Re: [Ace] EDHOC standardization

Göran Selander <goran.selander@ericsson.com> Sun, 04 November 2018 16:00 UTC

Return-Path: <goran.selander@ericsson.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B39AE130DCF for <ace@ietfa.amsl.com>; Sun, 4 Nov 2018 08:00:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.791
X-Spam-Level:
X-Spam-Status: No, score=-3.791 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.47, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_EXCESS_BASE64=0.979, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com header.b=QC/8BBc3; dkim=pass (1024-bit key) header.d=ericsson.com header.b=DwI4d+5m
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7end_l0SxFXo for <ace@ietfa.amsl.com>; Sun, 4 Nov 2018 08:00:41 -0800 (PST)
Received: from sessmg23.ericsson.net (sessmg23.ericsson.net [193.180.251.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 80994127332 for <ace@ietf.org>; Sun, 4 Nov 2018 08:00:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/simple; q=dns/txt; i=@ericsson.com; t=1541347239; x=1543939239; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=1dF/bkvCz41n3Z9e7PEriThIWo2lqwm+lIpBx90ARSk=; b=QC/8BBc3pP+sDx4mM/ugvZ1yu2nfZvXnSbwKHGz6TFkDhSvUpMoDFxNCYw/q6Lc3 zYI8NWy9DRxUrS+Jos2XCYPDzIok2E7w2aUtZRUPPo2CD4SCFlJkZ+AvWe6mw4dd kmDIILBKil6SvrwvBzSM/GpPciBDOVZf1CttUu92oKE=;
X-AuditID: c1b4fb2d-887c49e00000434d-8b-5bdf17a7d4f8
Received: from ESESSMB501.ericsson.se (Unknown_Domain [153.88.183.119]) by sessmg23.ericsson.net (Symantec Mail Security) with SMTP id D9.3F.17229.7A71FDB5; Sun, 4 Nov 2018 17:00:39 +0100 (CET)
Received: from ESESBMB505.ericsson.se (153.88.183.172) by ESESSMB501.ericsson.se (153.88.183.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Sun, 4 Nov 2018 17:00:37 +0100
Received: from EUR02-AM5-obe.outbound.protection.outlook.com (153.88.183.157) by ESESBMB505.ericsson.se (153.88.183.172) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3 via Frontend Transport; Sun, 4 Nov 2018 17:00:37 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1dF/bkvCz41n3Z9e7PEriThIWo2lqwm+lIpBx90ARSk=; b=DwI4d+5m+3ksY3i/B2GNCSVk0YzQab28tcERoho4kImXz3f4XdioP1Yr6Xr1dSuT13UHRoakLFdUTUIrx3SVeiqOowM8mA0Rsk5MdvR0RYS4W0crKdYYPAnVamCzBJ7DesFrfqht5lP6y4QdXlTDDH+RHIvqbEw8lPLkJUl0DMg=
Received: from VI1PR07MB4832.eurprd07.prod.outlook.com (20.178.8.146) by VI1PR07MB5039.eurprd07.prod.outlook.com (20.177.203.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1294.15; Sun, 4 Nov 2018 16:00:36 +0000
Received: from VI1PR07MB4832.eurprd07.prod.outlook.com ([fe80::65ef:8cb3:711d:3580]) by VI1PR07MB4832.eurprd07.prod.outlook.com ([fe80::65ef:8cb3:711d:3580%3]) with mapi id 15.20.1294.021; Sun, 4 Nov 2018 16:00:35 +0000
From: =?utf-8?B?R8O2cmFuIFNlbGFuZGVy?= <goran.selander@ericsson.com>
To: Benjamin Kaduk <kaduk@mit.edu>, Michael Richardson <mcr+ietf@sandelman.ca>
CC: "ace@ietf.org" <ace@ietf.org>, John Mattsson <john.mattsson@ericsson.com>, =?utf-8?B?U2FsdmFkb3IgUMOpcmV6?= <salvador.p.f@um.es>
Thread-Topic: [Ace] EDHOC standardization
Thread-Index: AQHUcqfzc6iiUOECiUamNJ4vyfghj6U9F/6AgAETDICAAhQIAA==
Date: Sun, 4 Nov 2018 16:00:35 +0000
Message-ID: <F8E2BCB3-BFD5-438B-81C6-003A21F41860@ericsson.com>
References: <379B1A31-1F7E-43A6-A518-4398570CBBC7@ericsson.com> <16572.1541199115@dooku.sandelman.ca> <20181103151621.GH54966@kduck.kaduk.org>
In-Reply-To: <20181103151621.GH54966@kduck.kaduk.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.12.0.181014
x-originating-ip: [2001:67c:1232:144:49a8:1dea:d17d:7b2c]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; VI1PR07MB5039; 6:mx9G6oIkJFQqfnR6GPrB/FnuvCmBKKaieasYw6uExv+9Hy5wHqe0YQlpZSdINS6wa2SJTFxiIYxlsluTV4BqLI6CaTKdVM4Af/UfQSJlj4gFx2HE4cUS9UqIvuLRtyF5Vf8jlremFU1XKMk/dS0nvNK1uPRMfb0/ppZ50PSXSK2A1+Xd0l5YLKbm5KSsLTywwIa9+3tizwWK/bC5XH6m/Q0WZyF79y1RNGKug6nLHUpXh8HX/APBn3i2FSqz+CEyy4s2yXV1VnNVbhVsWhM/57kKZTgpgZnkoyvzKAxAyuCAwTmVzYOgn6TNHbHM7Yx8ZrYwXRPQqj0RvzvT0X+zPwufxtlo9FsXByatqfY4QMnsf3TgEpPKIMHX6KognjfQchgCdauSCs3H+u82DztLcGtrn4B85JsbH+yhMgvr8Hi1kt1HvuBWRyQpH+88cuwOaYg6JeqZYqHVPYEyF0m7jA==; 5:EOlAaF9nNBF2Be2LCjUAeJzMorb+VOgjkmCI/g8FhAvGadsLzw4YPZ+RbxiJ/GwSZlnrDQOQSM8l1exD4pqCQj1mcxFytpCkX4ZOtSQp0PoA7/5DSZQDaY0/3LolHqMGAKSrOWiWUt3GAYI7+KWcdA0J0cg68W/A4C1zcQztnzQ=; 7:L4iPUoQfD+Sx23t6GrZv3Vt6kgbBpEJ2qd3xE2hwQMHrE0PuIb/IE3KSoT6F7D4XsWlhnBb2N+L5S20Aq7jXVL79h0otMtr3L4+Sk3CrCj4iQyv4j8nVOaGM0YnWvEoZE9Qn7QcgATYa0IsqXvSiFg==
x-ms-exchange-antispam-srfa-diagnostics: SOS;SOR;
x-forefront-antispam-report: SFV:SKI; SCL:-1; SFV:NSPM; SFS:(10009020)(376002)(346002)(136003)(39860400002)(366004)(396003)(199004)(189003)(71190400001)(8676002)(2616005)(102836004)(476003)(6436002)(6512007)(86362001)(25786009)(110136005)(54906003)(11346002)(33656002)(2171002)(478600001)(76176011)(85182001)(186003)(36756003)(53936002)(446003)(81156014)(81166006)(6116002)(97736004)(4326008)(58126008)(486006)(316002)(2906002)(6486002)(105586002)(7736002)(305945005)(256004)(5660300001)(8936002)(46003)(106356001)(14454004)(71200400001)(82746002)(6246003)(85202003)(68736007)(99286004)(561944003)(6506007)(83716004)(229853002)(2900100001); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR07MB5039; H:VI1PR07MB4832.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
x-ms-office365-filtering-correlation-id: a36ef8a5-40d2-4ef4-789c-08d6426ea869
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(5600074)(711020)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(7193020); SRVR:VI1PR07MB5039;
x-ms-traffictypediagnostic: VI1PR07MB5039:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=goran.selander@ericsson.com;
x-microsoft-antispam-prvs: <VI1PR07MB5039A61F9FD93D8518D73DBEF4C90@VI1PR07MB5039.eurprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(240460790083961)(248295561703944)(37575265505322);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3231382)(944501410)(52105095)(3002001)(10201501046)(93006095)(93001095)(148016)(149066)(150057)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123560045)(20161123564045)(20161123558120)(201708071742011)(7699051)(76991095); SRVR:VI1PR07MB5039; BCL:0; PCL:0; RULEID:; SRVR:VI1PR07MB5039;
x-forefront-prvs: 084674B2CF
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: SCJQheekm1AJyijGlVvuCSlhnqtWrCWumENrfQQIGmc252T2ohTTNn8vL3+jHNTkH4GIcfN6a4haf2rRhR22ViVloDmI2VHkkzHy0gwf9UsWRiQMkAqv+9Ee7xBn4EdOAA3l9Jx+Yzty62d7C7mu92HMpGe8po4lgtTMarPQ4REKd7ETLOvqEMYi61lQAQfw60BlDotVVgJZQja3oWI0W/GXZXiHKf2Wp9kCdWHYYOzM5ncbGK0IR/LxsSpyJgPwxaK0u8pAGCEmM//KEGKMuKEIHhsd7qo4pxA3S2tL0cDd32Z4Cqp+z8osShfu58O0LqqCdnqeKBEyV80GS1/N01mAQbdWD5i4dQnIrn76h2g=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <0097812D3F16734CA909582D6E289A01@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: a36ef8a5-40d2-4ef4-789c-08d6426ea869
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Nov 2018 16:00:35.7993 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB5039
X-OriginatorOrg: ericsson.com
X-Brightmail-Tracker: H4sIAAAAAAAAA01Sa0hTYRjuO+fs7DhafC7NF0PQ0cWkOS9lGpKZSiO6gkQomCMPuryyY5bS j6FmppYrDdmKtNS0GYWWJbbIS+UtlG4mQulUUpMuGmrirZ2dBf173ud53+d93o+PIWV3Ra6M JiWd1aaok+S0hDKceHpWUeMyFO1jsmwNnJ8rIgNr6g1EYFFbsTgwx/RRvJdSVVUtEKrsN69I Ve5NM6nqncyjjlJRkuA4NkmTwWqVe2IlCb8uDNNpS47n6lqKaR1qcSxADgzgHfC5fYAqQBJG hl8iWK6sFgnFLIIPfd2kUFQS0LBqRHxBYT0JpXk37cpVAgxv/9gNLAhyuj+JeGcah8OwboTg sRM+DK39owTfROI8BJ2PyiheWI89ob6gUSw0bYPrE9P2gX3QZxy38RTeBM+bSqzrGEaKQ6C9 1ktYdg3B9MAyyfc44J3weq6D5jHCG2C++77Nh8QuMDhWTginYqgy95ECdobJ0RVbUGeshIqe MjsfBA36QUrAbvCuvNB2M+B+GrpKdXYjX+i494IUhGwaJsqHRXw6wIegf3azwHcg0H1dIATe C2737xLCxUD2Ax0t+CSC5coArUf+xv+yGq0TpPUtHjYrBVoFY71mQsAeUFpoEfNYih2hyzBG VSCRCTlzLMclx/v5e7NazSmOS03xTmHTG5D197Q+XlQ0obqp0DaEGSRfK1U4DkXLROoMLjO5 DQFDyp2kWy5/iZZJ49SZWaw29aT2TBLLtaGNDCV3kXqbzFEyHK9OZxNZNo3V/lMJxsFVh3bX 6Xo8wlIXv3c0G3JHfXQ+noULxxv7PLOqA1Yu4R5MWQI8umqrOPeRb7HHZuNj/BTl+nUTXGi+ xcNoGiZPPzsg3a9fUxPh+jvivXvzamSwxqy6kR82EyT2n1lSRx650znvUqM8+LN3ISd8e8gT r5LEW+SP827yCePUeGvzxSU5xSWofb1ILaf+Czzmj645AwAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/ikhnpJjMo4uGNVmspLUSYcbqUdc>
Subject: Re: [Ace] EDHOC standardization
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 04 Nov 2018 16:00:44 -0000

Hi Ben,

On 2018-11-03, 22:16, "Ace on behalf of Benjamin Kaduk" <ace-bounces@ietf.org on behalf of kaduk@mit.edu> wrote:

    On Sat, Nov 03, 2018 at 05:51:55AM +0700, Michael Richardson wrote:
    > 
    > John Mattsson <john.mattsson@ericsson.com> wrote:
    >     > of negotiation is still needed. The current plan for the next version
    >     > is to introduce cipher suites and to let the cipher suite with value 0
    >     > indicate that algorithms have been negotiated out-of-band.
    > 
    > I agree with the idea that some common default should be very easy to
    > refer to, but I don't like the idea that the gateway has to remember what
    > the out-of-band "default" is on a per-device basis.  I would say that we need
    > at least 0/1, so that we can say that it's the current vs the "new" default.
    > 
    > If you consider the case where the sensor is on very low bandwidth
    > connection (I would say LoRaWAN, but I am not well qualified in that space).
    > The sensor gets visited every two or three years by a technician (if only to
    > make sure that the sensor is still where it is supposed to be).  While there
    > new firmware updates are applied, and as a result the algorithm defaults are
    > updated.  During the cycle, some devices are updated and some are still old.
    
    Are you proposing that the management of the 0/1-to-algorithm mapping be
    managed on a per-deployment basis or by the IETF?
    
Michael may give his view, but the authors' proposal is to have a IANA register enumerating ciphersuites, and where value 0 is reserved for "pre-established ciphersuite". 

BR
Göran