IETF Logo Mail Archive

Re: [core] 🔔 Confirming adoption of draft-hoeglund-core-oscore-key-limits-02 as a CoRE WG document

John Mattsson <john.mattsson@ericsson.com> Mon, 15 November 2021 10:22 UTC

Return-Path: <john.mattsson@ericsson.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68D653A0811 for <core@ietfa.amsl.com>; Mon, 15 Nov 2021 02:22:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.8
X-Spam-Level:
X-Spam-Status: No, score=-2.8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.701, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k0S6urwLH4ce for <core@ietfa.amsl.com>; Mon, 15 Nov 2021 02:22:51 -0800 (PST)
Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-ve1eur01on061d.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe1f::61d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 655143A08AE for <core@ietf.org>; Mon, 15 Nov 2021 02:22:51 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AiGPgo10/BvDmN/v129PbEtOQ9+eAVQkpPhPVQKsElOEcIIJxlKxQkEDyj6bk5iha7QlNx0flTlcsOmjBqVPMPYfgQjoi/XvWpw8NsCPj3D1qtCjQKq7mXTqMWApnV+JRdFWTfZCznMnHGnduxkNqUzQUWY0ecZ6mOmJZp4FTA1ItEmgeZw9iWyx0OJ42F79s2m/Kn0NteMpRKYTQUjYCZ8l+xJ81gb1y5QtEW0qbkn9podEZHpdGfMn8cuWeUjVeIqJ2IA9Q4BXcbP9aOsPSGskYCV4Xy/TVP0dIVmNMP31NYabCkxCLIg+LjvzOUIxYY6B4ZMP49BCw4utlIG6cw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=3ksDYX4YjRxCbeYLmNlllYql6vjV4UHRkQ2lHICgBSc=; b=TvyUYN+V1MgIt1lHOh6HUqHHy0nbYoKONGtzYJDfU2b1h5g9OxJsYHmX/R5C7zd5I2E1AuS4aiSqxkgcfTsUWs5EhCuDfMioC/ju16RCYR7DDEprSvXe7GOu/wFIEAYB0tH1//3HCTVyPQYw3w0lW+qgifSG1lb/i7jPbzCsbb47koHLdUJc70U/hpaGQIXHX/1COhSso0JV6cX21bbaSkQ96EONsd9o4awG3zx2H+aJEaKP/1X1joSMbXXGwBiRymG4U76Clp9ZuYZcd1u+uhD09eS5gXKWdz8TzV9dbBmkHO0rXwSBZVFG5i/PyyA+LP5um1vn45t5z46+r59e5Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3ksDYX4YjRxCbeYLmNlllYql6vjV4UHRkQ2lHICgBSc=; b=mtnzawgQ14OCYiEY4J6Y3STQ5fgXRiqyXXQqeFQxpeTVEgezyhKo8y/cH6dzZAZTPc1M1KkcJq/KMB/eTOU7JR9xnkvUewrQtUyG1TsIFDn6vvE9dQ9uDFESm7sxyqq3VDAQzbiREkBQzPo7uSQu1MME5Uvvrri54mJo8wF9VRM=
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com (2603:10a6:3:4b::8) by HE1PR0701MB2778.eurprd07.prod.outlook.com (2603:10a6:3:98::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4690.8; Mon, 15 Nov 2021 10:22:46 +0000
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::acd7:51e8:bdfe:c133]) by HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::acd7:51e8:bdfe:c133%7]) with mapi id 15.20.4713.018; Mon, 15 Nov 2021 10:22:46 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: Christian Amsüss <christian@amsuess.com>, Jaime Jiménez <jaime@iki.fi>
CC: "core@ietf.org" <core@ietf.org>
Thread-Topic: [core] 🔔 Confirming adoption of draft-hoeglund-core-oscore-key-limits-02 as a CoRE WG document
Thread-Index: AQHX1YZkXnChFe1lSkKHNl8MwUUHRKwEZ/Q0
Date: Mon, 15 Nov 2021 10:22:46 +0000
Message-ID: <HE1PR0701MB30509A4728E4C8F88B45C00389989@HE1PR0701MB3050.eurprd07.prod.outlook.com>
References: <97d7f098-ff89-4dae-a9dd-be09225553aa@www.fastmail.com> <YYqg2NNe5sYq7O6A@hephaistos.amsuess.com>
In-Reply-To: <YYqg2NNe5sYq7O6A@hephaistos.amsuess.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 3f1ea95e-5805-49e2-c434-08d9a821de28
x-ms-traffictypediagnostic: HE1PR0701MB2778:
x-microsoft-antispam-prvs: <HE1PR0701MB2778D2E6A34F77CB1CD14E7A89989@HE1PR0701MB2778.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: qnuGXHpTGdYj0nNlw9jsmE/xe06DXCvrfXGth9LqBKpR3tX7NonRLRH3GuiAkBidSa0PXNuTSeZqOztbDo7GW+j4Lzf/ypOMG2NIU1SvBK6zLnojR3D/gceEPe9qhDgSgElODB0ZvGW93i6mR8FN1iVeiOKZWU+PiQOZQFxBhQpSyVNO3SuLQ5jUPy2eTucmowldEdRKmwstAa/FBkKmLsgiKms/GgncrU8hV/z5QeskDZuIX3tndAA8a3wzUT8AqC5nex2PIVcsajj5K9wIj460pKbl9wGg170+t3Is7i7fbtfmWMuGDcy2LbpoEiuSNUUcJcrOXvMnYdd2wIBj1Yd2UzQU3zJNLo5eDS7CJXgbWIZ/0/zGNJlwhKn9IvxhNQp5OYjAxhh2vmBB/HKZFqWSWqgTaPaAgH+1buair2j00GwTWFWhEDAHJ/5ouyNXJuoVcxNigQcXqSQ79JvBA2juFomkAqY08IYohukOYSKSQoflgqgb4cDplvel5msodXsuIiolOwFGNMzD9/r5XgAd0II6HYHMjxAa/wqfoj1k5MQn/3BW0/hTI/kcyU9tj8qjR1xcpHREJV3n0ln/kwzlGqB6BTElC9GcHNfNgurt029+CGtTZ9VFIbiDM3YphLZL2ATNaV8jGw6YJw0fXYJkQakQYvqC/0cTg4AGNq47u6lWXNqJotI4q6gko7G599dcrk1y3iqGhxlv5YwoU0q4IOdlpEhaH19vdyGsv/pv5M9SWsc4QFTGADZbUviArL8yUFEktigUBbI+9xdW73K28By/lP3ZRkDr6ve/YiK6Ima/IcjLVg+6BHPVnSXYgUzyJtUrSEnhDkRL1O9Rug==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0701MB3050.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(91956017)(33656002)(9686003)(53546011)(66476007)(66446008)(6506007)(86362001)(66946007)(71200400001)(83380400001)(4326008)(966005)(7696005)(66574015)(110136005)(82960400001)(38100700002)(44832011)(122000001)(508600001)(38070700005)(52536014)(5660300002)(55016002)(316002)(66556008)(186003)(64756008)(2906002)(8936002)(76116006); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: zDUYVRZ035LNy8StIfi20jpSbUTCCNQuY8q7Ji4YQPO0nNG54U9pXquEY6a1iCtZIiQD4mpX91/sL5UolT3zyzfIGQ1R7JU3WCXFI5YezUC6maGobJGIE0t2hns1+LissES1se0o+aAZ4+rLcawCXkL5wggNhEDYLriWrjCsMy61hLm9V8yHQm6Qmh7ABIYy3+7vTRspNInxddEf8m2t1CJw+Outnsa+nCrhdhhWQTVujyRhtMw7rwLZ+IXCgNnDSKk9YeqR0blKOhszjcfC1XcOB0rgWnuLoMF1/bhafsDnxg0izuHEn/Rkl7z4pdauHzgul0nmPHQi5PN0UxprzM+Q9sET7EzgK0++xpuauFRXir6drspL0O0NsDGXbeRKRdOE711UzTGAxVxBoFhDyuJx6boJH9yhcebJkdiahrujz970/E5rc6YtnHN27CIhNwbKEqMydsGeiLq+8jDiDlaoDeQOlrQBM5YKLYzLAdxsxqxBauBMOURXeCIQyY4vZrG6AK1mVAP8fTAkBeyPw7L1ve/3PHr+BmBMGJVJcjmAHhaMM3p+f8e7iIhQrgEoR77yT8T6oDpIGwH9hXtv2WPu5uNYp9DCeIuOOqepgqYPv8/ePSVOG7P+Pxw/6qUXbQ/756Dl0y94N3CZ/0A6vo8vzxnE2hQvZeeL+kvA62SZh3iwYrtlghD+XwYyvDE4NWSqKyzzGTDzrxYiqgZjfMYbluYjyqQY5OyPUY6Mgwc+yEDvmeMofp6Tlnr82xYyNxhkfCgRj+4RRkWOAxfSSEZFbBN2BodNuA7u3nys/+9pnoBHwH0ucR6HSbVdUQBszcnnS0XeaYxAp7tyEIGJz5Xk0mmDQzaJOtlaHJd+ctwNS1G5Xl5/ye5YK8qW11Xylei7BQkiXH+hu9hIQWzZOMRzrQBiVwTUkTjwT+eZrClewSIs5b52+dc8IeTev/VNUUnNwJeadVvrIkpqDNUBvCrspRMnbcwZu3LV6b3OBq3QY1P+CYcbAfY1YYnyD5ISyaSzU2Qfp8ChmVtw6mdXVyODvlOTul3WIzQiuUUlDOfKdsfwA+bk7XGvN2V0sCotK31f+wdQbxdrq2bsnuZvEv9kdaiuavzQpbWe6OYV1rgpiQR4VA+MBCKloEsXUuun8NIJn8Tp/cpMwl+Fv/GFtXxB+28Bn2uVXXPorJlz6Ya8/WXPYmHZv1Y8aM9MRVmeitP30Io35RTGsyykhtcQXQcEteqWJIu2XfrZYVDI271ffPhOqKSl1HMSHzk9qHKujJy2tA7JMI1s8oec/N9RKGo7278AOT71uOT89GXhpyq4sYZQY5hnx3DgBkGiHfL5zfTPrG6jpA49Pl4LvE0TCXulowRpXRSwhEMf9yW9++asXq8aKMSUOAYzAIXu+Vh20QJAX4g2AL7ONPNOuwkgpy9zrCY91a6RZoP114Wd9PxpWNSe+6CNjNfuq68+xIfEdQuofnAST/AICTNkrQly3bBaj5U9P5+Xo24rgm+R8zRpwCgQ2jsBxZ37XkHjlX2gMX+bfWc66dNAk8OA1aU9EpZDpNf4wS7WbZ3THg1uEa0aOUOl9eZFyTQWoVCljpEgG7NMjCTQ3dqJMbGn4G3MIF050cXc4cfJk6RqYVUmbWDbk9sekfE8zdEbqLfEQlLqleU9f5WcAItkV70GVf6OR/jzCGp1txhh3Mn8WoM6a5PuEX3+t5INnr5erKBF4zyJ8REjw9J5D8FhgiyueChT9Hc/n5nx8BYJONEpS65Cdqg=
Content-Type: multipart/alternative; boundary="_000_HE1PR0701MB30509A4728E4C8F88B45C00389989HE1PR0701MB3050_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0701MB3050.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 3f1ea95e-5805-49e2-c434-08d9a821de28
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Nov 2021 10:22:46.2637 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: iSQ85a2oIoXL94+phtWQtGy75b5suQ4yXLD6bVSX16QXDjXoEkDdEKbnPbblb26N6uWDWRnMMvP2LPm+bKXbX71PujZyMKUtLbBGb2Ux+A4=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2778
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/GXsKO4wKdt3RTZnQZxOzRdIG9QI>
Subject: Re: [core] 🔔 Confirming adoption of draft-hoeglund-core-oscore-key-limits-02 as a CoRE WG document
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Nov 2021 10:22:56 -0000

Hi,

There has recently been discussion about connection ID privcacy in LAKE WG and the corresponding identifiers in the application protocol. I.e. Sender ID and Recipient ID in OSCORE. Christian wrote that ability to correlate connection beteen two points in time or between paths is also related to sequence numbers.

I think it would be good to discuss if the KUDOS rekeying mechanism should/could be used to also update the identifiers. KUDOS resets the sequence numbers. I have not thought about this in any detail or that it is something we should do, I just suggest that we discuss it.

https://github.com/core-wg/oscore/issues/263
https://github.com/lake-wg/edhoc/issues/202

Background info on connection ID update in QUIC and DTLS 1.3:
https://datatracker.ietf.org/doc/html/rfc9000#section-5.1
https://datatracker.ietf.org/doc/html/draft-ietf-tls-dtls13-43#section-9

Cheers,
John

From: core <core-bounces@ietf.org> on behalf of Christian Amsüss <christian@amsuess.com>
Date: Tuesday, 9 November 2021 at 17:25
To: Jaime Jiménez <jaime@iki.fi>
Cc: core@ietf.org <core@ietf.org>
Subject: Re: [core] 🔔 Confirming adoption of draft-hoeglund-core-oscore-key-limits-02 as a CoRE WG document
Hello Jaime,

> In yesterday's CoRE meeting, we had good in-room consensus to
> adopt draft-hoeglund-core-oscore-key-limits as a WG draft (Adoption
> call: +9, one "not raise hand" ).

I was one of the 9, and just want to reiterate here that I consider both
parts of the document important for the WG. I do not understand all the
pieces that come together on the IA and CA limits part, but can offer
reviews of KUDOS part as this will progress.

Thank you Rikard and Marco for working on this
Christian

--
To use raw power is to make yourself infinitely vulnerable to greater powers.
  -- Bene Gesserit axiom

v2.23.0 | Report a Bug | By Email