Re: [core] About freshness and order of information in CoAP End-To-End Security
Göran Selander <goran.selander@ericsson.com> Fri, 08 April 2016 07:37 UTC
Return-Path: <goran.selander@ericsson.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 31E5212D146 for <core@ietfa.amsl.com>; Fri, 8 Apr 2016 00:37:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XtZm54_LYrIV for <core@ietfa.amsl.com>; Fri, 8 Apr 2016 00:37:26 -0700 (PDT)
Received: from sesbmg23.ericsson.net (sesbmg23.ericsson.net [193.180.251.37]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7777112D11F for <core@ietf.org>; Fri, 8 Apr 2016 00:37:26 -0700 (PDT)
X-AuditID: c1b4fb25-f79f86d00000400a-fe-57075fb4ae17
Received: from ESESSHC004.ericsson.se (Unknown_Domain [153.88.183.30]) by sesbmg23.ericsson.net (Symantec Mail Security) with SMTP id 0C.39.16394.4BF57075; Fri, 8 Apr 2016 09:37:24 +0200 (CEST)
Received: from ESESSMB303.ericsson.se ([169.254.3.117]) by ESESSHC004.ericsson.se ([153.88.183.30]) with mapi id 14.03.0248.002; Fri, 8 Apr 2016 09:37:23 +0200
From: Göran Selander <goran.selander@ericsson.com>
To: Aura Tuomas <tuomas.aura@aalto.fi>, "core@ietf.org" <core@ietf.org>
Thread-Topic: [core] About freshness and order of information in CoAP End-To-End Security
Thread-Index: AQHRkWl9O78ERTYIGE68jZYY6505zA==
Date: Fri, 08 Apr 2016 07:37:23 +0000
Message-ID: <D32C66AE.51CBA%goran.selander@ericsson.com>
References: <7F9C975440487E49BBD35F4FB088ED74CFD21D9C@EXMDB01.org.aalto.fi>
In-Reply-To: <7F9C975440487E49BBD35F4FB088ED74CFD21D9C@EXMDB01.org.aalto.fi>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.6.2.160219
x-originating-ip: [153.88.183.150]
Content-Type: text/plain; charset="utf-8"
Content-ID: <48D2B8979108104A9795CBC1222D0A6C@ericsson.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprPIsWRmVeSWpSXmKPExsUyM2K7nO6WePZwg4VH5S32vV3PbPFm4kZ2 ByaP468Xs3osWfKTKYApissmJTUnsyy1SN8ugSvj16UXjAUtGhXXnlxmb2BsUO9i5OSQEDCR WPjmKhOELSZx4d56ti5GLg4hgSOMEsdWr2OBcBYzSsy8cp0FpIpNwEXiQcMjsA4RAXeJzfsX MIPYwgJREh9fPWODiEdLvH12hxnC1pOYtvQxWD2LgIrEr6m/wObwClhITNt0ixXEFhLwlni9 eB47iM0p4CNxf+pfsBpGoIu+n1oD1sssIC5x68l8qEsFJJbsOc8MYYtKvHz8D2yOKNCuHecg bAkBJYkV2y8xdjFyAPVqSqzfpQ8xxlpi1eRjUCMVJaZ0P2SHOEdQ4uTMJywTGMVnIdk2C6F7 FpLuWUi6ZyHpXsDIuopRtDi1OCk33chYL7UoM7m4OD9PLy+1ZBMjMNoObvmtuoPx8hvHQ4wC HIxKPLwLBNjDhVgTy4orcw8xSnAwK4nw/ooFCvGmJFZWpRblxxeV5qQWH2KU5mBREufNjvwX JiSQnliSmp2aWpBaBJNl4uCUamC0ml0stPGHiODhmQUHl/k9Y1689N1XiwkSJ7ie2gl4nz/8 44irEfPFSx5/OY+zOWy7+mZ546Zn6SGszWIfOFfcWurmUcqWknRw5scvG1/9mn920j6ntX0z VHh/V75e+EDc/Z6W1H+NZjvWyOBJD5Zbc2+Jak4X1BV7+erFt2ifJ7J2yss7LMTSlFiKMxIN tZiLihMBI7ukt7ICAAA=
Archived-At: <http://mailarchive.ietf.org/arch/msg/core/XQlw5OT2GvHPfaGxZCOmZvMlvfg>
Subject: Re: [core] About freshness and order of information in CoAP End-To-End Security
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Apr 2016 07:37:29 -0000
Hi Thomas, Thanks for comments, inline On 2016-04-07 19:21, "core on behalf of Aura Tuomas" <core-bounces@ietf.org on behalf of tuomas.aura@aalto.fi> wrote: >Reading "draft-hartke-core-e2e-security-reqs-00", I started to wonder >about the freshness and reordering of sensor data and actuation >confirmation. The examples in section "3.1. One Request - One Response" >seem quite simple compared to potential application requirements. > >https://tools.ietf.org/html/draft-hartke-core-e2e-security-reqs-00#section >-3.1 > >Example: Alarm status retrieval > >* There are many kinds of freshness: Sometimes you just want to avoid >replays, e.g. for counting events. Sometimes reordering of data is not >allowed, e.g. if you want the latest sensor status. Sometimes the data >should come causally after another event, e.g. in nonce-based freshness >mechanisms that bind the sensor data causally to a specific local clock >interval at the receiver. Sometimes the data needs to be recent by the >wall clock time, e.g. if you have loosely synchronized clocks. > >* In the alarm status example, it may not be necessary or sufficient for >the status data to be "current". In fact, I don't think you ever need to >link the answer to the individual alarm status request. Sometimes it is >ok to have "recent" status information, in which case caching the at the >proxy for a short period is ok. Sometimes you may not want to miss alarms >that were raised and then dismissed, in which case the current status is >not sufficient but you need the full history. It is true that different applications have different types of freshness requirements. It is also true that for devices that can maintain time synchronisation it may be sufficient to verify a “recent” state (although there is always a concern that the clocks may) As you noted, with quickly transitioning states status requests provides very limited information, better measure a different status parameter, e.g. whose value reflects an alarm that needs to be reset by authorised personnel. And in that case, when time synchronisation can’t be guaranteed, a challenge-response protocol provides one way to get some certainty of a relevant status parameter. > >Example: Actuation confirmation > >* Some actuation may have unique identity, e.g. admit animal number 12345 >through the turnstile, and need to be confirmed individually. However, >that is not necessarily the case. Some actuation is cumulative, e.g. >admit one person though turnstile. Some actions are idempotent, e.g. >close the door, and one confirmation may be sufficient. > >* Some actuations need to be strictly ordered, e.g. open and close the >door. Some can be reordered, e.g. close door A and close door B. This >could possibly be discussed in terms of causal order (the vector clocks >mentioned in the ACE WG list) and how much of that order needs to be >preserved in the actuation and in confirmations. Also very interesting examples illustrating the wide variety of application settings. Again, depending on use case the > > >Perhaps some of the above comments are beside the point of the draft, but >it looks to me that the concepts of freshness and ordering in object or >multi-hop security are more difficult to define and address than in >secure end-to-end connections where data on the wire is linearly ordered >in each direction. Yes there are certainly challenges here. Is your proposal that we provide more details to the examples where the scenarios are applicable? Göran > >Tuomas > >_______________________________________________ >core mailing list >core@ietf.org >https://www.ietf.org/mailman/listinfo/core
- [core] About freshness and order of information i… Aura Tuomas
- Re: [core] About freshness and order of informati… Göran Selander
- Re: [core] About freshness and order of informati… Göran Selander
- Re: [core] About freshness and order of informati… Jim Schaad