Re: [Ace] Review for draft-palombini-ace-coap-pubsub-profile
Cigdem Sengul <cigdem.sengul@gmail.com> Fri, 20 December 2019 12:03 UTC
Return-Path: <cigdem.sengul@gmail.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4BD08120024 for <ace@ietfa.amsl.com>; Fri, 20 Dec 2019 04:03:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 34iT5c8HWvxf for <ace@ietfa.amsl.com>; Fri, 20 Dec 2019 04:03:29 -0800 (PST)
Received: from mail-qk1-x72c.google.com (mail-qk1-x72c.google.com [IPv6:2607:f8b0:4864:20::72c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F009B1200B4 for <ace@ietf.org>; Fri, 20 Dec 2019 04:03:16 -0800 (PST)
Received: by mail-qk1-x72c.google.com with SMTP id x1so7372379qkl.12 for <ace@ietf.org>; Fri, 20 Dec 2019 04:03:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=RS1DLn6SozrA348tw7mXpK3WV59xo/3LlifALRCiueM=; b=CEdoKGn5NzOmgGDnoa4qb8Z3kBg4l1kCyzNO5aqNI4MUg8bh0qrGvSK6XB2Sig/sYP Hkc4I0IKPp5Ycovts7mM+1SOsRJ2ztu5W04sDUMOWYFrNgu/cw7Z4NqQoc5fwfixf4FW uKMxRFuNR0KMnkmYXL4gtlXMr1qB1qNhC0HNM7g/7jH8g3Bfrqe35BClZJF1k0Qgr29u ccCyyPLiuL7xgERJmHgupnp9nEYPCtWWAcXVRBN8ipVHAMHvVA4759xcRhlfx5IZ0OoQ cX+jq0P8iEDREw24pGsU2RZzVxEb34Qr6sT8uzhY8KDpx6WQBKQwObfn832AfTUWLVVh B74w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=RS1DLn6SozrA348tw7mXpK3WV59xo/3LlifALRCiueM=; b=Gku23/th8+eAm7hboxIiLzwsx9fedjqiwLHe0Gj4ulV+2VSMjrwDOrEcnZNcTYfWJc SmEogFk05g7PbaWmf6UahYEjxoExIFGcvvhPl307P1R5kREYkcbx8/zJ5dN2OUThVFO1 y94ToLaE6B1lnQ929ihhGuSu4kWdnlBU/IR7FglOvs3u6p0xKgl3Nle72MNwH3ZqZlVD RJcgJ4wT3/iybYqw1Se7FgEma5Zh9gXa6h91Pq0cWt6vSJSQuEPYri/0N0vsjSiCGizf LAOQ6xh5Y4ab8DQ4RKPAAvndm81+GTnrg6BHKcM8v4mPsFPk7p7ipMLdqs39okWrduBc x73A==
X-Gm-Message-State: APjAAAVLQ5cSHjK8+Cx1MehNyveJhoBu/a6cDnDtuM4q5px1vv78Av7F GJFOB6vwy2wkAhXXam0WFitYMEyOcFkjy9PV+oM=
X-Google-Smtp-Source: APXvYqxey1OLUMzrmASdro111Z/YEBT3mWlxpi+1+/ewngigCPhsWhlqA6SnnzFs8+kQetE2WqNdzbUhLzCvt1W5A/U=
X-Received: by 2002:a05:620a:150e:: with SMTP id i14mr12866871qkk.273.1576843395889; Fri, 20 Dec 2019 04:03:15 -0800 (PST)
MIME-Version: 1.0
References: <CAA7SwCMhdOctrzQqGAUz4-z7SvKfKZLErAJT88eSDwCMedg-rg@mail.gmail.com> <75220EAA-9455-4691-9E99-3E16401D1309@ericsson.com> <CAA7SwCPZx57naJUqzPrRz7T2E_EibG0ggfQ-gBVWras1w5WG1A@mail.gmail.com> <20191219223015.GO81833@kduck.mit.edu>
In-Reply-To: <20191219223015.GO81833@kduck.mit.edu>
From: Cigdem Sengul <cigdem.sengul@gmail.com>
Date: Fri, 20 Dec 2019 12:03:04 +0000
Message-ID: <CAA7SwCMoe_nqrUo_w+WXaT9yN_sh2gc=Uu-i_gpKLWs+oHEYzQ@mail.gmail.com>
To: Benjamin Kaduk <kaduk@mit.edu>
Cc: Francesca Palombini <francesca.palombini@ericsson.com>, Ace Wg <ace@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000007a7f57059a217640"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/SherATCMR2WriSdNeKHoXyD-UsE>
Subject: Re: [Ace] Review for draft-palombini-ace-coap-pubsub-profile
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Dec 2019 12:03:33 -0000
Hello Ben, Response below. > > > > > > > CS: I see that I wasn't clear in my thinking before and mixed up things. > I > > was trying to understand how groups map to topics and the topic > hierarchy; > > and how group maintenance scales with the increasing number of topics, > > publisher and subscribers. Said another way, who creates groups, and > > creates/updates keys for these groups to be maintained in the KDC? > > > > I agree topic hierarchies require more thought. Here is my second attempt > > at explaining my thinking, which is by no means complete: > > In MQTT, it is possible to publish to all levels in a topic hierarchy > e.g., > > if you have sport/tennis/player1/rankings, it is possible to publish to > the > > sport, sport/tennis, sport/player1, sport/player1/rankings... > > One option is to have as many keys as the nodes on the hierarchy > > independent of actual publishers and subscribers to them. (Assuming this > > hierarchy is pre-built, and AS2 maintains a complete topic-key database). > > So, if publisher P1 comes with rights to publish to sport/tennis - he > gets > > the keys for that. But, if he comes with the right to publish to > > sport/tennis/#, he gets multiple keys, one each for every node under > > tennis. > > Having to always send all the keys would get frustrating (and/or expensive > in terms of bytes!), but the "other option" below feels quite messy with > respect to having to push out updates when membership/number of groups > changes. I suppose the right balance depends on actual usage patterns, but > I would mostly expect a flow where permissions on a hierarchy grant the > ability to get any (per-topic) key from the hierarchy, but you still have > to explicitly request the individual key for the individual topics you are > going to post to, to be of most generic applicability. Am I forgetting a > reason why that's not possible? > > Thanks, > > Yes, both have problems - mainly used them to talk about the differences between (semi-)static grouping (topics define groups) and dynamic grouping (active publisher/subscribers and their topic permissions determine groups). Yes, a token with scopes that use the wildcard will give you the right to get any key from the hierarchy. In the "first approach," you would need the get the specific one for the individual topic because any number of publisher/subscribers may be on that topic (but not on others). If I understand correctly, you suggest that the client asks for the right key just-in-time before a publish/subscribe message? This is a good solution if the client can connect to AS2 at all times, but in ACE, I thought, we did not assume ASes are always reachable by clients. Therefore, I was always thinking of a scenario where the client is provisioned with the right keys beforehand (determined by their permissions). But the "second option", where the same encryption key may be used across different topics, has the same connectivity requirements due to rekeying expected as groups change. I hinted this in my previous e-mail by having to consider rekeying policies, as I haven't seen it mentioned in coap-pub-sub. Need to also consider rekeying as a separate problem that needs to be addressed regardless of what approach is taken: ace-key-groupcomm refers to [RFC2093], [RFC2094] and [RFC2627] for rekeying mechanisms and I am not exactly sure how to use them for client-broker communication. ace-key-groupcomm also states: If the application requires forward security, the KDC MUST generate new group keying material and securely distribute it to all the current group members but the leaving node, using the message format of the Key Distribution Response" If it is the AS2 (KDC) that needs to rekey groups, then AS2 should be able to connect to the clients and push this information? Am I missing something here? (In MQTT, things were easier when tokens expire. The Broker knows a token expired and disconnects the client, which forces the client to get a new token. But, the Broker here has no idea of rekeying. So, the trigger for that needs to come from AS2. ) Regards, --Cigdem > Ben > > > > The other option is creating groups dynamically and subtopics inherit > > authorisations (as captured by the wildcards), i.e., publisher and > > subscribers that have an exact match in their topic filters form a group. > > Going back to the previous example, assuming AS2 is generating the keys > > (need to read the groupcomm in detail to understand how the KDC and its > > endpoints work in general), I imagine something like this may work: > > Publisher P1 - publish_sport/tennis/# -> AS2 checks if a matching group > > exists, doesn't find one, generates the key, and hands it out to P1, > stores > > the mapping. > > Publisher P2 - publish_sport/tennis/# -> AS2 checks if a matching group > > exists, find one, gives out the key to P2. > > Subscriber S1 - publish_sport/tennis/# -> AS2 checks if a matching group > > exists, find one, gives out the key to S1. Until now, assumed no rekeying > > when the new members join an existing group, as this would work well with > > MQTT RETAIN option, which enables the publisher to indicate > > to the Broker that it should store the most > > recent message for the associated topic. Hence, the new subscribers > > can receive > > the last sent message from the publisher of that particular topic > > without waiting > > for the next PUBLISH message. > > Subscriber S2 - publish_sport/tennis/+/rankings - AS2 checks if a > matching > > group exists, does not find an exact match -> generates new key, but then > > needs to update P1, P2, S1 as well as publish_sport/tennis/+/rankings > will > > be sent encrypted with the new key, and the rest will be with the old > key. > > When they are rekeyed, the publishers may send RETAINED messages again > with > > the new key. > > > > i.e., > > P1-P2-S1 are one group > > P1-P2-S1-S2 would be another group > > Two groups - two keys. > > > > Do not know what is best, or there is a third option. > > > > Another thing to consider would be rekeying policies of course. > > > > > > > > > > Another approach could be each publisher creating its group. This way > the > > > number of groups scales with the number of publishers (and the COSE > keys is > > > per publisher). > > > > > > > > > > > > FP: I don't think this scales well, but yes, an application could also > do > > > this. > > > > > > > CS: Yes, scratch that - that actually wouldn't work. > > > > Thanks, > > --Cigdem > > > > > > > > > > > > > > > Kind regards, > > > > > > --Cigdem > > > > > > _______________________________________________ > > Ace mailing list > > Ace@ietf.org > > https://www.ietf.org/mailman/listinfo/ace > >
- [Ace] Review for draft-palombini-ace-coap-pubsub-… Cigdem Sengul
- Re: [Ace] Review for draft-palombini-ace-coap-pub… Francesca Palombini
- Re: [Ace] Review for draft-palombini-ace-coap-pub… Cigdem Sengul
- Re: [Ace] Review for draft-palombini-ace-coap-pub… Benjamin Kaduk
- Re: [Ace] Review for draft-palombini-ace-coap-pub… Cigdem Sengul
- Re: [Ace] Review for draft-palombini-ace-coap-pub… Benjamin Kaduk