[core] CoRE @ IETF 108 - Minutes and summary
Marco Tiloca <marco.tiloca@ri.se> Sun, 02 August 2020 15:34 UTC
Return-Path: <marco.tiloca@ri.se>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 510943A0EFC for <core@ietfa.amsl.com>; Sun, 2 Aug 2020 08:34:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.2
X-Spam-Level:
X-Spam-Status: No, score=-0.2 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ri.se
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yh9Fvvkm4Ykj for <core@ietfa.amsl.com>; Sun, 2 Aug 2020 08:34:37 -0700 (PDT)
Received: from EUR02-AM5-obe.outbound.protection.outlook.com (mail-eopbgr00046.outbound.protection.outlook.com [40.107.0.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E20253A0EFE for <core@ietf.org>; Sun, 2 Aug 2020 08:34:36 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=i7/Ph4f6BcnvlLLL1qHXys/cPehvIh6ZnzMKNwp4Y6sdmrP47UoAAXCrjrcBMOSHEB884YayEsVy5TuraFVeBY7zJ51Rxe2qiCaRGxnB7qAJ/7kRGJIaX+DHIoonq4pbF0+N1NAW1nhRru2+TBjhliLjT5JIMD79mFERrd+45Gn7syqNajev1e4vadU2e/x8v550Hg9jeGzQetVMzLChRdSbz1KcsVu2Jy1QTSnDV0M3uT4Kk0wA/C10TGUX1zmx3feJgaYWeQ73GKhiHCzCI3a0Pld0kR7gqJiB+mlLPQbwx88Umfd3bHoY4BKi6/ROTcBHPxJObLNyfTCUfx5RFg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=iLISRIC55qe6HktQv0lV4QPteaC2T3mkB7XmBG00taA=; b=eese98ZjLYhFORa2A2bG0pZyFC4jpLrnhQBIyiq3rEbThYjhhqAijzeTLjLA0cxOTCzci5qqfg9z0Yh57m+B73FC6bbpIETr6nVTs/YmUQUVGGXND1fA+1lD/Baw73/HugWA1wprxoXOsr2h9AboQ9OtPCazylOMYow7L2/7sv4nAruhtoRsrP/nN/apgUG17ZuxzromRKlWyyv7meICJqVMXyvTCKzWdG3svj3Hfj5NguGHtaIoRC6mg2182I7B7Fa/OsHbzcGcr3hj0nHnug8kSIiWieOJFLDsf8b8k6RSldZvTdKuJ0hdJg0oqPiSRNnSac8/9owzQltxKwUhmQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ri.se; dmarc=pass action=none header.from=ri.se; dkim=pass header.d=ri.se; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ri.se; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=iLISRIC55qe6HktQv0lV4QPteaC2T3mkB7XmBG00taA=; b=WWy4mPmZl67fs74g9KyKPWRdejy1T0J+R4U/TRLtYpO15jGAipIDudriDqAHYGufb4AkHC7SIXPiqjgyUGe620BknZ3JSCwCJsmqhL1H+F1hBh4gouCXUh3ATcMWbtWl3AFvtycTx7U6zBToL+rZF3bB+01707d5qSdtUq2KgDM=
Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ri.se;
Received: from VI1P189MB0398.EURP189.PROD.OUTLOOK.COM (2603:10a6:802:35::31) by VI1P189MB0398.EURP189.PROD.OUTLOOK.COM (2603:10a6:802:35::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3239.21; Sun, 2 Aug 2020 15:34:33 +0000
Received: from VI1P189MB0398.EURP189.PROD.OUTLOOK.COM ([fe80::2124:eed3:60cd:95a2]) by VI1P189MB0398.EURP189.PROD.OUTLOOK.COM ([fe80::2124:eed3:60cd:95a2%6]) with mapi id 15.20.3239.021; Sun, 2 Aug 2020 15:34:33 +0000
From: Marco Tiloca <marco.tiloca@ri.se>
Autocrypt: addr=marco.tiloca@ri.se; prefer-encrypt=mutual; keydata= mQENBFSNeRUBCAC44iazWzj/PE3TiAlBsaWna0JbdIAJFHB8PLrqthI0ZG7GnCLNR8ZhDz6Z aRDPC4FR3UcMhPgZpJIqa6Zi8yWYCqF7A7QhT7E1WdQR1G0+6xUEd0ZD+QBdf29pQadrVZAt 0G4CkUnq5H+Sm05aw2Cpv3JfsATVaemWmujnMTvZ3dFudCGNdsY6kPSVzMRyedX7ArLXyF+0 Kh1T4WUW6NHfEWltnzkcqRhn2NcZtADsxWrMBgZXkLE/dP67SnyFjWYpz7aNpxxA+mb5WBT+ NrSetJlljT0QOXrXMGh98GLfNnLAl6gJryE6MZazN5oxkJgkAep8SevFXzglj7CAsh4PABEB AAG0Nk1hcmNvIFRpbG9jYSAobWFyY28udGlsb2NhQHJpLnNlKSA8bWFyY28udGlsb2NhQHJp LnNlPokBNwQTAQgAIQUCWkAnkAIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRDuJmS0 DljaQwEvCACJKPJIPGH0oGnLJY4G1I2DgNiyVKt1H4kkc/eT8Bz9OSbAxgZo3Jky382e4Dba ayWrQRFen0aLSFuzbU4BX4O/YRSaIqUO3KwUNO1iTC65OHz0XirGohPUOsc0SEMtpm+4zfYG 7G8p35MK0h9gpwgGMG0j0mZX4RDjuywC88i1VxCwMWGaZRlUrPXkC3nqDDRcPtuEGpncWhAV Qt2ZqeyITv9KCUmDntmXLPe6vEXtOfI9Z3HeqeI8OkGwXpotVobgLa/mVmFj6EALDzj7HC2u tfgxECBJddmcDInrvGgTkZtXEVbyLQuiK20lJmYnmPWN8DXaVVaQ4XP/lXUrzoEzuQENBFSN eRUBCACWmp+k6LkY4/ey7eA7umYVc22iyVqAEXmywDYzEjewYwRcjTrH/Nx1EqwjIDuW+BBE oMLRZOHCgmjo6HRmWIutcYVCt9ieokultkor9BBoQVPiI+Tp51Op02ifkGcrEQNZi7q3fmOt hFZwZ6NJnUbA2bycaKZ8oClvDCQj6AjEydBPnS73UaEoDsqsGVjZwChfOMg5OyFm90QjpIw8 m0uDVcCzKKfxq3T/z7tyRgucIUe84EzBuuJBESEjK/hF0nR2LDh1ShD29FWrFZSNVVCVu1UY ZLAayf8oKKHHpM+whfjEYO4XsDpV4zQ15A+D15HRiHR6Adf4PDtPM1DCwggjABEBAAGJAR8E GAECAAkFAlSNeRUCGwwACgkQ7iZktA5Y2kPGEwf/WNjTy3z74vLmHycVsFXXoQ8W1+858mRy Ad0a8JYzY3xB7CVtqI3Hy894Qcw4H6G799A1OL9B1EeA8Yj3aOz0NbUyf5GW+iotr3h8+KIC OYZ34/BQaOLzdvDNmRoGHn+NeTzhF7eSeiPKi2jex+NVodhjOVGXw8EhYGkeZLvynHEboiLM 4TbyPbVR9HsdVqKGVTDxKSE3namo3kvtY6syRFIiUz5WzJfYAuqbt6m3TxDEb8sA9pzaLuhm fnJRc12H5NVZEZmE/EkJFTlkP4wnZyOSf/r2/Vd0iHauBwv57cpY6HFFMe7rvK4s7ME5zctO Ely5C6NCu1ZaNtdUuqDSPA==
To: "core@ietf.org WG (core@ietf.org)" <core@ietf.org>
Message-ID: <4c58e6df-e43c-236d-a90d-10796d105cd8@ri.se>
Date: Sun, 02 Aug 2020 17:34:25 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="44tLmg3le5AklPjbrDkyPKbBn4zynPVFM"
X-ClientProxiedBy: HE1P192CA0008.EURP192.PROD.OUTLOOK.COM (2603:10a6:3:fe::18) To VI1P189MB0398.EURP189.PROD.OUTLOOK.COM (2603:10a6:802:35::31)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [10.8.3.9] (185.236.42.19) by HE1P192CA0008.EURP192.PROD.OUTLOOK.COM (2603:10a6:3:fe::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3239.16 via Frontend Transport; Sun, 2 Aug 2020 15:34:32 +0000
X-Originating-IP: [185.236.42.19]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 568b31ab-1bc6-4bad-aa0d-08d836f98dc5
X-MS-TrafficTypeDiagnostic: VI1P189MB0398:
X-Microsoft-Antispam-PRVS: <VI1P189MB03980968B399BBBFFA281C28994C0@VI1P189MB0398.EURP189.PROD.OUTLOOK.COM>
X-MS-Oob-TLC-OOBClassifiers: OLM:10000;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 4DgbdnaZYY8Ayf/fzMfv35nmS5QEC9mNa/mDdvF5Et3foMM66f2nkYwxp9EuX+e/uMRwYcVN+8vryhh02ZKCZf4hmZxoiucknPYfgsItenA55+ahDFrjo1sXSZpmPvGJKogTDsy2zsNshaDhC2kZatddxfcwahK8xJRKNXAEdzGTG7oiyR69SrvPUBzA3EvpbQLLBYGfu1JUzHY7WyTOER4vzJ2LACBEmr9vMpNf+5sUmxZcDewr2yw9S4gNh1QvKj5abDG+hOODt1zw6di0x3VAxIN7oeoacWIswqguXhT4+kMXQJFcTqPP07BGkVVHm2zvtI9oqVvP6Mct4zFU3fJQfQOdBZ4VWEu75v1ifbqKFIyAe+U3AqMdDnRwn9MFhCbK5qWDz4vric4U4xM3ue1v0fVVfQVLMM5ic2NfIcM2yXI7qCzRax2zqJg30UgAkK4EdKVhQ39ytepsSvPe+J+CeCDGE+uVRAIq690fzhQ=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1P189MB0398.EURP189.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(396003)(376002)(136003)(366004)(346002)(39840400004)(86362001)(956004)(966005)(31686004)(2616005)(21480400003)(44832011)(478600001)(8936002)(2906002)(5660300002)(235185007)(6666004)(31696002)(30864003)(52116002)(66946007)(6916009)(66476007)(66556008)(6486002)(36756003)(26005)(316002)(66574015)(8676002)(16576012)(33964004)(83380400001)(186003)(16526019)(11634003)(43740500002); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: lvoYd6f62unEDTKYURmrsX4Coj0w3UhgqjNB2OMAmeuZVe1DYm90I1D8G31gh4onl1FxPma9NigwsXieUi+S6762PVTwQ5S3mGfp9Zw0BBYkbT5pedEjP5lEuF5x3Fikhwiy31N4jzksDGcipDbToqYYfNshUIKiynm1QV3hvjK02yo8ZFlT3xpxwuVIB1Vp88/hb4udfAJCUJ3cRNtaqqR6LsCr1auFn6iXPlkJAXJV0QJjhj0hFndBFcZhvXY8MPxv6c1gDmEVukl+AV0qt/FjB0SqMEnrF4l1AZbIDd3JjdpPqUUb/26x8+L9WU04LYx7wxWFSZhBIAbU/ybZiL4+3rczMabI0XkBrTlLiupdYeVZ6p0il78vIHBtt7++ZIJEXEgAg9vCKricgi2toZFk62NSP/rbkjipxL5clBupXNqLSgbjKjZj6HfuELyyUdI9bIs599kMTIp91xD7iJaUOWlyIy1H7+39VmwVQZlLZBe97DVwSP7xsQ2OMM2+8tLzY0Fu4ROiski7cIrZ3K+aNkffTdg/2oVrf6pVk2YxHa+1kkhqe3L78IoFd8O4tHi9jtfqcic0MzCfaAdTXALYrB16kuUuvFUKs2SIwUiBekFkZt0+HWmscALNe3mGj6ScSdcnBtwPn4FLilhGgw==
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-Network-Message-Id: 568b31ab-1bc6-4bad-aa0d-08d836f98dc5
X-MS-Exchange-CrossTenant-AuthSource: VI1P189MB0398.EURP189.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Aug 2020 15:34:32.9761 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 4KsruBXBD4u0WUgeg9kgt01o2pUTw6I9khK2wlYC6FRuJl9veOsssEbBwI+9EnafuTcYJuZTGmMXtrvD22GXkw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1P189MB0398
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/SeL1drwM3O3zgbzQb2Ltwj5Voy4>
Subject: [core] CoRE @ IETF 108 - Minutes and summary
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 02 Aug 2020 15:34:41 -0000
Dear all, The minutes for the two CoRE sessions are available at [1]. Thanks to the fantastic note takers Niklas, Ivaylo, Francesca and Michael! Please, send possible fixes and updates to core-chairs@ietf.org or to the mailing list, preferably within the next 7 days. The recordings of the two CoRE sessions are now available at [2][3]. Finally, you can find below the usual summary of the two sessions, with fewer technical details. This summary together with the raw minutes is also available at [4]. Thank you all for your participation and contribution. Have a great continuation of summer! Best, Marco and Jaime [1] https://datatracker.ietf.org/meeting/108/session/core [2] https://www.youtube.com/watch?v=rBmhQ_IkDQc [3] https://www.youtube.com/watch?v=vli7kn7YoiU [4] https://github.com/core-wg/wg-materials/blob/master/ietf108/core-108-summary.md ---------- # Summary ## WG and document status * Published: * senml-more-units-06: RFC 8798 !! * senml-etch-07: RFC 8790 !! * In IESG Processing: * draft-ietf-core-resource-directory-25: IESG Evaluation * draft-ietf-core-stateless-06: IESG Evaluation::Revised I-D Needed. A few comments remaining, Klaus is processing them. * In Post-WGLC processing: * draft-ietf-core-dev-urn-07: AD Evaluation::Revised I-D Needed. After some discussion, publication was requested as Standards Track. * draft-ietf-core-echo-request-tag-10: On Shepherd's Writeup (Marco). * draft-ietf-core-oscore-groupcomm-09: WGLC finished last week now comments to be processed. * In WGLC: * draft-ietf-core-comi-10 * draft-ietf-core-sid-14 * draft-ietf-core-yang-cbor-13 * draft-ietf-core-yang-library-02 The WGLC ended on July 29. Carsten will proceed with shepherding the documents on mid-August. ## Echo-Request-Tag * draft-ietf-core-echo-request-tag-10 This latest versions addresses comments post WGLC, related updates have been presented, concerning both the Echo and Request-Tag option, as well as other document improvements. Ongoing shepherd writeup, plan to request for publication soon after this meeting. No comment from shepherding, the write up will be written up next week, then request for publication. ## Resource Directory * draft-ietf-core-resource-directory-25 This latest version addresses review comments and adds especially security considerations, related to security policies and to the use of Echo for amplification mitigation and client identity in simple registrations. There have been a few interims, some about authorization and use of RD. Not found anything that could be applied to the RD today, bu we will continue with the current state and ship it. There are some ongoing discussions about authentication/authorization with the RD, but they are outside the scope of this current specification. ## CoRE Applications * draft-ietf-core-problem-details-01 Updates were presented and open points discussed. Plan to work on Girhub issues for following revisions. Everyone is free to join the draft repo https://github.com/core-wg/core-problem-details and provide input. From this version, it's just about CoRAL. Discussed how identifiers should be compact, with a low entry barrier. Ongoing research for different approaches to ID schemes. Naming things in a distributed way is one of the two hard problems in computer science. Looking for a way that works well for Problem Types and CoRAL in general. Ideas and suggestions are welcome. Need also to address when a registrant goes away. ## Dynlink * draft-ietf-core-dynlink-11 Presented updates and planned way forward. Most recent updates incorporated feedback and added small changes. A small group of people has been working on small set of features. Open points are about: observed notifications to reflect restful state change; behavior of pmax in the presence of proxies; possible support for epmin/epmax already used by LwM2M (discussion in Github issue #18). There is one IPR disclosure from Qualcomm, on the current draft not containing epmin/epmax. To keep in mind for future discussions. Next step is to reflect editorial changes and state transfers. Plan to continue discussion in small discussion group, synchronize with Bill if interested to be invited. Meetings over Jitsi. This topic will be also covere in interims after summer. ## SenML Documents * draft-ietf-core-senml-versions-00 Summarized concept of versions signaling as set of features, through a bit array. This doc is also used by RFC 8798 (senml-more-units). It should be ready for WGLC, more reviews would be appropriate. Feature deprecation is hard to predict, but it shouldn't be a problem. People who will review: Bill, Jaime. * draft-ietf-core-senml-data-ct-02 Indicate the Content-Format of the binary data in the SenML record, so that it can be interpreted correctly. This version removes the must-understand ct_ until a way to use is found. The document will go on a 2-week WGLC. ## Blockwise for DOTS * draft-bosh-core-new-block-04 DOTS creates challenges where there are DDoS attacks and needs mitigation, which is problematic in lossy environments given the large body packets. Proposed two new CoAP options for blockwise transfer, Block3 & Block4 akin to Block1 & Block2. BLOCK3 can send packets without waiting for response, and introduces congestion control to avoid DDoS. GET and FETCH with BLOCK4 trigger BLOCK4 responses provided that the response is big enough. Need for possible better clarification of the document scope, while it claims already that this is not a generic solution, but rather specific to the DOTS use case. The draft discussed at two interim meeting. This latest version incorporates all received comments. The authors request adoption as a WG document. Assessed support for adoption to be confirmed on the mailing start. A call for adoption will start. Christian will provide a review. ## AIF * draft-bormann-core-ace-aif-09 This work was originally for both CoRE and ACE, now ACE has picked it up by ACE, but it is also interesting for CoRE. AIF models access control as a control matrix, with subject and set of permissions. Protection of capabilities is not in scope. The capability list is an array of pairs, it takes RESTful case as starting point, but other cases can be specified (e.g. MQTT). Objects are paths, while permissions are expressed as bitmaps. This is good for most applications. Good for static resources, but dynamic action resources can also be around, for which permissions are derived from the base resources, by doubling the bits. First version in 2014, now in WG adoption in ACE. Ben Kaduk asked if there is anything else like this. Most web services have more complicated needs, so AIF is probably too simple. On the other hand, when done, this might be used elsewhere, so we should not block such uses. The AIF pattern is very similar to IPSO (CRUD instead of REST). It's worth writing up for CRUD so a new set of registration bits is not needed every time. A possible extension can provide also dynamic permissions; model the difference between resources that have been created or could have been created by a subject; model time aspects such as the lifetime of an Access Token vs. the lifetime of the resource (e.g. pub-sub topic). This may intersect with identity management. ## EDHOC+OSCORE * draft-palombini-core-oscore-edhoc-00 Based on a discussion started at IETF 106, this new work proposes different approches to combine an execution of EDHOC with the first OSCORE exchange following it. The different approaches can also be signaled in different ways. Essentially, the EDHOC verification on the client is merged with the first OSCORE request protected with the derived security context. This optimization would reduce the overall number of roundtrips. The goal is to select only one approach signaled in one way. Approach 1. EDHOC in OSCORE - Define new CoAP option indicating that message is both EDHOC and OSCORE Approach 2. EDHOC in OSCORE - Use the OSCORE option and a new flag bit to tell that the payload contains both Approach 3. OSCORE in EDHOC - Define new CoAP option indicating that the message is both EDHOC and OSCORE Approach 4. OSCORE in EDHOC - Signal with new content format. Approaches 1 and 2 seem preferred, with most preferences for Approach 2. A short-enough EDHOC message can go in the option. Carsten and Klaus can provide feedback on this point. People who will review: Christian, Carsten, Jim. ## Group Communication * draft-ietf-core-groupcomm-bis-01 Discussed current Github issues and other open points. Agreement regarding port number in responses; criteria consistency for response suppression; usage of URI-host for naming application groups; usage of admin-local scope; rationale for mapping between security groups and applications groups. Next version will focus on closing these open points. People who have read this or a previous version: Jim, Christian, Francesca People who will review: Carsten, Jim, Christian * draft-ietf-core-oscore-groupcomm-09 This last versions addresses all open point raised at the April virtual meeting. More open points were discussed (mostly coming from the WGLC), requiring more thinking: 1. For the pairwise mode, it should be possible to signal the curve used for the secret derivation, e.g. Montgomery or Weierstrass. It should work to have it as additional information in the security context. Then the same MTI as today can be kept. 2. It's convenient to reset the SSN after group rekeying, which becomes easier to detect. 3. For observations, useful to store the Context ID of the original request. This would prevent notification misbinding across group rekeying if the SSN is reset. There may be further ways to look into. 4. New proposal for separated PIV spaces, for the group mode and the pairwise mode. Early discussion of pros/cons to be continued. Impact on communication overhead, space synchronization with the Echo option, and privacy implications. Some people expressed concerns. People who have read: Jim, Christian People who will read: Carsten * draft-tiloca-core-oscore-discovery-06 The document defines a method to use the Resource Directory to find links for joining OSCORE groups at their Group Manager (GM). Now it has full support for Link Format or CoRAL. The Fairhair example was polished and also translated to CoRAL. The next version will address some open points, and align with other GM administrative drafts. A future document collecting all target attributes can include also the ones defined in this document. Possible interest can be discussed with Fairhair/BACnet and others. T2TRG can be a good venue, with CoRE invited. * draft-tiloca-core-observe-multicast-notifications-03 The document defines a method to send observe notifications to a set of clients observing a same resource at the server, by using multicast responses. This latest versions updates the encoding of the informative error response to the clients; the mechanism for roughly counting the active clients; and alternative ways to obtain the phantom request associated to the group request. Feedback would be needed on having optional or mandatory also the latest notification sent inside the informative response. Next updates will be about adapting the approach to work also with proxies. People who will review: Jim, Göran, Jaime, Carsten * draft-tiloca-core-groupcomm-proxy-01 The document defines a method to have proxies working in a group communication setting. It addresses the issues in the groupcomm-bis document. The proxy forwards back to the client the individual responses from the servers. The client distinguishes the servers originating the responses and learn their addresses. Two new CoAP options are defined. An appendix describes "Nested OSCORE", to further protect with OSCORE (client to proxy) the group request already protected with Group OSCORE (client to servers). This allows the proxy to still identify the client (as required), as an alternative to DTLS as a separate protocol on the Client-Proxy leg. Next steps will focus on chains of proxies and HTTP headers analogous to the two new options, for cross-proxies. People who have read or are interested: Jim, Christian, Carsten, Francesca * draft-amsuess-core-cachable-oscore-00 The documents defines the concept of "Consensus Request", protected with Group OSCORE but yet enabling proxies to serve cached responses to it. Related paper: https://arxiv.org/pdf/2001.08023.pdf A possible type is a "Ticket Request" generated by the server, of which the phantom request used for multicast notifications is a particular case. Another type is a "Deterministic Request", that all clients have to be able to generate as a one and same request. It becomes tricky with Partial IV and key to use. A possible way is proposed based on a "Deterministic client". Some encryption algorithms might have to be ruled out, none of them are in COSE. Next version will give clarifications and more details. Positive feedback on CoRE being the right venue and the importance of the problem People who will review an updated version: Francesca, Jaime ---------- -- Marco Tiloca Ph.D., Senior Researcher RISE Research Institutes of Sweden Division ICT Isafjordsgatan 22 / Kistagången 16 SE-164 40 Kista (Sweden) Phone: +46 (0)70 60 46 501 https://www.ri.se
- [core] CoRE @ IETF 108 - Minutes and summary Marco Tiloca