IETF Logo Mail Archive

Re: [Ace] 4. Security modes (Re: Open Issues)

Ludwig Seitz <ludwig@sics.se> Mon, 20 January 2014 15:09 UTC

Return-Path: <ludwig@sics.se>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E7C301A0173 for <ace@ietfa.amsl.com>; Mon, 20 Jan 2014 07:09:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.615
X-Spam-Level:
X-Spam-Status: No, score=0.615 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HELO_EQ_SE=0.35, RP_MATCHES_RCVD=-0.535] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CSxQCUoU0FAC for <ace@ietfa.amsl.com>; Mon, 20 Jan 2014 07:09:06 -0800 (PST)
Received: from fsmsg2.sics.se (fsmsg2.sics.se [IPv6:2001:6b0:3a:1:250:56ff:fea9:52ad]) by ietfa.amsl.com (Postfix) with ESMTP id 50A881A0171 for <ace@ietf.org>; Mon, 20 Jan 2014 07:09:06 -0800 (PST)
Received: from pps.filterd (fsmsg2 [127.0.0.1]) by fsmsg2.sics.se (8.14.5/8.14.5) with SMTP id s0KF5g4S020335 for <ace@ietf.org>; Mon, 20 Jan 2014 16:09:05 +0100
Received: from letter.sics.se (letter.sics.se [193.10.64.6]) by fsmsg2.sics.se with ESMTP id 1hh3320e7a-1 for <ace@ietf.org>; Mon, 20 Jan 2014 16:09:04 +0100
Received: from [10.101.1.17] (sjombord-3.ictservices.se [188.121.67.51]) (Authenticated sender: ludwig@sics.se) by letter.sics.se (Postfix) with ESMTPSA id 72D9640119 for <ace@ietf.org>; Mon, 20 Jan 2014 16:09:04 +0100 (CET)
Message-ID: <52DD3C0F.1030506@sics.se>
Date: Mon, 20 Jan 2014 16:09:03 +0100
From: Ludwig Seitz <ludwig@sics.se>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: ace@ietf.org
References: <52D7FA4C.701@tzi.de> <52D7FF29.70103@sics.se> <52D80D48.3090805@tzi.de> <ED142857-F784-4292-8DBB-AF09BE9E0F32@tzi.org>
In-Reply-To: <ED142857-F784-4292-8DBB-AF09BE9E0F32@tzi.org>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha1"; boundary="------------ms000801020406020109040000"
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.11.87, 1.0.14, 0.0.0000 definitions=2014-01-20_01:2014-01-20, 2014-01-20, 1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=1 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1305240000 definitions=main-1401200080
Subject: Re: [Ace] 4. Security modes (Re: Open Issues)
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jan 2014 15:09:11 -0000

On 01/17/2014 09:48 AM, Carsten Bormann wrote:
> On 16 Jan 2014, at 17:48, Stefanie Gerdes <gerdes@tzi.de> wrote:
>
>>>> 4. Security modes for CoAP
>>>> (http://www.ietf.org/mail-archive/web/ace/current/msg00104.html). Is it
>>>> in the scope of ACE to define security modes for CoAP?
>>>
>>> I'm obviously biased here, since it's the title of my draft. My main
>>> argument for including this is that the security modes are the first
>>> authorization step. What you do is to authorize the client to establish
>>> a DTLS connection in the first place.
>>>
>>
>> I think it is interesting to think about the various possible solutions
>> for authenticating the authorization information such as symmetric and
>> asymmetric key approaches or even object security. I am not sure,
>> however, if we need new security modes for CoAP for that. Don't we just
>> need to define how we use the existing ones?
>
> I think that’s mostly a matter of “semantics” (understanding of terms).
>
> Some people read the section 9 about security modes in the CoAP spec and
> derive a very literal understanding of what these security modes are.
 > Some others read them as building blocks.  The first group would think
 > they are defining new security modes when the second group thinks they
 > are applying the existing security modes in scenarios that are more
 > complex than those used to explain the modes in the spec.
>[...] draft-seitz-core-security-modes adds some ways to use them and
 > calls them additional CoAP modes.  This terminology may confuse some
 > who think we are extending TLS with fundamentally new cipher suites.
 > It may also be more useful to define the entire authorization protocol
 > instead of just the “CoAP mode” aspect of it.

Carsten, I am fine renaming the draft to something like "usage profile 
for CoAP security modes" if you think that can help to avoid confusion. 
The bigger question is: Is this work that people consider useful within 
ACE (I'm obviously biased here)?

I'm also all in favour of defining the entire authorization protocol, 
but the question is: do we want to cram everything into one draft?

The advantage I see with having draft-seitz-core-security-modes separate
is that it allows you to implement a very coarse grain access control 
(at the level of "who can initiate a DTLS connection with this 
device?"). I suspect this would be enough for a relevant number of 
applications, that don't need to implement more sophisticated access 
control.

/Ludwig

-- 
Ludwig Seitz, PhD
SICS Swedish ICT AB
Ideon Science Park
Building Beta 2
Scheelevägen 17
SE-223 70 Lund

Phone +46(0)70-349 92 51
http://www.sics.se

v2.23.0 | Report a Bug | By Email