Re: [Ace] Adoption of Low Latency Group Communication Security Work in ACE
Somaraju Abhinav <abhinav.somaraju@tridonic.com> Tue, 26 July 2016 16:28 UTC
Return-Path: <abhinav.somaraju@tridonic.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AFF2612D12D for <ace@ietfa.amsl.com>; Tue, 26 Jul 2016 09:28:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=zgrp.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dhx8ZWFMAT9N for <ace@ietfa.amsl.com>; Tue, 26 Jul 2016 09:28:08 -0700 (PDT)
Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-he1eur01on0099.outbound.protection.outlook.com [104.47.0.99]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A866012D125 for <ace@ietf.org>; Tue, 26 Jul 2016 09:28:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zgrp.onmicrosoft.com; s=selector1-tridonic-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Zp9/sxlm9ASqPAzgZei2Cxg6fHf9nphTK0n+Fq8x81E=; b=SemXZY0FiAt29t/KBibB9JokaeRkvaZVarQQa3TsfNw4o7BqIQp5eJldNATa4BoyHmGrgj9lQpqZRFuhd8iYG1KBnVFe1i2X/LpFnKY8oBKAv99BOSldHzNYrkpFdZBkBwAF+k9GO/mdhkdErjsCvCPsrfbb4jtD8sAnZmFuk/4=
Received: from DB6PR0601MB2198.eurprd06.prod.outlook.com (10.168.57.139) by DB6PR0601MB2197.eurprd06.prod.outlook.com (10.168.57.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.549.15; Tue, 26 Jul 2016 16:28:01 +0000
Received: from DB6PR0601MB2198.eurprd06.prod.outlook.com ([10.168.57.139]) by DB6PR0601MB2198.eurprd06.prod.outlook.com ([10.168.57.139]) with mapi id 15.01.0549.016; Tue, 26 Jul 2016 16:28:01 +0000
From: Somaraju Abhinav <abhinav.somaraju@tridonic.com>
To: Eliot Lear <lear@cisco.com>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, "Kumar, Sandeep" <sandeep.kumar@philips.com>
Thread-Topic: [Ace] Adoption of Low Latency Group Communication Security Work in ACE
Thread-Index: AQHR51qt/n8I622G20qJJ3j/0zgcZg==
Content-Class: urn:content-classes:message
Date: Tue, 26 Jul 2016 16:28:01 +0000
Message-ID: <DB6PR0601MB2198E19E171D31AC00A9EDAAFC0E0@DB6PR0601MB2198.eurprd06.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=abhinav.somaraju@tridonic.com;
x-originating-ip: [89.144.209.237]
x-ms-office365-filtering-correlation-id: 655e895c-2a3f-43a1-7746-08d3b571d037
x-microsoft-exchange-diagnostics: 1; DB6PR0601MB2197; 6:BUGlTCMJ+Ec3G6I/Fka0ipWV2Na7Q36ZAsan2djIySleuI50Be0yGK/LYwGLgCZTS2o3HFBsAZzaSsnjg/3eGRSmbevOExvCQQ3chr4GX3LXDO8+vuZlRXzo5rcv+BLymMfnT7xhCu1BKAUe8PmdMERPTR75mTyOBW/LCAEDc7TiEKylLEpRI26cFdNtfv/YNFRaXHwy+BBMdBBGAdNiUDuzOadeEdRnjUOQxQSWaHzt06dN47x8NC+4Ujd7Qvhqzel90iTG1jeybSE3j9pWhqlMwwmIxOH+k/XIEJta7OECFBltsGMxRd9rAOURKHt5fawol0MKGN8ssG8MPl2ZIA==; 5:IJPhPK5dvYEnB5ESpKUUCre3cp/AjRLQ3tRiVgUzHQiYuT0Mmq0SPGIQAeJSq3/43AfNNE0SHw/Qtok2sPzjTpJohcsf9wm1whifBjnKJKi/WsWut6DHsTDZhIP9YjSnGwlAqon0GTwoi395cTqd8g==; 24:63dQ+9JFlauDoEiqBL1Olox8BlhGYpiu647rOdAgFewCgjxXiw6hhSjfDsoHTuExEWSkyBYSO9uIBGD72EBBtEFZb2PtKDFPRhErwsXGSMI=; 7:48LJWOCdcLjQPv3/Lhy+sHVdJOeZCZ2dLQSoOvXVMrut9OouyCzw+m/4FoYIjA2lVKQvVpFc7dYJc+jOYxf8xpd/AEPG4pDHvK9YQ3whrEDGWF3tKmHNEA/80DLxw+ZVDLzKPPXfDvHl0X31gy6Fj3rxCJQT3tlsvMBjAeDgFFgkZ5Cw71w4gWn2m+hwqAfvnxyEIWzt3DWxxIlQg8o+TX2DnXCfuP151PIxFMmLlsw1vth66yXQkiBm1ftYn+RB
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DB6PR0601MB2197;
x-microsoft-antispam-prvs: <DB6PR0601MB2197109C099CA70274900FDAFC0E0@DB6PR0601MB2197.eurprd06.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(32856632585715)(68173958961439)(192374486261705)(95692535739014)(260087099026482);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026); SRVR:DB6PR0601MB2197; BCL:0; PCL:0; RULEID:; SRVR:DB6PR0601MB2197;
x-forefront-prvs: 00159D1518
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(979002)(7916002)(24454002)(199003)(377454003)(189002)(189998001)(68736007)(122556002)(74316002)(7846002)(10400500002)(81166006)(5003600100003)(5001770100001)(7696003)(81156014)(3900700001)(97736004)(9686002)(8666005)(11100500001)(5002640100001)(8936002)(15650500001)(7736002)(8676002)(3280700002)(19580395003)(19580405001)(76576001)(54356999)(33656002)(77096005)(106356001)(3846002)(87936001)(2900100001)(50986999)(105586002)(6116002)(16236675004)(66066001)(2906002)(4326007)(586003)(3660700001)(86362001)(102836003)(106116001)(5890100001)(101416001)(92566002)(35304002)(7059030)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1102; SCL:1; SRVR:DB6PR0601MB2197; H:DB6PR0601MB2198.eurprd06.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: tridonic.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_DB6PR0601MB2198E19E171D31AC00A9EDAAFC0E0DB6PR0601MB2198_"
MIME-Version: 1.0
X-OriginatorOrg: tridonic.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Jul 2016 16:28:01.5146 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 8b206608-a593-4ace-a4b6-ef1fc83c9169
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0601MB2197
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/ZqVayqlb8y35mBi48_2Vcx5DQ8g>
Cc: Stephen Farrell <stephen.farrell@cs.tcd.ie>, Michael StJohns <mstjohns@comcast.net>, Rene Struik <rstruik.ext@gmail.com>, "ace@ietf.org" <ace@ietf.org>
Subject: Re: [Ace] Adoption of Low Latency Group Communication Security Work in ACE
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Jul 2016 16:28:10 -0000
Hi Eliot, If you read the document, we introduce a scope in the AT-KDC and AT-R token which specifies what resources are accessible via the knowledge of the group key. The architecture ensures that the group key can only be used for authorized resources. This allows us to only use the group key to control light intensity resource and nothing else. Even on the luminaire, the group key cannot be used to access other information such as commissioning data. Abhinav Sent from my Windows Phone ________________________________ From: Eliot Lear<mailto:lear@cisco.com> Sent: 26/07/2016 17:59 To: Kathleen Moriarty<mailto:kathleen.moriarty.ietf@gmail.com>; Kumar, Sandeep<mailto:sandeep.kumar@philips.com> Cc: Somaraju Abhinav<mailto:abhinav.somaraju@tridonic.com>; ace@ietf.org<mailto:ace@ietf.org>; Rene Struik<mailto:rstruik.ext@gmail.com>; Michael StJohns<mailto:mstjohns@comcast.net>; Stephen Farrell<mailto:stephen.farrell@cs.tcd.ie> Subject: Re: [Ace] Adoption of Low Latency Group Communication Security Work in ACE Hi Kathleen, On 7/26/16 4:52 PM, Kathleen Moriarty wrote: What is the bigger threat model? Lights turning on/off in large buildings could result in increased energy costs. Lights turning on/off could result in safety issues (they could be extreme). It's also a matter of changing colors, misappropriation of sensors, and perhaps more important: expropriation of the lighting systems to attack other systems. Thus the concern over transitory trust, especially should these systems have multiple functions. Eliot ________________________________________________________ The contents of this e-mail and any attachments are confidential to the intended recipient. They may not be disclosed to or used by or copied in any way by anyone other than the intended recipient. If this e-mail is received in error, please immediately notify the sender and delete the e-mail and attached documents. Please note that neither the sender nor the sender's company accept any responsibility for viruses and it is your responsibility to scan or otherwise check this e-mail and any attachments.
- Re: [Ace] Adoption of Low Latency Group Communica… Rene Struik
- Re: [Ace] Adoption of Low Latency Group Communica… Kumar, Sandeep
- Re: [Ace] Adoption of Low Latency Group Communica… Michael StJohns
- Re: [Ace] Adoption of Low Latency Group Communica… Kumar, Sandeep
- Re: [Ace] Adoption of Low Latency Group Communica… Stephen Farrell
- Re: [Ace] Adoption of Low Latency Group Communica… Eliot Lear
- Re: [Ace] Adoption of Low Latency Group Communica… Michael StJohns
- Re: [Ace] Adoption of Low Latency Group Communica… Somaraju Abhinav
- Re: [Ace] Adoption of Low Latency Group Communica… Somaraju Abhinav
- Re: [Ace] Adoption of Low Latency Group Communica… Michael StJohns
- Re: [Ace] Adoption of Low Latency Group Communica… Somaraju Abhinav
- Re: [Ace] Adoption of Low Latency Group Communica… Somaraju Abhinav
- Re: [Ace] Adoption of Low Latency Group Communica… Derek Atkins
- Re: [Ace] Adoption of Low Latency Group Communica… Jim Schaad
- Re: [Ace] Adoption of Low Latency Group Communica… Ludwig Seitz
- Re: [Ace] Adoption of Low Latency Group Communica… Michael StJohns
- Re: [Ace] Adoption of Low Latency Group Communica… Eliot Lear
- Re: [Ace] Adoption of Low Latency Group Communica… Michael StJohns
- Re: [Ace] Adoption of Low Latency Group Communica… Michael Richardson
- Re: [Ace] Adoption of Low Latency Group Communica… Michael Richardson
- Re: [Ace] Adoption of Low Latency Group Communica… Hannes Tschofenig
- Re: [Ace] Adoption of Low Latency Group Communica… Thomas Hardjono
- Re: [Ace] Adoption of Low Latency Group Communica… Kumar, Sandeep
- Re: [Ace] Adoption of Low Latency Group Communica… Rahman, Akbar
- Re: [Ace] Adoption of Low Latency Group Communica… Smith, Ned
- [Ace] Adoption of Low Latency Group Communication… Hannes Tschofenig
- Re: [Ace] Adoption of Low Latency Group Communica… Michael StJohns
- Re: [Ace] Adoption of Low Latency Group Communica… Robert Cragie
- Re: [Ace] Adoption of Low Latency Group Communica… Michael StJohns
- Re: [Ace] Adoption of Low Latency Group Communica… Eliot Lear
- Re: [Ace] Adoption of Low Latency Group Communica… Grunwald, Markus
- Re: [Ace] Adoption of Low Latency Group Communica… Robert Cragie
- Re: [Ace] Adoption of Low Latency Group Communica… Garcia Morchon O, Oscar
- Re: [Ace] Adoption of Low Latency Group Communica… Kathleen Moriarty
- Re: [Ace] Adoption of Low Latency Group Communica… Eliot Lear
- Re: [Ace] Adoption of Low Latency Group Communica… Somaraju Abhinav
- Re: [Ace] Adoption of Low Latency Group Communica… Michael StJohns
- Re: [Ace] Adoption of Low Latency Group Communica… Kathleen Moriarty
- Re: [Ace] Adoption of Low Latency Group Communica… Eliot Lear
- Re: [Ace] Adoption of Low Latency Group Communica… Kathleen Moriarty
- Re: [Ace] Adoption of Low Latency Group Communica… Kathleen Moriarty
- Re: [Ace] Adoption of Low Latency Group Communica… Somaraju Abhinav
- Re: [Ace] Adoption of Low Latency Group Communica… Michael StJohns
- Re: [Ace] Adoption of Low Latency Group Communica… Carsten Bormann
- Re: [Ace] Adoption of Low Latency Group Communica… Ludwig Seitz