IETF Logo Mail Archive

Re: [Dtls-iot] DTLS multicast security

Michael StJohns <msj@nthpermutation.com> Fri, 19 September 2014 17:55 UTC

Return-Path: <msj@nthpermutation.com>
X-Original-To: dtls-iot@ietfa.amsl.com
Delivered-To: dtls-iot@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85BC61A06F1 for <dtls-iot@ietfa.amsl.com>; Fri, 19 Sep 2014 10:55:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EzkQPOLReb7L for <dtls-iot@ietfa.amsl.com>; Fri, 19 Sep 2014 10:55:05 -0700 (PDT)
Received: from mail-qg0-f51.google.com (mail-qg0-f51.google.com [209.85.192.51]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C7051A06EA for <dtls-iot@ietf.org>; Fri, 19 Sep 2014 10:55:05 -0700 (PDT)
Received: by mail-qg0-f51.google.com with SMTP id a108so261671qge.24 for <dtls-iot@ietf.org>; Fri, 19 Sep 2014 10:55:04 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-type; bh=oiidBQFaVZgWL4MYTlYt4rTe/K58OB/ZF3adwK4T7Hs=; b=CE8mEfDSA0L4BKueoxZ3vO+5qNSo4+5f++0yKAdlz6vppdaZVmjUQ2mKHrPzJuN0cV nY1hXqjm7oPNYpTwhPg7wgXKm9/cu3n6Jovd5vDDROpv4NzPxj1VPRGfeJBu//TA7Jq7 LHnotdKTfpeqNWlgNeqdEymtVHIWQvIugriyAtjIUCUPLuLWujiBix8kmS6sU6ageLMP drM+Uhpg6ysvrDBz975Xkb2xk5hWc5P1yhOeZQZvshf1vOzVF7jKU4Mty62jSZr6bTOO 6D0qFibmOGAABTdUmPBxSbp0aE966lZSarYvA6bVIaJ6q+YXI8lJu4xRKZpsWXi+n3i1 XmXQ==
X-Gm-Message-State: ALoCoQmqJidkfGelMc5f6+brH+5cY252TgLee2zZIATmjWY3xDLmliZFEaUpl5KrZpyzQevrd++Y
X-Received: by 10.140.98.166 with SMTP id o35mr3381612qge.21.1411149304203; Fri, 19 Sep 2014 10:55:04 -0700 (PDT)
Received: from [192.168.1.107] (c-68-34-113-195.hsd1.md.comcast.net. [68.34.113.195]) by mx.google.com with ESMTPSA id o7sm1930469qay.4.2014.09.19.10.55.03 for <multiple recipients> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 19 Sep 2014 10:55:03 -0700 (PDT)
Message-ID: <541C6E01.4040908@nthpermutation.com>
Date: Fri, 19 Sep 2014 13:55:13 -0400
From: Michael StJohns <msj@nthpermutation.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.1.1
MIME-Version: 1.0
To: Dorothy Gellert <dorothy.gellert@gmail.com>
References: <6D27AD8D-3B90-4100-9440-3375946F420B@gmail.com> <541BD0E0.1090409@sics.se> <36F5869FE31AB24485E5E3222C288E1FFAFA@NABESITE.InterDigital.com> <541C452D.9090302@nthpermutation.com> <5369A9F2-02F0-4F49-BE39-C7A7308F4ED8@gmail.com>
In-Reply-To: <5369A9F2-02F0-4F49-BE39-C7A7308F4ED8@gmail.com>
Content-Type: multipart/alternative; boundary="------------030402070505050702060600"
Archived-At: http://mailarchive.ietf.org/arch/msg/dtls-iot/FQhHFOD-d1T03RC1prefStdn3o4
Cc: dtls-iot@ietf.org
Subject: Re: [Dtls-iot] DTLS multicast security
X-BeenThere: dtls-iot@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DTLS for IoT discussion list <dtls-iot.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtls-iot>, <mailto:dtls-iot-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dtls-iot/>
List-Post: <mailto:dtls-iot@ietf.org>
List-Help: <mailto:dtls-iot-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtls-iot>, <mailto:dtls-iot-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Sep 2014 17:55:08 -0000

On 9/19/2014 1:10 PM, Dorothy Gellert wrote:
> HI Mike-
>
> What we want to do as Chairs is to reach consensus on how to progress 
> the work items.   If there consensus to drop the work item,  that 
> would be progress.
>
> If the consensus of the group is to rework the Charter Item, so that 
> it does not depend on DTLS, we can also do that.    So far there is 
> willingness to re-work the charter item.
>
> Can we get more feedback from the WG?

Hi Dorothy -

My preference is to remove this entirely from the WG - I don't think its 
a good fit for DTLS.

If the group wants to do asymmetric control multicast either at CoAP or 
as a profile of one of the other existing multicast protocols, I 
wouldn't resist modifying the charter to do the work here.

If the group continues to want to do symmetric control multicast, I 
would continue to argue strongly against doing it here (or for that 
matter anywhere in the IETF) for all of the reasons I've reiterated many 
times.

Later, Mike

>
> Thanks,
> Dorothy
>
>
> On Sep 19, 2014, at 8:01 AM, Michael StJohns <msj@nthpermutation.com 
> <mailto:msj@nthpermutation.com>> wrote:
>
>> On 9/19/2014 7:27 AM, Rahman, Akbar wrote:
>>> Hi Dorothy,
>>>
>>>
>>> I agree with Ludwig that having a secure multicast is considered a 
>>> benefit by many.
>> My problem with this statement is that I would consider anti-gravity 
>> to be a benefit to many, but that AG has exactly the same scientific 
>> basis as symmetric key multicast security - none.  There's long, long 
>> experience on this topic that the document writers have ignored.
>>
>>>   For example, during the recent IESG review of the base CoAP Group 
>>> Communication spec there were several comments made by AD's 
>>> reflecting the need for a secure multicast solution to be developed 
>>> by IETF.  See for example:
>>>
>>> http://www.ietf.org/mail-archive/web/core/current/msg05566.html
>>>
>>> "The lack of security controls is an issue, experimental
>>> would be good until it is resolved as there is a lot of work to be done
>>> in this space and it is active."
>>
>> I think you're misrepresenting that message.  It's by Kathleen 
>> Moriarty.  She notes the lack of security in the body of the message, 
>> but the comment on "experimental" isn't on security specifically, but 
>> on the whole idea of CoAP group communications. Cf the other messages 
>> which object to the document as informational without mentioning 
>> security.
>>
>>>
>>>
>>> So, I think we still need to have a Work Item to develop a secure 
>>> group communication solution.  However, perhaps we can modify the 
>>> description of the Work Item and not have it exclusively linked to a 
>>> DTLS-based approach for secure group communication.  We should allow 
>>> for other approaches if people want to propose them.  But we should 
>>> still definitely keep working on this topic (i.e. secure group 
>>> communication).
>>
>> There's two things here:  1) The group is supposed to be profiling 
>> work done elsewhere to shrink it for use with IOT, not creating new 
>> stuff; 2) My objections to secure multicast are specifically in the 
>> area of the use of multicast as a control protocol; symmetric key 
>> systems are NOT secure enough for control systems and there appears 
>> to be deep and abiding resistance to the use of asymmetric systems 
>> (e.g. signed control messages) leading us to an impasse.
>>
>> I agree that DTLS is probably not the appropriate protocol for signed 
>> control messages, but there also seems to be a deep and abiding 
>> resistance to adding it to CoAP where it might make the most sense.
>>
>> Dorothy has proposed the withdrawal of multicast DTLS and I think 
>> that's the correct decision.   If someone wants to propose an 
>> asymmetric system that works with CoAP and run it through this group, 
>> I won't object (but the AD's might given the current charter).
>>
>>>
>>> A separate thought is that we may also want to progress the 
>>> existinghttp://datatracker.ietf.org/doc/draft-keoh-dice-multicast-security/but 
>>> put it on an Experimental track.  That way we can get experience 
>>> with the solution but not put it directly on Standards track.
>>
>> Instead, place it as a company informational like hundreds of other 
>> documents.  Philips can provide experimental results in a year or so. 
>>  There's only a reason to place it on the experimental track if more 
>> than one company is planning on using it and modifying it.
>>
>> Later, Mike
>>
>>
>>>
>>>
>>> Best Regards,
>>>
>>>
>>> Akbar
>>>
>>> -----Original Message-----
>>> From: dtls-iot [mailto:dtls-iot-bounces@ietf.org] On Behalf Of 
>>> Ludwig Seitz
>>> Sent: Friday, September 19, 2014 2:45 AM
>>> To: dtls-iot@ietf.org <mailto:dtls-iot@ietf.org>
>>> Subject: Re: [Dtls-iot] DTLS multicast security
>>>
>>> On 09/18/2014 10:41 PM, Dorothy Gellert wrote:
>>>> Dear WG,
>>>>
>>>> Last week our AD and the WG chairs, myself and Zach, met to discuss 
>>>> the progress of the DTLS multicast security Work Item.
>>>> it seems as though we have reach an impasse with regards to the 
>>>> issues raised on the mailing list with multicast security and DTLS.
>>>>
>>>> If this is the consensus of the WG  we can progress the WG without 
>>>> this Work item and move forward with the other 2 work items, the 
>>>> dtls profile and practical issues around the DTLS handshake.
>>>>
>>>> I'd like to request feedback from the WG on this plan.
>>>>
>>>> Thanks,
>>>> Dorothy
>>>>
>>> When making a decision on this, please note that secure multicast 
>>> would be considered a considerable benefit by some. See e.g.
>>> http://www.ietf.org/mail-archive/web/ace/current/msg00826.html
>>>
>>> Regards,
>>>
>>> Ludwig
>>>
>>> --
>>> Ludwig Seitz, PhD
>>> SICS Swedish ICT AB
>>> Ideon Science Park
>>> Building Beta 2
>>> Scheelevägen 17
>>> SE-223 70 Lund
>>>
>>> Phone +46(0)70-349 92 51
>>> http://www.sics.se
>>>
>>> _______________________________________________
>>> dtls-iot mailing list
>>> dtls-iot@ietf.org
>>> https://www.ietf.org/mailman/listinfo/dtls-iot
>>
>> _______________________________________________
>> dtls-iot mailing list
>> dtls-iot@ietf.org <mailto:dtls-iot@ietf.org>
>> https://www.ietf.org/mailman/listinfo/dtls-iot
>

v2.23.0 | Report a Bug | By Email