Re: [core] OSCORE: Questions about Section 5.2

Christian Amsüss <> Thu, 11 October 2018 13:31 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 35731130DD6 for <>; Thu, 11 Oct 2018 06:31:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 5uAd9BVZWn7B for <>; Thu, 11 Oct 2018 06:31:28 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id F2B11127148 for <>; Thu, 11 Oct 2018 06:31:27 -0700 (PDT)
Received: from (unknown [IPv6:2a02:b18:c13b:8010:a800:ff:fede:b1bd]) by (Postfix) with ESMTPS id B98C641AD8; Thu, 11 Oct 2018 15:31:25 +0200 (CEST)
Received: from ( []) by (Postfix) with ESMTP id 021712A; Thu, 11 Oct 2018 15:31:23 +0200 (CEST)
Received: from ( [IPv6:2a02:b18:c13b:8010::71b]) by (Postfix) with ESMTPSA id 9412810E; Thu, 11 Oct 2018 15:31:22 +0200 (CEST)
Received: (nullmailer pid 18159 invoked by uid 1000); Thu, 11 Oct 2018 13:31:21 -0000
Date: Thu, 11 Oct 2018 15:31:21 +0200
From: Christian =?iso-8859-1?Q?Ams=FCss?= <>
To: Jaro Fietz <>
Message-ID: <>
References: <> <> <>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="LwW0XdcUbUexiWVK"
Content-Disposition: inline
In-Reply-To: <>
User-Agent: Mutt/1.10.1 (2018-07-13)
Archived-At: <>
Subject: Re: [core] OSCORE: Questions about Section 5.2
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 11 Oct 2018 13:31:30 -0000

Hello Jaro,

> > The expectation is that the shortest (zero-length) ID would be used in
> > cases wherever that's beneficial, eg. when a constrained device
> > primarily utilizes one context in which it is addressed as a server.
> This is an interesting optimization. I'm not too sure about the actual
> benefits though. To me this would only result in the constrained nodes being
> able to shave off a few bytes of allocation when constructing the response
> and saving their sender_id to persistent storage.

It's much more about message size. There are applications that need to
get an OSCORE message through w/o fragmentation over single link layer
messages (6TiSCH joining), and this helps fitting things in there.

> I'm implementing OSCORE on top of zephyr (not integrated into it) for an
> embedded board. Currently it isn't open source, but I asked my advisor,
> who'll forward the request to the supervisor.
> Judging from your github history I expect you ask for RIOT-OS? :)

Indeed, RIOT is what I have in mind. There have been successful cases of
code shared between Zephyr and RIOT, and I think that collaboration
could be fruitful here, if licensing permits.

At any rates, I'm looking forward to interoperate with a constrained
application in future plug tests.

Best regards

To use raw power is to make yourself infinitely vulnerable to greater powers.
  -- Bene Gesserit axiom