[core] Fwd: New Version Notification for draft-tiloca-core-oscore-capable-proxies-00.txt

Marco Tiloca <marco.tiloca@ri.se> Fri, 16 July 2021 12:38 UTC

Return-Path: <marco.tiloca@ri.se>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F4053A356A for <core@ietfa.amsl.com>; Fri, 16 Jul 2021 05:38:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ri.se
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1Qsr_lw0mRh2 for <core@ietfa.amsl.com>; Fri, 16 Jul 2021 05:38:47 -0700 (PDT)
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-eopbgr30089.outbound.protection.outlook.com [40.107.3.89]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0ABAA3A3564 for <core@ietf.org>; Fri, 16 Jul 2021 05:38:46 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=flOQo9fC3TlMm8+Hy4SXdZdsB+pDTULSgkdSH/o2OEvDn3Vj4nd9HJf82J0JJYxUPkHXk74pQqeng18cLWrobljloGGY0mp0n7Mr3Q9ld64TRpcGw2X7fGU2nguafBQCbNwk3U1WRsaCyqCxYu2/LYAWwHpDtX3erloTpF1BW/q3nrD6b4N/WpzeI8+IODJP73v7bc+L+pCQLhDjzM3YZaJpmE5QfKz3FN7m+8OPHw6HYLizffyg7LpK/YDX2uCfWl2dzREiw+8c8a5Actyamp3s5CgbEeEiqubKhU4wq5bIyKjYW5uIvzEtJpGY+3DCQQuRpqpNVnu7y7SzS4/4TQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=p1SZ4b274ChTLoV1sgx49ASjj+U8MTIqQLoEzxrt3v4=; b=BGfe380oQJw9/FXoXROlDenQ6cWOP2vnX5jJ9z+Nreah8Qtkbljj3Mx78jquMbeBuDvfaDy0W3igfUmV4vWpvU+vLXzddbQvE9jUWAFmEMUfTZDdqMVMyXUQHivcNGnVqRVQdMiM/tM5ZjDorJXdMbeqWqF32n54huMh8FKzA9tWh2QemGiewMhTuoPajDK2dVZsmlvb/8x6PxoW9xdfInpu0S106ruOFa+sUPN4lD/dpuVv8HOCfoD9j+NALUM4oY0T0sAIBIpH7+72zqFqiFYUkf6IAk4VfiSxqgGM+VbzhT/wz7MhmK6pUNIvx25etlKvZyNsAjCmufzIubaNPg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ri.se; dmarc=pass action=none header.from=ri.se; dkim=pass header.d=ri.se; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ri.se; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=p1SZ4b274ChTLoV1sgx49ASjj+U8MTIqQLoEzxrt3v4=; b=CGzGwBA2VehTra+BzphCyJAIhdm/ZZ53GQ9XtfAG4e4qJJoBOLFk7MHuGIzTZ8oGxlSvKSJ8QGgkDv60Ybwuz7hsJO9wSbUok/TkZbVDPgzAkhpOBMFuiYeHSlKFHXczMt2KN3b8pHmfR1fmdhOVHBuZSKpow86ev+H0ctOCwMA=
Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ri.se;
Received: from DB8P189MB1032.EURP189.PROD.OUTLOOK.COM (2603:10a6:10:16e::14) by DB9P189MB1737.EURP189.PROD.OUTLOOK.COM (2603:10a6:10:2a1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4331.21; Fri, 16 Jul 2021 12:38:41 +0000
Received: from DB8P189MB1032.EURP189.PROD.OUTLOOK.COM ([fe80::4837:ae94:28a8:8014]) by DB8P189MB1032.EURP189.PROD.OUTLOOK.COM ([fe80::4837:ae94:28a8:8014%4]) with mapi id 15.20.4308.027; Fri, 16 Jul 2021 12:38:41 +0000
References: <162608926127.7035.16952220356882707107@ietfa.amsl.com>
To: "core@ietf.org WG (core@ietf.org)" <core@ietf.org>
From: Marco Tiloca <marco.tiloca@ri.se>
X-Forwarded-Message-Id: <162608926127.7035.16952220356882707107@ietfa.amsl.com>
Message-ID: <44d44200-0993-687c-cfa0-91d9182424e6@ri.se>
Date: Fri, 16 Jul 2021 14:38:38 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0
In-Reply-To: <162608926127.7035.16952220356882707107@ietfa.amsl.com>
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="tsTajDj6nByeRy4AmJhtxfSXjWAT4yylB"
X-ClientProxiedBy: HE1PR08CA0043.eurprd08.prod.outlook.com (2603:10a6:7:2a::14) To DB8P189MB1032.EURP189.PROD.OUTLOOK.COM (2603:10a6:10:16e::14)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [10.8.1.3] (185.219.140.159) by HE1PR08CA0043.eurprd08.prod.outlook.com (2603:10a6:7:2a::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4331.23 via Frontend Transport; Fri, 16 Jul 2021 12:38:40 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: ad8cd41d-35b1-48dd-d5d8-08d94856a441
X-MS-TrafficTypeDiagnostic: DB9P189MB1737:
X-Microsoft-Antispam-PRVS: <DB9P189MB1737DC225F7C1A2E4EF185BF99119@DB9P189MB1737.EURP189.PROD.OUTLOOK.COM>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: ZkyPY4SMHoz5AkEIvHXZiJ+CimLiVM1Dm1IFFL0zhtMPcYAQ5OJM1Vj9J+wmefHIns1dGFXgB8gi7tN+72+uTv+9c5c+v5NhWHnEGdWfRp/ughbErBsg1HzxN3oxKP1zGao2iCGIJmIZwzu232XRfb8sQ8kkt4SfyvTb07/JMOvO1ELxBgrGR1P/z9mPOTQVK9QhfDBpV+xlr366RJm/A8ZUWKYpYriXRF263krbVr6bJm74nJXlBzYSL0IHWuBazbTovjWWmTpQqz9wsoeMxrzz83avBRrQVBdQrOlzE+TPsafix+8szKQrg71eFZW9JN9un1PVMxrbDugQQVCF0jkVl4XWSWvCIQ2fb+elbRP+DlxCtYbuiBV1sL+2VYkWtC9SssVBm67aXWgM0vdyoRjb4Viid/HfEqwcMy4pYhrpXxTiJxq0w84+qZknDSVgoxkKup1/npHvp5xEIC0ZHKZk7iXlvXf7r+PhPttQkTOjNv+LA5mm9N+GPSR3sjm8KuVmoBsQdQOL4m2FFSsqUPQYs3j0LbcgVRDmMCu/7q3L7bOkU1NoLlcelJOzIGCp/LBNGgnoWAF5eXcZ8L6dx5LgbaMSedXOUnJhBhIp5Fxy4s9EYDyIoemYm9xLlVXBnH+/wrtxslbcDoHBR/hO3d2jqDgROks+TH4z1YXvu6x3n7wEzfvOtOHqsOrzvgdBrzkRlkyR0oEK81MdrVK6WEFR1sV3KWPc1LyFWUkpQvZhBK+SJIyvgxm8WSJgNyVfPg4TIKsgIWFGYeEIPge/ivuInI2f2hSOwkz0zi2KpecNimN7jz6DczL3YylLz+MF
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB8P189MB1032.EURP189.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(39850400004)(376002)(346002)(366004)(136003)(396003)(66476007)(45080400002)(86362001)(966005)(15650500001)(6486002)(478600001)(186003)(66946007)(31686004)(33964004)(38100700002)(26005)(66556008)(44832011)(2906002)(66574015)(235185007)(956004)(16576012)(316002)(8936002)(5660300002)(166002)(8676002)(21480400003)(2616005)(6916009)(36756003)(83380400001)(31696002)(43740500002)(45980500001); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?bjY5VlM3ZU1nZTh0TnRnUjQvRXNiUmovUFdYZVYvWnBaTGU5ZDRYL1Q5Ly9V?= =?utf-8?B?T21aNE5VeS9wdVQxbDRqOWMwcXFib0g0RGpDaTAzbVhvSi9Fa3RhVWFYbjIz?= =?utf-8?B?SDVmbFlFd0dDeDF6U2NZVlc1d3Y2Yzhaa1VibU1xa1ZvanZQTE9nZkpYQjlx?= =?utf-8?B?aGN2SlIvQ0FpL2JsK1FtcGdqcEpYbnF6MktXNlRjckcySWp5d2FOU3lrRDdz?= =?utf-8?B?MHk4K3RGOEJkY2o5aitlRFE3eHc1VERyaU95SE1TazFBclJqS2ladGZnc1Jt?= =?utf-8?B?bEY0WkZpdjVETUszYWh0N08vVVRsUGF6eDRhWmJETi9FYWFWa2hIcWx1Rnhv?= =?utf-8?B?MERxdXY2WjhhK3A0cDBmbis2ekx3c3MySzNRZ2RlekRweUhNNm9sby9iZUtD?= =?utf-8?B?Y2RXcnA3TXBIOVJ0dmZDNlFGRys5dVVlc0lrRDErOEErY1dQbnQ0bVJ3d2xO?= =?utf-8?B?VldRTHdsMytPQVhTekZQUzhwcnNtUHAwOTljY1ZsR1dMa09sUW1CVE9ZaEI1?= =?utf-8?B?VGpYVW9jcFBiTWpqNGFWaFViZkZyaGdLYlpoZVdsWC9tU0JQTGVSWUY0cWpw?= =?utf-8?B?U29FVjJaeFZLZVFuaVVaZXdJUEdQQm1iM2R2VnUzUXcvL1dJek5xQXdHUzlI?= =?utf-8?B?cG45Q3VCeGRMMlFqSmZFbmxnR0VXbnRnODdocStVMlF3K3hLamhvSXpRMnl4?= =?utf-8?B?cThKSDZRSkswSHZZcmFSREV5OXg2UmpuYVFUam9YSzBJbVB5WTgwb0RXbUYz?= =?utf-8?B?WDRuTCtHRXorVmZnbGdNK081UHJKME5iZy9MWHR5Y2FJcTY3ajFDdkZza2ty?= =?utf-8?B?VCtSdkZDYWR1bUFRUkFZTFFnbjhuNFpBZDNzOWdYM1pPRk9lT2h3ZFRMNTlV?= =?utf-8?B?WEt1K0dRMEpJMlBURW5GYXc5K0tySUREK1o4ZWJFUlpWb1hQRUpQWGxaYjRn?= =?utf-8?B?MnVrZGt4SVJ4RGpXMnV0a0w4SXE4VHQrU0tjRjh6MWtVZUJUZmZOWGFMa3Ev?= =?utf-8?B?VTNBcUU4YkQ4bXQ1Sm10YmU5TkFscnFOTjU1citqbGpHR0xROEMzTTVpL0tj?= =?utf-8?B?Q0w1MklxSHp5aDVINGl6WTJWcGFuQXgzN2pzdldoQzM4S3pLOS9YWmJTd1I5?= =?utf-8?B?cDF5Vi9GK2lhYVI2aHFWR1R1UmZ3dXNES3hrNFhkN091aVNKcXNVdm5EY1Jo?= =?utf-8?B?RjJnMHl3UGVPRkdPNEFMSW9yZkF4bGNMTTFucEdCYWxxdlFOTWNHM2liQ3FW?= =?utf-8?B?clk5a3kycURNbUF5RG55Um1wZEU5VGQ2aGZCY3Zob0VRQU5IQTFUVWhvSW1s?= =?utf-8?B?QmJiNE9KUzJ2eCtYSldvaklzMGprQUNnTlRqVTJTbWxGa1BjREdDVERGYXZm?= =?utf-8?B?RVcyUVRrMnI2RllWb25yaFpXc24wUHlnaFcwb2o1dkcxZTNLalExREE2L2dr?= =?utf-8?B?aFRSZDFQUVBlT2JQaWE2Q1hVVEhWM2I0N3o0NmxyT2QrMmhkNi9qZkRuaFdP?= =?utf-8?B?MUNFMHQ3ZUoyWUdDWVNBS2FNK3NUSmR3bWlUc2k5aEdySGc5Ylk4dkhGc1ho?= =?utf-8?B?bFRGZkZGdW5lSGx6R2Q2UVY3aVhBVmFZWGVDcG1vK3ZoQmhjckVKRVJuc3ZU?= =?utf-8?B?WVFqYVUxL3RZcXBSL1ZsZWwwczlUZUhmZklNRTZjRTZ3TC8velozemU2NTdL?= =?utf-8?B?dTNtYml0TnlRLzM1TDVqOE16ZHJ4U1pDNzA2RXlYZytEWE54UUVod040a3pa?= =?utf-8?Q?uw78L99HultrrvlZ7fqpisblmYbzDgWQXLyMZBL?=
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-Network-Message-Id: ad8cd41d-35b1-48dd-d5d8-08d94856a441
X-MS-Exchange-CrossTenant-AuthSource: DB8P189MB1032.EURP189.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Jul 2021 12:38:41.1274 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: vWCqRcXVcfKSksYuAuIg26Gv3oEybLUCGt5ctNhZuOiEQdHsmoqhV2A6y6213BU4jsMVX8EsrQ3w8pyD9fTSOQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB9P189MB1737
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/Ih8x6TtNxnz10GoLaRwywCyxmCw>
Subject: [core] Fwd: New Version Notification for draft-tiloca-core-oscore-capable-proxies-00.txt
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Jul 2021 12:38:52 -0000

Hello CoRE,

Following what was discussed during IETF 110 [1] and the CoRE interim at 
[2], we have recently submitted a new draft "OSCORE-capable Proxies".

https://datatracker.ietf.org/doc/html/draft-tiloca-core-oscore-capable-proxies-00


The document defines how OSCORE is used to protect CoAP messages also 
between an origin application endpoint and an intermediary, e.g., a 
client and a proxy. Besides, it defines how a CoAP message can be 
double-protected through "OSCORE-in-OSCORE", e.g., protected both 
end-to-end between the origin client and origin server, as well as also 
over the leg between the client and the proxy acting as next hop towards 
the server.

Seminal content about this was originally an appendix in [3], where such 
functionality looked convenient to define. Besides that, more use cases 
are mentioned in the present document. Finally, based on recent 
discussions [4], this functionality might help also for the security 
aspects of transport indication [5], when a proxy wants an additional 
security context on its own.


Comments are very welcome!

Best,
/Marco


[1] https://datatracker.ietf.org/doc/minutes-110-core-202103081700/

[2] https://datatracker.ietf.org/meeting/interim-2021-core-07/session/core

[3] https://datatracker.ietf.org/doc/draft-tiloca-core-groupcomm-proxy/

[4] https://mailarchive.ietf.org/arch/msg/core/RZH8pgyksEwtMYVE1MrPkj9opyg/

[5] 
https://datatracker.ietf.org/doc/draft-amsuess-core-transport-indication/


-------- Forwarded Message --------
Subject: 	New Version Notification for 
draft-tiloca-core-oscore-capable-proxies-00.txt
Date: 	Mon, 12 Jul 2021 04:27:41 -0700
From: 	internet-drafts@ietf.org
To: 	Marco Tiloca <marco.tiloca@ri.se>se>, Rikard Hoeglund 
<rikard.hoglund@ri.se>




A new version of I-D, draft-tiloca-core-oscore-capable-proxies-00.txt
has been successfully submitted by Marco Tiloca and posted to the
IETF repository.

Name: draft-tiloca-core-oscore-capable-proxies
Revision: 00
Title: OSCORE-capable Proxies
Document date: 2021-07-12
Group: Individual Submission
Pages: 23
URL: 
https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Farchive%2Fid%2Fdraft-tiloca-core-oscore-capable-proxies-00.txt&amp;data=04%7C01%7Cmarco.tiloca%40ri.se%7Cd8a0bf9ad78a4ab81e6c08d9452810af%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C637616860649838401%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=PrtejNXjt3PAD120Pg7T7OoocUl1IEPraHk64ETCzbo%3D&amp;reserved=0
Status: 
https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-tiloca-core-oscore-capable-proxies%2F&amp;data=04%7C01%7Cmarco.tiloca%40ri.se%7Cd8a0bf9ad78a4ab81e6c08d9452810af%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C637616860649848362%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=NBVAvs5rK0x3VqDhCpkT0%2B6oL8fEyMf3%2FBJVO09hSgk%3D&amp;reserved=0
Htmlized: 
https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-tiloca-core-oscore-capable-proxies&amp;data=04%7C01%7Cmarco.tiloca%40ri.se%7Cd8a0bf9ad78a4ab81e6c08d9452810af%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C637616860649848362%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=UPReEFc5zcw9hAo%2FqzDXQYN7HVibWYkd6wFSW%2BuCf3w%3D&amp;reserved=0


Abstract:
Object Security for Constrained RESTful Environments (OSCORE) can be
used to protect CoAP messages end-to-end between two endpoints at the
application layer, also in the presence of intermediaries such as
proxies. This document defines how OSCORE is used to protect CoAP
messages also between an origin application endpoint and an
intermediary, or between two intermediaries. Besides, it defines how
a CoAP message can be double-protected through "OSCORE-in-OSCORE",
i.e., both end-to-end between origin application endpoints, as well
as between an application endpoint and an intermediary or between two
intermediaries. Thus, this document updates RFC 8613. The same
approach applies to Group OSCORE, for protecting CoAP messages when
group communication with intermediaries is used.



The IETF Secretariat