Re: [Ace] IETF 108 tentative agenda and presentations (Daniel Migault)
"Panos Kampanakis (pkampana)" <pkampana@cisco.com> Wed, 22 July 2020 13:08 UTC
Return-Path: <pkampana@cisco.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 71EA13A0971 for <ace@ietfa.amsl.com>; Wed, 22 Jul 2020 06:08:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.621
X-Spam-Level:
X-Spam-Status: No, score=-9.621 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=RyRY+6s6; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=cisco.onmicrosoft.com header.b=wCcXUr14
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id udpB3HL3rXHs for <ace@ietfa.amsl.com>; Wed, 22 Jul 2020 06:08:24 -0700 (PDT)
Received: from alln-iport-4.cisco.com (alln-iport-4.cisco.com [173.37.142.91]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9A8C83A0970 for <ace@ietf.org>; Wed, 22 Jul 2020 06:08:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=9337; q=dns/txt; s=iport; t=1595423304; x=1596632904; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=abGfjC6FK3glkRcWiHOD+CWjZHOPPYUVhoAyAC1ALtk=; b=RyRY+6s62YyOgcV4m7RMFFXvhFILCECwD3CiEP1ydtTMVb0MNUiK5XDf 2ry0DlwIIuoYV3G4Ab0agdc9vSIL3bliGNnN9Ln2RIu1IpOh5SRtBLJOA 6/XG3Do6Qo8+Lr6LScmwbFWF/ZA9mdOVmuOnQrAX9vu0w8XDrZDqSeATa I=;
X-Files: smime.p7s : 4024
IronPort-PHdr: 9a23:S0sh1xGI/WEzG7dH6F8L251GYnJ96bzpIg4Y7IYmgLtSc6Oluo7vJ1Hb+e401Q+bRoTW7v9CkKzdtKWzEWAD4JPUtncEfdQMUhIekswZkkQmB9LNEkz0KvPmLklYVMRPXVNo5Te3ZE5SHsutfFzfp3C09ngZHRCsfQZwL/7+T4jVicn/3uuu+prVNgNPgjf1Yb57IBis6wvLscxDiop5IaF3wRzM8XY=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CBAABNORhf/5JdJa1gDgsBAQEBAQEBAQEBAQEBAQEBAQESAQEBAQEBAQEBAQEBQIFKgVJRB28rLS8sCodvA41JigKOXIJTA1UEBwEBAQkDAQEYDQgCBAEBgW2CXwKCDAIkOBMCAwEBCwEBBQEBAQIBBgRthVwMhXEBAQEDAQEBEC4BASwCCQEEBwQCAQgRBAEBAS4CHwYLHQgCBAENBQgGFIJ/BAKBfk0DDhEPAQ6iAAKBOYhhdIE0gwEBAQWFIAMKC4IHBwMGgTgBgVKBF4YEhAQagUE/gRFDgh8uPoEEgRZCAQECARaBSBWDMoItj1KCS4hPmhlNCoJdhDOCWIFLjB2FFJ9RkgaNCJF/AgQCBAUCDgEBBYFqIw2BSnAVO4JpUBcCDY4eDBeDToUUhQQ+dAIBATMCBggBAQMJfI4WAYEQAQE
X-IronPort-AV: E=Sophos;i="5.75,381,1589241600"; d="p7s'?scan'208";a="516086862"
Received: from rcdn-core-10.cisco.com ([173.37.93.146]) by alln-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 22 Jul 2020 13:08:23 +0000
Received: from XCH-ALN-005.cisco.com (xch-aln-005.cisco.com [173.36.7.15]) by rcdn-core-10.cisco.com (8.15.2/8.15.2) with ESMTPS id 06MD8Mxq029149 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 22 Jul 2020 13:08:23 GMT
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by XCH-ALN-005.cisco.com (173.36.7.15) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 22 Jul 2020 08:08:22 -0500
Received: from xhs-rtp-002.cisco.com (64.101.210.229) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 22 Jul 2020 08:08:22 -0500
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-002.cisco.com (64.101.210.229) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Wed, 22 Jul 2020 09:08:21 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VNC3fJv3VxukHERAPnXGGynqL1DpHuuDPVcEOCbTmF3ks1gYx6wK0w+2iOa58KrXS9lMAEH/UYlx4c4ZoPhkRBrELQy+A2JEy+Ot9V0gYVdEptc4aesqgCl7PvPo0yZ34TSTOWE8X2OhqW8esHfDtew1cFWgVx1umW38ObBn99hEqHudXMvXdKwP9ENlc7Ehs15Vq0YDQVJWLh+DekSHjNIxVTvji1b4bh8YE3k18RKOlsFCVHqQLWn6BYLd2KcDi/5FrkMxxC5VnVLin51ArCgFo/K1LIp4USQVsQvfWx5IB4qzU8m5kfrupTwe1+atVqdBo+Tic1SFyaWzDUh8GA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=w9qOisay4VNyiVX4NXTZ4eZTwHrswoncILjPkZ4eGn4=; b=ZBmIx5nPvWmRA23CU+NHKvQIBLOUv+KtiZX6iKPU432Eqsrml3Eq4Z1bku8Uyo2zLoEfwn73Ka6IAkCsg48PBxJMhaNi/aiIEWvNlNPw8rzD9TNCaag1SiismNGQrBYnQAGyiKvMKizZNf3nrCwwg/oAvC3jFfnSudAGzZkxIGmbQfqt/Jxl6Hbmy+g7pPI1IDHDsQ+r57sIXI51OFBg6EUAZkBXWxIzojKKxQ6GmDMNl4AgtyWY6g5CNg4FXUlOZoCIFaAa8iZtlr1m9HQKgANnskDDDvdiVCl8ykPJWgUew2hNpWH9DCZFggko0SSHOPM/fL1yB7MJfkUxlUSauA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=w9qOisay4VNyiVX4NXTZ4eZTwHrswoncILjPkZ4eGn4=; b=wCcXUr14J8KFFS/hHsDuIhsbwfHOP+xgnJ1FOjtobE/z7Pxh5+s9+zYwZQTmAQpz5cLPNb1JvEuj3R2tCsrKP0fmG/a7KZybFPh6H/k0YvjyoEhG/g3wcCCcgNoGzAm0oUD9Us0pqrzCTffOjDAS2HZexgRC0KmLrKLRh+yzh5Y=
Received: from DM6PR11MB2555.namprd11.prod.outlook.com (2603:10b6:5:c5::33) by DM6PR11MB2748.namprd11.prod.outlook.com (2603:10b6:5:c8::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3195.23; Wed, 22 Jul 2020 13:08:20 +0000
Received: from DM6PR11MB2555.namprd11.prod.outlook.com ([fe80::75c7:27bf:b5af:a483]) by DM6PR11MB2555.namprd11.prod.outlook.com ([fe80::75c7:27bf:b5af:a483%5]) with mapi id 15.20.3216.020; Wed, 22 Jul 2020 13:08:20 +0000
From: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>
To: "Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com>, Benjamin Kaduk <kaduk@mit.edu>, Michael Richardson <mcr+ietf@sandelman.ca>
CC: Mohit Sahni <mohit06jan@gmail.com>, "steffen.fries@siemens.com" <steffen.fries@siemens.com>, "ace@ietf.org" <ace@ietf.org>
Thread-Topic: [Ace] IETF 108 tentative agenda and presentations (Daniel Migault)
Thread-Index: AQHWX5lj2xo5I7eQAk6wCDCWveBOMqkSfISAgAAYZoCAAKV/gIAAVHbw
Date: Wed, 22 Jul 2020 13:08:20 +0000
Message-ID: <DM6PR11MB25554D31E5C2DBFA677BD83AC9790@DM6PR11MB2555.namprd11.prod.outlook.com>
References: <mailman.1850.1595355742.7860.ace@ietf.org> <CAEpwuw0JN9RGzEBs+fmcL18OFcHzKj_DDzXCt4VkSkSmG3Rvnw@mail.gmail.com> <9794.1595363465@localhost> <20200721215825.GB41010@kduck.mit.edu> <AM0PR10MB3153493DF2B63A8A061BD916FE790@AM0PR10MB3153.EURPRD10.PROD.OUTLOOK.COM>
In-Reply-To: <AM0PR10MB3153493DF2B63A8A061BD916FE790@AM0PR10MB3153.EURPRD10.PROD.OUTLOOK.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ActionId=853d4b82-15da-4ce2-9193-0000a3646129; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ContentBits=0; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Enabled=true; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Method=Standard; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Name=restricted-default; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SetDate=2020-07-22T07:41:39Z; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a;
authentication-results: siemens.com; dkim=none (message not signed) header.d=none;siemens.com; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [68.93.142.48]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 0afa9660-79c6-4739-030c-08d82e404ed7
x-ms-traffictypediagnostic: DM6PR11MB2748:
x-microsoft-antispam-prvs: <DM6PR11MB27488742D4627E1CA289A9F3C9790@DM6PR11MB2748.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:4502;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: ODYSU2GxrjPuf6KiVfldNX67l0lOrQbSPM0V0yc7q50vWeVpmXf6/J7eacUjDeCjLFjY2n9G6rAkcvDP8SQeuWPXpOUzLCpuMWBaTWdxqvui2Dcm+W9MDgGXi+mKzvLfOjqGH73GFts1t/yVcnPCrHJ5k4Rtn4uw6w1mMAFAlbXj9+Lp3lCK5uw1OZrXuEFbFLLWr2SBtdOqZaEE40GzeP00cg91fmq64KWqZXBd4jqL7ZVBHpJpPnXwTXttIL1x9NkD2s59VPJJYHVTFEf2fFIiXWf2DzJ9uKNkW62ZY2XuCMSOAGwUFudL/pI4r8xX4A8KtDVdHFbyX3lTnng/szq8dKJCC4F1KHoYotE1zEiPA8EFvfEJctE7kIOGuKfSzquApN322LmfcZHeTaeFlQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR11MB2555.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(366004)(396003)(376002)(39860400002)(136003)(346002)(83380400001)(45080400002)(5660300002)(9686003)(86362001)(8936002)(71200400001)(33656002)(54906003)(7696005)(6506007)(110136005)(2906002)(316002)(66946007)(8676002)(478600001)(66616009)(76116006)(52536014)(4326008)(64756008)(66446008)(99936003)(966005)(66556008)(26005)(186003)(53546011)(83080400001)(55016002)(66476007); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: LD5gQyhbfgwT3UaenOnuPt4vIZX8azsTGjhvsLEKsIQYqu/xiemSRcKs6xCrL/4UXs0o4JaXSPBBlmalDrF1ENAw+joePMyDyOpotYzJFDjcPCrUwXmEr3pAWEN75/3mJw66dbxwzmSpXJ9LrPAuqg7CI3DEEdGPQyb8ofM6CLvBgt95GXiAoHaU7VUyFpboebRYeY8S2yZznFgYSrDr0leByKRb+6K3jWNvBRWNQ1abw8h0TSfHGds18/v7sBxnH+4rUqesv06gIXspHf5OAgJ11kDMtRep66/ivLZYaHdRiRNEpE/vLmowCMMk5v0mO1zUgY3yUxmRDHMwIOACANtQtIxxDxTNYJVUfsLJraIwpZI3WwjVVCVdhn09oQ35FLv/2wgMty4XBvBFS5bfFcqwkRWSBIBzffsdw+KEg26RhBEoNMFuthHj1W9d6lh3c84LBzcuT0rTx8Rio2JRPLjCeTV929VCRYmAMaKZFpA=
x-ms-exchange-transport-forked: True
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="2.16.840.1.101.3.4.2.1"; boundary="----=_NextPart_000_0005_01D66007.A3F5A270"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR11MB2555.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 0afa9660-79c6-4739-030c-08d82e404ed7
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Jul 2020 13:08:20.6814 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: y7/gxW0u0DJrOHvUQph9RGVDkPRk1lD9DZSRrcCmflo3GgHoPUYbXlYuKfyNRtAvd0PeCxaFRetoMaF+VVTdyw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB2748
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.15, xch-aln-005.cisco.com
X-Outbound-Node: rcdn-core-10.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/WoizcKS9OUpgJKm3roOWMEBUFc4>
Subject: Re: [Ace] IETF 108 tentative agenda and presentations (Daniel Migault)
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2020 13:08:26 -0000
Hi, > Looking into Mohits draft, cmp-over-coap is much simpler than est-over-coaps, as CMP does not need any binding to an underlying (D)TLS handshake. Not sure that is accurate. And EST does not bind to the tunnel protocol either unless proof of possession is used. For now the cmp-over-coap draft says When the end to end secrecy is desired for CoAP transport, CoAP over DTLS [RFC6347] as a transport medium SHOULD be used. COAP can run over DTLS or plain UDP and in rare cases TCP, TLS and maybe Websockets. I am not sure someone would run cmp-over-coap over TCP because then he could just run CMP natively without COAP in the middle. Any application layer protocol (CMP etc) can run over any transport but I am not sure there are more transports than the usual ones for cmp-over-coap anyway. I agree that if this gets picked up it should be by ACE. I would like to understand what gaps it is filling compared to est-over-coaps which took a lot of work and where it will be used and implemented in. Panos -----Original Message----- From: Ace <ace-bounces@ietf.org> On Behalf Of Brockhaus, Hendrik Sent: Wednesday, July 22, 2020 3:51 AM To: Benjamin Kaduk <kaduk@mit.edu>; Michael Richardson <mcr+ietf@sandelman.ca> Cc: Mohit Sahni <mohit06jan@gmail.com>; steffen.fries@siemens.com; ace@ietf.org Subject: Re: [Ace] IETF 108 tentative agenda and presentations (Daniel Migault) > Von: Ace <ace-bounces@ietf.org> Im Auftrag von Benjamin Kaduk > > On Tue, Jul 21, 2020 at 04:31:05PM -0400, Michael Richardson wrote: > > > > Mohit Sahni <mohit06jan@gmail.com> wrote: > > > To give some background, this draft is an extension of Light Weight CMP > > > Profile ( > > > > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf . > org%2Fhtml%2Fdraft-ietf-lamps-lightweight-cmp-profile- > 02&data=02%7C01%7Chendrik.brockhaus%40siemens.com%7Cc3b352cdfd > 174b0a7e2008d82dc1484f%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C > 0%7C637309655452109222&sdata=QWHu3IEwf4TIIpaW0cvKuMiGXixV1AX > dws6g0vBQJPY%3D&reserved=0) > > > draft currently under development in the LAMPS WG. We > > discussed the > "CMPv2 > > > over CoAP" draft in the LAMPS WG and figured out that ACE WG > > is a > more > > > appropriate place for this draft. However, Jim suggested that > > we will > need > > > to modify the charter of the ACE WG to adopt this draft. > > > > We did est-over-coaps [still in the queue], why shouldn't we do > > cmp-over- > coap(s)? > > It may just be that "est-over-coaps is so obviously us" that I didn't > check the charter carefully at that time. But, at this point, we're > probably overdue for a recharter anyway, as the core framework is making its way to the IESG. > Steffen and I discussed this with Jim last year in Prague, if I remember correctly, and he recommended to submit cmp-over-coap to ACE and not to LAMPS. As est-over-coaps was in scope of ACE, I also think it is quite obvious to discuss cmp-over-coap in ACE. Looking into Mohits draft, cmp-over-coap is much simpler than est-over-coaps, as CMP does not need any binding to an underlying (D)TLS handshake. If you think this needs rechartering, we should go for it. - Hendrik _______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
- Re: [Ace] IETF 108 tentative agenda and presentat… Mohit Sahni
- Re: [Ace] IETF 108 tentative agenda and presentat… Michael Richardson
- Re: [Ace] IETF 108 tentative agenda and presentat… Benjamin Kaduk
- Re: [Ace] IETF 108 tentative agenda and presentat… Brockhaus, Hendrik
- Re: [Ace] IETF 108 tentative agenda and presentat… Panos Kampanakis (pkampana)
- Re: [Ace] IETF 108 tentative agenda and presentat… Brockhaus, Hendrik
- Re: [Ace] IETF 108 tentative agenda and presentat… Daniel Migault
- Re: [Ace] IETF 108 tentative agenda and presentat… Mohit Sahni
- Re: [Ace] IETF 108 tentative agenda and presentat… Panos Kampanakis (pkampana)
- Re: [Ace] IETF 108 tentative agenda and presentat… Jim Schaad