IETF Logo Mail Archive

Re: [Cose] Key management for MACs (was Re: Review of draft-schaad-cose-msg-01)

Brian Campbell <bcampbell@pingidentity.com> Fri, 10 July 2015 13:07 UTC

Return-Path: <bcampbell@pingidentity.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 352781AC3B3 for <cose@ietfa.amsl.com>; Fri, 10 Jul 2015 06:07:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.378
X-Spam-Level:
X-Spam-Status: No, score=-1.378 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G7SqBNQTuayU for <cose@ietfa.amsl.com>; Fri, 10 Jul 2015 06:07:49 -0700 (PDT)
Received: from mail-ig0-x233.google.com (mail-ig0-x233.google.com [IPv6:2607:f8b0:4001:c05::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2E6D51AC3A0 for <cose@ietf.org>; Fri, 10 Jul 2015 06:07:49 -0700 (PDT)
Received: by igpy18 with SMTP id y18so12399260igp.0 for <cose@ietf.org>; Fri, 10 Jul 2015 06:07:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=gmail; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=qIi7Ewu0WOEM8v5kOggt9MoRGM/szrS/2bActNIfuwc=; b=DJ+MnQZNLox8KlJQ+ECK88UBs9W95xGeb3nosBxRkpIaX9bo9zKgyTTI9eZWHHJjQP pN0EjOlmjNOwW7EV+gFMmJGJcgmryvQKJlWS4uhJ4Fcz/quw8Q/O/XHRBPq54OQ6Nqoa y6A6k3HSFiZdDcPbXJ9alDiMs5NlOuxlJ0/SE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=qIi7Ewu0WOEM8v5kOggt9MoRGM/szrS/2bActNIfuwc=; b=GUupCtyzfvPPtAGircZYP5kzJyaSC0j6KulTNZgoPb3dJncDGqP64TLgj0nXuxpCIi 39RyrvWH1VMknhUw85AyomTzUDffPoEWOlVcazMKxl62EHW8UJK2uVVaIkpRYF5U4OQf DufIgdw5mQmYAFUy9pqPqLa+fuFbwoMlmZrxYNIU715KFUEFWkMnavTS1avofMwCFKTv QwZWUaU4Zl3PQUqRfjDHNg4BKosbcPO/fM8yPvXiEL1KtClHJw9r2kYOUPC6EA+7qxIX 7GSnu4cLM88nfCPG5lmvcFBm1BS4pEqn+uWDEUA6aNBcJ8w4kJ3K/Ea+wdy3rprIS4CK JZyg==
X-Gm-Message-State: ALoCoQl7welp/7ls1BciGAS02nt6UBS+AdthKwtHGjt2ceZ+ISTWZ+LyXsJ9NM7YIVxvqVrHo5VD
X-Received: by 10.50.79.169 with SMTP id k9mr2997969igx.63.1436533668499; Fri, 10 Jul 2015 06:07:48 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.79.96.199 with HTTP; Fri, 10 Jul 2015 06:07:19 -0700 (PDT)
In-Reply-To: <sjm380ya9ay.fsf@securerf.ihtfp.org>
References: <CA+k3eCQUPxZfWM9XcKaTLN-WOx2cHEi9SAGSRFTtv71iSCUqdQ@mail.gmail.com> <559576A9.9090002@gmx.net> <sjm380ya9ay.fsf@securerf.ihtfp.org>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Fri, 10 Jul 2015 07:07:19 -0600
Message-ID: <CA+k3eCSoQhxKV16v6fmWEtG1LqYEaqm8zHjDvWpGOJdb_8=Y5A@mail.gmail.com>
To: Derek Atkins <derek@ihtfp.com>
Content-Type: multipart/alternative; boundary="089e013a01c804e6d0051a850f90"
Archived-At: <http://mailarchive.ietf.org/arch/msg/cose/kUCy80qqTeeKbGs0bs8l7ZUg8kw>
Cc: Jim Schaad <ietf@augustcellars.com>, Hannes Tschofenig <hannes.tschofenig@gmx.net>, Mike Jones <Michael.Jones@microsoft.com>, cose@ietf.org
Subject: Re: [Cose] Key management for MACs (was Re: Review of draft-schaad-cose-msg-01)
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Jul 2015 13:07:50 -0000

On Wed, Jul 8, 2015 at 10:44 AM, Derek Atkins <derek@ihtfp.com> wrote:

> Hannes Tschofenig <hannes.tschofenig@gmx.net> writes:
> > We are not doing ourselves a flavor if we place artificial constraints
> > on our protocols that make them pretty insecure in practice. We already
> > have enough insecure IoT devices in the market.
>
> Sure.. Many IoT devices don't even try :)
>

I just want us to be cognizant of the possibility that a dense complicated
crypto messaging syntax will probably not change that situation. If it's
not easy and approachable, it has the potential to be ignored.

v2.23.0 | Report a Bug | By Email