IETF Logo Mail Archive

Re: [Ace] multicast

"Beck, Stefan" <S.Beck@osram.com> Thu, 19 October 2017 10:56 UTC

Return-Path: <S.Beck@osram.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A483713321C for <ace@ietfa.amsl.com>; Thu, 19 Oct 2017 03:56:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.021
X-Spam-Level:
X-Spam-Status: No, score=-2.021 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=osram.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aMHQCnbuIkng for <ace@ietfa.amsl.com>; Thu, 19 Oct 2017 03:56:19 -0700 (PDT)
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-db5eur01on0089.outbound.protection.outlook.com [104.47.2.89]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3C45B133221 for <ace@ietf.org>; Thu, 19 Oct 2017 03:56:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Osram.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=bQA89W4iauMTiyLqqU518rMeM5mT9Ut7LwghU1BZQl0=; b=CZDzpC0TONbMJXB4tg8+zwVJ9w25FKqaRCWsNEpbJ7IMxcQP6JVSxP8g88pBwpsGx4md1M0rbnpAbbuvme/XiD4PSm3iQVjOQGp4z2LeA2sjpBSdu0tbgYzbZUWvm2/JvSbr6bKaTynoT2VGThnu63kcHZuaDnxwbktbmNq6HJs=
Received: from VI1PR07MB3328.eurprd07.prod.outlook.com (10.175.244.10) by VI1PR07MB3328.eurprd07.prod.outlook.com (10.175.244.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.77.5; Thu, 19 Oct 2017 10:56:17 +0000
Received: from VI1PR07MB3328.eurprd07.prod.outlook.com ([fe80::5d7d:2995:baf9:4567]) by VI1PR07MB3328.eurprd07.prod.outlook.com ([fe80::5d7d:2995:baf9:4567%13]) with mapi id 15.20.0077.023; Thu, 19 Oct 2017 10:56:16 +0000
From: "Beck, Stefan" <S.Beck@osram.com>
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, "ace@ietf.org" <ace@ietf.org>
Thread-Topic: multicast
Thread-Index: AdNIng8OaAKxM8piQaWt4FllrU9xPQAJf8iA
Date: Thu, 19 Oct 2017 10:56:16 +0000
Message-ID: <VI1PR07MB332865092FF1706CE06ED4E285420@VI1PR07MB3328.eurprd07.prod.outlook.com>
References: <AM4PR0801MB2706A17C5668DA0B2B1D9834FA420@AM4PR0801MB2706.eurprd08.prod.outlook.com>
In-Reply-To: <AM4PR0801MB2706A17C5668DA0B2B1D9834FA420@AM4PR0801MB2706.eurprd08.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [32.66.115.40]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; VI1PR07MB3328; 6:vH195O2xBdgRdvA7Gj4z1Uu/NHmivtcNvfj5ikyN8a0RJlChBIG+DmHrr2bdgpi8jWqHxU0P/4FdfNmpU1cwjsqHeine79Emgzfhia1Kn+GJnX2ufs2ysVXdZ7AGD7t9SIhzsrhhdNUhUAAR9jZ2HVnzMrH2uAcfcSWCl+QmFUToEsdT0dK9JUtlAGjhc0HAxNJmY5VxbQihJzb1rUxnPlncuWuZk0P3Hhpf95u7ZPGwzdsuxMR/WwguR8H328M4++tKhJ2cH30ze4UzBn2D1oTx+f0uIAMEc0QNxQA7/AX71vhtR+wwFPrGe2OQBDIogUxHGP/vbWrWWxsKOiFSbw==; 5:45IBTwVVzBbMbZFjhwCKR13pp9ep3QazyBceEPTLnlVqRxL92vwNlclQU7+38lVsqGwhRGDXCwglneH/nibmS9hg/JX1nupPnVVKh4L0tgXRW2Jy2F13GLhTM5rc3jAxz2mn8fH8pQzAkZZbeMs0cw==; 24:uh3gINCuWjnbQYRCFYcU68zqXpbeClNQNEPjA9TBFVB0z5ahGrrk1/Zwgz0rTIhcVqViNBYYAzxa+WpWw4fv6D+6DEJmo51zNm3yEY/SCNk=; 7:ag4fPctUDHW0zDRC6fbhW3MWMlVR752y5YDuyPLvCzi3bu1bidfzN4TO1wXhLH7CSU+ZUSg6aa5zmbl85bXVoqf1udrnYM0snAT+KQIg2q26T78icEifVU/ahG2VSVH9zRsGaVAY+4TLdPqga2ZPOa4G4GAz61Ze/9DkZGuvHfuOyU4FU4tYcGXbBzMTWpFrA14zpurBaS0y5sVfsqcym5J8XVi8SoNE9puCfslQl74=
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: e164df82-b0e2-490f-320f-08d516e005cf
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254163)(4534011)(4602075)(4627075)(201703031133081)(201702281549075)(2017052603229)(49563074)(201703131423086); SRVR:VI1PR07MB3328;
x-ms-traffictypediagnostic: VI1PR07MB3328:
x-exchange-antispam-report-test: UriScan:(192374486261705);
x-microsoft-antispam-prvs: <VI1PR07MB3328BFBEB9566302240132E985420@VI1PR07MB3328.eurprd07.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(102415395)(6040450)(2401047)(8121501046)(5005006)(100000703101)(100105400095)(10201501046)(93006095)(93001095)(3002001)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123555025)(20161123560025)(20161123558100)(20161123564025)(20161123562025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:VI1PR07MB3328; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:VI1PR07MB3328;
x-forefront-prvs: 0465429B7F
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(346002)(376002)(39860400002)(377454003)(53754006)(51914003)(189002)(199003)(6506006)(99286003)(99936001)(54356999)(53546010)(68736007)(25786009)(110136005)(7696004)(50986999)(6436002)(5660300001)(8936002)(76176999)(7116003)(7736002)(229853002)(305945005)(66066001)(55016002)(221733001)(101416001)(8676002)(3660700001)(6246003)(189998001)(72206003)(97736004)(2950100002)(33656002)(3280700002)(3480700004)(966005)(105586002)(81156014)(3846002)(14454004)(2900100001)(2906002)(74316002)(478600001)(86362001)(81166006)(2501003)(6306002)(9686003)(53936002)(316002)(106356001)(6116002)(5250100002)(102836003); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR07MB3328; H:VI1PR07MB3328.eurprd07.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: osram.com does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=S.Beck@osram.com;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_0406_01D348D9.A55FABD0"
MIME-Version: 1.0
X-OriginatorOrg: Osram.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Oct 2017 10:56:16.7180 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: ec1ca250-c234-4d56-a76b-7dfb9eee0c46
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB3328
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/pW3kD-mq0JUJO5FZq9RhhJpTeEQ>
Subject: Re: [Ace] multicast
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Oct 2017 10:56:24 -0000

Hi Hannes,
Thanks for the warm welcome!

See inline my comments...
Stevie


> From: Ace [mailto:ace-bounces@ietf.org] On Behalf Of Hannes Tschofenig
> Sent: Thursday, October 19, 2017 8:02 AM
> To: ace@ietf.org
> Subject: [Ace] multicast
> 
> Hi all, 
> 
> During the ACE conference call we had a few new participants, namely
Stevie, 
> Piotr and Marius, from the lighting consortium Fairhair attending. 
> Great to see new participants "on-board". 
> 
> Stevie explained that he needs a document that contains a solution using 
> asymmetric and symmetric cryptography, that they intend to use the
> asymmetric solution whenever there is no low latency requirement 
> (and for unicast communication), and only use the symmetric key approach 
> when the low latency requirements demand it. 
> 
> Is this a correct summary? 
[Stevie] Well, slightly different. First, my interest is to separate unicast
from multicast
communication completely. (Use of DTLS, for all unicast communication)
For multicast, my focus is on using asymmetric encryption for
authentication & integrity, and using symmetric encryption for
confidentiality.
I see high chances for reasonable options to achieve this with the given
drafts [1] / [2] / [3],
even supporting the "low-latency" requirements we need, also considering the
main ideas from [4].
Note this is still mostly a "gut feeling" today - as I am still not familiar
enough with all potentially relevant details.
Let me (better: us) give some more days to elaborate on that before starting
broader discussion...

[1] https://tools.ietf.org/html/draft-ietf-ace-dtls-authorize-01
[2] https://tools.ietf.org/html/draft-tiloca-core-multicast-oscoap-03
[3] https://tools.ietf.org/html/draft-tiloca-ace-oscoap-joining-00

[4] https://tools.ietf.org/html/draft-somaraju-ace-multicast-02 

> 
> Ciao
> Hannes
> 
> PS: Stevie also mentioned that he likes
draft-tiloca-ace-oscoap-joining-00.txt 
> but not draft-somaraju-ace-multicast. This was rather surprising since 
> draft-somaraju-ace-multicastwas written by the lighting community (in the 
> OpenAIS project) specifically addressing the low latency requirements of
that 
> community. Stevie, could you explain? 
[Stevie] I did (and still do) support draft-somaraju-ace-multicast, see also
my email to the
list in March [5].
I just think that there should not be two competing drafts, where there is
chance to combine them (especially when there's a chance to improve the
security aspects
within that common approach). I cannot speak for the OpenAIS project, but at
least in
the Fairhair Alliance there is currently common sense to focus on one
approach (i.e. not
attempting to "revive" draft-somaraju-ace-multicast)

[5] https://mailarchive.ietf.org/arch/search/?email_list=ace&q=stevie

v2.23.0 | Report a Bug | By Email