[core] Fwd: New Version Notification for draft-tiloca-core-oscore-capable-proxies-00.txt
Marco Tiloca <marco.tiloca@ri.se> Fri, 16 July 2021 12:38 UTC
Return-Path: <marco.tiloca@ri.se>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F4053A356A for <core@ietfa.amsl.com>; Fri, 16 Jul 2021 05:38:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ri.se
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1Qsr_lw0mRh2 for <core@ietfa.amsl.com>; Fri, 16 Jul 2021 05:38:47 -0700 (PDT)
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-eopbgr30089.outbound.protection.outlook.com [40.107.3.89]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0ABAA3A3564 for <core@ietf.org>; Fri, 16 Jul 2021 05:38:46 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=flOQo9fC3TlMm8+Hy4SXdZdsB+pDTULSgkdSH/o2OEvDn3Vj4nd9HJf82J0JJYxUPkHXk74pQqeng18cLWrobljloGGY0mp0n7Mr3Q9ld64TRpcGw2X7fGU2nguafBQCbNwk3U1WRsaCyqCxYu2/LYAWwHpDtX3erloTpF1BW/q3nrD6b4N/WpzeI8+IODJP73v7bc+L+pCQLhDjzM3YZaJpmE5QfKz3FN7m+8OPHw6HYLizffyg7LpK/YDX2uCfWl2dzREiw+8c8a5Actyamp3s5CgbEeEiqubKhU4wq5bIyKjYW5uIvzEtJpGY+3DCQQuRpqpNVnu7y7SzS4/4TQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=p1SZ4b274ChTLoV1sgx49ASjj+U8MTIqQLoEzxrt3v4=; b=BGfe380oQJw9/FXoXROlDenQ6cWOP2vnX5jJ9z+Nreah8Qtkbljj3Mx78jquMbeBuDvfaDy0W3igfUmV4vWpvU+vLXzddbQvE9jUWAFmEMUfTZDdqMVMyXUQHivcNGnVqRVQdMiM/tM5ZjDorJXdMbeqWqF32n54huMh8FKzA9tWh2QemGiewMhTuoPajDK2dVZsmlvb/8x6PxoW9xdfInpu0S106ruOFa+sUPN4lD/dpuVv8HOCfoD9j+NALUM4oY0T0sAIBIpH7+72zqFqiFYUkf6IAk4VfiSxqgGM+VbzhT/wz7MhmK6pUNIvx25etlKvZyNsAjCmufzIubaNPg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ri.se; dmarc=pass action=none header.from=ri.se; dkim=pass header.d=ri.se; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ri.se; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=p1SZ4b274ChTLoV1sgx49ASjj+U8MTIqQLoEzxrt3v4=; b=CGzGwBA2VehTra+BzphCyJAIhdm/ZZ53GQ9XtfAG4e4qJJoBOLFk7MHuGIzTZ8oGxlSvKSJ8QGgkDv60Ybwuz7hsJO9wSbUok/TkZbVDPgzAkhpOBMFuiYeHSlKFHXczMt2KN3b8pHmfR1fmdhOVHBuZSKpow86ev+H0ctOCwMA=
Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ri.se;
Received: from DB8P189MB1032.EURP189.PROD.OUTLOOK.COM (2603:10a6:10:16e::14) by DB9P189MB1737.EURP189.PROD.OUTLOOK.COM (2603:10a6:10:2a1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4331.21; Fri, 16 Jul 2021 12:38:41 +0000
Received: from DB8P189MB1032.EURP189.PROD.OUTLOOK.COM ([fe80::4837:ae94:28a8:8014]) by DB8P189MB1032.EURP189.PROD.OUTLOOK.COM ([fe80::4837:ae94:28a8:8014%4]) with mapi id 15.20.4308.027; Fri, 16 Jul 2021 12:38:41 +0000
References: <162608926127.7035.16952220356882707107@ietfa.amsl.com>
To: "core@ietf.org WG (core@ietf.org)" <core@ietf.org>
From: Marco Tiloca <marco.tiloca@ri.se>
X-Forwarded-Message-Id: <162608926127.7035.16952220356882707107@ietfa.amsl.com>
Message-ID: <44d44200-0993-687c-cfa0-91d9182424e6@ri.se>
Date: Fri, 16 Jul 2021 14:38:38 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0
In-Reply-To: <162608926127.7035.16952220356882707107@ietfa.amsl.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="tsTajDj6nByeRy4AmJhtxfSXjWAT4yylB"
X-ClientProxiedBy: HE1PR08CA0043.eurprd08.prod.outlook.com (2603:10a6:7:2a::14) To DB8P189MB1032.EURP189.PROD.OUTLOOK.COM (2603:10a6:10:16e::14)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [10.8.1.3] (185.219.140.159) by HE1PR08CA0043.eurprd08.prod.outlook.com (2603:10a6:7:2a::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4331.23 via Frontend Transport; Fri, 16 Jul 2021 12:38:40 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: ad8cd41d-35b1-48dd-d5d8-08d94856a441
X-MS-TrafficTypeDiagnostic: DB9P189MB1737:
X-Microsoft-Antispam-PRVS: <DB9P189MB1737DC225F7C1A2E4EF185BF99119@DB9P189MB1737.EURP189.PROD.OUTLOOK.COM>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: ZkyPY4SMHoz5AkEIvHXZiJ+CimLiVM1Dm1IFFL0zhtMPcYAQ5OJM1Vj9J+wmefHIns1dGFXgB8gi7tN+72+uTv+9c5c+v5NhWHnEGdWfRp/ughbErBsg1HzxN3oxKP1zGao2iCGIJmIZwzu232XRfb8sQ8kkt4SfyvTb07/JMOvO1ELxBgrGR1P/z9mPOTQVK9QhfDBpV+xlr366RJm/A8ZUWKYpYriXRF263krbVr6bJm74nJXlBzYSL0IHWuBazbTovjWWmTpQqz9wsoeMxrzz83avBRrQVBdQrOlzE+TPsafix+8szKQrg71eFZW9JN9un1PVMxrbDugQQVCF0jkVl4XWSWvCIQ2fb+elbRP+DlxCtYbuiBV1sL+2VYkWtC9SssVBm67aXWgM0vdyoRjb4Viid/HfEqwcMy4pYhrpXxTiJxq0w84+qZknDSVgoxkKup1/npHvp5xEIC0ZHKZk7iXlvXf7r+PhPttQkTOjNv+LA5mm9N+GPSR3sjm8KuVmoBsQdQOL4m2FFSsqUPQYs3j0LbcgVRDmMCu/7q3L7bOkU1NoLlcelJOzIGCp/LBNGgnoWAF5eXcZ8L6dx5LgbaMSedXOUnJhBhIp5Fxy4s9EYDyIoemYm9xLlVXBnH+/wrtxslbcDoHBR/hO3d2jqDgROks+TH4z1YXvu6x3n7wEzfvOtOHqsOrzvgdBrzkRlkyR0oEK81MdrVK6WEFR1sV3KWPc1LyFWUkpQvZhBK+SJIyvgxm8WSJgNyVfPg4TIKsgIWFGYeEIPge/ivuInI2f2hSOwkz0zi2KpecNimN7jz6DczL3YylLz+MF
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB8P189MB1032.EURP189.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(39850400004)(376002)(346002)(366004)(136003)(396003)(66476007)(45080400002)(86362001)(966005)(15650500001)(6486002)(478600001)(186003)(66946007)(31686004)(33964004)(38100700002)(26005)(66556008)(44832011)(2906002)(66574015)(235185007)(956004)(16576012)(316002)(8936002)(5660300002)(166002)(8676002)(21480400003)(2616005)(6916009)(36756003)(83380400001)(31696002)(43740500002)(45980500001); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: n69VS7eMge8tNtgR4/EsbRj/PWXeV/ZpZLe9d4X/T9//UOmZ4NUy/puT1l4j9c0qqboH4DjCi03mXoJ/EktaUaXn23H5flYEwGCx1zScYVW5wv6c8ZkUbmMqkVojvPLOgfJXB9qhcvJR/CAi/bl+QmpgjpJXnqz2KW6TcrG2IjywaNSykD7s0y8+tF8Bdcj9j+eDQ7xw5TDriOyHMSk1ArRjKiZtfgsRmlF4ZFiv5DMK3aht7O/UTlPazx4aZbDN/EaaVkhHqluFxo0Dquv6Z8a+p4p0fn+6zLwss2K3QgdezDpyHM6olo/beKCcdWrp7MpH9RtvfC6QFG+9uUesIkD1+8A+cWPnt4mRwwlNVWQLwl3+OAXSzFPS8prsmPp099ccVlGWLkOlQmBTOYhB5TjXUocpPbMjj4aVhUbfFrhgKbZheWlX/mSBPLeRYF4qjpSoEV2ZxVKeQniUZewIPGPBmb3dvVu3Qw//WIzNqAwGS9Hpn9CuBxdL2QjJfEnlgGEWntg87hq+U2Qw+xKjhoIzQ2yxq8JH6QJK0HvYraRDEy9x6RjnaQTjoXK0ImPyY80oDWmF3X4nL+GEz+VfglgM+O5PrJ0Nbg/LXtycaIq67j1CvFskkrT+RvFCadumAQRAYLQgn8n4ZAd3s9gX3ZOFOeOhwdTL59UXKu+GQ0JI2PTEnFaw9+KrIDD+Z8ebERZVoXPEJPXlZb4g2ukdkxIRxDjW2utkL8Iq8Tt+SKcF8z1kUeBTffNXaLkq/U3AqE8bD8mt5Jmtbe9NAlrqNN55r+jljGGLQ8C3M5i/KcCL52IqHzyh5H4izY2VpanAx37jsvWhC38KzK9/XZbSwR9p1yV/F+iaaR6hqVGTuRfwusDKxk4Xd7OuiSJqsUvnDcRhF2g0ywPeOFGO4ALIorfAxlcLM1npGBalqvQNMcG3ibCqVrY9ky2qDMmAyDnyRmpdE9Td6hfBcvhoEQANHA1TUhoImlBbb4OJS2vx+XJWojIs0jkACgNTjU2SmlFkPcDGCTDFavfEW2QTk2r6FYVonrhZWsn0PyghW0oj5vG1e3KjQ1DA6/gkhTRd1PQPeObPia6CXUTHV3b47z46lrOd+2hd6/jfDnhWO1CE0t7eJ2YGCYSAKaM+sTJdwmiTsi9hGrHg9bY8vHFsXhlTFfFFuneHlzGd6QV7iXAVaYXeCpmo+vhBhcrEJERnsvTYQjaU1/tYqpR/Vlel0s9TeHffIME6cE6wL//zZ3ze657Ku3mbitNyQ/35L5j8MzdrxSZC706EyXg+DXNxQEhwN4kzZuw78L99HultrrvlZ7fqpisblmYbzDgWQXLyMZBL
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-Network-Message-Id: ad8cd41d-35b1-48dd-d5d8-08d94856a441
X-MS-Exchange-CrossTenant-AuthSource: DB8P189MB1032.EURP189.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Jul 2021 12:38:41.1274 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: vWCqRcXVcfKSksYuAuIg26Gv3oEybLUCGt5ctNhZuOiEQdHsmoqhV2A6y6213BU4jsMVX8EsrQ3w8pyD9fTSOQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB9P189MB1737
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/Ih8x6TtNxnz10GoLaRwywCyxmCw>
Subject: [core] Fwd: New Version Notification for draft-tiloca-core-oscore-capable-proxies-00.txt
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Jul 2021 12:38:52 -0000
Hello CoRE, Following what was discussed during IETF 110 [1] and the CoRE interim at [2], we have recently submitted a new draft "OSCORE-capable Proxies". https://datatracker.ietf.org/doc/html/draft-tiloca-core-oscore-capable-proxies-00 The document defines how OSCORE is used to protect CoAP messages also between an origin application endpoint and an intermediary, e.g., a client and a proxy. Besides, it defines how a CoAP message can be double-protected through "OSCORE-in-OSCORE", e.g., protected both end-to-end between the origin client and origin server, as well as also over the leg between the client and the proxy acting as next hop towards the server. Seminal content about this was originally an appendix in [3], where such functionality looked convenient to define. Besides that, more use cases are mentioned in the present document. Finally, based on recent discussions [4], this functionality might help also for the security aspects of transport indication [5], when a proxy wants an additional security context on its own. Comments are very welcome! Best, /Marco [1] https://datatracker.ietf.org/doc/minutes-110-core-202103081700/ [2] https://datatracker.ietf.org/meeting/interim-2021-core-07/session/core [3] https://datatracker.ietf.org/doc/draft-tiloca-core-groupcomm-proxy/ [4] https://mailarchive.ietf.org/arch/msg/core/RZH8pgyksEwtMYVE1MrPkj9opyg/ [5] https://datatracker.ietf.org/doc/draft-amsuess-core-transport-indication/ -------- Forwarded Message -------- Subject: New Version Notification for draft-tiloca-core-oscore-capable-proxies-00.txt Date: Mon, 12 Jul 2021 04:27:41 -0700 From: internet-drafts@ietf.org To: Marco Tiloca <marco.tiloca@ri.se>, Rikard Hoeglund <rikard.hoglund@ri.se> A new version of I-D, draft-tiloca-core-oscore-capable-proxies-00.txt has been successfully submitted by Marco Tiloca and posted to the IETF repository. Name: draft-tiloca-core-oscore-capable-proxies Revision: 00 Title: OSCORE-capable Proxies Document date: 2021-07-12 Group: Individual Submission Pages: 23 URL: https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Farchive%2Fid%2Fdraft-tiloca-core-oscore-capable-proxies-00.txt&data=04%7C01%7Cmarco.tiloca%40ri.se%7Cd8a0bf9ad78a4ab81e6c08d9452810af%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C637616860649838401%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=PrtejNXjt3PAD120Pg7T7OoocUl1IEPraHk64ETCzbo%3D&reserved=0 Status: https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-tiloca-core-oscore-capable-proxies%2F&data=04%7C01%7Cmarco.tiloca%40ri.se%7Cd8a0bf9ad78a4ab81e6c08d9452810af%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C637616860649848362%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=NBVAvs5rK0x3VqDhCpkT0%2B6oL8fEyMf3%2FBJVO09hSgk%3D&reserved=0 Htmlized: https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-tiloca-core-oscore-capable-proxies&data=04%7C01%7Cmarco.tiloca%40ri.se%7Cd8a0bf9ad78a4ab81e6c08d9452810af%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C637616860649848362%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=UPReEFc5zcw9hAo%2FqzDXQYN7HVibWYkd6wFSW%2BuCf3w%3D&reserved=0 Abstract: Object Security for Constrained RESTful Environments (OSCORE) can be used to protect CoAP messages end-to-end between two endpoints at the application layer, also in the presence of intermediaries such as proxies. This document defines how OSCORE is used to protect CoAP messages also between an origin application endpoint and an intermediary, or between two intermediaries. Besides, it defines how a CoAP message can be double-protected through "OSCORE-in-OSCORE", i.e., both end-to-end between origin application endpoints, as well as between an application endpoint and an intermediary or between two intermediaries. Thus, this document updates RFC 8613. The same approach applies to Group OSCORE, for protecting CoAP messages when group communication with intermediaries is used. The IETF Secretariat
- [core] Fwd: New Version Notification for draft-ti… Marco Tiloca