Re: [Ace] Summary of ACE Group Communication Security Discussion

Hannes Tschofenig <hannes.tschofenig@gmx.net> Mon, 26 September 2016 11:11 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E4A2C12B152 for <ace@ietfa.amsl.com>; Mon, 26 Sep 2016 04:11:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.917
X-Spam-Level:
X-Spam-Status: No, score=-4.917 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, RP_MATCHES_RCVD=-2.316, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Cr3Yvf0fGPKb for <ace@ietfa.amsl.com>; Mon, 26 Sep 2016 04:11:16 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.15]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6AC0A12B13B for <Ace@ietf.org>; Mon, 26 Sep 2016 04:11:12 -0700 (PDT)
Received: from [192.168.91.133] ([80.92.122.18]) by mail.gmx.com (mrgmx002) with ESMTPSA (Nemesis) id 0MMBun-1brXHn4Ajl-0082Rx; Mon, 26 Sep 2016 13:11:03 +0200
To: Kepeng Li <kepeng.lkp@alibaba-inc.com>, ace <Ace@ietf.org>
References: <D40F1535.451DD%kepeng.lkp@alibaba-inc.com>
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Message-ID: <1cc7f243-e7f7-6ec5-7140-88c74853dc34@gmx.net>
Date: Mon, 26 Sep 2016 13:11:00 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <D40F1535.451DD%kepeng.lkp@alibaba-inc.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Provags-ID: V03:K0:Ya/HgilGtGzgQ7kn3nec2o3aMY9Mizh28Wmuf61D1UZUv/6yFaf wHxGAB4lG5iGeJW9EFxUqax0GuOE8CmR3rBYg5WMW2F5+bVYl/nEFCIQIVuoabfKUq2iv4E Sy/kYcXXNp6njAFAfp3h/IZ5Z9+pDXz1nVLfh7f2c3+bYTg+tlV1/1Ayzs5UwSBIJb20jHw pNNCCZKxSlKLfI3mme5Eg==
X-UI-Out-Filterresults: notjunk:1;V01:K0:3AVdt/72PDE=:9YAOnXUPwpdoX2IE6mgNVK lGkXWeGf1iL4QbxPdQojcoOzN1Ro4rJcPI3n8ZZvFWIbB4JDLMt6SCQeygzrY81n6pkeiz2Kt lJtkYggx+WQOzux15MOAbgpupUz96n5nnSnb/RZ5JIcMZCveNe6EjRm91H0/parm0w+uyIxyC wAJpr9ohQOgDvGLpEXI9T3fuSCYGk6MycbDmwxf1lcPzzLSuw1UOrR6P+80ORvfT9QIvK2EGm XwVcTapm2Ai2W2qbD4MkGCc1D/AOE/KuZxOWmUrYD0YD/49Ngxw9ympGbrpJvWOAY2Q4oeTUX pFyCbQ3bPSFQCXXeRYjvshU0PS5rENdapjm+yURAy8hvQ7Z/8sJSiCnJqYwNEU6D7NYFNNeWN Fp9kv5ARFUhBsHYug3MXf5shJP9CZ6a362hNow6H/vczvsttLAVsqfl2BBcLxp2buRuvZOp0D ejKmU28B/Gr/KRon2kLYnawy7tM7ojEbYxYoV9btMhrNp5aMBGSDHr88dL3YHVz0g6dPDX0cd ldQRu8NW9NHCDJuSsTpKFwGeuh4yKFtDPu59VHVAB/tTxWXLrwG4X9uUWysR0Ea0bK/TX0xUu QChx4ATqmO67lPgDKcHmsSCayfIB8GhPY+w7Jkk3xRdtVWTWWvPSf+9Wrci4ETEmNJWUidTvx 0x4R6hIDNd2+Qdyhlj0M5lD4JPO5q+AsvFBA2S7wAjxCHUKRCPrByxAjsQhqB77Qyenl+YEKk TsX1A0waVlhpEHG1VIi857zDabMkPaWxM3uh9YvogJDihXj6WCT5VIZw6XR27LHBNH2xZKNE+ D1F8gEl
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/bz_N1LDEatN_AUQy4s2Owe9K7DQ>
Cc: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Subject: Re: [Ace] Summary of ACE Group Communication Security Discussion
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Sep 2016 11:11:18 -0000

I noticed that Eliot also expressed support for the approach presented 
by Abhinav, see 
https://mailarchive.ietf.org/arch/msg/ace/ctCtj9QT0WwBDki7vxgVeYVzFaI

Ciao
Hannes

On 09/26/2016 07:11 PM, Kepeng Li wrote:
> Hi all,
>
>
> We went through all email exchanges again in order to see where we are.
> Abhinav also proposed a way forward in his email to the list,
> see https://www.ietf.org/mail-archive/web/ace/current/msg01961.html,
> where he proposed to standardize a solution based on public key as well
> as symmetric key cryptography.
>
>
> Here is our impression of the views presented by various people.
>
>
> Mike seems to think the only acceptable solution is to use messages
> signed using public key crypto and is strongly against working on a
> symmetric key group communication protocol.
>
>
> Paul Duffy and Michael Richardson are in favor of defining a public key
> crypto solution but it is not clear whether they are against specifying
> a symmetric key solution as well.
>
>
> Walter, Abhinav, Sandeep, Hannes are in favor of working on a symmetric
> key group communication security protocols (as co-authors of the work).
> Oscar Garcia (Philips) is also in favor of the work.
>
>
> In this mail to the list,
> see https://www.ietf.org/mail-archive/web/ace/current/msg01931.html,
> Robert Cragie (ARM) expressed a view that public key crypto is the
> preferred solution but others based on symmetric crypto are still worthy
> of consideration.
>
>
> Markus Grunwald (Osram) also appears to be in favor of the proposed
> approach, see
>
> https://www.ietf.org/mail-archive/web/ace/current/msg01932.html
>
>
>
> Akbar Rahman also seems to be in favor of working on a group
> communication security protocol, see
>
> https://www.ietf.org/mail-archive/web/ace/current/msg01873.html
>
>
>
> Ned Smith also seems to be in favor of working on a group communication
> security protocol, as expressed in his mail to the list:
>
> https://www.ietf.org/mail-archive/web/ace/current/msg01872.html
>
>
>
> The opinion of the following persons in the discussion appear unclear to me:
>
> - Mohit Sethi
>
> - Ludwig Seitz
>
> - Carsten Bormann
>
> - Stephen Farrell
>
> - Jim Schaad (offered clarifications regarding the use of COSE)
>
>
>
> Pascal Urien and Rene Struik provided performance data but they didn't
> appear to have expressed a strong view about the question regarding
> symmetric vs. asymmetric crypto for group communication security.
>
> Derek Atkins offered performance data for public key crypto but refers
> to new techniques (rather than RSA/ECC).
>
>
>
> Please correct us if we are wrong in our interpretation of your mail
> postings.
>
>
>
> Ciao
>
> Hannes & Kepeng
>
>
>
>
> _______________________________________________
> Ace mailing list
> Ace@ietf.org
> https://www.ietf.org/mailman/listinfo/ace
>