[Atlas] New Version Notification for draft-bhattacharyya-dice-less-on-coap-01 (Re: Plans for the IETF Meeting )
Abhijan Bhattacharyya <abhijan.bhattacharyya@tcs.com> Sun, 04 March 2018 20:14 UTC
Return-Path: <prvs=594f1c73a=abhijan.bhattacharyya@tcs.com>
X-Original-To: atlas@ietfa.amsl.com
Delivered-To: atlas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EA86E126BFD for <atlas@ietfa.amsl.com>; Sun, 4 Mar 2018 12:14:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.31
X-Spam-Level:
X-Spam-Status: No, score=-4.31 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=tcs.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S9FPv_nPH8WA for <atlas@ietfa.amsl.com>; Sun, 4 Mar 2018 12:14:06 -0800 (PST)
Received: from inkolg01.tcs.com (inkolg01.tcs.com [121.241.215.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 921CA1242F5 for <atlas@ietf.org>; Sun, 4 Mar 2018 12:14:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tcs.com; i=@tcs.com; q=dns/txt; s=default; t=1520194445; x=1551730445; h=mime-version:in-reply-to:references:subject:from:to:cc: message-id:date; bh=UYmeELiy8+H8ryaY/AK06LcBZJ6NMkaM2liYr60nrR4=; b=OMQjJESRVldnUpGAP/TPALqwPbNYBN13i4FKySTsavfS9CqLNFrg1NJu +bDOZrDSp3DRMLo6QKgbzu7EMoSULhAYhy2Hbf+K0d3sHH+70EyEGRCeB 6rGfmSbs3RnkBAsbOxWCk077TgJlGJrG8JJufdnLzczxtxPQcVCnDvrzP g=;
IronPort-PHdr: 9a23:QIymPxNuJdYZagFClW0l6mtUPXoX/o7sNwtQ0KIMzox0I/n5rarrMEGX3/hxlliBBdydt6ofzbWL+Pm7ACQp2tWoiDg6aptCVhsI2409vjcLJ4q7M3D9N+PgdCcgHc5PBxdP9nC/NlVJSo6lPwWB6nK94iQPFRrhKAF7Ovr6GpLIj8Swyuu+54Dfbx9HiTahb75+Nhe7oAXeusULj4ZuN7s6xwfUrHdPZ+lY335jK0iJnxb76Mew/Zpj/DpVtvk86cNOUrj0crohQ7BAAzsoL2465MvwtRneVgSP/WcTUn8XkhVTHQfI6gzxU4rrvSv7sup93zSaPdHzQLspVzmu87tnRRn1gyocKTU37H/YhdBxjKJDoRKuuRp/w5LPYIqIMPZyZ77Rcc8GSWZEWMtaSi5PDZ6mb4YXAOUOPvxWoIvzp1UTrRWwGwqiCu3oxDBUnXL5x7E23v47HAHCwAAsAtQDu2nUotXvM6cSVPi4wbXTwjXDbvNW2y3y6I7VeR08ofGDR65wcdbLxkYzFwPKlE+QqIzlPjyPy+8AtHKU4PFgVeKuiW4osQdxriK0yccskIbJmp4VxUrY+iV52ok1P925SU5hbtO/DJtfqzqaO5FqTcMlRmFloSA3waAIt568eSgF0pUnxxjHZvyGbYeI/hzjWPyWITdii3JpYK6/iAqp8US61uL8Ucy03VBXpSRGitnBrm0B2h7N5sSdV/dw/V2t1SiB2gzJ5exJJ10/m7DBJJ472LEwk4IesUHEHiDrhkr7lLSWdkA4+uiw7OTnf6nmqoecN4BqjgH+NbwjlM+nD+o9KwYAWXWV9Pi62rPt+0P3WrJEgOMqn6XEqJzaJMIbqbClAwJNz4ou6QizAy273Nkbh3ULMlxIdAiIgoTxPlHBOvH4DfOxg1S2lzdrwujLMaf6DZXNL3jDkq3ufbBn50FHyAo818xf545OBb4dIPL8QFXxtdzYDxAjKAG03/roCM5n2owCXmKPB7eVMLnOvl+Q+uIvP+6MaZcXtjnnLfgl4eDhjWQjlVEDZqmmwZsXaHe2Hvt4JUWZYHXsj8wbHmcQuwoyVvDliFqHUTRLfXa9Q7o85i0nCIKhFYrMXJytgLib0yegBZBWZ35JCkyCEXvycIWEQfgMO2quJZpBmzoCWKPpd5Qq1RaguQn7xPIzDuPS/CAD867439hy6eDVlB4a/CZxSc+a1jfeYXtzmzYhTT833ql56WZ9w0uf2KN4iuZJBNUbs/pDUgY4PJiaxexzF8z7UQLIZMaYQX66Sc7gCjY0GIFii+QSalpwTo3xxivI2DCnVvpMz+SG
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A2BvAADVUpxa/wQXEqxbGQEBAQEBAQEBAQEBAQcBAQEBAYMjgROBGI14j3mBFpQ0FIIBIgEMhQsCgwI0GAECAQEBAQEBAgGBEYI4JAGCRgECBAEBJ0UCBwIQBRMEAwECJAQHJx8JCAYLCBuFEKdUAQEBgwQPhHKDbIIrhS2BNIEcdoEqe4Mtgy4BAQIBAReBGgkBEgE/DIMLBIIyBI15dIt1CYIOhEaGM4VfHDKDZ4hciX2JBh6BGXFwLiGCQwmCWm4BAnxvAYoRgjoBAQE
X-IPAS-Result: A2BvAADVUpxa/wQXEqxbGQEBAQEBAQEBAQEBAQcBAQEBAYMjgROBGI14j3mBFpQ0FIIBIgEMhQsCgwI0GAECAQEBAQEBAgGBEYI4JAGCRgECBAEBJ0UCBwIQBRMEAwECJAQHJx8JCAYLCBuFEKdUAQEBgwQPhHKDbIIrhS2BNIEcdoEqe4Mtgy4BAQIBAReBGgkBEgE/DIMLBIIyBI15dIt1CYIOhEaGM4VfHDKDZ4hciX2JBh6BGXFwLiGCQwmCWm4BAnxvAYoRgjoBAQE
X-IronPort-AV: E=Sophos;i="5.47,424,1515436200"; d="scan'208";a="303640996"
MIME-Version: 1.0
Sensitivity:
Importance: High
X-Priority: 1 (High)
In-Reply-To: <AM4PR0801MB270659E7789342AD745ABA88FAC30@AM4PR0801MB2706.eurprd08.prod.outlook.com>
References: <AM4PR0801MB270659E7789342AD745ABA88FAC30@AM4PR0801MB2706.eurprd08.prod.outlook.com>
From: Abhijan Bhattacharyya <abhijan.bhattacharyya@tcs.com>
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
Cc: "atlas@ietf.org" <atlas@ietf.org>
Message-ID: <OF30C905C9.D65CBE1A-ON65258246.006F2374-65258246.006F2379@tcs.com>
Date: Mon, 05 Mar 2018 01:43:55 +0530
X-Mailer: Lotus Domino Web Server Release 9.0.1FP8HF242 May 5, 2017
X-MIMETrack: Serialize by http on InKolM02/TCS(Release 9.0.1FP8HF242 | May 5, 2017) at 03/05/2018 01:43:55, Serialize complete at 03/05/2018 01:43:56, Itemize by http on InKolM02/TCS(Release 9.0.1FP8HF242 | May 5, 2017) at 03/05/2018 01:43:56, Serialize by Router on InKolM02/TCS(Release 9.0.1FP8HF242 | May 5, 2017) at 03/05/2018 01:43:57, Serialize complete at 03/05/2018 01:43:57
Content-Type: multipart/alternative; boundary="=_alternative 006F237765258246_="
Archived-At: <https://mailarchive.ietf.org/arch/msg/atlas/cUK91rG-9V82ZQTF08IUCA3KzQw>
Subject: [Atlas] New Version Notification for draft-bhattacharyya-dice-less-on-coap-01 (Re: Plans for the IETF Meeting )
X-BeenThere: atlas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Application Transport LAyer Security <atlas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/atlas>, <mailto:atlas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/atlas/>
List-Post: <mailto:atlas@ietf.org>
List-Help: <mailto:atlas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/atlas>, <mailto:atlas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 04 Mar 2018 20:14:10 -0000
Hi Hannes and list, A new version of our previous work has been submitted. It primarily overhauls the abstract and the introduction to align with thee proposed charter and tries to describe some uses cases that might require this work. The last part was completely missing in the previous version. The working group has not been modified though dice is no longer active. It will be changed once we see this moving forward. Co-ordinates of the draft can be found in the submission confirmation below: A new version of I-D, draft-bhattacharyya-dice-less-on-coap-01.txt has been successfully submitted by Abhijan Bhattacharyya and posted to the IETF repository. Name: draft-bhattacharyya-dice-less-on-coap Revision: 01 Title: Lightweight Establishment of Secure Session (LESS) on CoAP Document date: 2018-03-03 Group: Individual Submission Pages: 19 URL: https://www.ietf.org/internet-drafts/draft-bhattacharyya-dice-less-on-coap-01.txt Status: https://datatracker.ietf.org/doc/draft-bhattacharyya-dice-less-on-coap/ Htmlized: https://tools.ietf.org/html/draft-bhattacharyya-dice-less-on-coap-01 Htmlized: https://datatracker.ietf.org/doc/html/draft-bhattacharyya-dice-less-on-coap-01 Diff: https://www.ietf.org/rfcdiff?url2=draft-bhattacharyya-dice-less-on-coap-01 Abstract: Secure yet lightweight protocol for communication over the Internet for constrained node networks (CNN) is a pertinent problem. Constrained Application Layer Protocol (CoAP) mandates the use of Datagram Transport Layer Security (DTLS) for a secure transaction over CoAP. But DTLS is not a candidate technology for CNNs by design. The DTLS handshake overhead to establish the credentials for a session between two end-points in a CNN may not be resource efficient. There are ongoing efforts to secure one-time exchanges by ensuring object security at the application layer. But a composite standardized mechanism for resource-efficient end-to-end security credential establishment is much needed to cater both one-time exchanges as well as exchanges over a session. DTLS is essentially a combination of two operations: (1) the session protocol to establish the credentials (and this is the resource heavy part), (2) the record protocol to protect the information (this is the cryptographic part). This draft proposes to distribute the security responsibilities such that the session establishment happens in the application layer, leveraging the lightweight semantics of CoAP, and the record layer encryption happens by reusing the existing DTLS record-layer protocol. This way the proposed mechanism enables a resource-efficient session establishment mechanism besides reusing the existing DTLS encryption. Assuming a Pre-Shared Key (PSK) environment, this draft proposes an embedding of handshake for resource efficient end-to-end session establishment into CoAP. The session establishment procedure produces the necessary and sufficient inputs for seamless operation of the DTLS record-layer to secure the channel. Also, this mechanism ensures a direct security association between the end-applications for systems using middleboxes like proxies and/or gateways which may not be always trusted. The proposed approach provides a mechanism to securely traverse through such middleboxes through an end-to-end trusted channel. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat With Best Regards Abhijan Bhattacharyya Associate Consultant Scientist, TCS Research Tata Consultancy Services Building 1B,Ecospace Plot - IIF/12 ,New Town, Rajarhat, Kolkata - 700160,West Bengal India Ph:- 033 66884691 Cell:- +919830468972 Mailto: abhijan.bhattacharyya@tcs.com Website: http://www.tcs.com ____________________________________________ Experience certainty. IT Services Business Solutions Consulting ____________________________________________ -----"Atlas" <atlas-bounces@ietf.org> wrote: ----- To: "atlas@ietf.org" <atlas@ietf.org> From: Hannes Tschofenig Sent by: "Atlas" Date: 02/24/2018 02:01PM Subject: [Atlas] Plans for the IETF Meeting Hi all, we had an off-list discussion with our security ADs and the plan for the upcoming IETF meeting is the following: First, we will have a side meeting (which is being scheduled by our ADs). Second, if we come up with some conclusions during that side meeting there will be a presentation at SECDISPATCH. Since SECDISPATCH is on Tuesday the side meeting will most likely take place on Monday. Note that the Internet Draft submission cut-off is on the Monday March 5th. Make sure that submit your renewed write-up by that time so that we can have a fruitful discussion during the IETF week. Ciao Hannes IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. _______________________________________________ Atlas mailing list Atlas@ietf.org https://www.ietf.org/mailman/listinfo/atlas =====-----=====-----===== Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you
- [Atlas] Plans for the IETF Meeting Hannes Tschofenig
- [Atlas] New Version Notification for draft-bhatta… Abhijan Bhattacharyya