 11 May 2020 09:48:04 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SvK/OS6+9RyVxX/A8IwVm4T7OWZ8c/aPjV3+Cg95mUAX9lInOi+1b74Xk50cJ9VknXCYDtiZc89kgKDC3vdDnlLQpv2X/KrMtvYoqe6p3RQG7PDIHNwB0vAIuTQXQIEzv6oW/Ca+Kic+xbT4f8iS3qpza1RW303iKKwE0QEmXABBC5fybkFSHV24FwaXLE68yRHm1Q2/yzNLLwiWAJcnu9bj8oulP5eZQnAXm+JgF2L1e38haKtfeFtSJrOiOZ5ZYKqdhcyV0Bl0hjbk+/Now9ml3BVHdPzWjUhPbRkxNT44juMzU+OBJdEnD1zmaQJuliFE6q1NJg1aMw0k+Uhp0w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Re8x7tby/57OtDzuFH9f9WH1JpOZf5ZDE8mauMN44IE=; b=MVLUk+8KJPi5TfMRgcFiusvXHMKx9lM9EdAkugSFmvNMBstKPMtGuGhbRCE9UFeZ8WxoSG7q07GwkBzOAnz9k2fQ3cV2sOEdUFOJ9Vb6XqzY3qeHGzv73WsvVJ4dTIVifKHWWZ0n5dvmZP9o+V+bJsHqBSCVmJusNixtcxH82dngUVw+HEwnQmOHo5dVlMRuCBqeFw/jv3+ZxsiK6nbj+XU0i4t/l8n9mLiiNTgTi6g2mSFchUdGq598sVqluDTqNZ9DcdAu/uE+EvIaVgA1sqHyLEuvTxnh2JAOeynQLqfw2MeOcXxD/uwmhNFkF/Ulehl9f/efIeas+sn1MEwTPA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ri.se; dmarc=pass action=none header.from=ri.se; dkim=pass header.d=ri.se; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ri.se; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Re8x7tby/57OtDzuFH9f9WH1JpOZf5ZDE8mauMN44IE=; b=IejbWCAqIlVTvG7KyfwI5N1FSkAEZ5IzDdZL50S1JPNmMsUDAzJE5CWWE5vZgkKKpHVijO1pACxZ6NHF/caLuhBiBwcgYGtYRnvVI/xkK5AHbMi7EVCwTa4lizHLhXzZvgBPTt9AmODVBpmBUejvRcoHcmq6mGdCfR7EK5uevbk=
Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ri.se;
Received: from VI1P189MB0398.EURP189.PROD.OUTLOOK.COM (2603:10a6:802:35::31) by VI1P189MB0527.EURP189.PROD.OUTLOOK.COM (2603:10a6:802:30::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2979.26; Mon, 11 May 2020 16:48:01 +0000
Received: from VI1P189MB0398.EURP189.PROD.OUTLOOK.COM ([fe80::5db5:cc81:e984:7c27]) by VI1P189MB0398.EURP189.PROD.OUTLOOK.COM ([fe80::5db5:cc81:e984:7c27%7]) with mapi id 15.20.2979.033; Mon, 11 May 2020 16:48:01 +0000
To: Jim Schaad <ietf@augustcellars.com>
References: <008001d5fb12$c1d36f20$457a4d60$@augustcellars.com>
Cc: 'Ace Wg' <ace@ietf.org>
From: Marco Tiloca <marco.tiloca@ri.se>
Autocrypt: addr=marco.tiloca@ri.se; prefer-encrypt=mutual; keydata= mQENBFSNeRUBCAC44iazWzj/PE3TiAlBsaWna0JbdIAJFHB8PLrqthI0ZG7GnCLNR8ZhDz6Z aRDPC4FR3UcMhPgZpJIqa6Zi8yWYCqF7A7QhT7E1WdQR1G0+6xUEd0ZD+QBdf29pQadrVZAt 0G4CkUnq5H+Sm05aw2Cpv3JfsATVaemWmujnMTvZ3dFudCGNdsY6kPSVzMRyedX7ArLXyF+0 Kh1T4WUW6NHfEWltnzkcqRhn2NcZtADsxWrMBgZXkLE/dP67SnyFjWYpz7aNpxxA+mb5WBT+ NrSetJlljT0QOXrXMGh98GLfNnLAl6gJryE6MZazN5oxkJgkAep8SevFXzglj7CAsh4PABEB AAG0Nk1hcmNvIFRpbG9jYSAobWFyY28udGlsb2NhQHJpLnNlKSA8bWFyY28udGlsb2NhQHJp LnNlPokBNwQTAQgAIQUCWkAnkAIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRDuJmS0 DljaQwEvCACJKPJIPGH0oGnLJY4G1I2DgNiyVKt1H4kkc/eT8Bz9OSbAxgZo3Jky382e4Dba ayWrQRFen0aLSFuzbU4BX4O/YRSaIqUO3KwUNO1iTC65OHz0XirGohPUOsc0SEMtpm+4zfYG 7G8p35MK0h9gpwgGMG0j0mZX4RDjuywC88i1VxCwMWGaZRlUrPXkC3nqDDRcPtuEGpncWhAV Qt2ZqeyITv9KCUmDntmXLPe6vEXtOfI9Z3HeqeI8OkGwXpotVobgLa/mVmFj6EALDzj7HC2u tfgxECBJddmcDInrvGgTkZtXEVbyLQuiK20lJmYnmPWN8DXaVVaQ4XP/lXUrzoEzuQENBFSN eRUBCACWmp+k6LkY4/ey7eA7umYVc22iyVqAEXmywDYzEjewYwRcjTrH/Nx1EqwjIDuW+BBE oMLRZOHCgmjo6HRmWIutcYVCt9ieokultkor9BBoQVPiI+Tp51Op02ifkGcrEQNZi7q3fmOt hFZwZ6NJnUbA2bycaKZ8oClvDCQj6AjEydBPnS73UaEoDsqsGVjZwChfOMg5OyFm90QjpIw8 m0uDVcCzKKfxq3T/z7tyRgucIUe84EzBuuJBESEjK/hF0nR2LDh1ShD29FWrFZSNVVCVu1UY ZLAayf8oKKHHpM+whfjEYO4XsDpV4zQ15A+D15HRiHR6Adf4PDtPM1DCwggjABEBAAGJAR8E GAECAAkFAlSNeRUCGwwACgkQ7iZktA5Y2kPGEwf/WNjTy3z74vLmHycVsFXXoQ8W1+858mRy Ad0a8JYzY3xB7CVtqI3Hy894Qcw4H6G799A1OL9B1EeA8Yj3aOz0NbUyf5GW+iotr3h8+KIC OYZ34/BQaOLzdvDNmRoGHn+NeTzhF7eSeiPKi2jex+NVodhjOVGXw8EhYGkeZLvynHEboiLM 4TbyPbVR9HsdVqKGVTDxKSE3namo3kvtY6syRFIiUz5WzJfYAuqbt6m3TxDEb8sA9pzaLuhm fnJRc12H5NVZEZmE/EkJFTlkP4wnZyOSf/r2/Vd0iHauBwv57cpY6HFFMe7rvK4s7ME5zctO Ely5C6NCu1ZaNtdUuqDSPA==
Message-ID: <2dd400e8-a9b7-2996-39f3-6e1fb45a2e41@ri.se>
Date: Mon, 11 May 2020 18:47:51 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0
In-Reply-To: <008001d5fb12$c1d36f20$457a4d60$@augustcellars.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="PtUd5E7eKDQG4IwY5u9BYAXYe3JDEjImi"
X-ClientProxiedBy: HE1PR05CA0243.eurprd05.prod.outlook.com (2603:10a6:3:fb::19) To VI1P189MB0398.EURP189.PROD.OUTLOOK.COM (2603:10a6:802:35::31)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [10.8.8.13] (213.232.87.177) by HE1PR05CA0243.eurprd05.prod.outlook.com (2603:10a6:3:fb::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2979.26 via Frontend Transport; Mon, 11 May 2020 16:48:00 +0000
X-Originating-IP: [213.232.87.177]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 85bc98aa-f3fa-428d-d590-08d7f5cb113f
X-MS-TrafficTypeDiagnostic: VI1P189MB0527:
X-Microsoft-Antispam-PRVS: <VI1P189MB0527F396B72D06A12A052A6E99A10@VI1P189MB0527.EURP189.PROD.OUTLOOK.COM>
X-MS-Oob-TLC-OOBClassifiers: OLM:10000;
X-Forefront-PRVS: 04004D94E2
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: y/+pmvz05daAa9fu6opfSbXLeLbvGNHfgwknr5Uv3c8Od7MC0/AcM3mWyiq0X5LcFw23DyRWCsnhk1XATit9UDMTE7pvU7H8Yg5ENe+57T4EXtWxtLL1EKjaIdJ5rVVuKSUup/IbJqU/5g8Bpc0Nz4XsftnLmQ1pARYDvfifJvKvNuHdmmJmuodFhWf6ktu+QlWN48IiygfWRscbhtZUJAGDeWGWWtq4Dr67LclKBY9NSalyTjJQbgxOlXS1HPLvYgtnCnZonRLHtMESnYMo9WojKuUYVKt+OfXvKXSNk1dldA/fJ7/0txKLBPQw813bHmJ/g3TKJ0fsGtt+FTXa+ZFCWQiAK1oSJ/zG1jBVwjDqYsc4/yAf3vsgfpXakRta4oPiZzBx2hCoM7kffzoYST2y3C6yCcgvKSarEfb5stEO8oTm2zGYEQsgr7s0s0vD6rosnNrWUvVLD8f7Vrqv38ru3JogrUcyziOhWCsKX5IXAbHodnkUHgIqYXXKBZ+Q1J2IytGepr+0r9i0Smoa/qOVqlDAV7iHaZIA0IsdsBQ1VwP6a74NaucT8n4Gm4QDJWNInVf4RXr5IzJ1EftbJSeipcCAW2PkJwaEQrPZroWV5sgfRX8BqLPi1kEnwgumiSG8ewsibfGC85JCI1683w==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1P189MB0398.EURP189.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(136003)(376002)(346002)(396003)(39860400002)(366004)(33430700001)(66946007)(30864003)(66574014)(316002)(8676002)(5660300002)(16576012)(8936002)(6666004)(16526019)(26005)(186003)(4326008)(166002)(36756003)(966005)(478600001)(53546011)(33964004)(52116002)(33440700001)(2906002)(956004)(31686004)(31696002)(2616005)(66476007)(235185007)(21480400003)(66556008)(6916009)(44832011)(86362001)(6486002)(43740500002); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: iLMLWRpgBAluDPRAHR0Hzv7Hdq3GFuFAx9mC+AtfpZ0ezD51+5aoKrhIe1xKTPMjny6axe0KovuPspHnGGT1iMND5AoM9jeg7ILleZjcGUmGDMC338ny31OuKCX2OVqLsIde2+gy7Co4gvPo9TS7CG74pYXTIxRos3uxzosecjfRMyJNbV7K6dgpiT0ZYc7jG6KMxiTzVO3pTRN/i1xb9ICouC35Sa7RHud1jD6CqriGoes0wGHKWZj4L7VGt/qierghJkpFxIuEQBQlIqiP68C7Ow+jZaS8Goaer5NSA8bWFWu0E5izRlOIYwTTu/oGFXHgfd9RxUgKBsR5qTxq2/1kWyNNIIX72ee3MxlIFnv9DZWSfJzPa0xgG/On9Jfgb9TDgGTvaDmJ72cUA1ku4zJ1x4wIw7geFBQi8bZxDyU6/At/s2YS+XQ1Yq9noI7vql2c48XoSdTwrx/w5rRaWqEFdY9nKO2bTcfpBCWb/W0=
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-Network-Message-Id: 85bc98aa-f3fa-428d-d590-08d7f5cb113f
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 May 2020 16:48:01.6214 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: xH7WY1hhG/EJcPWLmhnsCgFpwkvkfN94r+gk3ybAkTgFDrDgOrMK2sndJeLe/cQTcMz/V2QFjQ6Kr5+zF3Q2FQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1P189MB0527
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/POVcDeCOncAR398f7tvfCJl0WUc>
Subject: Re: [Ace] FW: Review of draft-ietf-ace-key-groupcomm-oscore-05
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 May 2020 16:48:14 -0000
Hello Jim, The latest version -06 submitted today should have addressed all your comments below. https://tools.ietf.org/html/draft-ietf-ace-key-groupcomm-oscore-06 Please, see replies inline. Thanks a lot for this review! Best, /Marco On 2020-03-15 22:43, Jim Schaad wrote: > Forgot to cc the group > > -----Original Message----- > From: Jim Schaad <ietf@augustcellars.com> > Sent: Sunday, March 15, 2020 1:48 PM > To: 'draft-ietf-ace-key-groupcomm-oscore@ietf.org' > <draft-ietf-ace-key-groupcomm-oscore@ietf.org> > Subject: Review of draft-ietf-ace-key-groupcomm-oscore-05 > > * Introduction: In para 2, the second sentence needs to be re-written. If > you remove the subclause, then you get "This relies on a Group Manager where > members exchange CoAP messages secured with Group OSCORE." Which is wrong. ==>MT We have rephrased the text as: “This relies on a Group Manager, which is responsible for managing an OSCORE group, and enables the group members to exchange CoAP messages secured with Group OSCORE.” <== > > * Section 2 - The following is a problematic statement " All communications > between the involved entities rely on the CoAP protocol and MUST be > secured." For something like MQTT you want to be able to do it in JSON/HTTP ==>MT Rephrased as: “All communications between the involved entities MUST be secured.” <== > > * Section 2.2 - I think it might be worthwhile in para 3 to give the reason > for needing a new group identifier - This is because of the conflict in name > between group identifier of OSCORE and group identifier of > ace-key-groupcomm. You have not yet stated that they are different things. ==>MT Now the first bullet point on the Gid clarifies that it is OSCORE-related information, and highlights the difference from the group name in Section 1.1. <== > > * Section 3.1 - I think I said this before but ["requester", "monitor"] > seems to be a bit of an oxymoron. Anybody who is either a requester or a > responder can be a monitor without advertising the fact. ==>MT We have removed this combination of roles. It’s true that if the joining node is requester or requester+monitor , it has in either case to provide its own public key and may want to retrieve the other members’. So there is no difference in terms of key provisioning either. <== > > * Section 3.1 - The table in figure 1 is currently not usable due to the > definition of scope in ace-key-groupcomm. ==>MT This should now be fine, since Section 3.1 of ace-key-groupcomm is admitting flexibility in the encoding of group name and roles, left to the application profile as per REQ1 and REQ2. In this document, REQ1 is defining group names to be encoded as CBOR text strings, while REQ2 is defining roles to be encoded as abbreviating CBOR integers. <== > > * Section 3.1 - The framework allows for the scope and the audience to be > implicit for an endpoint that is only doing one thing. Are you sure you > want to eliminate that option? ==>MT Right. In the revised text, we don’t mention ‘audience’ anymore, while we detail the content of ‘scope’ if present. <== > > * Section 4 - I think you probably want to justify the reason for changing > the base name of the resource. Also the same comments that I made in > ace-key-groupcomm about registering as a well-known are going to exist if > you really want it to be fixed. ==>MT That was an oversight. The segment group-manager/ was supposed to be group-oscore/ , as in the operations described in the following sections. On the second part of the comment, this resource just inherits the Interface Description (if=) Link Target Attribute value “ace-group” introduced in Section 4.1 of ace-key-groupcomm and registered in Section 8.9 of that same document. <== > > * Section 5.2 - scope should not be a mandatory element in the request - it > is implicit in the path name and the scope in the token. ==>MT Ok, we have made scope optional in the joining request, by simply not mentioning it anymore. Then the MAY contain from ace-key-groupcomm applies here. The last path segment is fine for the GM to understand the group at hand, then the corresponding allowed roles are also retrievable from the stored token claims. <== > > * Section 5.2.1 - Is this a place where we need to look at replay? I don't > think so because of the cryptographic wrapper, but we need to have that > discussion in the document. Which indicates a pointer from this section to > where that discussion is. ==>MT At the end of the section, we have added a pointer to the new Section 17.3, whose content was already included as part of Section 17.2. <== > > * Section 5.4 - cs_alg should refer to the IANA registries not the COSE > document - what if there is a new signature algorithm, like say RSA. ==>MT Done. <== > > * Section 6 - is it an error for a monitor to provide a public key? After > all an invalid signature would not need to be checked. To make life even > more fun, does the rsnonce need to be provided on a token post? ==>MT We have added text under the first bullet point, to explain that it is not an error, and the Group Manager just silently ignores ‘cnonce’, ‘client_cred’ and ‘client_cred_verify’, in case the joining node has “monitor” as single authorized role. As to the second question, we have also added some text in Section 5.1. That is, when responding to a Token POST, the Group Manager does not need to return 'kdcchallenge' (was rsnonce) to the client, if ‘scope’ in the posted Access Token indicates only the role “monitor” or only the role “verifier”, for each of the specified groups. The final choice to take advantage of this optimization is left to the implementor. <== > > * Section 8 - For bullet 2.a - Is there a reason why this does not do the > rekey and return the new key material rather than returning an error? ==>MT Ok, we have rephrased the text as: “The Group Manager rekeys the OSCORE group. That is, the Group Manager generates new group keying material (see Section 16) and replies to the group member with the same group rekeying message defined in Section 16, providing the new group keying material. Then, the Group Manager rekeys the rest of the OSCORE group, as discussed in Section 16.” <== > > > > _______________________________________________ > Ace mailing list > Ace@ietf.org > https://www.ietf.org/mailman/listinfo/ace -- Marco Tiloca Ph.D., Senior Researcher RISE Research Institutes of Sweden Division ICT Isafjordsgatan 22 / Kistagången 16 SE-164 40 Kista (Sweden) Phone: +46 (0)70 60 46 501 https://www.ri.se
- [Ace] FW: Review of draft-ietf-ace-key-groupcomm-… Jim Schaad
- Re: [Ace] FW: Review of draft-ietf-ace-key-groupc… Marco Tiloca