[core] Fwd: FW: New Version Notification for draft-zhu-core-groupauth-00.txt

Hi Minpeng,

I think you have raised an interesting question on how to do nodes'
authentication efficiently. Good way to go!

However, as a security layman, it is a little troublesome for me to
understand your proposal's advantages over the current two-layer solution
you mentioned in the first part of the draft.

In particulr, I have the following questions:

1) In terms of the proposed group authentication scheme, is the group agent
assumed to be trustworthy?

2) Is it fair to say that the group agent is comparable to the agent in the
current two-layer soluton?

3) How can one conclude that the proposal is a better solution in face of
"a untrustworthy agent" as described in the requirement statement section?

BR
Lingli

> -----ÓÊ¼þÔ¼þ-----
> ·¢¼þÈË: core-bounces@ietf.org [mailto:core-bounces@ietf.org] ´ú±í ÆëFÅô
> ·¢ËÍÊ±¼ä: 2013Äê6ÔÂ24ÈÕ 11:10
> ÊÕ¼þÈË: core@ietf.org
> Ö÷Ìâ: [core] FW: New Version Notification for draft-zhu-core-groupauth-00.txt
>
> Hi everyone,
>
> The authors have submit a new draft for the group authentication. We will
> appreciate if you have a look and give us any comment or suggestion. The
> link is as below.
>
> Here is a problem that for group communication there is only uni-cast
> authentication instead of group authentication method can be used. This
> draft wants to analyze the problem, to summarize group authentication
> requirement and to provide a framework of solutions.
>
> BRs,
> Minpeng
>
> -----ÓÊ¼þÔ¼þ-----
> ·¢¼þÈË: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org]
> ·¢ËÍÊ±¼ä: 2013Äê6ÔÂ24ÈÕ 10:19
> ÊÕ¼þÈË: Ye Tian; Minpeng Qi; Judy Zhu
> Ö÷Ìâ: New Version Notification for draft-zhu-core-groupauth-00.txt
>
>
> A new version of I-D, draft-zhu-core-groupauth-00.txt
> has been successfully submitted by Judy Zhu and posted to the
> IETF repository.
>
> Filename:        draft-zhu-core-groupauth
> Revision:        00
> Title:           Group Authentication
> Creation date:   2013-06-24
> Group:           Individual Submission
> Number of pages: 10
> URL:
> http://www.ietf.org/internet-drafts/draft-zhu-core-groupauth-00.txt
> Status:          http://datatracker.ietf.org/doc/draft-zhu-core-groupauth
> Htmlized:        http://tools.ietf.org/html/draft-zhu-core-groupauth-00
>
>
> Abstract:
>    The group communication is designed for the communication of Internet
>    of Things. A threat is identified in [I-D.ietf-core-groupcomm] that
>    current DTLS based approach is unicast oriented and there is no
>    supporting on group authentication feature. Unicast oriented
>    authentication will causing serious burden when a large number of
>    terminal nodes will be involved inevitably. In another aspect, some
>    terminals will own the same characteristics, such as owning same
>    features, in the same place, working in the same time, etc. With this
>    mechanism, all terminals can be authenticated together with little
>    signaling and calculation at the same time. It will reduce the
>    network burden and save time. This draft describes the security of
>    group authentication and an group authentication implementation
>    method for the Internet of things.
>
>
>
>
> The IETF Secretariat
>
>
>
>
> _______________________________________________
> core mailing list
> core@ietf.org
> https://www.ietf.org/mailman/listinfo/core
>

[core] Fwd: FW: New Version Notification for draft-zhu-core-groupauth-00.txt

Attachment: draft-zhu-core-groupauth-00.txt