Re: [Dtls-iot] IP Addresses in Certificates
Hannes Tschofenig <hannes.tschofenig@gmx.net> Tue, 11 August 2015 10:43 UTC
Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: dtls-iot@ietfa.amsl.com
Delivered-To: dtls-iot@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2BF051A86E3 for <dtls-iot@ietfa.amsl.com>; Tue, 11 Aug 2015 03:43:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.61
X-Spam-Level:
X-Spam-Status: No, score=-2.61 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rI2LCgIfNckA for <dtls-iot@ietfa.amsl.com>; Tue, 11 Aug 2015 03:43:22 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.22]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE5291A86DF for <dtls-iot@ietf.org>; Tue, 11 Aug 2015 03:43:21 -0700 (PDT)
Received: from [192.168.131.134] ([80.92.114.74]) by mail.gmx.com (mrgmx102) with ESMTPSA (Nemesis) id 0MNO33-1ZR1m00MiP-006xOG; Tue, 11 Aug 2015 12:43:17 +0200
Message-ID: <55C9D1BC.70500@gmx.net>
Date: Tue, 11 Aug 2015 12:43:08 +0200
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.8.0
MIME-Version: 1.0
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, Michael StJohns <msj@nthpermutation.com>
References: <55A63EEF.7010608@gmx.net> <55A641EC.4030203@cs.tcd.ie> <D1D3F9D5.31B15%thomas.fossati@alcatel-lucent.com> <trinity-5e418e2e-726a-4c31-8498-634e598fb57e-1438786484782@3capp-gmx-bs46> <55C23E1B.5050300@cs.tcd.ie> <55C2687F.8050004@nthpermutation.com> <55C4BEE5.5080107@gmx.net> <55C7F80B.5020501@cs.tcd.ie>
In-Reply-To: <55C7F80B.5020501@cs.tcd.ie>
OpenPGP: id=4D776BC9
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="w2jaURvvkuLo563aGhL4GgQ7SCcb6ak54"
X-Provags-ID: V03:K0:WVHomJrhGfAzIXv4tZ+bnSYL/AGPODcC8tBp7MTubkumS2n0gxP QA2eXvuX05Y5WJNmKeNaaJKGejhpnqD5PuSoGsONYL9jTwLN18XeYWjvgnrHNOfcx7d64hr 429wIxfNiKmyb9snl/KLk3IY3f6qlOjDiALMqxOitxNv10uOkSYNbIWdSEtd5CDtk89ktmc Co3Lb8nXBO4MUZzZUEcMw==
X-UI-Out-Filterresults: notjunk:1;V01:K0:FLicKlGJu6g=:UrdlhE5ZOasxSRu55ozOap vPQIlwWg2Vpw6fkweBhoNAuW1yAFq68X17PFFT/mdWdJAKbyW46H65vUSL58u2FwhXpHOYNcd 10W9OTQtITbqu1oDSwVldQjcaSedlGdWvV0cynoCHMl1ZWHolg+XqDsIvGczJf46Yz1lvARzv qM5RhipW+MmyyayAtEnCTh8fc2pdoNuEpvOD9256lga/DtDFzf+I1HbtOBx54m7eECg6UfeU3 FlFPE3MotSBU7XaCVEcXTVhkiKAqJV+w2s0bqEP+uWil+7PHycyH5UEsgA30A6B/xClmAbMyN kpqCvNM7yi4XAHThM6WJMXePyUAoBD4dE4OgE359q7RW3R0vGsV4i4wD58p3cYkbOLPr2z57N 7JihKkLXwOe7/NNylpVcszzFmAFUZCZHzX+tJpvbtpcAZOlpat2brIgGbEioGbd4lt1S0gFzB l30A1Kh2S1iQiYQhH3+8eW2J+KDdwK4dUsrmpQxmWfvIQ/VJPq0Nwwwgy9353qGW3DzTvKU3H 781VsOUqknpmTcL1FnwzDgc2VpbkGifv+15zQXAyNJJlEBdSwaAHH1sO7SXXx/l8zlme7EVzP o9njDczfkot3FiFaH+D6RayqoLhYDKCNWNK1h9ZOnBn/SkTO9h87k7r1BIWiCXdrFm1/vcj5N aMp6qcGOVzodURhb201BFQsIStE2FEXxpavt3NNVIfkNlykURzFlmzqVVQUpcED5IeH9Auc4w EqouZxPEJ0eaADqC
Archived-At: <http://mailarchive.ietf.org/arch/msg/dtls-iot/2ty-SbE8ie0bxynBNDy4KlmoicE>
Cc: dtls-iot@ietf.org
Subject: Re: [Dtls-iot] IP Addresses in Certificates
X-BeenThere: dtls-iot@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DTLS for IoT discussion list <dtls-iot.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtls-iot>, <mailto:dtls-iot-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dtls-iot/>
List-Post: <mailto:dtls-iot@ietf.org>
List-Help: <mailto:dtls-iot-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtls-iot>, <mailto:dtls-iot-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Aug 2015 10:43:23 -0000
Hi Stephen, > OTOH, there will be devices whose only visible identifier is an IP > address, right? If so, and if certificates/DTLS are to be of use with > such devices... then what? I do think some variety of "we" ought try > to address this problem. I don't think that there are devices that have no other identifiers than IP addresses. For example, if a device has a network interface it will also have a MAC address. There will also be an application sitting on top of the stack that might introduce identifiers. Even beacons have identifiers (although they are not identifying individual devices themselves). As a software / hardware engineer you will have to figure out what hardware components and what firmware you put on the device. As such, it is useful to think about these types of things early, which the document should be able to do. Ciao Hannes
- [Dtls-iot] IP Addresses in Certificates Hannes Tschofenig
- Re: [Dtls-iot] IP Addresses in Certificates Stephen Farrell
- Re: [Dtls-iot] IP Addresses in Certificates Michael Richardson
- Re: [Dtls-iot] IP Addresses in Certificates FOSSATI, Thomas (Thomas)
- Re: [Dtls-iot] IP Addresses in Certificates Hannes Tschofenig
- Re: [Dtls-iot] IP Addresses in Certificates Stephen Farrell
- Re: [Dtls-iot] IP Addresses in Certificates Michael StJohns
- Re: [Dtls-iot] IP Addresses in Certificates Michael Richardson
- Re: [Dtls-iot] IP Addresses in Certificates Hannes Tschofenig
- Re: [Dtls-iot] IP Addresses in Certificates Hannes Tschofenig
- Re: [Dtls-iot] IP Addresses in Certificates Michael Richardson
- Re: [Dtls-iot] IP Addresses in Certificates Stephen Farrell
- Re: [Dtls-iot] IP Addresses in Certificates Stephen Farrell
- Re: [Dtls-iot] IP Addresses in Certificates Hannes Tschofenig
- Re: [Dtls-iot] IP Addresses in Certificates Hannes Tschofenig
- Re: [Dtls-iot] IP Addresses in Certificates Michael StJohns
- Re: [Dtls-iot] IP Addresses in Certificates Michael Richardson