Re: [core] đź”” WGLC on draft-ietf-core-object-security
Göran Selander <goran.selander@ericsson.com> Tue, 19 December 2017 09:35 UTC
Return-Path: <goran.selander@ericsson.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA516120725; Tue, 19 Dec 2017 01:35:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.219
X-Spam-Level:
X-Spam-Status: No, score=-4.219 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GxhXEsN5iybS; Tue, 19 Dec 2017 01:35:42 -0800 (PST)
Received: from sesbmg22.ericsson.net (sesbmg22.ericsson.net [193.180.251.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A00C31200F3; Tue, 19 Dec 2017 01:35:41 -0800 (PST)
X-AuditID: c1b4fb30-d31ff70000006bc7-38-5a38dd6bfb32
Received: from ESESSHC015.ericsson.se (Unknown_Domain [153.88.183.63]) by sesbmg22.ericsson.net (Symantec Mail Security) with SMTP id 20.F5.27591.B6DD83A5; Tue, 19 Dec 2017 10:35:39 +0100 (CET)
Received: from ESESSMB107.ericsson.se ([169.254.7.238]) by ESESSHC015.ericsson.se ([153.88.183.63]) with mapi id 14.03.0352.000; Tue, 19 Dec 2017 10:35:38 +0100
From: Göran Selander <goran.selander@ericsson.com>
To: Mališa Vučinić <malisa.vucinic@inria.fr>, "core@ietf.org WG (core@ietf.org)" <core@ietf.org>
CC: "draft-ietf-core-object-security.authors@ietf.org" <draft-ietf-core-object-security.authors@ietf.org>
Thread-Topic: [core] đź”” WGLC on draft-ietf-core-object-security
Thread-Index: AQHTdN3+CFBerITaBk6qbHUwgbsBZaNKb+6A
Date: Tue, 19 Dec 2017 09:35:38 +0000
Message-ID: <D65E8FDA.917B9%goran.selander@ericsson.com>
References: <59F07A9C-B5E4-4EA0-96D6-A425F132F56B@ericsson.com> <CA57CC47-05E7-4200-9A88-6AD86BF7E204@inria.fr>
In-Reply-To: <CA57CC47-05E7-4200-9A88-6AD86BF7E204@inria.fr>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.7.3.170325
x-originating-ip: [153.88.183.150]
Content-Type: multipart/alternative; boundary="_000_D65E8FDA917B9goranselanderericssoncom_"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrEIsWRmVeSWpSXmKPExsUyM2K7vW72XYsog3//1Sz2vV3PbLH52VdW i53nLzM5MHssWfKTyWPSi0MsAUxRXDYpqTmZZalF+nYJXBmvti1kLPi+irHiyrt1jA2MG5Yx djFyckgImEjMe76UuYuRi0NI4DCjRM+N/WwQzhJGiblT7rGCVLEJuEg8aHjEBGKLCFRIHH96 BsxmFsiWmLTrNzuILSyQI9G+cSkbRE2uxLXl21m6GDmAbCOJ3mtiIGEWAVWJlTMOg43kFbCQ uPB5EdgYIYFCied3NoG1cgrYSFx92cgCYjMKiEl8P7UGapW4xK0n85kgjhaQWLLnPDOELSrx 8vE/sJmiAnoSe3va2SDiShIrtl9ihOiNlbjxroMZYq+gxMmZT1gmMIrOQjJ2FpKyWUjKZgF9 wCygKbF+lz5EiaLElO6H7BC2hkTrnLlQtrXEqYW7mJDVLGDkWMUoWpxanJSbbmSkl1qUmVxc nJ+nl5dasokRGJMHt/w22MH48rnjIUYBDkYlHt7yGxZRQqyJZcWVuYcYJTiYlUR4F+4ECvGm JFZWpRblxxeV5qQWH2KU5mBREuc96ckbJSSQnliSmp2aWpBaBJNl4uCUamDMPXrt/uNJE49U 6/HuF+Z6+SnpRLzOTzbR34G8ul2rbt+wSqtSsfg9qUdy4XXezy7376dmVl59uXre7QahrRz3 Wa+bcW1KU+n4MXme2oMFgX925OdcLNkWNofx3PSGtKcN76/kvJM4lLf9W3fKC08GbemlPs8z sluL+Y0Pzog+pW+w9fJyi49XlViKMxINtZiLihMBeLAX3sUCAAA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/5ZZAQ1DYyNVv5rqmE073fY3v5ac>
Subject: Re: [core] đź”” WGLC on draft-ietf-core-object-security
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Dec 2017 09:35:45 -0000
Hi Mališa, Great to hear you are progressing with Wireshark for OSCORE! Answers/comments inline: From: Mališa Vučinić <malisa.vucinic@inria.fr<mailto:malisa.vucinic@inria.fr>> Date: Thursday 14 December 2017 at 14:18 To: "core@ietf.org<mailto:core@ietf.org> WG (core@ietf.org<mailto:core@ietf.org>)" <core@ietf.org<mailto:core@ietf.org>> Cc: "draft-ietf-core-object-security.authors@ietf.org<mailto:draft-ietf-core-object-security.authors@ietf.org>" <draft-ietf-core-object-security.authors@ietf.org<mailto:draft-ietf-core-object-security.authors@ietf.org>> Subject: Re: [core] 🔔 WGLC on draft-ietf-core-object-security Resent-From: <alias-bounces@ietf.org<mailto:alias-bounces@ietf.org>> Resent-To: Göran Selander <goran.selander@ericsson.com<mailto:goran.selander@ericsson.com>>, John Mattsson <john.mattsson@ericsson.com<mailto:john.mattsson@ericsson.com>>, Francesca Palombini <francesca.palombini@ericsson.com<mailto:francesca.palombini@ericsson.com>>, <ludwig.seitz@ri.se<mailto:ludwig.seitz@ri.se>> Resent-Date: Thursday 14 December 2017 at 14:18 Göran, all, It was really a pleasure to witness how this spec advanced from draft-selander-ace-object-security-00 and evolved to its current form. Thank you for accommodating the requests coming from 6TiSCH and making this solution so efficient. I am just starting to work on a Wireshark dissector and this made me go through the text on HTTP-to-CoAP and CoAP-to-HTTP proxying as one may have HTTP carrying OSCORE. I would like to understand better the added value of this part of the spec. Take as an example HTTP client generating request that is proxied/translated into a CoAP request. For the HTTP client to generate external_aad and ciphertext, it needs to implement portions of CoAP machinery. For example, to generate plaintext, the HTTP client needs to know in advance what CoAP Code will the proxied request have, how HTTP headers will translate to CoAP options and how to encode them in CoAP format. My question is whether it makes sense for an HTTP client to implement this, but not the rest of CoAP. [GS] Carsten already commented about using HTTP for traversing firewalls. This thus enables end-to-end REST in practice, including deployments with mixed HTTP/CoAP legs. The feature was requested by e.g. OCF. Second comment is related to normative language on error handling in -07. Background: Some error responses can be spoofed as they are not protected due to the lack of common keying material, so this opens up a DoS vector on the client. Current text in -07 states that the server MAY send this kind of response. Could you elaborate the reasoning behind this? [GS] There was a request from one of the implementors to avoid unnecessary retransmissions and to be able to send info about what error it is. Typically error messages are protected, but if the error is related to OSCORE itself, e.g. that the server cannot find the security context, then the error message to the client cannot be protected. The DoS aspect related to a client receiving an unprotected error message depends on how the client acts on this message. The ability to send unprotected messages existed even without this. What is the expected behavior of a client? [GS] The application decides how to act. If an error message arrives, either the application specifies how to deal with it (e.g. based on the payload if any) or drops it without further processing. Could you discuss somewhere security tradeoff being made when one opts for one approach or the other? [GS] Yes, we should add a security consideration on this note. Why do you not differentiate based on message type (NON/CON), as used in previous versions? [GS] Because the error is sent independently of the underlying messaging layer, and there may not even be a messaging layer as in CoAP over TCP. The dependence on NON/CON was a mistake in the previous version that came up during the last interop, thanks to the implementers. I hope this addresses your comments. Göran Mališa On 20 Nov 2017, at 16:09, Jaime Jiménez <jaime.jimenez@ericsson.com<mailto:jaime.jimenez@ericsson.com>> wrote: Dear CoRE WG, As we discussed during this IETF, the OSCORE draft is in good shape for WGLC. The authors have submitted a reviewed version dealing with the minor comments from IEF100. https://tools.ietf.org/html/draft-ietf-core-object-security-07 The WGLC will end by 11th of December. Best Regards, - - Jaime Jiménez _______________________________________________ core mailing list core@ietf.org<mailto:core@ietf.org> https://www.ietf.org/mailman/listinfo/core
- [core] 🔔 WGLC on draft-ietf-core-object-security Jaime Jiménez
- Re: [core] 🔔 WGLC on draft-ietf-core-object-secur… Esko Dijk
- Re: [core] 🔔 WGLC on draft-ietf-core-object-secur… Mališa Vučinić
- Re: [core] 🔔 WGLC on draft-ietf-core-object-secur… Carsten Bormann
- Re: [core] 🔔 WGLC on draft-ietf-core-object-secur… Mališa Vučinić
- Re: [core] 🔔 WGLC on draft-ietf-core-object-secur… Göran Selander
- Re: [core] 🔔 WGLC on draft-ietf-core-object-secur… Carsten Bormann
- Re: [core] 🔔 WGLC on draft-ietf-core-object-secur… Göran Selander
- Re: [core] 🔔 WGLC on draft-ietf-core-object-secur… Göran Selander
- Re: [core] 🔔 WGLC on draft-ietf-core-object-secur… Esko Dijk
- Re: [core] 🔔 WGLC on draft-ietf-core-object-secur… Göran Selander