IETF Logo Mail Archive

Re: [Dtls-iot] DTLS multicast security

Michael StJohns <msj@nthpermutation.com> Fri, 19 September 2014 15:00 UTC

Return-Path: <msj@nthpermutation.com>
X-Original-To: dtls-iot@ietfa.amsl.com
Delivered-To: dtls-iot@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD55F1A01E5 for <dtls-iot@ietfa.amsl.com>; Fri, 19 Sep 2014 08:00:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 20cMOMgBZ626 for <dtls-iot@ietfa.amsl.com>; Fri, 19 Sep 2014 08:00:54 -0700 (PDT)
Received: from mail-qa0-f48.google.com (mail-qa0-f48.google.com [209.85.216.48]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E755B1A01D5 for <dtls-iot@ietf.org>; Fri, 19 Sep 2014 08:00:53 -0700 (PDT)
Received: by mail-qa0-f48.google.com with SMTP id v10so2742339qac.21 for <dtls-iot@ietf.org>; Fri, 19 Sep 2014 08:00:51 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=lS7PP2517DC6x1vLOnfPukvUFYH2ojYGLapDnZTkJW4=; b=kr6iR+yt0R+EmQ0UaA4EcJ7Tk0ADjXsnGcYIGVZR3VAhn8eNg27vtBSq58W9BGwLC2 S6tkE5wX/HHXwayg/y6+dP/O1w6kY9IMPvkjb8B/jay5cZZiAS0R/6vDaaZQFAE+eNKX 6V4zlqVm/KJRUrlg5DWn9379/ucTjVmXJOvw31VfA4eGnvJBrwf9VbbcOS3YpbOx8wP3 U+sD8EUWWK0DTFFBd+bzxoDYP0C9CepMgXNoGqO71vU0qTAPrCWrLVDaWNVJfsq1vW/0 LY+l2AfYgWFOuPMXxsTOEQVbvRQlMijsVbQiD3cAsAKc3uZAJ3AbqKPwiq/qlACbW5R7 sHrQ==
X-Gm-Message-State: ALoCoQm7sxyRQGjKMjTj4uBPZTLgM0uK0ut6wKo/xAyLTQx4uVWdHdREvq8LUJzuycfx4j7yj0iN
X-Received: by 10.140.25.227 with SMTP id 90mr1976716qgt.62.1411138851003; Fri, 19 Sep 2014 08:00:51 -0700 (PDT)
Received: from ?IPv6:2601:a:2a00:226:a474:4e6:b7cc:99e5? ([2601:a:2a00:226:a474:4e6:b7cc:99e5]) by mx.google.com with ESMTPSA id c7sm1602948qam.8.2014.09.19.08.00.50 for <dtls-iot@ietf.org> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 19 Sep 2014 08:00:50 -0700 (PDT)
Message-ID: <541C452D.9090302@nthpermutation.com>
Date: Fri, 19 Sep 2014 11:01:01 -0400
From: Michael StJohns <msj@nthpermutation.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.1.1
MIME-Version: 1.0
To: dtls-iot@ietf.org
References: <6D27AD8D-3B90-4100-9440-3375946F420B@gmail.com> <541BD0E0.1090409@sics.se> <36F5869FE31AB24485E5E3222C288E1FFAFA@NABESITE.InterDigital.com>
In-Reply-To: <36F5869FE31AB24485E5E3222C288E1FFAFA@NABESITE.InterDigital.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: http://mailarchive.ietf.org/arch/msg/dtls-iot/4y4aCCx3aD3qPi0BiKQ7mp67_04
Subject: Re: [Dtls-iot] DTLS multicast security
X-BeenThere: dtls-iot@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DTLS for IoT discussion list <dtls-iot.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtls-iot>, <mailto:dtls-iot-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dtls-iot/>
List-Post: <mailto:dtls-iot@ietf.org>
List-Help: <mailto:dtls-iot-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtls-iot>, <mailto:dtls-iot-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Sep 2014 15:00:56 -0000

On 9/19/2014 7:27 AM, Rahman, Akbar wrote:
> Hi Dorothy,
>
>
> I agree with Ludwig that having a secure multicast is considered a benefit by many.
My problem with this statement is that I would consider anti-gravity to 
be a benefit to many, but that AG has exactly the same scientific basis 
as symmetric key multicast security - none.  There's long, long 
experience on this topic that the document writers have ignored.

>    For example, during the recent IESG review of the base CoAP Group Communication spec there were several comments made by AD's reflecting the need for a secure multicast solution to be developed by IETF.  See for example:
>
> http://www.ietf.org/mail-archive/web/core/current/msg05566.html
>
> 	"The lack of security controls is an issue, experimental
> 	would be good until it is resolved as there is a lot of work to be done
> 	in this space and it is active."

I think you're misrepresenting that message.  It's by Kathleen 
Moriarty.  She notes the lack of security in the body of the message, 
but the comment on "experimental" isn't on security specifically, but on 
the whole idea of CoAP group communications. Cf the other messages which 
object to the document as informational without mentioning security.

>
>
> So, I think we still need to have a Work Item to develop a secure group communication solution.  However, perhaps we can modify the description of the Work Item and not have it exclusively linked to a DTLS-based approach for secure group communication.  We should allow for other approaches if people want to propose them.  But we should still definitely keep working on this topic (i.e. secure group communication).

There's two things here:  1) The group is supposed to be profiling work 
done elsewhere to shrink it for use with IOT, not creating new stuff; 2) 
My objections to secure multicast are specifically in the area of the 
use of multicast as a control protocol; symmetric key systems are NOT 
secure enough for control systems and there appears to be deep and 
abiding resistance to the use of asymmetric systems (e.g. signed control 
messages) leading us to an impasse.

I agree that DTLS is probably not the appropriate protocol for signed 
control messages, but there also seems to be a deep and abiding 
resistance to adding it to CoAP where it might make the most sense.

Dorothy has proposed the withdrawal of multicast DTLS and I think that's 
the correct decision.   If someone wants to propose an asymmetric system 
that works with CoAP and run it through this group, I won't object (but 
the AD's might given the current charter).

>
> A separate thought is that we may also want to progress the existing http://datatracker.ietf.org/doc/draft-keoh-dice-multicast-security/ but put it on an Experimental track.  That way we can get experience with the solution but not put it directly on Standards track.

Instead, place it as a company informational like hundreds of other 
documents.  Philips can provide experimental results in a year or so.  
There's only a reason to place it on the experimental track if more than 
one company is planning on using it and modifying it.

Later, Mike


>
>
> Best Regards,
>
>
> Akbar
>
> -----Original Message-----
> From: dtls-iot [mailto:dtls-iot-bounces@ietf.org] On Behalf Of Ludwig Seitz
> Sent: Friday, September 19, 2014 2:45 AM
> To: dtls-iot@ietf.org
> Subject: Re: [Dtls-iot] DTLS multicast security
>
> On 09/18/2014 10:41 PM, Dorothy Gellert wrote:
>> Dear WG,
>>
>> Last week our AD and the WG chairs, myself and Zach, met to discuss the progress of the DTLS multicast security Work Item.
>> it seems as though we have reach an impasse with regards to the issues raised on the mailing list with multicast security and DTLS.
>>
>> If this is the consensus of the WG  we can progress the WG without this Work item and move forward with the other 2 work items, the dtls profile and practical issues around the DTLS handshake.
>>
>> I'd like to request feedback from the WG on this plan.
>>
>> Thanks,
>> Dorothy
>>
> When making a decision on this, please note that secure multicast would be considered a considerable benefit by some. See e.g.
> http://www.ietf.org/mail-archive/web/ace/current/msg00826.html
>
> Regards,
>
> Ludwig
>
> --
> Ludwig Seitz, PhD
> SICS Swedish ICT AB
> Ideon Science Park
> Building Beta 2
> Scheelevägen 17
> SE-223 70 Lund
>
> Phone +46(0)70-349 92 51
> http://www.sics.se
>
> _______________________________________________
> dtls-iot mailing list
> dtls-iot@ietf.org
> https://www.ietf.org/mailman/listinfo/dtls-iot

v2.23.0 | Report a Bug | By Email