IETF Logo Mail Archive

[Anima-bootstrap] EAP-over-CoAP

Michael Richardson <mcr+ietf@sandelman.ca> Tue, 08 September 2015 01:15 UTC

Return-Path: <mcr@sandelman.ca>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7ED3A1B3FFA for <anima-bootstrap@ietfa.amsl.com>; Mon, 7 Sep 2015 18:15:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O3QaJlwEqzJ2 for <anima-bootstrap@ietfa.amsl.com>; Mon, 7 Sep 2015 18:15:12 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9A4DD1B40F9 for <anima-bootstrap@ietf.org>; Mon, 7 Sep 2015 18:15:12 -0700 (PDT)
Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id 24E5120098 for <anima-bootstrap@ietf.org>; Mon, 7 Sep 2015 21:15:28 -0400 (EDT)
Received: by sandelman.ca (Postfix, from userid 179) id 9FB0E63B18; Mon, 7 Sep 2015 21:15:11 -0400 (EDT)
Received: from sandelman.ca (localhost [127.0.0.1]) by sandelman.ca (Postfix) with ESMTP id 8A59963AEC for <anima-bootstrap@ietf.org>; Mon, 7 Sep 2015 21:15:11 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: anima-bootstrap <anima-bootstrap@ietf.org>
X-Attribution: mcr
X-Mailer: MH-E 8.6; nmh 1.3-dev; GNU Emacs 24.4.2
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha1"; protocol="application/pgp-signature"
Date: Mon, 07 Sep 2015 21:15:11 -0400
Message-ID: <23051.1441674911@sandelman.ca>
Sender: mcr@sandelman.ca
Archived-At: <http://mailarchive.ietf.org/arch/msg/anima-bootstrap/tmB1DRH__tvQ_lwXgCXouKseaJE>
Subject: [Anima-bootstrap] EAP-over-CoAP
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Sep 2015 01:15:14 -0000

BCC to the anima-bootstrap list.

To: Alexander Pelov <alexander.pelov@telecom-bretagne.eu>
cc: Giuseppe Piro <peppe@giuseppepiro.com>,
    "6tisch@ietf.org" <6tisch@ietf.org>, Rafa Marin Lopez <rafa@um.es>
Subject: Re: [6tisch] about the secure join process
In-Reply-To: <9C9D4508-E0A7-475C-9465-7F4F2BDC6FCA@telecom-bretagne.eu>
References:  <CAH-9zkr_zRNA9DF4MniVs-Ldxt8BwCnv5wu4cGyzqupPU4fPEg@mail.gmail.com> <9C9D4508-E0A7-475C-9465-7F4F2BDC6FCA@telecom-bretagne.eu>
FCC: +outgoing
--------

Alexander Pelov <alexander.pelov@telecom-bretagne.eu> wrote:
    > In our proposal for managing long-range radio networks with CoAP (
    > https://tools.ietf.org/html/draft-pelov-core-cosol-00 ) we’re using
    > EAP-over-CoAP. The use of CoAP as signaling protocol, makes it natural
    > to go to this solution, as this way we can reuse the whole EAP
    > framework that’s already in place.

EAP-over-CoAP is probably a better choice than over PANA :-)

But, it seems to me that it ought to be EAP-over-DTLS-over-CoAP,
with the result being creation of a CoAPS context.

In either case, if you are really doing EAP-TLS, then you wind up with
a ridiculous number of layers.

One can then run EST or something similar over it.

Your document seems to intersect with a bunch of other work, I hope to get
back to you with some additional comments.


--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-

v2.23.0 | Report a Bug | By Email