Re: [core] Review of draft-tiloca-core-oscore-discovery-05
Marco Tiloca <marco.tiloca@ri.se> Tue, 21 July 2020 07:11 UTC
Return-Path: <marco.tiloca@ri.se>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 39E863A1451; Tue, 21 Jul 2020 00:11:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MSGID_FROM_MTA_HEADER=0.001, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ri.se
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TO-Hxau8wi4Z; Tue, 21 Jul 2020 00:11:22 -0700 (PDT)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-eopbgr80080.outbound.protection.outlook.com [40.107.8.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA2373A1074; Tue, 21 Jul 2020 00:11:20 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=izqSYfwqKusVg4X9HML1dBphPGJEfVRivcxByIoHX/rBWAW/wd1ULyLaRPiuO63xNmuMfn2GyiBwCS3/2BME9Qb1H3L9Eey/w3cl+4BULY7BEB4LxAxHRW/ELO3HF3fiH6LZL4ViLkoPnetE9rMpyYVM5voKeNUAcMAIzVItOTzppYOKIuEMVQMKYygfhlhKR802T7QoKwtq3OYr9hNjQTah45ou5opFKRAugGkrPukTJxxidxOe72wvM3AOMqLV005QDjFB97cNcHgPJG0/JX7n8tNF6znjx5sMGoI4HbBotExhU/NsFFYGW5wwPMTaw3GV+IOiqubhTasOWDGlSA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=II42M95K3ol9mu5y/Lqt+ty11a4sTpWWV7TcxPmRJd4=; b=hKjZ48V3ejNJh0dmnIpOGPqeN7ata5JFLoWu95RnC+4tAeIHjjL9SA/ulvlRqB2IwCF/LXSF8yXMBbDeS8Wr3+sdyMIJ8sGsG/+nkTzo6agbIhD9F5TNvLNNnFAYWAyFyRTslTfwz6PY0LMDLGmzi+PpuytWWDmGfEDycZCuvAXz/PuXD49RjzxOpqahVFurahwhJ6l6x4Eh78pUaP5E82WYau61+OTafLOGcK2LhLfY1YdE5HtYLS1TkKQHlJ1+gVxXGVq72JlM6DVtbr/INWsfbaf5YcJxZgbYTjDGFObaTtY/FCDJsp9FfCp4qVhPMcEkvjlS76eVuW3FyIsozA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ri.se; dmarc=pass action=none header.from=ri.se; dkim=pass header.d=ri.se; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ri.se; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=II42M95K3ol9mu5y/Lqt+ty11a4sTpWWV7TcxPmRJd4=; b=jC0hYCN9RHcicDjW7+EiEysjyvJRp26SgW+GyVxkxC5H/wYzj3U3nJDLfCwSpRER6oJnLPfnnEHkiDyCgjfT86UdEGIxo8GrKkMxsL72FuYQgQzkREd7napig2A639XbgfSRpV8GeKej37UijwXzvPprFPl0p9KgxuSnx3ZFyaQ=
Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ri.se;
Received: from VI1P189MB0398.EURP189.PROD.OUTLOOK.COM (2603:10a6:802:35::31) by VE1P189MB0896.EURP189.PROD.OUTLOOK.COM (2603:10a6:800:148::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3195.23; Tue, 21 Jul 2020 07:11:18 +0000
Received: from VI1P189MB0398.EURP189.PROD.OUTLOOK.COM ([fe80::2124:eed3:60cd:95a2]) by VI1P189MB0398.EURP189.PROD.OUTLOOK.COM ([fe80::2124:eed3:60cd:95a2%6]) with mapi id 15.20.3195.026; Tue, 21 Jul 2020 07:11:18 +0000
To: Jim Schaad <ietf@augustcellars.com>, draft-tiloca-core-oscore-discovery@ietf.org
Cc: core@ietf.org
References: <000001d63ba7$56bcf690$0436e3b0$@augustcellars.com>
From: Marco Tiloca <marco.tiloca@ri.se>
Autocrypt: addr=marco.tiloca@ri.se; prefer-encrypt=mutual; keydata= mQENBFSNeRUBCAC44iazWzj/PE3TiAlBsaWna0JbdIAJFHB8PLrqthI0ZG7GnCLNR8ZhDz6Z aRDPC4FR3UcMhPgZpJIqa6Zi8yWYCqF7A7QhT7E1WdQR1G0+6xUEd0ZD+QBdf29pQadrVZAt 0G4CkUnq5H+Sm05aw2Cpv3JfsATVaemWmujnMTvZ3dFudCGNdsY6kPSVzMRyedX7ArLXyF+0 Kh1T4WUW6NHfEWltnzkcqRhn2NcZtADsxWrMBgZXkLE/dP67SnyFjWYpz7aNpxxA+mb5WBT+ NrSetJlljT0QOXrXMGh98GLfNnLAl6gJryE6MZazN5oxkJgkAep8SevFXzglj7CAsh4PABEB AAG0Nk1hcmNvIFRpbG9jYSAobWFyY28udGlsb2NhQHJpLnNlKSA8bWFyY28udGlsb2NhQHJp LnNlPokBNwQTAQgAIQUCWkAnkAIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRDuJmS0 DljaQwEvCACJKPJIPGH0oGnLJY4G1I2DgNiyVKt1H4kkc/eT8Bz9OSbAxgZo3Jky382e4Dba ayWrQRFen0aLSFuzbU4BX4O/YRSaIqUO3KwUNO1iTC65OHz0XirGohPUOsc0SEMtpm+4zfYG 7G8p35MK0h9gpwgGMG0j0mZX4RDjuywC88i1VxCwMWGaZRlUrPXkC3nqDDRcPtuEGpncWhAV Qt2ZqeyITv9KCUmDntmXLPe6vEXtOfI9Z3HeqeI8OkGwXpotVobgLa/mVmFj6EALDzj7HC2u tfgxECBJddmcDInrvGgTkZtXEVbyLQuiK20lJmYnmPWN8DXaVVaQ4XP/lXUrzoEzuQENBFSN eRUBCACWmp+k6LkY4/ey7eA7umYVc22iyVqAEXmywDYzEjewYwRcjTrH/Nx1EqwjIDuW+BBE oMLRZOHCgmjo6HRmWIutcYVCt9ieokultkor9BBoQVPiI+Tp51Op02ifkGcrEQNZi7q3fmOt hFZwZ6NJnUbA2bycaKZ8oClvDCQj6AjEydBPnS73UaEoDsqsGVjZwChfOMg5OyFm90QjpIw8 m0uDVcCzKKfxq3T/z7tyRgucIUe84EzBuuJBESEjK/hF0nR2LDh1ShD29FWrFZSNVVCVu1UY ZLAayf8oKKHHpM+whfjEYO4XsDpV4zQ15A+D15HRiHR6Adf4PDtPM1DCwggjABEBAAGJAR8E GAECAAkFAlSNeRUCGwwACgkQ7iZktA5Y2kPGEwf/WNjTy3z74vLmHycVsFXXoQ8W1+858mRy Ad0a8JYzY3xB7CVtqI3Hy894Qcw4H6G799A1OL9B1EeA8Yj3aOz0NbUyf5GW+iotr3h8+KIC OYZ34/BQaOLzdvDNmRoGHn+NeTzhF7eSeiPKi2jex+NVodhjOVGXw8EhYGkeZLvynHEboiLM 4TbyPbVR9HsdVqKGVTDxKSE3namo3kvtY6syRFIiUz5WzJfYAuqbt6m3TxDEb8sA9pzaLuhm fnJRc12H5NVZEZmE/EkJFTlkP4wnZyOSf/r2/Vd0iHauBwv57cpY6HFFMe7rvK4s7ME5zctO Ely5C6NCu1ZaNtdUuqDSPA==
Message-ID: <511bf006-e21a-a158-8630-22d7630057fd@ri.se>
Date: Tue, 21 Jul 2020 09:11:11 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0
In-Reply-To: <000001d63ba7$56bcf690$0436e3b0$@augustcellars.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="6zL6ATNHPf903CzjPBJkMSeEnkWMLhgsO"
X-ClientProxiedBy: AM0PR04CA0102.eurprd04.prod.outlook.com (2603:10a6:208:be::43) To VI1P189MB0398.EURP189.PROD.OUTLOOK.COM (2603:10a6:802:35::31)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [10.8.3.8] (195.181.173.105) by AM0PR04CA0102.eurprd04.prod.outlook.com (2603:10a6:208:be::43) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3195.18 via Frontend Transport; Tue, 21 Jul 2020 07:11:17 +0000
X-Originating-IP: [195.181.173.105]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 3cbb0704-e2e1-4c2e-15a2-08d82d45436d
X-MS-TrafficTypeDiagnostic: VE1P189MB0896:
X-Microsoft-Antispam-PRVS: <VE1P189MB0896D0F04752C0E01C80410E99780@VE1P189MB0896.EURP189.PROD.OUTLOOK.COM>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: CCQ58Ni0nKesRpt72HEfmN98Av734jhfFT6NPF0VyChNH0IKIDar6e9xf3qc+LRWJeLNJFy7e2HL6lSMk6TRtkOZTm87IclMvncpq7nJMkW8RqYVAEFCa0sqxWn0sJsosrKPEKDXLW6q1C80JjWSaJlh2HarkRBACa3PyrXjK1uISDHvZOX71ekNAYQ43HDLFIyMemMXlgXrYrYhj45HVYapFMtnPKjMf4PXg1r4iVmab30bMofGGSvCK2Oqok/wm/Yr6dcPyHHzTVNdOq979/FXkceh4KD/85FwUBAIcMjf6cztQdVKJaZg2hjjbSMiFUyQSDvc2jVZzzoEOCgbeppy1HR2e1vrUGZ5ss6hus58jK/MvN/sXNMuW7qrQ9VZ9vWBqbW7NWWIn+sDICDt4I4iwgv3jJl0IdVKsBpd9twitQFZjEyoScY4I8xfbALFpf2fGkxWbCwwAkvVlqzYHg==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1P189MB0398.EURP189.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(346002)(376002)(39850400004)(396003)(366004)(136003)(2906002)(31696002)(8676002)(86362001)(16576012)(66476007)(66556008)(316002)(8936002)(33964004)(53546011)(66946007)(52116002)(26005)(6486002)(186003)(4326008)(16526019)(5660300002)(44832011)(235185007)(2616005)(956004)(966005)(478600001)(6666004)(36756003)(21480400003)(31686004)(66574015)(83380400001)(43740500002); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: nhIuErxCpefJCniWsCPOznXuse9F1ta1ElsIvgOFiZQrY9YnXNeBCe/QNtViEHtls1fQXotymn5IPahnSOB44E8cyHm4Hpd55OGGhmUCblqKo5d0z8nbyPj/MMMw5VqbOExEp3mINn4+0KTSszxZxJnAgK2iVhjLDa/A8fn1SD95hlk5zvsZh9M6rbVt7J+bvjT7ML1Od2UL5fvDRZeTiMRn4QbQPvCkSbq9O//ejYjv4Y/vbDa+M6JkprLQ8qjSUpvhu5XwsAG3TcxCO/mFJURu4d/Wt5criiV96hyHN2MoFmda7485dl7Lt5KaZi9iwxuwTi2+Bk/zonw6bqNw5pRaiemZBXsP0ky1lFk8E78UoD0ZiOA10bQS1BU4hhW9Q3se51M8eHXXoHx7jmdJ1vICUbFfGLrEjrBpHJyglQfHo4cvbfEbCNemxcTK1SYWHrQm20Gtce3LrPEQRq9VXBJcNP2jlwVg6c67+Ml/JC8=
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-Network-Message-Id: 3cbb0704-e2e1-4c2e-15a2-08d82d45436d
X-MS-Exchange-CrossTenant-AuthSource: VI1P189MB0398.EURP189.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Jul 2020 07:11:18.2719 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 1RfCRbrDdlXfU4YbvJU1xt0Dy/R2tFaKSdHvg+eOMO6SCoCzhpYyB6k0vnIJ9Q1mjTTE9YqkGxMJUupc8hWTUw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VE1P189MB0896
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/gX7sZVZdI1NspJq2lB7SVzC-r4E>
Subject: Re: [core] Review of draft-tiloca-core-oscore-discovery-05
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jul 2020 07:11:25 -0000
Hi Jim, Thanks for this review! We have addressed most comments in the latest version -06. Please, see our replies in line, with three points marked as "[OPEN]". Best, /Marco On 2020-06-06 04:08, Jim Schaad wrote: > * Consistently through this document you refer to an OSCORE group, however > the groupcom-bis document talks about a security group. At some point these > need to be related. Should you just be talking about security groups? ==>MT Now we refer to "security groups" throughout the text. The term is introduced in the terminology of Section 1.1, where we say that we especially consider OSCORE groups in this document. <== > > * Why do you believe that the group manager is going to know what > application groups are associated with any given OSCORE group. I don't > believe that this information is being specified anyplace as being provided > to the GM. Does it make sense to register the three different groups that > are from the bis document and make things flow the way one would expect from > a device point of view Application Group => Security Group, Application > Group=> CoAP Group. I assume that both clients and servers are going to > know they want to deal with a specific application and start from there. I > don't know what an application itself as a root node would look like in the > RD. ==>MT [OPEN] Considering also the input to the discussion about CoRAL Forms [1] : 1) we can extend the ACE gm-admin document [2] so that, when creating/updating an OSCORE group at the Group Manager, the Administrator indicates also the associated application groups, as part of the configuration to store. 2) Then, in this document we can assume that the Group Manager knows also about the application groups, when registering its security groups to the RD. This would not change the interactions in this document, when it comes to the registration and lookup of other types of groups in the RD. Note that the main RD document already defines registration and lookup of application and CoAP groups, on which we are just building with no changes. [1] https://mailarchive.ietf.org/arch/msg/core/BoYGYmEpJMUS8bk4PNHOEaFFcdU/ [2] https://tools.ietf.org/html/draft-tiloca-ace-oscore-gm-admin <== > > * I do not understand "Values registered as a string that look like an > integer are not supported". I need an example for what you are talking > about. I would have expected that alg=-2 and alg="-2" would both be legal, > but "-2" is a required to be supported since it is a text string per the > definition above. ==>MT With the parameter value "-2" we intend to indicate the integer -2. Link-format does not distinguish between "-10" and -10, as it is weakly typed (or rather not typed at all). But the IANA registry for COSE parameters seems to be strongly typed. We trust the experts not to let the 3-byte string value "-10" into the registry, but to allow having both numeric and string values in the link attribute, we have to rule that out formally. The intention is to say that if "-10" were ever entered into the registry, this protocol wouldn't allow using it. We have improved the wording about this point in Section 2.1, trying to make it clearer. <== > > * I need to get some help. What is the difference, both theoretical and > factual, between the if= and rt= links. How much of this should be if= vs > rt= because it is common amount all expected group managers as oppose to > just the Ace group manager. ==>MT [OPEN] Based on [3], if= expresses that the resource "follows this pattern of behavior", while rt= expresses that the resource "is a". But all the interactions that we are specifying can be interchangably phrased as "if it claims to be an X" or "if it follows the X interface". So, on one hand, it probably does not matter too much, and we can just keep 'rt' that we use now. On the other hand we are specifying an 'if' value "ace.group" for the GM interface described in the ACE documents, see [4]. Shouldn't we then have 'if' also for the links we register in this document, since they target the same type of GM? [3] https://tools.ietf.org/html/rfc6690#section-3 [4] https://tools.ietf.org/html/draft-ietf-ace-key-groupcomm-08#section-4.1 <== > > * In the example in section 3.1 - I don't know that the GM should be the one > registering the "rel" links here. That should be up to the endpoint > instead. Perhaps break this up into a POST and a GET? ==>MT [OPEN] Who else can register the "rel" links? The Administrator that created the security group at the GM? Most important, why is the GM not appropriate for this registration? It's about links to the AS for the sake of the group-membership resources that the GM itself owns. Consistently, the GM is the entity which is going to consume the issued Access Tokens. Also, the comment says "the endpoint instead", but the endpoint in Section 3.1 is exactly the GM. In the suggested split, what is the GET supposed to cover and provide? If the point of the GET is for the GM to retrieve the "rel" links (registered by someone else), that feels strange, because the GM knows about the AS already since the security group was created. <== > > * In section 5, I believe that the registration of the endpoints is > incorrect. You are doing this in two steps, but the first registration is > going to be replaced not augmented by the second registration. You need to > do a single registration here. ==>MT Correct, we have fixed the double registration in -06. After doing that, we have also removed altogether from the example the registration of endpoints to an application group. In fact, this feature is not natively supported by the RD and we would prefer to not introduce it in this document. <== > > * In section 5 - It seems relatively obvious how you deal with an OSCORE > group having multiple applications, but I think you need to have some > discussions on how you deal with an application which has multiple OSCORE > groups in it. ==>MT Right. For what concerns this document, we have made the following changes. 1) Since this is something more general than the example of this section, we have added some text in Section 4 "Discovery of Security Groups", see the three new paragraphs after the bullet list. The second and third of those paragraphs are about multiple application groups using a same security group. At the moment, this text generically refers to application policies to decide about the exact application group to consider. We can refine the text in a next version, also based on the outcome of the discussion started at [5]. In particular, we can give examples of such situations, with a safe one currently being: different security groups reflect different security algorithms/parameters to use; a CoAP server in the application group joins all of those security group; a CoAP client that wants to talk to the servers in that application group joins any of those security groups it supports. 2) About the example itself in this section, we have now stressed that it does not have any particular ambition to serve as recommendation or as best practice to adopt. It simply shows a possible workflow involving a Commissioning Tool used in a certain way, but this does not have to be mistaken for how the workflow should necessarily be (see second and third paragraph in Section 5). [5] https://mailarchive.ietf.org/arch/msg/core/4JtUVaB-XG_g0i_8v8CEMGyNdO8/ Thanks a lot again! <== > > Jim > > -- Marco Tiloca Ph.D., Senior Researcher RISE Research Institutes of Sweden Division ICT Isafjordsgatan 22 / Kistagången 16 SE-164 40 Kista (Sweden) Phone: +46 (0)70 60 46 501 https://www.ri.se
- [core] Review of draft-tiloca-core-oscore-discove… Jim Schaad
- Re: [core] Review of draft-tiloca-core-oscore-dis… Marco Tiloca