Re: [core] Where to work on AA/revocation
Zach Shelby <zach@sensinode.com> Tue, 30 July 2013 09:25 UTC
Return-Path: <zach@sensinode.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4A1AE11E81CB; Tue, 30 Jul 2013 02:25:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s47w5vMFXBA8; Tue, 30 Jul 2013 02:24:54 -0700 (PDT)
Received: from auth-smtp.nebula.fi (auth-smtp.nebula.fi [217.30.180.105]) by ietfa.amsl.com (Postfix) with ESMTP id 1A05411E81DE; Tue, 30 Jul 2013 02:22:58 -0700 (PDT)
Received: from dhcp-1722.meeting.ietf.org (dhcp-1722.meeting.ietf.org [130.129.23.34]) (authenticated bits=0) by auth-smtp.nebula.fi (8.13.8/8.13.4) with ESMTP id r6U9MjMM016174 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Tue, 30 Jul 2013 12:22:45 +0300
X-Authenticated-User: sensinodecom
Content-Type: text/plain; charset="iso-8859-1"
Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\))
From: Zach Shelby <zach@sensinode.com>
In-Reply-To: <87fvuwe9wj.fsf@tzi.org>
Date: Tue, 30 Jul 2013 11:22:45 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <B84257B7-1E6C-4AE6-A6BB-28C32C39C804@sensinode.com>
References: <6C306372-9817-46E6-AD5B-6059E302BFCC@sensinode.com> <51F74C30.30905@ifi.uzh.ch> <053A4975-F6BD-4B4B-BC07-D869F00F4DF8@sensinode.com> <87fvuwe9wj.fsf@tzi.org>
To: Olaf Bergmann <bergmann@tzi.org>
X-Mailer: Apple Mail (2.1503)
Cc: Corinna Schmitt <schmitt@ifi.uzh.ch>, dtls-iot@ietf.org, "core@ietf.org WG" <core@ietf.org>
Subject: Re: [core] Where to work on AA/revocation
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/core>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jul 2013 09:25:04 -0000
(sorry for the cross-mailing list traffic) Olaf, This is the first IETF where this cluster of new AA proposals have come out of the woodwork, so be patient finding a home for it. DICE is really about optimising the use of DTLS in IoT, and we're keeping that focus for at least the first charter as we have a couple very focused problems to solve. Regarding the AA presentations that were given in CoRE yesterday. Yes I do agree that the IETF should work in this area, but it was also clear yesterday in CoRE that we don't all understand the set of requirements that need to be solved. We are still living in the solution looking for a problem phase. In addition to that there are also revocation proposals that have been submitted recently, and a clear need for ACL management. The nice thing about the IETF, is that even if you don't have a home for work yet, you can still work on it. I would encourage the authors doing AA and revocation related work to get together, figure out what the actual problems to be solved are (talk to industry too) and then combine solutions. CoRE is still probably a good mailing list to do that on for now. As more people are agreeing about the problem space and are interested to work on the (same) problem, we can find/make a home. Zach On Jul 30, 2013, at 10:20 AM, Olaf Bergmann <bergmann@tzi.org> wrote: > Zach Shelby <zach@sensinode.com> writes: > >> Hi Corinna, >> >> On Jul 30, 2013, at 7:16 AM, Corinna Schmitt <schmitt@ifi.uzh.ch> wrote: >> >>> Just for information concerning our draft >>> http://tools.ietf.org/html/draft-schmitt-two-way-authentication-for-iot-00: >>> We already started to implemented a solution and evaluated a little >>> bit. So we would be glad if our draft will be approved and stay in >>> DICE. >> >> Your draft was actually discussed yesterday in the CoRE WG meeting in >> the scope of general authentication and authorisation in CoRE. This >> subject will be out of scope for the first DICE charter as we already >> have a couple concrete problems to solve. It is not clear where the >> "AA" work will end up, probably in some other new working group, or >> maybe in some future re-chartering of DICE. > > The discussion yesterday was a bit low on the guidance level how to > proceed. Even if this topic is not the most pressing for DICE, I highly > recommend to work on this space *now*. > > Corinna, maybe we could team up with the other authors of the relevant > drafts to find out what the next steps are? We had a quick talk with > Göran yesterday, and he also had the impression that the WG could have > been more active in giving feedback on these drafts. -- Zach Shelby, Chief Nerd, Sensinode Ltd. http://www.sensinode.com @SensinodeIoT Mobile: +358 40 7796297 Twitter: @zach_shelby LinkedIn: http://fi.linkedin.com/in/zachshelby 6LoWPAN Book: http://6lowpan.net
- Re: [core] Where to work on AA/revocation Zach Shelby