Re: [core] Review draft-amsuess-core-cachable-oscore-00
Christian Amsüss <christian@amsuess.com> Wed, 05 August 2020 19:03 UTC
Return-Path: <christian@amsuess.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 358A73A0E67; Wed, 5 Aug 2020 12:03:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XZNadK-rbW_B; Wed, 5 Aug 2020 12:03:34 -0700 (PDT)
Received: from prometheus.amsuess.com (prometheus.amsuess.com [5.9.147.112]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5EC3D3A0E8E; Wed, 5 Aug 2020 12:03:13 -0700 (PDT)
Received: from poseidon-mailhub.amsuess.com (unknown [IPv6:2a02:b18:c13b:8010:a800:ff:fede:b1bd]) by prometheus.amsuess.com (Postfix) with ESMTPS id AC65C40760; Wed, 5 Aug 2020 21:03:10 +0200 (CEST)
Received: from poseidon-mailbox.amsuess.com (poseidon-mailbox.amsuess.com [IPv6:2a02:b18:c13b:8010:a800:ff:fede:b1bf]) by poseidon-mailhub.amsuess.com (Postfix) with ESMTP id 73332AB; Wed, 5 Aug 2020 21:03:09 +0200 (CEST)
Received: from hephaistos.amsuess.com (unknown [IPv6:2a02:b18:c13b:8010:75ff:3fb:79be:d36d]) by poseidon-mailbox.amsuess.com (Postfix) with ESMTPSA id EB76964; Wed, 5 Aug 2020 21:03:08 +0200 (CEST)
Received: (nullmailer pid 3515558 invoked by uid 1000); Wed, 05 Aug 2020 19:03:08 -0000
Date: Wed, 05 Aug 2020 21:03:08 +0200
From: Christian Amsüss <christian@amsuess.com>
To: Jim Schaad <ietf@augustcellars.com>
Cc: draft-amsuess-core-cachable-oscore@ietf.org, 'Core WG mailing list' <core@ietf.org>
Message-ID: <20200805190308.GB3470838@hephaistos.amsuess.com>
References: <009a01d65c90$98bc6da0$ca3548e0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="i9LlY+UWpKt15+FH"
Content-Disposition: inline
In-Reply-To: <009a01d65c90$98bc6da0$ca3548e0$@augustcellars.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/Cv3CM7EHcN2IcIXqC5L2Zoy-ZN4>
Subject: Re: [core] Review draft-amsuess-core-cachable-oscore-00
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Aug 2020 19:03:37 -0000
Hello Jim, thanks for your review! On Fri, Jul 17, 2020 at 04:18:33PM -0700, Jim Schaad wrote: > I will admit that I found what was proposed here to be very interesting. I > am unsure of how well it would work and think that we may want to workshop > it at some point just to figure that out. Are you thinking in the direction of "let's think through concrete exchanges", or "let's try this out with a prototype implementation"? > * Reading this document made me really long for an OSCORE padding document > where the message can be predictably padded out to fixed length so that it > would make one of the issues raised in this document moot. Good point -- it'd be generally useful but particularly so here. Would be typical Appendix material. > * One wonders about the goodness of returning both a "This is what the > deterministic request says and here is the encoded request but you cannot > decrypt it". It does mean that you need to have a degree of trust for the > server not lying to you but would potentially allow for an even shorter > request. That shouldn't be the case. Any consensus request the client receives must be readable for the client, otherwise as you say it makes little sense. Any hint to such behavior would be an error in the document -- but I take that point as a cause to point out the importantce of reading it to the client in the Consensus Request definition. > * It might be worthwhile to signal that you are going to ask a lot and use > an application/multiple-coap content to return both the answer and the > deterministic request. This means that it would not be cached until the > next ask but that is going to be true anyway if the server is providing this > request. I think that this becomes largely moot with the addition I announced at the meeting (where the client would send a hash of the plaintext in an outer option). In such a setup, the client already gives the server a hint as to the desire for a consensus request and response. (When the client uses a deterministic request, it can start the process as well). On the long run, I expect that indication will rather be needed in the other direction: A client may not know for which requests it is part of a swarm and which are more individual. In that direction, it may work to have a target attribute in the link that asks a client to generate a deterministic request if its security policies allow that. KR c -- To use raw power is to make yourself infinitely vulnerable to greater powers. -- Bene Gesserit axiom
- [core] Review draft-amsuess-core-cachable-oscore-… Jim Schaad
- Re: [core] Review draft-amsuess-core-cachable-osc… Christian Amsüss
- Re: [core] Review draft-amsuess-core-cachable-osc… Jim Schaad