Re: [Ace] New Version Notification for draft-navas-ace-secure-time-synchronization-00.txt

Ludwig Seitz <ludwig@sics.se> Tue, 01 November 2016 06:45 UTC

Return-Path: <ludwig@sics.se>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E269812952D for <ace@ietfa.amsl.com>; Mon, 31 Oct 2016 23:45:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sics.se
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0Q-foWqRqwhV for <ace@ietfa.amsl.com>; Mon, 31 Oct 2016 23:45:39 -0700 (PDT)
Received: from mail-lf0-x22e.google.com (mail-lf0-x22e.google.com [IPv6:2a00:1450:4010:c07::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D78E0126CD8 for <ace@ietf.org>; Mon, 31 Oct 2016 23:45:38 -0700 (PDT)
Received: by mail-lf0-x22e.google.com with SMTP id t196so33290590lff.3 for <ace@ietf.org>; Mon, 31 Oct 2016 23:45:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sics.se; s=google; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to; bh=UbBSYy1+imt2crPdJ4H3X0OMX7hnXFV6aY1e2GdilUU=; b=PEm1ATdjkoRqSTNHY03XgCAwrwnx2VeTzvGUAZcyfuan6xnGyAt7dGEZRGVWy8MQvz TnHVWIgqK7Zv3nFk3QDb5zTZ+CJJ6VK2U6cNTZBCnK32moAmfkb6buK9JHnRj0I0BHry MsfyMb54u2DkMGjkP4JmIO6kURHcm2OZAjQ08rG/DV39gRR3YXofvs5Pst23HCBRMP7v TQLg9JM2W3CkzkYynY3PUTChG2mLqT/L4CuWBGy3MXfjZc+qLMxWhfRfvFkqud96+1nd c9ZQW28sLfIaLqGSKU7YXxUvNrCJ1f5q7hY7Kt2nH3PgtP3z7yJr4CW51KHLOAODKioS dSRw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to; bh=UbBSYy1+imt2crPdJ4H3X0OMX7hnXFV6aY1e2GdilUU=; b=MvMXuwNHJ6RQSSKjew/hiC3bFTTLuAmFwFFY+MRAV0S1C7KrayLoN/zwRJbA9JrL43 qLxPoqTMrE0DErklG0ScT084wanmELzxUX8EpiN0mcB2YacqY555Y7IyFMsUyocreFpR 6ofpo57+Pm8/3pJNLT6obGJF4nsBby/rUZHCEZxRetmOxOeo6fDODtibbsFJNNdS/yba 0Fw9gokdwIf3qVForxd4fPcOYjeyFTUgFf4vvaZq1LBIg1JaE3mFy6cyqgoGOlnsgmFO EmxAtmCGgIH8dzLhLgc9gQCLujjsFWh31nxglyFjhmYB19Lbl5NMmgFsD1kVTvRn15ty b53g==
X-Gm-Message-State: ABUngvcwY1RxgTOedMp9ltXC718B5vGZdYtrphWc6tzzD9PKql+nqpq9PVbqhxUJuyxfiVi2
X-Received: by 10.25.158.75 with SMTP id h72mr20499558lfe.83.1477982736725; Mon, 31 Oct 2016 23:45:36 -0700 (PDT)
Received: from [192.168.0.166] ([85.235.12.155]) by smtp.gmail.com with ESMTPSA id 5sm983632ljf.18.2016.10.31.23.45.35 for <ace@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 31 Oct 2016 23:45:35 -0700 (PDT)
To: ace@ietf.org
References: <CAD2CPUHYGqgzjK7OkC5oc5cSZUKYQP=m=-SuJ1+u20rustCTOw@mail.gmail.com> <a6f70376-ba13-b6ed-4275-7544608655be@alumni.stanford.edu>
From: Ludwig Seitz <ludwig@sics.se>
Message-ID: <e9bfb72e-9283-1ab4-284d-89ae64de0193@sics.se>
Date: Tue, 01 Nov 2016 07:45:35 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <a6f70376-ba13-b6ed-4275-7544608655be@alumni.stanford.edu>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms030306050203070007040809"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/_O0kFYw_PTz8sS6WBPGIgBS04Mw>
Subject: Re: [Ace] New Version Notification for draft-navas-ace-secure-time-synchronization-00.txt
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Nov 2016 06:45:41 -0000

On 2016-11-01 01:41, Randy Presuhn wrote:
> Hi -
>
>
> On 10/31/2016 7:25 AM, Renzo Navas wrote:
> ...
>> The need for a secure source of time is getting clearer on ACE (either
>> that, or mechanisms to assure freshness of each transaction), and we
>> hope that with this protocol we are giving the first step to come up
>> with a constrained-resource friendly solution.
> ...
>
> Along the way to SNMPv3, we learned that a full-blown time
> protocol isn't actually necessary to provide authentication,
> timeliness, replay protection, etc.  See RFC 3414 for details
> on how to get these properties cheaply, both from protocol
> overhead and processing perspectives.
>
> Randy
>

Does your "etc" include expiration of access tokens?

/Ludwig


-- 
Ludwig Seitz, PhD   SICS Swedish ICT AB
Ideon Science Park, Building Beta 2
Scheelevägen 17, SE-223 70 Lund
Phone +46(0)70-349 92 51

The RISE institutes SP, Swedish ICT and Innventia are merging in order 
to create a unified institute sector and become a stronger innovation 
partner for businesses and society. At the end of the year we will 
change our name to RISE. Read more at www.ri.se/en/about-rise