[Ace] draft-ietf-ace-key-groupcomm-oscore

Jim Schaad <ietf@augustcellars.com> Wed, 03 April 2019 12:42 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id A571B120091; Wed, 3 Apr 2019 05:42:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.794
X-Spam-Status: No, score=-0.794 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, LOCALPART_IN_SUBJECT=1.107, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id oaeoJRiByD5Y; Wed, 3 Apr 2019 05:42:10 -0700 (PDT)
Received: from mail2.augustcellars.com (augustcellars.com []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7CDA71201B3; Wed, 3 Apr 2019 05:42:09 -0700 (PDT)
Received: from Jude ( by mail2.augustcellars.com ( with Microsoft SMTP Server (TLS) id 15.0.1395.4; Wed, 3 Apr 2019 05:42:03 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: <draft-ietf-ace-key-groupcomm-oscore@ietf.org>
CC: <ace@ietf.org>
Date: Wed, 3 Apr 2019 05:42:00 -0700
Message-ID: <029f01d4ea1a$a39e5920$eadb0b60$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AdTpuJsCmhoawGh3SlKBib5FzzT6Lg==
Content-Language: en-us
X-Originating-IP: []
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/cZ-xr8KR6l-sKghcgMbuc-BZsDE>
Subject: [Ace] draft-ietf-ace-key-groupcomm-oscore
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Apr 2019 12:42:12 -0000

I was wandering through the document with a view to implementing and have
the following questions:

1.  Abstract: From the first paragraph I am not sure if the group
communications or the communications to the KDC are secured with OSCORE.

2.  Section 3.1 - "requester" seems to be an odd name for "sender" or

3. Section 3.1 - I am trying to figure out why a Gid would be a reasonable
value for the scope.  This means that the AS is going to be the one to
assign the Gid value in many cases as it needs to check the scope value
there.  Is that going to be a common case?  I.e. Are Gids going to be
assigned by administrators?

4. Section 3.1 - Is the form in Appendix C of the Gid in some respect
mandatory?  If it is not, then how does a receiver of a message distinguish
between two different groups that are using the same multicast address?  Is
that going to be a non-supported case?  The most common case of this would
be having two different groups on the default CoAP multicast address talking
to RDs with different permissions at the RD to see things.

5. Section 4.1 - I can understand things relative to the key_info blob that
is being returned.  I am not sure that I think that this is being defined
correctly however.  It makes more sense to me to have the following:
key_info = [ sign_alg: COSE_Algorithm, ?sign_parameters : map,
?key_parameters: map ] where the two maps are filled in from the required
fixed parameters from the two COSE registries.  This would end up with
something like the following as a potential value   [ sign_alg: ECDSA,
key_parameters: {'kty':'EC2', 'crv': 'P256'}]

6. Section 4.1.1 - why is the key info parameter format application
specific?  I would have assumed that it was the same as in the previous

7.  Section 4.2 - for 'client_cred', I am unsure what the client is supposed
to do if the joining node does not know the countersignature algorithm.  Can
the include public key not be in a consistent format?  What does consistent
format even mean?

8. Section 4.3 - I don't understand why the GM is accepting the join request
if the client_cred passed in was not in the correct format.  Is this a typo?

9.  Section 6 - I don't know that the third bullet is in the list of cases
where the client_cred parameter is not required.

10.  Section 6 - What is the POP method for the fourth bullet method?

11. Section 6 - What happens if any of first three bullets is true, but the
cached key does not match the required key parameters for the signing
algorithm.  In some of these cases there is no check that any signature
algorithm parameters that might exist are going to be checked and enforced.

12.  Section 7 - This text implies to me that all users of a group key need
to be able to act as servers and have a fixed port number which was supplied
some how to the GM so that it can be notified.   This could be done by
keeping up the DTLS session, but that is still a little bit tricky and would
not work for OSCORE based messages.  This text might want to point to the
section in the ietf-ace-key-groupcomm that deals with this and require that
the query or subscribe methods be supported.  Although both of those suffer
from the lack of hard break on the part of publishers.