[Ace] Comments draft-palombini-ace-coap-pubsub-profile-04

Marco Tiloca <marco.tiloca@ri.se> Tue, 09 April 2019 08:18 UTC

Return-Path: <marco.tiloca@ri.se>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 96E731201DB for <ace@ietfa.amsl.com>; Tue, 9 Apr 2019 01:18:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=risecloud.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bbIuC4OEzeoB for <ace@ietfa.amsl.com>; Tue, 9 Apr 2019 01:18:04 -0700 (PDT)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-ve1eur03on061d.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe09::61d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CB6571201C3 for <ace@ietf.org>; Tue, 9 Apr 2019 01:18:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=RISEcloud.onmicrosoft.com; s=selector1-ri-se; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=d9G/H+ERfCssw1SuF8fkShXyLEWfnUf+UxpGsUjWJkc=; b=MUEwOMh+FxOd+S1XZDad5HQcJsNM0ClUGejxtQ51drinvw3F8NQsa+tHbCeIsNztVkVJ2oWPqe7cZEskO8PFkOI1ugg/rusa3d8+zf/Bg6T88LlmHF0cHwRMFIScbe9s3M7iCHwoVaS6o9xHwB2rr9/ZxbyX+LCKl6mNUqSVzR0=
Received: from DB6P189CA0003.EURP189.PROD.OUTLOOK.COM (2603:10a6:6:2e::16) by VI1P189MB0336.EURP189.PROD.OUTLOOK.COM (2603:10a6:802:35::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1771.16; Tue, 9 Apr 2019 08:18:01 +0000
Received: from HE1EUR02FT016.eop-EUR02.prod.protection.outlook.com (2a01:111:f400:7e05::200) by DB6P189CA0003.outlook.office365.com (2603:10a6:6:2e::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1792.14 via Frontend Transport; Tue, 9 Apr 2019 08:18:01 +0000
Authentication-Results: spf=pass (sender IP is 194.218.146.197) smtp.mailfrom=ri.se; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=bestguesspass action=none header.from=ri.se;
Received-SPF: Pass (protection.outlook.com: domain of ri.se designates 194.218.146.197 as permitted sender) receiver=protection.outlook.com; client-ip=194.218.146.197; helo=mail.ri.se;
Received: from mail.ri.se (194.218.146.197) by HE1EUR02FT016.mail.protection.outlook.com (10.152.10.124) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.20.1771.16 via Frontend Transport; Tue, 9 Apr 2019 08:17:59 +0000
Received: from [10.8.0.9] (10.116.0.226) by sp-mail-2.sp.se (10.100.0.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5; Tue, 9 Apr 2019 10:17:59 +0200
From: Marco Tiloca <marco.tiloca@ri.se>
Openpgp: preference=signencrypt
Autocrypt: addr=marco.tiloca@ri.se; prefer-encrypt=mutual; keydata= mQENBFSNeRUBCAC44iazWzj/PE3TiAlBsaWna0JbdIAJFHB8PLrqthI0ZG7GnCLNR8ZhDz6Z aRDPC4FR3UcMhPgZpJIqa6Zi8yWYCqF7A7QhT7E1WdQR1G0+6xUEd0ZD+QBdf29pQadrVZAt 0G4CkUnq5H+Sm05aw2Cpv3JfsATVaemWmujnMTvZ3dFudCGNdsY6kPSVzMRyedX7ArLXyF+0 Kh1T4WUW6NHfEWltnzkcqRhn2NcZtADsxWrMBgZXkLE/dP67SnyFjWYpz7aNpxxA+mb5WBT+ NrSetJlljT0QOXrXMGh98GLfNnLAl6gJryE6MZazN5oxkJgkAep8SevFXzglj7CAsh4PABEB AAG0Nk1hcmNvIFRpbG9jYSAobWFyY28udGlsb2NhQHJpLnNlKSA8bWFyY28udGlsb2NhQHJp LnNlPokBNwQTAQgAIQUCWkAnkAIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRDuJmS0 DljaQwEvCACJKPJIPGH0oGnLJY4G1I2DgNiyVKt1H4kkc/eT8Bz9OSbAxgZo3Jky382e4Dba ayWrQRFen0aLSFuzbU4BX4O/YRSaIqUO3KwUNO1iTC65OHz0XirGohPUOsc0SEMtpm+4zfYG 7G8p35MK0h9gpwgGMG0j0mZX4RDjuywC88i1VxCwMWGaZRlUrPXkC3nqDDRcPtuEGpncWhAV Qt2ZqeyITv9KCUmDntmXLPe6vEXtOfI9Z3HeqeI8OkGwXpotVobgLa/mVmFj6EALDzj7HC2u tfgxECBJddmcDInrvGgTkZtXEVbyLQuiK20lJmYnmPWN8DXaVVaQ4XP/lXUrzoEzuQENBFSN eRUBCACWmp+k6LkY4/ey7eA7umYVc22iyVqAEXmywDYzEjewYwRcjTrH/Nx1EqwjIDuW+BBE oMLRZOHCgmjo6HRmWIutcYVCt9ieokultkor9BBoQVPiI+Tp51Op02ifkGcrEQNZi7q3fmOt hFZwZ6NJnUbA2bycaKZ8oClvDCQj6AjEydBPnS73UaEoDsqsGVjZwChfOMg5OyFm90QjpIw8 m0uDVcCzKKfxq3T/z7tyRgucIUe84EzBuuJBESEjK/hF0nR2LDh1ShD29FWrFZSNVVCVu1UY ZLAayf8oKKHHpM+whfjEYO4XsDpV4zQ15A+D15HRiHR6Adf4PDtPM1DCwggjABEBAAGJAR8E GAECAAkFAlSNeRUCGwwACgkQ7iZktA5Y2kPGEwf/WNjTy3z74vLmHycVsFXXoQ8W1+858mRy Ad0a8JYzY3xB7CVtqI3Hy894Qcw4H6G799A1OL9B1EeA8Yj3aOz0NbUyf5GW+iotr3h8+KIC OYZ34/BQaOLzdvDNmRoGHn+NeTzhF7eSeiPKi2jex+NVodhjOVGXw8EhYGkeZLvynHEboiLM 4TbyPbVR9HsdVqKGVTDxKSE3namo3kvtY6syRFIiUz5WzJfYAuqbt6m3TxDEb8sA9pzaLuhm fnJRc12H5NVZEZmE/EkJFTlkP4wnZyOSf/r2/Vd0iHauBwv57cpY6HFFMe7rvK4s7ME5zctO Ely5C6NCu1ZaNtdUuqDSPA==
To: <ace@ietf.org>
Message-ID: <7ccc6f5e-fdc2-95e2-b1b6-01f2708e0cd9@ri.se>
Date: Tue, 9 Apr 2019 10:17:53 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="GimfQP4beDf32ywuxKjPVFPuo7QhYc8vV"
X-Originating-IP: [10.116.0.226]
X-ClientProxiedBy: sp-mail-1.sp.se (10.100.0.161) To sp-mail-2.sp.se (10.100.0.162)
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:194.218.146.197; IPV:NLI; CTRY:SE; EFV:NLI; SFV:NSPM; SFS:(10009020)(376002)(396003)(39860400002)(136003)(346002)(2980300002)(189003)(199004)(106002)(356004)(33964004)(186003)(478600001)(104016004)(81166006)(26005)(71190400001)(336012)(3846002)(22746008)(58126008)(65956001)(65806001)(16526019)(77096007)(69596002)(6916009)(36756003)(2616005)(126002)(476003)(81156014)(2906002)(6306002)(7736002)(22756006)(966005)(40036005)(44832011)(97736004)(53936002)(2351001)(486006)(316002)(235185007)(31696002)(305945005)(6666004)(568964002)(5024004)(31686004)(5660300002)(64126003)(86362001)(74482002)(386003)(8936002)(8676002)(106466001)(66574012)(65826007)(84326002)(16586007)(16576012)(21480400003)(6116002)(14444005); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1P189MB0336; H:mail.ri.se; FPR:; SPF:Pass; LANG:en; PTR:ErrorRetry; MX:1; A:1;
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: f1ede4b9-df38-4e8b-032e-08d6bcc3e0dd
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600139)(711020)(4605104)(4709054)(2017052603328)(7193020); SRVR:VI1P189MB0336;
X-MS-TrafficTypeDiagnostic: VI1P189MB0336:
X-Microsoft-Antispam-PRVS: <VI1P189MB03368609EC332FE2155ADD2D992D0@VI1P189MB0336.EURP189.PROD.OUTLOOK.COM>
X-Forefront-PRVS: 000227DA0C
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: E0nMqkQ/Zv5vlSoIX6SJDKi2U8dTuQpVxjZPTFmYUEOVzYe40YQogxy8NJZdrfmznvmuQjDEecMbfz52fvobIde/qMx2l3MUHo0oDuTSpckx8k8kzOK0uj50DB1Fb0unBjhusPzY94K2BOKEEJZUQGhEk8xZ7jurOMy6qT8Rx50LmFA90cRccwzONgkXfJb9qI8e+EXLeYHDwNkfNc05USLngn55Wnooad6kXbvEPBA6tR0NlQlM6JSkBcz6DpbvmJVGMRDo4pmF/PkhlrKLf1EpzH5xn5UtQdIGeqS3NgQ4TU9uz9x1fgT6fd9gB3Te1+k8dw+PewWI2Wd8mbNp2BTfUVpGxPJ2hDi2U4osE4E6FLN61CvqTD8GAoYe8vynKBI3xDQYQUeJxIKlhYp3j7VEosbXalo7UJBVP7ZbxHk=
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Apr 2019 08:17:59.5958 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: f1ede4b9-df38-4e8b-032e-08d6bcc3e0dd
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=5a9809cf-0bcb-413a-838a-09ecc40cc9e8; Ip=[194.218.146.197]; Helo=[mail.ri.se]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1P189MB0336
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/sdwkNNXhoVo4ZAb1x_t6QRXL9AQ>
Subject: [Ace] Comments draft-palombini-ace-coap-pubsub-profile-04
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Apr 2019 08:18:08 -0000

Hi,

Please, find below some comments on this profile. I hope it helps!

Best,
/Marco

------------------------

[Abstract]

"This profile relies on transport layer or application layer security to
authorize the publisher to the broker" is due to the current profiles of
ACE, right? Otherwise, this can be (even) more general without
mentioning particular layers.


[Section 1]

Here the claimed scope is authorizing nodes, but it is actually also
about key provisioning (Section 3.1) and actual communication (Section 6.1).


[Section 2]

Here the claimed scope is protecting communication (in a broad sense),
while it can again mention also authorizing nodes (as per ACE) and key
provisioning (Section 3.1).

I believe that the paragraph "There are four phases, ..." and the
numbered list would read better if placed right before the final
paragraph "Note that AS1 and AS2 ..."


[Section 3.1]

I think this will also need a way for clients to agree with the AS2 on
the correct format of their own public key (if they don't know already),
similarly to what suggested in ace-key-groupcomm-oscore. The only type
of approach that would not work is the one embedded with a Token POST,
since that does not happen with AS2.

The text says: "... the AS2 is both the AS and the KDC, ... so the
Authorization Response and the Post Token message are not necessary" .
Shouldn't we then have the Token POST to the KDC defined as optional
already in ace-key-groupcomm ? See for instance its Figure 2.

In the Key Distribution Request, only one role can be indicated in
scope. What if a client wants to be both publisher and subscriber? This
seems allowed in Section 3.3 of core-coap-pubsub . Should a client
separately contact the AS2 multiple times?

In the Authorization Response, the 'profile' field can point at Section
8.1 where the profile value is defined.

In the Authorization Response, see above for the 'scope' field in case
of a client that wants two roles.


[Section 4]

Page 8, second bullet point, it can say "... protect the publication
end-to-end with the subscribers (see Section 6.1)".


[Section 5]

Page 9, it can say "... keying material to verify the publication
protected end-to-end with the publishers".


[Section 6]

It would be good to refer to core-coap-pubsub , and its usage of Observe
for subscriptions.

The text says: "The (F) message is ... , which is unprotected." ,
although Section 3 admitted the possibility of communication secured
also between Broker and Subscribers.


[Section 6.1]

In the unprotected headers of the COSE object, what is used as Partial IV?


[Section 8.2]

The value of 'Profile' should be "coap_pubsub' , consistently with the
name of the profile registered in Section 8.1.

-- 
Marco Tiloca
Ph.D., Senior Researcher

RISE Research Institutes of Sweden
Division ICT
Isafjordsgatan 22 / Kistagången 16
SE-164 40 Kista (Sweden)

Phone: +46 (0)70 60 46 501
https://www.ri.se