Re: [core] Review on draft-tiloca-core-multicast-oscoap-01
"Beck, Stefan" <S.Beck@osram.com> Tue, 25 April 2017 12:54 UTC
Return-Path: <S.Beck@osram.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0767712EC7D; Tue, 25 Apr 2017 05:54:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.8
X-Spam-Level:
X-Spam-Status: No, score=-4.8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.8, SPF_HELO_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=osram.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e6wiqcOBf6BT; Tue, 25 Apr 2017 05:54:50 -0700 (PDT)
Received: from EUR03-DB5-obe.outbound.protection.outlook.com (mail-eopbgr40072.outbound.protection.outlook.com [40.107.4.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E931D12EC9D; Tue, 25 Apr 2017 05:54:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Osram.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=CWQw4+ZmByYyXpCUQZJ9B0Rx/CE0TkvqSsPJgyAeJ90=; b=aifib9TWpPDRfwJt4OJECYmKaH8az4uXhO4jx4q/ItauMG2aA2iILfrj4hHW4pcVpvXI+505fCdFPZIZdihzxv3DYrLocZnZNOPRuZvAoGCGYWzCineM8ZvHXW1iL1oDtQ7vEt+CyRcLBkC2TgvRwQVsBGSJ8Zw+cDpmUSuvYUE=
Received: from HE1PR07MB1657.eurprd07.prod.outlook.com (10.166.124.135) by HE1PR07MB1660.eurprd07.prod.outlook.com (10.166.124.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1061.6; Tue, 25 Apr 2017 12:54:47 +0000
Received: from HE1PR07MB1657.eurprd07.prod.outlook.com ([10.166.124.135]) by HE1PR07MB1657.eurprd07.prod.outlook.com ([10.166.124.135]) with mapi id 15.01.1061.011; Tue, 25 Apr 2017 12:54:46 +0000
From: "Beck, Stefan" <S.Beck@osram.com>
To: "draft-tiloca-core-multicast-oscoap@ietf.org" <draft-tiloca-core-multicast-oscoap@ietf.org>
CC: 'core' <core@ietf.org>, Jim Schaad <ietf@augustcellars.com>
Thread-Topic: [core] Review on draft-tiloca-core-multicast-oscoap-01
Thread-Index: AdKuTspS7D95VPiCTf6PMOteBsYMvAPaYIng
Date: Tue, 25 Apr 2017 12:54:46 +0000
Message-ID: <HE1PR07MB1657D682FC5030F67C4F3447851E0@HE1PR07MB1657.eurprd07.prod.outlook.com>
References: <017401d2ae79$5a6378f0$0f2a6ad0$@augustcellars.com>
In-Reply-To: <017401d2ae79$5a6378f0$0f2a6ad0$@augustcellars.com>
Accept-Language: en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=osram.com;
x-originating-ip: [32.66.115.43]
x-microsoft-exchange-diagnostics: 1; HE1PR07MB1660; 7:Kj0SZ1lKGcMmkQdXYAunkSaD0liLhhSdJfcad3LxF0616tf4gZnZAWKLAwArjBh27B1xF3doz1anFKwOK+sd6aDn6+vWj52JKChqby4/+0fxzFG3w2VmJ2t7MmF9sekkoaNcF5CCiUIavHhPmAU/4R+8HW8D/OLhMKLTB2V4Ao5Iv0wp54lf9Um7BSNBc/WQ90Uxgtn8zwMU812/Ol8UuHcZ9trVcu6VA0RfrksLQjUKs0Bhs16/ghU2tvAWSI/39cAyWz4UYBL8GRweKhK+8FYZfG+uWkDf5nGOLTkGFYB7Y5SkZp5TzDFey4ojvBnAW4IwnUBCaAvzkcPbNT8KMw==
x-ms-office365-filtering-correlation-id: 51108cd4-3b3b-4534-e01a-08d48bda4083
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075)(201703131423075)(201703031133081); SRVR:HE1PR07MB1660;
x-microsoft-antispam-prvs: <HE1PR07MB1660B999B7260014B505E255851E0@HE1PR07MB1660.eurprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(192374486261705);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040450)(601004)(2401047)(5005006)(8121501046)(93006095)(93001095)(10201501046)(3002001)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(20161123558100)(20161123564025)(20161123555025)(20161123560025)(6072148); SRVR:HE1PR07MB1660; BCL:0; PCL:0; RULEID:; SRVR:HE1PR07MB1660;
x-forefront-prvs: 0288CD37D9
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(39450400003)(39860400002)(39840400002)(39850400002)(39400400002)(39410400002)(13464003)(377454003)(122556002)(66066001)(7696004)(3846002)(6116002)(102836003)(305945005)(2501003)(74316002)(230783001)(76176999)(77096006)(50986999)(54356999)(6436002)(33656002)(229853002)(110136004)(38730400002)(5640700003)(6506006)(6306002)(561944003)(9686003)(53936002)(6246003)(86362001)(99286003)(55016002)(6916009)(2950100002)(54906002)(8936002)(3280700002)(4326008)(3660700001)(2900100001)(5660300001)(2906002)(81166006)(8676002)(189998001)(2351001)(53546009)(7736002)(25786009); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR07MB1660; H:HE1PR07MB1657.eurprd07.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: Osram.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Apr 2017 12:54:46.4485 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: ec1ca250-c234-4d56-a76b-7dfb9eee0c46
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB1660
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/_YKbDRPxJ5aQFFj7k7S8mxcnW3U>
Subject: Re: [core] Review on draft-tiloca-core-multicast-oscoap-01
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Apr 2017 12:54:52 -0000
Hi,
On Section 2:
Group-level data confidentiality and Source authentication are described as SHALL, while Message integrity is SHOULD.
Intuitively I would consider authentication and integrity as SHALL, while confidentiality could be seen as SHOULD (or even MAY? - as the following text already correctly suggests that data confidentiality may only be required if privacy sensitive data is exchanged - which is not necessarily the case, e.g. in simple situations
On authentication and integrity: I would use SHALL consistently here - similar to what is already written on "source authentication" in section 1. And it is implied by the last statement anyway ("Message integrity is provided through the same means used to provide source authentication.")
Section 7.1: the first paragraph addresses the confidentiality part of "Group-level Security", so you could potentially rename 7.1. to "Group-level Data Confidentiality" as one specific part of the security considerations (provided that this first paragraph remains the only one in 7.1...):
- the second paragraph deals with the obvious ("it is required that all group members are trusted"), so it could even be removed completely?
- and the 3rd paragraph would better fit to 7.2 IMO (as the task of removing a compromised group member becomes a key management task - similar to when legitimate - yet uncompromised - group members are leaving).
I also agree with Jim's proposal (on section 1, excerpt below), the same could be applied in section 2 (and 7.1) analogously.
Stevie
-----Original Message-----
From: core [mailto:core-bounces@ietf.org] On Behalf Of Jim Schaad
Sent: Thursday, April 06, 2017 3:59 AM
To: draft-tiloca-core-multicast-oscoap@ietf.org
Cc: 'core' <core@ietf.org>
Subject: [core] Review on draft-tiloca-core-multicast-oscoap-01
Here are a few comments on this draft.
<...>
Section 1 - "Source authentication" - suggest the last sentence ends "not tampered with either by a different group member or by a non-group member".
<...>
Jim
_______________________________________________
core mailing list
core@ietf.org
https://www.ietf.org/mailman/listinfo/core
- Re: [core] Review on draft-tiloca-core-multicast-… Beck, Stefan
- Re: [core] Review on draft-tiloca-core-multicast-… Beck, Stefan
- [core] Review on draft-tiloca-core-multicast-osco… Jim Schaad