Re: [core] About freshness and order of information in CoAP End-To-End Security
"Jim Schaad" <ietf@augustcellars.com> Fri, 08 April 2016 13:32 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C1EA12D8BE for <core@ietfa.amsl.com>; Fri, 8 Apr 2016 06:32:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YdLbXhs8DZ-Z for <core@ietfa.amsl.com>; Fri, 8 Apr 2016 06:32:40 -0700 (PDT)
Received: from smtp1.pacifier.net (smtp1.pacifier.net [64.255.237.171]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8ECB212D8C6 for <core@ietf.org>; Fri, 8 Apr 2016 06:32:40 -0700 (PDT)
Received: from hebrews (dhcp-aae6.meeting.ietf.org [31.133.170.230]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: schaad@nwlink.com) by smtp1.pacifier.net (Postfix) with ESMTPSA id 476092CA0C; Fri, 8 Apr 2016 06:32:39 -0700 (PDT)
From: Jim Schaad <ietf@augustcellars.com>
To: 'Aura Tuomas' <tuomas.aura@aalto.fi>, core@ietf.org
References: <7F9C975440487E49BBD35F4FB088ED74CFD21D9C@EXMDB01.org.aalto.fi>
In-Reply-To: <7F9C975440487E49BBD35F4FB088ED74CFD21D9C@EXMDB01.org.aalto.fi>
Date: Fri, 08 Apr 2016 10:32:35 -0300
Message-ID: <011801d1919b$1eb23950$5c16abf0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQEyvACqOi5gjLg9TxSTKxmfTrxfCqC9vT0w
Content-Language: en-us
Archived-At: <http://mailarchive.ietf.org/arch/msg/core/wiye1M1uwsGACKgp4abKcFT-f_U>
Subject: Re: [core] About freshness and order of information in CoAP End-To-End Security
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Apr 2016 13:32:47 -0000
When I look at this my first thought is that some of this is not a security issue but a content issue. How many of these same problems do you have if you do not have security as part of the scenario you are looking at. I don't know that security is necessarily the right place to be doing enforcement of freshness. It makes sense for it to deal with issues of security not issues of protocol. I.e. I think that freshness is quite possibly something that should be addressed in the payload and not in the security wrapper. Jim > -----Original Message----- > From: core [mailto:core-bounces@ietf.org] On Behalf Of Aura Tuomas > Sent: Thursday, April 07, 2016 7:22 PM > To: core@ietf.org > Subject: [core] About freshness and order of information in CoAP End-To-End > Security > > Reading "draft-hartke-core-e2e-security-reqs-00", I started to wonder about the > freshness and reordering of sensor data and actuation confirmation. The > examples in section "3.1. One Request - One Response" seem quite simple > compared to potential application requirements. > > https://tools.ietf.org/html/draft-hartke-core-e2e-security-reqs-00#section-3 .1 > > Example: Alarm status retrieval > > * There are many kinds of freshness: Sometimes you just want to avoid replays, > e.g. for counting events. Sometimes reordering of data is not allowed, e.g. if > you want the latest sensor status. Sometimes the data should come causally > after another event, e.g. in nonce-based freshness mechanisms that bind the > sensor data causally to a specific local clock interval at the receiver. Sometimes > the data needs to be recent by the wall clock time, e.g. if you have loosely > synchronized clocks. > > * In the alarm status example, it may not be necessary or sufficient for the > status data to be "current". In fact, I don't think you ever need to link the answer > to the individual alarm status request. Sometimes it is ok to have "recent" status > information, in which case caching the at the proxy for a short period is ok. > Sometimes you may not want to miss alarms that were raised and then > dismissed, in which case the current status is not sufficient but you need the full > history. > > Example: Actuation confirmation > > * Some actuation may have unique identity, e.g. admit animal number 12345 > through the turnstile, and need to be confirmed individually. However, that is > not necessarily the case. Some actuation is cumulative, e.g. admit one person > though turnstile. Some actions are idempotent, e.g. close the door, and one > confirmation may be sufficient. > > * Some actuations need to be strictly ordered, e.g. open and close the door. > Some can be reordered, e.g. close door A and close door B. This could possibly > be discussed in terms of causal order (the vector clocks mentioned in the ACE > WG list) and how much of that order needs to be preserved in the actuation and > in confirmations. > > Perhaps some of the above comments are beside the point of the draft, but it > looks to me that the concepts of freshness and ordering in object or multi-hop > security are more difficult to define and address than in secure end-to-end > connections where data on the wire is linearly ordered in each direction. > > Tuomas > > _______________________________________________ > core mailing list > core@ietf.org > https://www.ietf.org/mailman/listinfo/core
- [core] About freshness and order of information i… Aura Tuomas
- Re: [core] About freshness and order of informati… Göran Selander
- Re: [core] About freshness and order of informati… Göran Selander
- Re: [core] About freshness and order of informati… Jim Schaad