Re: [Ace] [Emu] New Version Notification for draft-ietf-ace-wg-coap-eap-04.txt
Dan Garcia Carrillo <garciadan@uniovi.es> Fri, 26 November 2021 09:03 UTC
Return-Path: <garciadan@uniovi.es>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C51323A0C45; Fri, 26 Nov 2021 01:03:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.75
X-Spam-Level:
X-Spam-Status: No, score=-3.75 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, MSGID_FROM_MTA_HEADER=0.001, NICE_REPLY_A=-1.852, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=unioviedo.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mxioql-V3VFM; Fri, 26 Nov 2021 01:03:44 -0800 (PST)
Received: from EUR02-AM5-obe.outbound.protection.outlook.com (mail-am5eur02on060d.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe07::60d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B498A3A0C3E; Fri, 26 Nov 2021 01:03:40 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Zcc4pThM6Wz/xAFNr6ZCb3P984g3beZXv850jCfRJu7qK14kn2aBPB+BiUJcc1LNTFD9H4y1gllFeWDtzMlaFTl8aRxxnhDzLDHnRI4Yx1HQd7BdfMXucHDqzvKScJPuIChQeeu/BEwgn6gQsI8WbvLI/qz5NwLDOszDE2dmGyLORJcQXnf8Rh564BfX4oX1pxWEoEcguSuYlVLSuThh6mc/C00sQzaSj5oTd7cYZWHJsBg+ArK64pyDMINjVVwd4nCpNKsaTvLP8O+SEUn0QIA1kdUKRYjq7O8BLd0PtEVzogiVV9cmM+y8zidEy4Pg50MIrOAq2MpoL7hENmgRXw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=C6Ipy40rpAh/ZrawwQ9KkqLWcuBLdYv6Frqxytd5xcU=; b=Hw1q0rL08BVD23vuYs+/FDVZOwYdbll8xIjhRmDpSUkOLEBPU2v2ioZygMVqjC6J7DlJpPwtlZdcJ846xao4/LVZlS9o46Ybn+MtJmsR8gN9M/Ev7UlmDy3LxF4NFuxLSKD47UokUOlXvmCuLHAhqD7D01eo8l8FBE1jTuWkdA76Giapm7P9bOQ97ovB7/sk+jh4bsN2SH0aqMC7yaBnQ4uSOQlpLMvKFVnami7bRC18GClWjZtjVUn+KWr3Y3WSWoXlbXGmBr3SvT7VRXeFI0Z8J8BDW3bYhIqdoZZedzu9xcoXS0yJXifGLYHU64o4S561D4FAKOPsxv61+JdPAA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=uniovi.es; dmarc=pass action=none header.from=uniovi.es; dkim=pass header.d=uniovi.es; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=unioviedo.onmicrosoft.com; s=selector2-unioviedo-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=C6Ipy40rpAh/ZrawwQ9KkqLWcuBLdYv6Frqxytd5xcU=; b=GjJKjei05UEh2VW8sjKuk0oX9rmkkHSTgaiTYIFG8eNi5N5cwrY+LIB7Z7emj5h3IUL+xPiv6VPLwatrWzWLvalgs6HJ+2w4IuWtXfywzTOtgCUtpTWTWD0pdvyei0sLlyXGjxYdt0NIQ9dRMYKGhNd/7UYkJqB+K1/kwmTpKlU=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=uniovi.es;
Received: from DBBPR08MB6202.eurprd08.prod.outlook.com (2603:10a6:10:209::9) by DB8PR08MB5484.eurprd08.prod.outlook.com (2603:10a6:10:111::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4713.22; Fri, 26 Nov 2021 09:03:36 +0000
Received: from DBBPR08MB6202.eurprd08.prod.outlook.com ([fe80::1434:d823:a6b5:6f50]) by DBBPR08MB6202.eurprd08.prod.outlook.com ([fe80::1434:d823:a6b5:6f50%7]) with mapi id 15.20.4713.027; Fri, 26 Nov 2021 09:03:36 +0000
Content-Type: multipart/alternative; boundary="------------J9YtB0OR431pnqno3Eq6onuJ"
Message-ID: <e643e377-409f-cd2e-0b68-d70a857820f5@uniovi.es>
Date: Fri, 26 Nov 2021 10:03:33 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.3.2
Cc: garciadan@uniovi.es, "ace@ietf.org" <ace@ietf.org>, EMU WG <emu@ietf.org>
To: Daniel Migault <mglt.ietf@gmail.com>, Göran Selander <goran.selander=40ericsson.com@dmarc.ietf.org>
References: <163516103436.11405.13911066633297545379@ietfa.amsl.com> <bc792146-39c4-73a3-63e2-7db7acf7aa2f@uniovi.es> <HE1PR0701MB3050A49DC2D32180B2831D6889839@HE1PR0701MB3050.eurprd07.prod.outlook.com> <AM4PR0701MB219545F3A90E17FD18844F13F4629@AM4PR0701MB2195.eurprd07.prod.outlook.com> <CADZyTk=Q4u8S8zxjrO=MVYZXxEPXEHdMENfoNiRrB2X0yOPm-w@mail.gmail.com>
From: Dan Garcia Carrillo <garciadan@uniovi.es>
In-Reply-To: <CADZyTk=Q4u8S8zxjrO=MVYZXxEPXEHdMENfoNiRrB2X0yOPm-w@mail.gmail.com>
X-ClientProxiedBy: LO2P265CA0167.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:9::35) To DBBPR08MB6202.eurprd08.prod.outlook.com (2603:10a6:10:209::9)
MIME-Version: 1.0
Received: from [IPV6:2a0c:5a80:3c13:f000:589f:2891:1b30:6314] (2a0c:5a80:3c13:f000:589f:2891:1b30:6314) by LO2P265CA0167.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:9::35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4734.20 via Frontend Transport; Fri, 26 Nov 2021 09:03:34 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 302f9a4b-a5c8-4bb3-0a40-08d9b0bba0d8
X-MS-TrafficTypeDiagnostic: DB8PR08MB5484:
X-Microsoft-Antispam-PRVS: <DB8PR08MB54844EA6264C17C746B02197B4639@DB8PR08MB5484.eurprd08.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:10000;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 8XcPsINVCrIbQ8VGwQmYpmn8U0DS4HcSI59uSDVZdcjXv0hEAtOiFhZZaXrdAqC/nVDeMewZ0CMaBpfvBQ5SbbZncminDD/83z9JlT265FayhAbaZAUcqtAkIB12MzEEoG2kRc2zJAGV6/ewXWZNDlPb7Ep5DTmcI6L5emqxfgsLvDt4Qo7yc1ohcJIntarwieq9vz5By4wkreowI+l2REKWCzcYPED7qlYezxvUFUiOKbdYDxV0JpRKIkt1Kp070qp4EOnuR8m4uZ0EI9GgbedT3toz6747aJavGwhfeS45LEUUtTgDc0v7pcvjBY8MokKx/epDOpleW9icQ1IGOGuWeH9Pxe/fr1PmGEb28wRFhghoNiban66IpGtta4iJUDyaPd8MTZT4MTMCMXdNAgBSw6EQCsBZrNRckcIamg0Z2WdDZFKALVQ/gVdQsjjRX+lans16Is/AQDOq3O1sq4x12+vLEPwnGkgTmwOoklbt0WvvqfXTG6HcBPfpl4X6QIqO3wrt+U7UZeqm1EjmceDTt0iTdW+hMTUu7POXs932CAsZn+HWeOY2nnZHn+VNBevdrxE/3W6pcVkbCDnEVAOmMdBto6Lar9xdQqd3GcAoezRfoCzzxJdN1KG5GHSwBlxHvDBfLc5rXhKuMfVTo8cSSsChX9B92+/RE2nu8VlcE/hIpG4UhC86ccZb2mhrcsySyZtUtNfuWgW9LVO/kJAOKUz1pUkgtkzI7jqvmD/p22lYeJtGJiuy2odH01W/A8PQN9Nxi7Gv1G2hjh8El7bzGm16riq168BLtnC00dIuF3idmdpdO5H2KP8jCjT3
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DBBPR08MB6202.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(4326008)(8936002)(966005)(86362001)(15650500001)(30864003)(6486002)(36756003)(5660300002)(110136005)(8676002)(186003)(31686004)(54906003)(508600001)(53546011)(2616005)(786003)(316002)(83380400001)(2906002)(31696002)(66556008)(33964004)(166002)(66476007)(4001150100001)(66946007)(38100700002)(66574015)(52116002)(45980500001)(43740500002)(559001)(579004); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: JjhSl/3qCHwvsTwPZdX3MxNVOxhzaZL8M4m/daoghA/7Whb1jc/Tz3q3/xDqBGda6kKQFlthktbErj1pqpDLT6Dfxhw1UGftw46glrL/X0yzFP49RW2XnRFuGwwZgpvlvMV4rT+XR+6nYtsPAvyS7Rjk4E29CDh3AmVvWaei0NIpXPwWwtlut67n5hk/wi67jPRqyvxABJd3oUMLM39igNG+cEUqRWayNRmFOTV0g6upuwX+E7dWAlmwA35gjvMya2kWimGClmI2G67wCReRkESULnVqjhKj0IbLHoQgDWVfJeRidl+bpEdywA9dVQTMdfTuNi91V7iYnA2Arz0IqGxpyWCzL9vR+mb6+lXqOB8e7FqUf0JM5cR3BWCsvdkRh8fBjuZQN9te+GxbNNFrA17cEHXNtDK2iKdguhwcSSY0gmAZv2/DV9owSDvFpJZyQwLSC3iWhbWowYfSiePzhXyJCuuZd0Hm9WI0z7zmSX76/y3CEHo4/svg01ku7zs1jKFitnvTxhHmKvFZXkdyCPvrcTHj5u35gKTkiAesMEupWDfVLzdkge0AIxV/mSVI/o7SECwxIThXkw/A+tqwBi5bD/ySTYy5KAg4A1CJx6uP8AjfGJbYa72y0UZm/0MlS6piCc6kNDdgyATQdL/5e47AMkMxMEb/7StgnsJMoP5QQCi57EskuOr6sZlRFOr9I4MdREdR/gsix1xrnYzCTpj8h61uyjmAjO1iAFQeh2r+hHgtgZOfSM9jzfvrO/nGdlnlnmS5kfCDAwzUHx5BmR18pTH4ZssAuHmfE174Td38/r2gdoA4nKJfErRBsci7OtKGsvB7mIRYbqznfHbnV5WldxLkmo9MXBXNqw3IlGhJfkRO+xzvUVWOCtNO1yJ1wTCCrgO91Ww8DKuw3hiH6r4dJHhyPu+hibCF+uwzSyG6Q6gj6sJ9ahezga9YTXrDo07D/eIzagjPjr6Dvsr7dFHapZFyO4hF9lrDwOsBJQrmEVH6mE1NfNn8QNZMmcaxigWXxynwKQqedc2s/8dZu4kW7Oe+l58I04yYYq/uFJWVxx94h9hAdaqGq7VzH19aiPf3s9rkGBA4AHr9oWBVbTYgqX/hWLWtdKK+THI8Qug/uz7cm6O5N395DBaHQqprpEgQqqXQIUnZv4NJISrLzbwqzYGN+R7NpUCQMc9hovDTFPeZDKqQv0V0ZfT1zCjE34tuDWyYbadXSXra1P/Q2PwvBSsrROAhAIoDlNP8KLRuJBWZho0zHiLCabkCzH98v8DSvq9ABBkuuZyLxGQm+05G4n2ljKotaQ5ZZTCtByaHUoaVMA4isl4993h8UehQO0Y0KmVolN3pGR1iZVp/MKYyWhqs0i1bCPfzRxou3sAbzTmFgkAKojEWHdTdmwvLodORWbGjn132Vhv2WsDkJM5C/Ei1De9MksKNTh5fp+hUJoyTQmrWoqacdIfmfykScyS6z7Qy1uKDRwipyO25ytSymEO0lwQ1kI0HeRUUxpGzoggFc/kaE8OdImf9cyeR5IRFg5EJ7s+Y3GXQ1Xlp2vUidPrxYSjYP3BOzpSRAMMNJRyU8K+v4fVzKjaNSVbgNZJh/gDL27R/nJs+JuBx1vLxSSuyd/9+y2++BRBpYWPGiCFiTe/4YR3YghJtq/HcJQzzUHzehJHRmoH6CP5LldOex5EKYE5tWBOfyWVF678=
X-OriginatorOrg: uniovi.es
X-MS-Exchange-CrossTenant-Network-Message-Id: 302f9a4b-a5c8-4bb3-0a40-08d9b0bba0d8
X-MS-Exchange-CrossTenant-AuthSource: DBBPR08MB6202.eurprd08.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Nov 2021 09:03:35.9017 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 05ea74a3-92c5-4c31-978a-925c3c799cd0
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: yvpZG/lShgYu/KvIlvVDKJCYSNp9Ma9RZTEqQfaWB/C8Smf5J/jvJAvH1QerHCCkp96I0w9vQzhqh9optsy1Wg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB8PR08MB5484
X-MS-Exchange-CrossPremises-AuthSource: DBBPR08MB6202.eurprd08.prod.outlook.com
X-MS-Exchange-CrossPremises-AuthAs: Internal
X-MS-Exchange-CrossPremises-AuthMechanism: 06
X-MS-Exchange-CrossPremises-Mapi-Admin-Submission:
X-MS-Exchange-CrossPremises-MessageSource: StoreDriver
X-MS-Exchange-CrossPremises-BCC:
X-MS-Exchange-CrossPremises-OriginalClientIPAddress: 2a0c:5a80:3c13:f000:589f:2891:1b30:6314
X-MS-Exchange-CrossPremises-TransportTrafficType: Email
X-MS-Exchange-CrossPremises-Antispam-ScanContext: DIR:Originating; SFV:NSPM; SKIP:0;
X-MS-Exchange-CrossPremises-SCL: 1
X-MS-Exchange-CrossPremises-Processed-By-Journaling: Journal Agent
X-OrganizationHeadersPreserved: DB8PR08MB5484.eurprd08.prod.outlook.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/vXwJgLKyXSQ7v51pGjZ9bD9YtL4>
Subject: Re: [Ace] [Emu] New Version Notification for draft-ietf-ace-wg-coap-eap-04.txt
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Nov 2021 09:03:50 -0000
Dear Daniel, We are going to go through the reviews and do our best have the document ready by next week. Thank you. Best Regards, Dan. On 25/11/21 15:04, Daniel Migault wrote: > Thanks Goran for the review, that is well appreciated. I am wondering > if these concerns could be addressed by next week (by the co-authors) > for example ? > > For all, please provide your comments or feedback as soon as possible, > but we do expect to ship that document to the IESG very soon - for > what very soon means. > > Yours, > Daniel > > On Thu, Nov 25, 2021 at 4:10 AM Göran Selander > <goran.selander=40ericsson.com@dmarc.ietf.org> wrote: > > Hello authors of draft-ietf-ace-wg-coap-eap, > > Thanks for working with this draft. Here is a mix of > nits/editorials and more substantial comments in the order as they > appear in the draft. > > Abstract > > OLD > > One of the primer goals is to > > NEW > > One of the main goals is to > > Section 1. > > "EAP methods transported in CoAP MUST generate cryptographic material > > [RFC5247] for this specification. " > > The term “cryptographic material” is used multiple times in this > document but is not defined. RFC 5247 uses “keying material”, does > that match the intended meaning? > > Section2. > > Figure 1 is perhaps too informative containing endpoints, stacks, > what is CoAP, and scope of this document. There is no line/arrow > between IoT Device and Controller, presumably because there is too > much other information. Section 2 don’t talk about the stack at all. > > * Proposal: Make two figures: one with nodes and lines/arrows > (“architecture”); another with the stack, which is essentially the > same in the two nodes in scope of this document. > > * It is confusing that CoAP role allocation is shown in the > figure since those only apply to one step of the operation in > section 3.2. In all other steps the roles are reversed. Proposal: > omit the CoAP roles in the figure, and/or provide an explanation > in section text or caption. The section text talking about CoAP > client also needs to be modified accordingly. > > * Nit: RFC8323 calls the layer between request/response and > reliable transport “message framing”. Perhaps you want to have a > common layer renaming the "Messages" layer with “Message /framing/”. > > Section 3. > > "It is RECOMMENDED a light EAP method for the case of constrained > link and constrained IoT devices." > > If this will remain a normative recommendation, then there needs > to be a definition (reference) of "light EAP method". Perhaps > consider just explain the intention of "light" ("lightweight"?) > and remove the normative recommendation? > > --- > > OLD > > The article [eap-framework], highlights the benefits of the EAP > > framework. > > NEW > > The benefits of the EAP framework are highlighted in [eap-framework]. > > 3.1 > > "resource directory" > > Provide a reference or at least as an example, like > draft-ietf-core-resource-directory, > > --- > > OLD > > Example of this protocols > > NEW > > Example of such protocols > > 3.2 > > Step 0 > > "The message also includes an URI in the payload of the message to > indicate to what resource (e.g. '/a/x') the Controller MUST send > the first message with the EAP authentication" > > The DoS issues with requiring the Controller to send a message to > an unknown URI need to be considered. > > Step 1 > > "the Sender ID for OSCORE selected by the Controller" > > Is this the Sender ID *of the IoT device* selected by the > Controller? In other words, is it the Recipient ID of the > Controller selected by the Controller? That would correspond to > how OSCORE identifiers are chosen in EDHOC: > > https://datatracker.ietf.org/doc/html/draft-ietf-lake-edhoc-12#section-3.3.2 > > Best not to use the terms "SID" or "RID" unqualified in message > fields since they are reversed on the IoT device and Controller. > Better use terminology like e.g. RID-I and RID-C for RID of IoT > device and Controller, respectively. > > Step 2 > > "the EAP response, the Recipient ID and the selected ciphersuite > for OSCORE are in the payload." > > Is this the Recipient ID *of the IoT device*? See comment above. > > --- > > OLD > > In this step, the IoT device MAY create a OSCORE security context > with the Sender ID and Recipient ID. > > NEW > > In this step, the IoT device MAY create a OSCORE security context > with its Sender ID and Recipient ID. > > Step 7 > > OLD > > The reception of the POST message protected with OSCORE using the > Sender ID sent in Step 1 is considered by the IoT device as an > alternate indication of success ([RFC3748]). > > The unqualified "Sender ID" is confusing here. Why does the ID > sent in step 1 indicate success to the IoT device? I would expect > the ID selected by the IoT device itself and sent in step 2, if > used by the Controller to derive the OSCORE security context to > protect the message in step 7 would be a stronger indication of > success. Proposal (check if this is correct): > > NEW > > The reception of the POST message protected with an OSCORE > security context derived using the Recipient ID of the IoT device > sent in Step 2 is considered by the IoT device as an alternate > indication of success ([RFC3748]). > > --- > > "The communication with the last resource (e.g. '/a/w') from this > point MUST be protected with OSCORE except during a new > (re)authentication (see Section 3.3)." > > I don't understand why there is an exception. OSCORE seems to be > applied to communication with the last resource in all cases: > > * In the case of new authentication the procedure explained in > Section 3.2 applies protection with OSCORE in communication with > the last resource. > > * In the case of re-authentication, the procedure is explained in > Section 3.3 to be "exactly the same" as in Section 3.2. > > Also I find the expression "new (re)authentication" confusing - > what is the the difference between "re-authentication" and "new > re-authentication"? > > Section 4. > > " 1. SID: It contains the Identifier for the Sender ID to be used in > > the OSCORE security context. > > 2. RID: It contains the Identifier for the Recipient to be used in > > the OSCORE security context." > > Same comment as above to qualify SID and RID: is SID the Sender ID > of the IoT device or of the Controller? > > Section 5.1 > > "If the Controller sends a restricted list > > of ciphersuites that is willing to accept, and the ones > supported by > > the IoT device are not in that list, the IoT device will > respond with > > a '4.00 Bad Request', expressing in the payload the ciphersuites > > supported. " > > Make clear (here or in a security consideration) that in case of > an error message containing a cipher suite, the exchange of cipher > suites between EAP authenticator and EAP peer cannot be verified. > For example, a man-in-the-middle could replace cipher suites in > either message which would not be noticed if the protocol is ended > after step 2. > > Best regards > > Göran > > *From: *Ace <ace-bounces@ietf.org> on behalf of John Mattsson > <john.mattsson=40ericsson.com@dmarc.ietf.org> > *Date: *Monday, 25 October 2021 at 17:03 > *To: *Dan Garcia Carrillo <garciadan@uniovi.es>, ace@ietf.org > <ace@ietf.org>, EMU WG <emu@ietf.org> > *Subject: *Re: [Ace] [Emu] New Version Notification for > draft-ietf-ace-wg-coap-eap-04.txt > > Thanks, > > I think this is a very useful mechanism and a well written draft. > Some quick comments. > > - "ciphersuite" > > Note that both TLS and EDHOC spells this with space "cipher suite" > > - Section 2. I don't understand what "SM" in Figure 1 is an > abbrevation for. > > - Section 2. "UDP/TCP/Websockets" Why is the Websocket protocol in > plural? > > - Section 3. "EAP method that exports cryptographic material" > > This can probably be reformulated in terms of MSK, EMSK or "Key > derivation" which > > is the property that RFC 3748 uses. > > - "EAP-MD5 cannot be used since it does not export key material" > > MD5 should really not be used at all for security resons. > Highlighting it like this might > > be the idea that it would be ok if EAP-MD5 had the "Key > derivation" property. > > - "The required key, the Master Session Key (MSK), will be > available once the > > EAP authentication is successful." > > Does this belong in step 2? > > - In Figure 2. I do not think you have to wait until EAP-SUCCES to > make MSK available. > > The authentication can be successful before EAP-SUCCES. > > - In section 3.3. it might be good to state that > "Reauthentication" might be needed to rekey MSK/EMSK and to > increase protection against key leakage. > > (An important mitigation of pervasive monitoring is to force > attackers to do dynamic key exfiltration instead of static key > exfiltration. Dynamic key exfiltration increases the risk of > discovery for the attacker [RFC7624]. While OSCORE will soon be > augmented with a rekeying mechanism with forward secrecy, > attackers can still get away with doing static key exfiltration. > This is similar to TLS 1.3 with KeyUpdate, after leakage of > application_traffic_secret_N, a passive attacker can passively > eavesdrop on all future application data sent on the connection > including application data encrypted with > application_traffic_secret_N+1, application_traffic_secret_N+2, etc.) > > - "4. The values from 65000 to 65535 are reserved for > experimentation" > > what does "The values" refer to? Lifetime? In that case it > would fit better under 3. > > - In addition to AES-CCM-16-64-128, only ciphersuites only cipher > suites with AES-GCM is included. My feeling was that most IoT > people are more interested in ChaCha20-Poly1305 than AES-GCM. I > don't have a strong personal opinion. > > - "which is considered fresh key material" > > “considered fresh”? Maybe "uniformally random"? > > - With normal use of DTLS, Appendix A violates “The CoAP-EAP > operation is intended to be compatible with the use of > intermediary entities between the IoT device and the Controller”. > This limitation should be clearly stated. > > - Probably good if the labels have “CoAP-EAP” in all the labels to > guarantee that they do not collide with anything else. > > Cheers, > > John > > *From: *Emu <emu-bounces@ietf.org> on behalf of Dan Garcia > Carrillo <garciadan@uniovi.es> > *Date: *Monday, 25 October 2021 at 13:27 > *To: *ace@ietf.org <ace@ietf.org>, EMU WG <emu@ietf.org> > *Subject: *Re: [Emu] New Version Notification for > draft-ietf-ace-wg-coap-eap-04.txt > > Dear ACE and EMU WG, > > We have submitted a new version of the draft > (draft-ietf-ace-wg-coap-eap) > > This version provides information on the different comments, from the > reviews and interim meetings. > > Best Regards. > > > El 10/25/2021 a las 1:23 PM, internet-drafts@ietf.org escribió: > > A new version of I-D, draft-ietf-ace-wg-coap-eap-04.txt > > has been successfully submitted by Dan Garcia-Carrillo and > posted to the > > IETF repository. > > > > Name: draft-ietf-ace-wg-coap-eap > > Revision: 04 > > Title: EAP-based Authentication Service for CoAP > > Document date: 2021-10-25 > > Group: ace > > Pages: 29 > > URL: > https://www.ietf.org/archive/id/draft-ietf-ace-wg-coap-eap-04.txt > > Status: https://datatracker.ietf.org/doc/draft-ietf-ace-wg-coap-eap/ > > Htmlized: > https://datatracker.ietf.org/doc/html/draft-ietf-ace-wg-coap-eap > > Diff: > https://www.ietf.org/rfcdiff?url2=draft-ietf-ace-wg-coap-eap-04 > > > > Abstract: > > This document specifies an authentication service that uses the > > Extensible Authentication Protocol (EAP) transported employing > > Constrained Application Protocol (CoAP) messages. As such, it > > defines an EAP lower layer based on CoAP called CoAP-EAP. > One of the > > primer goals is to authenticate a CoAP-enabled IoT device > (EAP peer) > > that intends to join a security domain managed by a > Controller (EAP > > authenticator). Secondly, it allows deriving key material > to protect > > CoAP messages exchanged between them based on Object > Security for > > Constrained RESTful Environments (OSCORE), enabling the > establishment > > of a security association between them. > > > > > > > > > > The IETF Secretariat > > > > > > _______________________________________________ > Emu mailing list > Emu@ietf.org > https://www.ietf.org/mailman/listinfo/emu > > _______________________________________________ > Emu mailing list > Emu@ietf.org > https://www.ietf.org/mailman/listinfo/emu > > > > -- > Daniel Migault > Ericsson
- Re: [Ace] New Version Notification for draft-ietf… Dan Garcia Carrillo
- Re: [Ace] [Emu] New Version Notification for draf… John Mattsson
- Re: [Ace] [Emu] New Version Notification for draf… Göran Selander
- Re: [Ace] [Emu] New Version Notification for draf… Daniel Migault
- Re: [Ace] [Emu] New Version Notification for draf… Dan Garcia Carrillo
- Re: [Ace] [Emu] New Version Notification for draf… Dan Garcia Carrillo
- Re: [Ace] [Emu] New Version Notification for draf… Dan Garcia Carrillo
- Re: [Ace] [Emu] New Version Notification for draf… Dan Garcia Carrillo
- Re: [Ace] [Emu] New Version Notification for draf… Dan Garcia Carrillo
- Re: [Ace] [Emu] New Version Notification for draf… Göran Selander
- Re: [Ace] [Emu] New Version Notification for draf… Dan Garcia Carrillo
- Re: [Ace] [Emu] New Version Notification for draf… Daniel Migault