Re: [core] I-D Action: draft-ietf-core-attacks-on-coap-04.txt
John Mattsson <john.mattsson@ericsson.com> Sat, 24 February 2024 08:13 UTC
Return-Path: <john.mattsson@ericsson.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFC21C14F61B for <core@ietfa.amsl.com>; Sat, 24 Feb 2024 00:13:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.109
X-Spam-Level:
X-Spam-Status: No, score=-2.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Tf0dfIrw796B for <core@ietfa.amsl.com>; Sat, 24 Feb 2024 00:13:32 -0800 (PST)
Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-he1eur01on2075.outbound.protection.outlook.com [40.107.13.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6194BC14F603 for <core@ietf.org>; Sat, 24 Feb 2024 00:13:32 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QTsiSu04Azq/MVZkBFUbWnCLAoB8yrZubQh7Kdn//vBC9Anguw6hOnIwVa1IftG2ygKqbRCoQaF2Po4D/Y2l4HikYzWXI/rAfS7MY4nV4Yh35vdmMMgLBuzeonIJcRqbViPNcWR46NXjAFDFKYvrpZQfTNB6a/0XlmqZCBDu1lLvsgiEAywWPpN/ak03STaC6Dzu9ylF7Ul8GShgVySq+JJOxDKt9MZyUnZeti2QystQWrnDTWzpy+0HxVYZRi6nHX9ikbY0iPy0thTAiAteTm83FH80+OexL2IERxG2YCOzfjtJvG5NBrAneDLVB0JPJqsevb8Sl6rectizsccTxg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2f3vhkbNOCBV//ZCPwZTkDKZDNabJ8NIROLvsdkiJAc=; b=b39nCx4Wefzp/khJOpPmhfAFa8z1PNB/f9QzS9nbm1Qi4veuVrCfuJzyNdMW7IBxTxb19gPcG7YQ2PS7XvTGezAF20sM+oNUaieE2aH/NlTfuHOWngMM/hFeWuxNCdG98ic/py2FTxfaXdwoQZaSkc4J3x3+L8v1C+MU8YEJtnQDJ5VeaMEhLbqboiKBxFA3JgjdKpRCW2mbSqFY/oDKMmeYF4KCGYdCKDDrNNkav/PgXcbT5eOEFBP7h4q6EeMW58bN70vipKsmUTR7p1lrVJDFFBd5o0nQ197nMpgN2syQHpKqk/fnX/B/CwEhageXbhBWC5GuKbJvYA+ohct09g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2f3vhkbNOCBV//ZCPwZTkDKZDNabJ8NIROLvsdkiJAc=; b=Kk6A+vbTS0ZzlGPBbSuoq5nEcp5cz6rbITAAKBQ+5mZ+0KlE57K+r9XYpv4o70SwsjCR6747aK73L9xpWfr59KFF5oUrz4cdOLcy6CGaYIKUiA/L8WgR4lu/BydVgZqcIKRVns/rhlVq9+5AAhY0NSdEyATR9nnCsJCet+hxvuuNaxb5LPHxd4NGiUsgV3YYphCEy1t+bPehStgCKS7HwB3q6ba7uDgQSCN44LyJeGmytZ3vlHSPe3ilysFhqwiieTHzOBQxYlX7sG5c7PUGAlZuJz/zea1zfbJzhHodgIkvVGifuHobzsF6aIIFcNwtRo+lnSp/urVyq7J1GJmHLw==
Received: from GVXPR07MB9678.eurprd07.prod.outlook.com (2603:10a6:150:114::10) by AM0PR07MB6291.eurprd07.prod.outlook.com (2603:10a6:20b:156::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7316.27; Sat, 24 Feb 2024 08:13:29 +0000
Received: from GVXPR07MB9678.eurprd07.prod.outlook.com ([fe80::5052:f515:10db:3c95]) by GVXPR07MB9678.eurprd07.prod.outlook.com ([fe80::5052:f515:10db:3c95%3]) with mapi id 15.20.7316.031; Sat, 24 Feb 2024 08:13:29 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: "core@ietf.org" <core@ietf.org>, Christian Amsüss <christian@amsuess.com>
Thread-Topic: [core] I-D Action: draft-ietf-core-attacks-on-coap-04.txt
Thread-Index: AQHaZVLSV+8NpeDP30SQdO57b+tdY7EZJS8l
Date: Sat, 24 Feb 2024 08:13:29 +0000
Message-ID: <GVXPR07MB9678B6D494BFF6CE0388CDA189542@GVXPR07MB9678.eurprd07.prod.outlook.com>
References: <170858092035.766.7097499864421065761@ietfa.amsl.com>
In-Reply-To: <170858092035.766.7097499864421065761@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-GB
X-Mentions: christian@amsuess.com
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: GVXPR07MB9678:EE_|AM0PR07MB6291:EE_
x-ms-office365-filtering-correlation-id: 9a850145-eb1a-47b6-ce75-08dc35107bbe
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 8MdpIKyHwarbzHsjzBbhIIsXPymq865bJAkldLQ35QInNjZOmibD/OqnBGbmmtSp9moFZJJLxU1flkssbQ0syt2Exh29m/dqyozR0QpBGn8+nHagF9eXrknDxbmcrZFR6zF7G9KIYa1rDRWhomGHd7V3P0Wk3D/5Dy2qRdtJsD+25tNB7hJWdOQufoiYyJtx/i/ee9jKjSepX7suSh9UcKSoXm2H5i7bM+KugjscP+BF2eMPPmeiKm9ViI+mZ6UEqZvedMAzO8rxjn7eqqV4s5QOM8/uQIejfRp0lb6VzmRuDHTFzxy6WwBVcaHh3fmsggBsJA2p537cEwA1n5bzZpJ7TTG7JDvxqCi0oEdcjK/ZeJUEFRS1QpWEVCvni4FAy2CMVDIHxjNrbek2wIVjgtj28k1R//5FoCXHanIIH1Q/SMVPwOkNTANdWakD1lSE4DNtPTyOmr5/fv87/lw6LtMpOENsqZsD9EMwAQ1uTloxgiW3jFC/a3y6a1y0vnsYefUnZKJiXsPxGWQu+UbknRAgZ3KOqUl6VORr1sQys31VfXx825AfBb4wsc6VRnspwkHDV2q2O0WtG+oefyM9sFaeCKRivhEJnyfhGVjb6uI=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:GVXPR07MB9678.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(230473577357003)(38070700009); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: MyM8hIb+3+8YfKTie62t/3fNWGn4oD410t/gx6+1uSzbl3yqatTT3VDdgFYLSM2Ud6T0/eyYmR/jgxbadoYKzJ2CBQvXXG+XDHDzPlwaQUo+T6VVfr4U8HL4cCxsZN0B+aOBHLVEyWnUjZTXPVkIcA2NE2pY3Hh93LUQjfPLaYSxQNwqjr3EG186qi/RcBfeaG0plVQ54NWxV1CTCwajRa4SD5b5vvY48ojjzao2zSr5kReSmpaT9uSezuFsxWTQqiI1x///U4JPiKsCJ9iWvb1johXJV/8oMal0BfmxiGgD7BiaKfQrK64Na6QKSSqA+5WIBCmASkB/052OycQRqoDXmjNwwrgrRoA6bf70q6a+6L+H0YdsB/iGMiOE0T3HI47Z2VEZoXM8YZ79hkWYwKg3D8CdFGcjErut90CDkBvwsKcT/1991b1Wjcxz4DIXoiIHj3+lMezFyEG+GV+9oKN190zZMYPq0BeEtFqzzWwrbfHEsmlwUB2/ac+CdwF6atfeYUz2fxbGY92LN3NE4StPi0Yub6DPK6sQLOcbdWhRSRCdmH9g9KnaD8877AZLuCZ4q9rIPWv68TNvmCEJn4bDc97iVAw5BWvRBr8JWAQcbLn/3DFPWVxGqOm5ui+gboMEXWR9yZndC1YIdcWWTGacGjGsWAfSTiAt/02PABzdvpSXaO8tP8BLQC6TUgKoyb02p7SVgrPyez2h9WvFolHNU4hgX1PzkVPYJIIZXMCOeev4F4zXI8ucdepskHb+AC9sY+icZ6acKSZ2XZD6dhg41GzBTZTNASiEomH9or0UxEWu6EZo8GnuvUkk30pzxunQpvnmCBDs4EW6JeuZ2NxYuZ5Z48pk6nZmYvtt1MU74ky6Ih1ItVp2sL6qSoBrQlC0HwKPItq5p34tTuo786kn+IMxz8MaLDReiYwuEbeP9hxA3l1atrI8XdoDrQxWcKW/GNvy8tDy/b//0lyl1zqN5I2X5nXSpZhO1Pty3XuH8T9sXMD8FpdaYXHdlp0+Zep4EeDXa66EI7kngrOIZcrohirevOPq1SJmj/nub9jQO3hQ+o1DC2t4OTjgW9u6wYu1mx7G5G0/bMGgmbwtJbLJ05/9/qLawVbnC9FQST91HvPtebuQd7Zj5NYs/KFt+QixbP+rytveyU6TXE7evk/CDhG076toDg4MC5BojrabAf4Z7MaIrPYppLbru17zA+rIe9tzMFTFE5YzTeis3IvXSqbAvHU2j2zxADoIVQRWOY1iLEQeeZFtyqCxbes+e69TQEVVhazMZnvlOEEedF8ImaSzZsgbqUrQgDTmnhh2JzeiVPn0uC9f5/ITAI/74P5DgduTBAjHYa8tU0FHPIJwQ9XP06OhfV/PWfsZH7cyil7UjilFP4YMCWRXT+l5PtXiz7gihMU+Q+7OxLsrj/JAwVbdbDxE9/8QOjfyRVqoaLQKHYWohMnXfZ/sxuqnNhz/niVES25INco/YGRjzddQ4iZPJmuWlkTxD9TcGzpNDqoGRkLSh4jsRJ8bv6c87IDYArclPXkHmRXrg0KudBhzv5tu/wYC14scpcdFSxJ/irQZve/H7TbS3WkB1SeESIcz6MXbrMQqAY6Zj4Qg0sFKTMwcZHv6p8D9/IaaTPo=
Content-Type: multipart/alternative; boundary="_000_GVXPR07MB9678B6D494BFF6CE0388CDA189542GVXPR07MB9678eurp_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: GVXPR07MB9678.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 9a850145-eb1a-47b6-ce75-08dc35107bbe
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Feb 2024 08:13:29.1570 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: OE4hwAeTpUfI5J/CYS534AgAw2ecrdkVFTaEQE5iXEILPXFazs6GWjnWisVHBk8lnLfvXMD2Hr8fwBzB3keDG/ykuHuXmk1yArM8eJNh2Ao=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR07MB6291
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/rY4oxlSq0BBBzWsgij8CaULPW7M>
Subject: Re: [core] I-D Action: draft-ietf-core-attacks-on-coap-04.txt
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 24 Feb 2024 08:13:36 -0000
Hi, I submitted -04 as -03 had expired. The only difference from -03 are editorial changes to the abstract suggested by Mohamed Boucadair. I am only aware of two remaining issues. - Should draft-ietf-core-attacks-on-coap have any normative references? https://github.com/core-wg/attacks-on-coap/pull/12 - The last time draft-ietf-core-attacks-on-coap was discussed in CORE there was a realization that technical changes might be needed to the block functionality in CoAP. These technical changes should not be done in draft-ietf-core-attacks-on-coap. Publication of draft-ietf-core-attacks-on-coap does also not need to wait until the issues are fixed, but but draft-ietf-core-attacks-on-coap should correctly reflect the issues. @Christian Amsüss<mailto:christian@amsuess.com> is that a correct description and do we have any updated status on this issue? Cheers, John Preuß Mattsson From: core <core-bounces@ietf.org> on behalf of internet-drafts@ietf.org <internet-drafts@ietf.org> Date: Thursday, 22 February 2024 at 06:48 To: i-d-announce@ietf.org <i-d-announce@ietf.org> Cc: core@ietf.org <core@ietf.org> Subject: [core] I-D Action: draft-ietf-core-attacks-on-coap-04.txt Internet-Draft draft-ietf-core-attacks-on-coap-04.txt is now available. It is a work item of the Constrained RESTful Environments (CORE) WG of the IETF. Title: Attacks on the Constrained Application Protocol (CoAP) Authors: John Preuß Mattsson John Fornehed Göran Selander Francesca Palombini Christian Amsüss Name: draft-ietf-core-attacks-on-coap-04.txt Pages: 21 Dates: 2024-02-21 Abstract: Being able to securely retrieve information from sensors and control actuators while providing guards against distributed denial-of- service (DDoS) attacks are key requirements for CoAP deployments. To that aim, a security protocol (e.g., DTLS, TLS, or OSCORE) can be enabled to ensure secure CoAP operation, including protection against many attacks. This document identifies a set of known CoAP attacks and shows that simply using CoAP with a security protocol is not always enough for secure operation. Several of the identified attacks can be mitigated with a security protocol providing confidentiality and integrity combined with the solutions specified in RFC 9175. The IETF datatracker status page for this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-core-attacks-on-coap/ There is also an HTML version available at: https://www.ietf.org/archive/id/draft-ietf-core-attacks-on-coap-04.html A diff from the previous version is available at: https://author-tools.ietf.org/iddiff?url2=draft-ietf-core-attacks-on-coap-04 Internet-Drafts are also available by rsync at: rsync.ietf.org::internet-drafts _______________________________________________ core mailing list core@ietf.org https://www.ietf.org/mailman/listinfo/core
- [core] I-D Action: draft-ietf-core-attacks-on-coa… internet-drafts
- Re: [core] I-D Action: draft-ietf-core-attacks-on… John Mattsson