Re: [Ace] Martin Duke's No Objection on draft-ietf-ace-key-groupcomm-17: (with COMMENT)

Marco Tiloca <marco.tiloca@ri.se> Fri, 15 December 2023 17:19 UTC

Message-ID: <a9eea308-e8f9-475a-a312-0bb865595684@ri.se>
Date: Fri, 15 Dec 2023 18:19:10 +0100
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: Martin Duke <martin.h.duke@gmail.com>, The IESG <iesg@ietf.org>
Cc: draft-ietf-ace-key-groupcomm@ietf.org, ace-chairs@ietf.org, ace@ietf.org, mglt.ietf@gmail.com, Francesca Palombini <francesca.palombini@ericsson.com>
References: <170120586760.59520.5336988551693979686@ietfa.amsl.com>
From: Marco Tiloca <marco.tiloca@ri.se>
Autocrypt: addr=marco.tiloca@ri.se; keydata= xsBNBFSNeRUBCAC44iazWzj/PE3TiAlBsaWna0JbdIAJFHB8PLrqthI0ZG7GnCLNR8ZhDz6Z aRDPC4FR3UcMhPgZpJIqa6Zi8yWYCqF7A7QhT7E1WdQR1G0+6xUEd0ZD+QBdf29pQadrVZAt 0G4CkUnq5H+Sm05aw2Cpv3JfsATVaemWmujnMTvZ3dFudCGNdsY6kPSVzMRyedX7ArLXyF+0 Kh1T4WUW6NHfEWltnzkcqRhn2NcZtADsxWrMBgZXkLE/dP67SnyFjWYpz7aNpxxA+mb5WBT+ NrSetJlljT0QOXrXMGh98GLfNnLAl6gJryE6MZazN5oxkJgkAep8SevFXzglj7CAsh4PABEB AAHNNk1hcmNvIFRpbG9jYSAobWFyY28udGlsb2NhQHJpLnNlKSA8bWFyY28udGlsb2NhQHJp LnNlPsLAdwQTAQgAIQUCWkAnkAIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRDuJmS0 DljaQwEvCACJKPJIPGH0oGnLJY4G1I2DgNiyVKt1H4kkc/eT8Bz9OSbAxgZo3Jky382e4Dba ayWrQRFen0aLSFuzbU4BX4O/YRSaIqUO3KwUNO1iTC65OHz0XirGohPUOsc0SEMtpm+4zfYG 7G8p35MK0h9gpwgGMG0j0mZX4RDjuywC88i1VxCwMWGaZRlUrPXkC3nqDDRcPtuEGpncWhAV Qt2ZqeyITv9KCUmDntmXLPe6vEXtOfI9Z3HeqeI8OkGwXpotVobgLa/mVmFj6EALDzj7HC2u tfgxECBJddmcDInrvGgTkZtXEVbyLQuiK20lJmYnmPWN8DXaVVaQ4XP/lXUrzoEzzsBNBFSN eRUBCACWmp+k6LkY4/ey7eA7umYVc22iyVqAEXmywDYzEjewYwRcjTrH/Nx1EqwjIDuW+BBE oMLRZOHCgmjo6HRmWIutcYVCt9ieokultkor9BBoQVPiI+Tp51Op02ifkGcrEQNZi7q3fmOt hFZwZ6NJnUbA2bycaKZ8oClvDCQj6AjEydBPnS73UaEoDsqsGVjZwChfOMg5OyFm90QjpIw8 m0uDVcCzKKfxq3T/z7tyRgucIUe84EzBuuJBESEjK/hF0nR2LDh1ShD29FWrFZSNVVCVu1UY ZLAayf8oKKHHpM+whfjEYO4XsDpV4zQ15A+D15HRiHR6Adf4PDtPM1DCwggjABEBAAHCwF8E GAECAAkFAlSNeRUCGwwACgkQ7iZktA5Y2kPGEwf/WNjTy3z74vLmHycVsFXXoQ8W1+858mRy Ad0a8JYzY3xB7CVtqI3Hy894Qcw4H6G799A1OL9B1EeA8Yj3aOz0NbUyf5GW+iotr3h8+KIC OYZ34/BQaOLzdvDNmRoGHn+NeTzhF7eSeiPKi2jex+NVodhjOVGXw8EhYGkeZLvynHEboiLM 4TbyPbVR9HsdVqKGVTDxKSE3namo3kvtY6syRFIiUz5WzJfYAuqbt6m3TxDEb8sA9pzaLuhm fnJRc12H5NVZEZmE/EkJFTlkP4wnZyOSf/r2/Vd0iHauBwv57cpY6HFFMe7rvK4s7ME5zctO Ely5C6NCu1ZaNtdUuqDSPA==
In-Reply-To: <170120586760.59520.5336988551693979686@ietfa.amsl.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------Xh0FT6Crjg6IQvTdvPAjI0ZZ"
MIME-Version: 1.0
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: ga7QCbpA60POj2XutdApZ62xRXtrFWuZ7OoDp4X+rVqKa04wVlqTLYMmMT5b+vbOD3HRx6A216O+JBeum8y+wvkDD550Q2EH0nIzQCzVuq25xKMjqg58NObkFmFBkXnwqhhCGVeF8J5/wszuScsKm+tzH/mDSjdk6V/PySJ3ciJYa7yoptpToMFE+dAhu/8xETZymH0GY1zeNy72NX7JlRe3bXI3QLgieMI5j463+ybnoWt86e1nxK/dFuzTpZEQ1Tsh2VdglI8PdtsPXqWLTP2P9H2lhdMEjPM/lAp9PQqMbyp62SmdtFxbC3fnCHzW534f2SOv0jZkS9fA4DdzTmnsyIa0ZyR11A1lGLSg/xImQhW9Mp18ScyheEC/nyZ/UPjWxUd966XN4zhnvI2WvoLVQN3ZN6gPYGmAnLfZ0eYvR3xtRzy9Te5esK7G4e1o7+Q+wZDJzjvtuAjKBgqN5tBugumo/40aqgkTiSZH3vTrPIrW/1Y4zBoJu4QryKFFTv224A5g/h9CU279wDFj3ujWcQyHFqQexaQTeIEApAbSijD9eZNxePRe8OR/SuAS8Kh6dZ7nl4UkRcpKlSA5b1zn37S36QI/RI1u3PLMGAOAFNUXrytjmaFaF5GI63dscUNzGwt8wzZ0EwjxqK5GBHgZtjkC4dCuFYhPqzseYO5GiacMY6U6v9Ew5Y9BAtjbOxCbfX3bY1N++eWQbSqPBNPzD9/jG+ALbHBVXk+X08cyd8vABUXM1+UKk19liNN0huyhGvCoYf2CB9bzAFeTOZ6dzgnN3PYavaniDFhrzpkNfpmxpEqJJNIzXRANyJuRwAwy37xOQITTIPDFeyLPs2iF8cCnl0hoaGaGI/WmxqaWqdtcupsTa8L90WeMYvJO7tpH6QlHRHSsYM0wJpfI/r7PBv5tyrDF7HAGHDgvX8V93Q0zeDcwDvOoXfm6XU2ggiezZjioc2VmK23UNnGTfA74cT4goAs+i3t9vikTp9nKI6MjuBpSleQREC+2sIueCcG7Gi53t2Kgrmw9b+u1pPZfqvLiKK7nqqUeu0NaUmMDrWQd9dCmjFuJ4dV7hh88BXxWsA4T8p45wzRO3Es1O7MINIdzzM2mvGTIRkUrR38j22HzW1R6mdFfMkkt+54obO769s/O0Xa+mkbwTFyedGL6oDeNWJGwnTL7+jgIbo5rhPinmKXepLIXAYfKciSVTsbI5Uq95KpQJpPvVGdcW8g6xuF6y5I5KM93HUYwcsUFHWGRd4ydmwabLNKj4bwaMhz0zLAZpAOH7Fu4J0s5rSuJ4AQ9tykfevbB27w5ZlXysZQKUZc6rsX3csXI31tzZYUQQt05gS8kd7DarLku6a29TLIVG8QZeVh8xGdDPgTRb076E1xGx93SEwyICZ4tvQSe+l2yH6AVH+QKrBvQM1oVp21oIPa4OWNH/Zl5JkBhe3LQVwGaLjBPxINEXgyNreXjHlC8eaQWbJNPehUZ6fNfAVZr2RIMqdIw51uZ9DlhqYul6PkTlR93IgfwXLFzblXno7n6dljpx9Zs69O4ZtBEBDlQxTaW3sgx4PhD2zWh3MXwQXGVMsJXROeBPJac
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-Network-Message-Id: b50e19a5-1301-4984-d4d7-08dbfd91f4f3
X-MS-Exchange-CrossTenant-AuthSource: GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Dec 2023 17:19:12.6077 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: x8fICwzHO6YsHACJY0IBrRB8r9K932nRzLgm1Ug3Wt7JWdIrxCLDucNHWk6G4kXlw4vEN60WJ378A3d0AmAYGQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV3P280MB0001
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/paVDeD7EAO_pquAE1V_o1fv9sWA>
Subject: Re: [Ace] Martin Duke's No Objection on draft-ietf-ace-key-groupcomm-17: (with COMMENT)
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Dec 2023 17:19:21 -0000

Hello Martin,

Thanks a lot for your review! Please find in line below our detailed 
replies to your comments.

A Github PR where we have addressed your comments is available at [PR].

Unless any concern is raised, we plan to soon merge this PR (and the 
other ones related to other received reviews), and to submit the result 
as version -18 of the document.

Thanks,
/Marco

[PR] https://github.com/ace-wg/ace-key-groupcomm/pull/164

On 2023-11-28 22:11, Martin Duke via Datatracker wrote:
> Martin Duke has entered the following ballot position for
> draft-ietf-ace-key-groupcomm-17: No Objection
>
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
>
>
> Please refer tohttps://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fabout%2Fgroups%2Fiesg%2Fstatements%2Fhandling-ballot-positions%2F&data=05%7C01%7Cmarco.tiloca%40ri.se%7C1359a87ce9cd413ae9a308dbf0568b50%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638368026718160171%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=J16AYuoNBuMg4tBidZr9DvGOfnY97NBL6wrdFnjdo5o%3D&reserved=0  
> for more information about how to handle DISCUSS and COMMENT positions.
>
>
> The document, along with other ballot positions, can be found here:
> https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-ace-key-groupcomm%2F&data=05%7C01%7Cmarco.tiloca%40ri.se%7C1359a87ce9cd413ae9a308dbf0568b50%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638368026718168118%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=HatfmpKO8zy%2Fqwc2sNS9wIBHOo6xd15YgpKXqcQWvdA%3D&reserved=0
>
>
>
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
> Thanks to Vidhi Goel for the TSVART review.
>
> (2) "If it consists of an explicit entity such as a pub-sub Broker or a message
> relayer, the Dispatcher is comparable to an untrusted on-path intermediary, and
> as such it is able to read the messages sent by Clients in the group."
>
> Is this accurate? Why does the Dispatcher need the group key to relay messages?


==>MT

We have rephrased the following two paragraphs of Section 2 as follows.

OLD
 > Dispatcher: entity through which the Clients communicate with the 
group, when sending a message intended to multiple group members. That 
is, the Dispatcher distributes such a one-to-many message to the group 
members as intended recipients. A single-recipient message intended to 
only one group member may be delivered by alternative means, with no 
assistance from the Dispatcher.

NEW (emphasis mine)
Dispatcher: entity through which the Clients communicate with the group 
when sending a message intended to multiple group members. That is, the 
Dispatcher distributes such a one-to-many message to the group members 
as intended recipients. **The Dispatcher does not have access to the 
group keying material**. A single-recipient message intended to only one 
group member may be delivered by alternative means, with no assistance 
from the Dispatcher.

OLD
 > If it consists of an explicit entity such as a pub-sub Broker or a 
message relayer, the Dispatcher is comparable to an untrusted on-path 
intermediary, and as such it is able to read the messages sent by 
Clients in the group.

NEW (emphasis mine)
 > If it consists of an explicit entity such as a pub-sub Broker or a 
message relayer, the Dispatcher is comparable to an untrusted on-path 
intermediary, and as such it is able to **see the messages sent by 
Clients in the group, but not to decrypt them and read their plain 
content**.

<==

>
> (3.3) s/since it allows to ask/since it allows the client to ask

==>MT

Yes, now fixed.

<==

>
>
>

-- 
Marco Tiloca
Ph.D., Senior Researcher

Phone: +46 (0)70 60 46 501

RISE Research Institutes of Sweden AB
Box 1263
164 29 Kista (Sweden)

Division: Digital Systems
Department: Computer Science
Unit: Cybersecurity

https://www.ri.se

Attachment: OpenPGP_0xEE2664B40E58DA43.asc
Attachment: OpenPGP_signature.asc

[Ace] Martin Duke's No Objection on draft-ietf-ac… Martin Duke via Datatracker
Re: [Ace] Martin Duke's No Objection on draft-iet… Marco Tiloca
Re: [Ace] Martin Duke's No Objection on draft-iet… Martin Duke
Re: [Ace] Martin Duke's No Objection on draft-iet… Paul Wouters

Re: [Ace] Martin Duke's No Objection on draft-ietf-ace-key-groupcomm-17: (with COMMENT)

Attachment: OpenPGP_0xEE2664B40E58DA43.asc

Attachment: OpenPGP_signature.asc