Re: [core] Editors' draft of changes to draft-ietf-core-coap-tcp-tls-08 after IESG input

Carsten Bormann <cabo@tzi.org> Tue, 16 May 2017 14:02 UTC

Return-Path: <cabo@tzi.org>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D3D28129C55 for <core@ietfa.amsl.com>; Tue, 16 May 2017 07:02:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.799
X-Spam-Level:
X-Spam-Status: No, score=-2.799 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, RCVD_IN_DNSWL_MED=-2.3, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lybbKOkjXTeB for <core@ietfa.amsl.com>; Tue, 16 May 2017 07:02:43 -0700 (PDT)
Received: from mailhost.informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 10F2C12EBB7 for <core@ietf.org>; Tue, 16 May 2017 06:58:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de
Received: from submithost.informatik.uni-bremen.de (submithost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::b]) by mailhost.informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id v4GDw9A2018562 for <core@ietf.org>; Tue, 16 May 2017 15:58:09 +0200 (CEST)
Received: from client-0191.vpn.uni-bremen.de (client-0191.vpn.uni-bremen.de [134.102.107.191]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by submithost.informatik.uni-bremen.de (Postfix) with ESMTPSA id 3wRzYY4YlVzDHFN; Tue, 16 May 2017 15:58:09 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <76EA187B-4A41-4363-B49E-75064626190A@tzi.org>
Date: Tue, 16 May 2017 15:58:08 +0200
X-Mao-Original-Outgoing-Id: 516635888.814189-0f3b2462f84fb5129e4e40bce2537821
Content-Transfer-Encoding: quoted-printable
Message-Id: <C3912973-0415-4BCF-9FAA-D5A2E9E5A08C@tzi.org>
References: <76EA187B-4A41-4363-B49E-75064626190A@tzi.org>
To: core <core@ietf.org>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/76INSbcF1kXb0i9DpbPLAsfcHcg>
Subject: Re: [core] Editors' draft of changes to draft-ietf-core-coap-tcp-tls-08 after IESG input
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 May 2017 14:02:45 -0000

I just pushed a couple more commits, this time addressing some input from the IESG that the ADs downgraded from DISCUSS to COMMENT.

In particular the text I generated on cipher suites needs attention from implementers and TLS experts.
(The gist is that CoAP over WebSockets should use what is available in browsers and secure [JavaScript code may not have a lot of influence on the cipher suites anyway], while CoAP over TLS should use what is available in constrained devices, i.e. the cipher suites recommended in RFC 7925 — even though any back-end usage of CoAP over TLS may want to use RFC 7525 cipher suites instead.)

Please use the links below, which now include the changes for these last two commits.

Grüße, Carsten


> On May 15, 2017, at 16:32, Carsten Bormann <cabo@tzi.org> wrote:
> 
> I have generate a first editors’ draft of what might become draft-ietf-core-coap-tcp-tls-09, addressing IESG input on the draft.
> (This draft addresses DISCUSSes, but almost no COMMENTS; see https://github.com/core-wg/coap-tcp-tls/issues for an overview what else needs to be done.)
> 
> This has a bit of Brownian motion (default ports etc.), but also one important change:
> 
> IESG members have asked us to stop proliferating URI schemes, and as a result the draft remains with coap:// and coaps:// for all new transports.
> 
> Please see:
> 
> https://tools.ietf.org/rfcdiff?url1=draft-ietf-core-coap-tcp-tls&url2=https://raw.githubusercontent.com/core-wg/coap-tcp-tls/gh-pages/iesg/draft-ietf-core-coap-tcp-tls.txt
> 
> for the changes from -08, and
> 
> https://core-wg.github.io/coap-tcp-tls/iesg/
> 
> for a full document.
> 
> For example,
> 
> https://core-wg.github.io/coap-tcp-tls/iesg/#rfc.section.7.8
> 
> is a new section, but many other sections concerned with URIs and URI schemes have received changes.
> 
> It is important if the WG can live with this change, or whether we need to incur further delay pushing back on this change.
> Please let us know!
> 
> Grüße, Carsten
> 
> 
>