Re: [core] Chairs' review of draft-ietf-core-stateless-03.txt
Thomas Fossati <Thomas.Fossati@arm.com> Thu, 31 October 2019 22:19 UTC
Return-Path: <Thomas.Fossati@arm.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 35C2E12022E for <core@ietfa.amsl.com>; Thu, 31 Oct 2019 15:19:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=vMuHFeEY; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=armh.onmicrosoft.com header.b=eqKW0Hmc
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a-cY5ybi9LPb for <core@ietfa.amsl.com>; Thu, 31 Oct 2019 15:19:37 -0700 (PDT)
Received: from EUR02-AM5-obe.outbound.protection.outlook.com (mail-eopbgr00053.outbound.protection.outlook.com [40.107.0.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E58BA120090 for <core@ietf.org>; Thu, 31 Oct 2019 15:19:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=MIpSJ7ODnGueCn2evCXsBawMgdpjadJ4vm+MxUtiLSA=; b=vMuHFeEYukuk7K6eQEGWI1jLuL0jMDgO4NWblRiBT2HAmG87Pk3KN19xtPga0cSd9wsDPJEGJuZ2QM42ja7Z80GOvoGmOkT4LQ8EjjTbPR+IYQ7DIxFhZ6JZYLzoC9u4P+gQQeBqXxKOhO3TV+WDmq/NOfEFAMsVrOLhtdFUVLM=
Received: from DB6PR0802CA0043.eurprd08.prod.outlook.com (2603:10a6:4:a3::29) by AM5PR0801MB1955.eurprd08.prod.outlook.com (2603:10a6:203:46::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2408.17; Thu, 31 Oct 2019 22:19:31 +0000
Received: from AM5EUR03FT015.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e08::208) by DB6PR0802CA0043.outlook.office365.com (2603:10a6:4:a3::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2408.18 via Frontend Transport; Thu, 31 Oct 2019 22:19:31 +0000
Authentication-Results: spf=fail (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=none action=none header.from=arm.com;
Received-SPF: Fail (protection.outlook.com: domain of arm.com does not designate 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM5EUR03FT015.mail.protection.outlook.com (10.152.16.132) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2387.20 via Frontend Transport; Thu, 31 Oct 2019 22:19:31 +0000
Received: ("Tessian outbound 6481c7fa5a3c:v33"); Thu, 31 Oct 2019 22:19:30 +0000
X-CheckRecipientChecked: true
X-CR-MTA-CID: ac69ef55c8e8221b
X-CR-MTA-TID: 64aa7808
Received: from 3e63279737a1.2 (cr-mta-lb-1.cr-mta-net [104.47.8.50]) by 64aa7808-outbound-1.mta.getcheckrecipient.com id D6D7C187-3656-4CA9-950A-DDC4A7DBA1BE.1; Thu, 31 Oct 2019 22:19:25 +0000
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-am5eur03lp2050.outbound.protection.outlook.com [104.47.8.50]) by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 3e63279737a1.2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Thu, 31 Oct 2019 22:19:25 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WKppEedJUc1kEcJgFzvgu5G1y5hla/wJBfRBWQKYBnfcqxrdCyMcQayiWOum7S1d36EOwZPpXRJFj6zluw4QRrO9RRwFT7lR5gNdsnAyp/JrSPuuAB0baxG9rwHGkKl3cCbdABlORcSeBv4ncNSr24FwxsbV+2sNR09Dd48LhZk1+IhYkDAf27uZyXAXYZ2UVA7zE0m5OfKTHDEwm8XV+N04rQkUSTfFfm229RMR6E43LHA8j8hyKKY1TXtu9l9HliC22CWfew4Fef5y5Tno8lrpwfP4I8llmermP0BH4gsbA+7jJaYky+gGsL5eSSwgpzD1xJ9NJRyk8F/WDHA+Dw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wx5eZUoFHGUrVT0Geux7mQqD5ZlKcF67rtRJR487lGw=; b=I4UL8hbUo6lS/vrCRi5WUe8EDfRtwTHm+akhQjYTwBgVc0tnmDJ6xvjH8JGq1eBkTLqxRhfWpeHrrHV0QXwA+8CBqa1nDYuLrF8HU91kqqBYbjY0RECiWDhOPmeOCyA3wHISQaWoAI2wYZZNrv6nBHTLeCUZ1ievpdMjK4T+Mlr+UYZgR4y7kkt3FUqcIKsl10iJnck4FDTbq4h8i5/KSLDVTlBHFamIe4YXy+zStP+qCeV6nbwxay1yVvqZ0kEu+U7PHuIsU732E40uIZBnBbKnPtFkXtEUJINykkXz9Am3rSX6THivh5WgXBpZrgQCa/Wscqf19xCpUBpEiyouXw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wx5eZUoFHGUrVT0Geux7mQqD5ZlKcF67rtRJR487lGw=; b=eqKW0Hmcw7ZRCF/XPZjb1E0v4VhqNxyldKjwsCNp08WBVZJbPts/VUnKX7vA8xgaezVWxb3/2PVdtkVP0e1/g/HWFAG/ZaMrQb80xdiYZK148LDN+7bTVIv9DHteZ2xCIyjEbNosJY5CXwu5okSkfphN9gq4507Wad2D+TgQeoE=
Received: from AM6PR08MB4231.eurprd08.prod.outlook.com (20.179.18.151) by AM6PR08MB4199.eurprd08.prod.outlook.com (20.179.3.202) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2408.17; Thu, 31 Oct 2019 22:19:24 +0000
Received: from AM6PR08MB4231.eurprd08.prod.outlook.com ([fe80::8855:3670:214e:4791]) by AM6PR08MB4231.eurprd08.prod.outlook.com ([fe80::8855:3670:214e:4791%6]) with mapi id 15.20.2408.024; Thu, 31 Oct 2019 22:19:24 +0000
From: Thomas Fossati <Thomas.Fossati@arm.com>
To: Carsten Bormann <cabo@tzi.org>, Core WG mailing list <core@ietf.org>
Thread-Topic: [core] Chairs' review of draft-ietf-core-stateless-03.txt
Thread-Index: AQHVkA3YEJ6KX4GxvUKlGfPZMuTycqd1UmQA
Date: Thu, 31 Oct 2019 22:19:24 +0000
Message-ID: <27A826D9-5F28-4044-BE61-E7CD1C05EA90@arm.com>
References: <157237477119.11043.4363082013315464920@ietfa.amsl.com> <F964F5EF-96F7-49EC-BECB-0604B16F31FF@tzi.org>
In-Reply-To: <F964F5EF-96F7-49EC-BECB-0604B16F31FF@tzi.org>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1e.0.191013
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=Thomas.Fossati@arm.com;
x-originating-ip: [82.11.185.80]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 8522386a-bcca-44a0-3f59-08d75e5066de
X-MS-TrafficTypeDiagnostic: AM6PR08MB4199:|AM6PR08MB4199:|AM5PR0801MB1955:
x-ms-exchange-transport-forked: True
X-Microsoft-Antispam-PRVS: <AM5PR0801MB195520C46F34CD59E2080E559C630@AM5PR0801MB1955.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
x-ms-oob-tlc-oobclassifiers: OLM:9508;OLM:9508;
x-forefront-prvs: 02070414A1
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(376002)(346002)(136003)(366004)(396003)(189003)(199004)(76176011)(476003)(66446008)(256004)(4744005)(14444005)(2616005)(486006)(8936002)(5660300002)(81166006)(11346002)(446003)(316002)(81156014)(8676002)(66066001)(110136005)(64756008)(58126008)(4326008)(66946007)(66476007)(66556008)(91956017)(76116006)(25786009)(6512007)(86362001)(305945005)(3846002)(102836004)(6486002)(33656002)(14454004)(2906002)(53546011)(6246003)(7736002)(6506007)(229853002)(6116002)(99286004)(71190400001)(71200400001)(26005)(6436002)(36756003)(186003)(478600001); DIR:OUT; SFP:1101; SCL:1; SRVR:AM6PR08MB4199; H:AM6PR08MB4231.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: WpAfKt28hAxnRh6pM+A6hSRjz2ia+GoBWTY585eZC5LBhT23EzsYm1ucfow3AztvrQltAq2b7T8nkaGIcN6UoeiqUQ01F87t1QtPJhf1Ym6pTZgOr/ngXta2L5301pOtmcB9bwq/NNfPQRliBE9xQmbV7IZpPU+0J9bVhqzP6eQuHBLhLebmd1RJfrDj1nXNP3cWuQXB4PjDs+4SonwSxoWR8JlLRU5KPdpJg/47HK1owJBw1kmjrYPam4zs5T7XvC7tLsj5uaiTB0JyR4gAjmVNMPbjeEGgB42qCX6ZlvxPJ3oIezM3bPmvCBNy2QLh7RtJQtwlMF5ux+9OczC2dUw0/M92Crnj7T5BgFwvDoyrN8jju2qvnL9mnA3kQO+Zt8d4NJ3NghOA0fpcxecQg4eEctA5aeLeB/psmfz0gfAr4dy4FUtveNY2V1nAMBM7
Content-Type: text/plain; charset="utf-8"
Content-ID: <E14565773693AA4CA3C98D47B5F949AA@eurprd08.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB4199
Original-Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Thomas.Fossati@arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM5EUR03FT015.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; IPV:CAL; SCL:-1; CTRY:IE; EFV:NLI; SFV:NSPM; SFS:(10009020)(4636009)(136003)(39860400002)(396003)(346002)(376002)(1110001)(339900001)(40434004)(189003)(199004)(50466002)(356004)(86362001)(25786009)(486006)(36756003)(305945005)(22756006)(14444005)(5024004)(126002)(5660300002)(476003)(446003)(2616005)(11346002)(47776003)(66066001)(76130400001)(436003)(81166006)(6512007)(76176011)(110136005)(58126008)(316002)(6246003)(70206006)(36906005)(2486003)(23676004)(2906002)(105606002)(336012)(229853002)(478600001)(26826003)(6506007)(7736002)(33656002)(99286004)(3846002)(81156014)(6486002)(8936002)(102836004)(186003)(53546011)(14454004)(4326008)(70586007)(8676002)(26005)(6116002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM5PR0801MB1955; H:64aa7808-outbound-1.mta.getcheckrecipient.com; FPR:; SPF:Fail; LANG:en; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; MX:1; A:1;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 81a30683-188b-4bc6-a0b7-08d75e5062ec
X-Forefront-PRVS: 02070414A1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 4RrZxMkknSrToJP2kxeLusyXyuSD0ilRhJDgT8SbXpE3K6mOIpvjGIc42MawuMCP0bdUMs/oKXwem88nVFV5D1TT3L1KqMABiK1ADdnUGPOStrUpbNJJs2eRRNDHOn190EWn4ej7w34OHmgk3Qj3IBXnEPz6bIV/fiDTg6JsXWM47+DX1HwSjHrxdnYunbWOYOh7XDMA/cEkEI71fGtvTIxBwKlFFIeposcs5VAml76rHhGlBH0vvqWG5KtqtRv9V+4+13wJVF0FYzb7akmIzzxvTh0lLn83T7b65y3ZTRTzVYTw+jKNQljvmhAnLSEBrtVfuXdGLG1G7ZwqnRMe0a6XR7u2oGRk+OqRZR4pKNsrohq7UbbUV4Uc9UvBZO/9WJl8qp/qIpinV6+BqiICrtwN6F5xto6K/brLXzsU47QRfibvH+0yrCkgVs336RTs
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 31 Oct 2019 22:19:31.1859 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 8522386a-bcca-44a0-3f59-08d75e5066de
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM5PR0801MB1955
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/SBIosOWEJfT-IriChW0QebV4NE4>
Subject: Re: [core] Chairs' review of draft-ietf-core-stateless-03.txt
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Oct 2019 22:19:41 -0000
On 31/10/2019, 17:08, "core on behalf of Carsten Bormann" <core-bounces@ietf.org on behalf of cabo@tzi.org> wrote: > > When using AES-CCM, repeated use of the same nonce under the same > key > > Not just AES-CCM, just about any AEAD. The problem is not with AEAD per se, we could have picked GCM-SIV and there would have been no trouble. The problem is with the underlying CTR. Quibbles aside, the document recommends CCM -- over other AEAD constructions -- and does so consciously, I think, to provide the best trade-off between overall security, wire efficiency and processing cost. This point does not surface in the current text, but the recommendation for CCM is actually quite precise, and maybe worth an upper-case RECOMMENDED? IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
- [core] I-D Action: draft-ietf-core-stateless-03.t… internet-drafts
- [core] draft-ietf-core-stateless-03.txt: very con… Carsten Bormann
- Re: [core] I-D Action: draft-ietf-core-stateless-… Thomas Fossati
- [core] Chairs' review of draft-ietf-core-stateles… Carsten Bormann
- Re: [core] Chairs' review of draft-ietf-core-stat… Thomas Fossati
- Re: [core] Chairs' review of draft-ietf-core-stat… Carsten Bormann
- Re: [core] Chairs' review of draft-ietf-core-stat… Thomas Fossati
- Re: [core] Chairs' review of draft-ietf-core-stat… Carsten Bormann
- Re: [core] Chairs' review of draft-ietf-core-stat… Michael Richardson
- Re: [core] Chairs' review of draft-ietf-core-stat… Carsten Bormann
- Re: [core] Chairs' review of draft-ietf-core-stat… Klaus Hartke