IETF Logo Mail Archive

Re: [Dtls-iot] DTLS multicast security

"Rahman, Akbar" <Akbar.Rahman@InterDigital.com> Fri, 19 September 2014 11:27 UTC

Return-Path: <Akbar.Rahman@interdigital.com>
X-Original-To: dtls-iot@ietfa.amsl.com
Delivered-To: dtls-iot@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A7121A00C3 for <dtls-iot@ietfa.amsl.com>; Fri, 19 Sep 2014 04:27:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.552
X-Spam-Level:
X-Spam-Status: No, score=-3.552 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-1.652] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C0-PfwHF9kfI for <dtls-iot@ietfa.amsl.com>; Fri, 19 Sep 2014 04:27:55 -0700 (PDT)
Received: from smtp-in1.interdigital.com (smtp-in1.interdigital.com [64.208.228.133]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DA3631A00AD for <dtls-iot@ietf.org>; Fri, 19 Sep 2014 04:27:54 -0700 (PDT)
X-ASG-Debug-ID: 1411126073-06daaa3ff58f170001-roOjxa
Received: from smtp-out1.interdigital.com (sahara.interdigital.com [10.0.128.27]) by smtp-in1.interdigital.com with ESMTP id uT4pvEAIJcHccaS2 for <dtls-iot@ietf.org>; Fri, 19 Sep 2014 07:27:53 -0400 (EDT)
X-Barracuda-Envelope-From: Akbar.Rahman@InterDigital.com
Received: from interdigital.com ([10.0.128.11]) by smtp-out1.interdigital.com with Microsoft SMTPSVC(6.0.3790.4675); Fri, 19 Sep 2014 07:27:51 -0400
Received: from KYANITE.InterDigital.com ([10.1.64.253]) by interdigital.com with Microsoft SMTPSVC(6.0.3790.4675); Fri, 19 Sep 2014 07:27:51 -0400
Received: from KAINITE.InterDigital.com (10.1.64.252) by KYANITE.InterDigital.com (10.1.64.253) with Microsoft SMTP Server (TLS) id 14.3.195.1; Fri, 19 Sep 2014 07:27:50 -0400
Received: from NISSONITE.InterDigital.com (10.2.64.252) by KAINITE.InterDigital.com (10.1.64.252) with Microsoft SMTP Server (TLS) id 14.3.195.1; Fri, 19 Sep 2014 07:27:50 -0400
Received: from NABESITE.InterDigital.com ([fe80::4d8a:a889:67c2:f009]) by NISSONITE.InterDigital.com ([::1]) with mapi id 14.03.0195.001; Fri, 19 Sep 2014 07:27:49 -0400
From: "Rahman, Akbar" <Akbar.Rahman@InterDigital.com>
To: Ludwig Seitz <ludwig@sics.se>, "dtls-iot@ietf.org" <dtls-iot@ietf.org>
Thread-Topic: [Dtls-iot] DTLS multicast security
X-ASG-Orig-Subj: RE: [Dtls-iot] DTLS multicast security
Thread-Index: AQHP04Dp9cuVp8e9+U+XZne5lc7EypwIRnUAgAAH/jA=
Date: Fri, 19 Sep 2014 11:27:48 +0000
Message-ID: <36F5869FE31AB24485E5E3222C288E1FFAFA@NABESITE.InterDigital.com>
References: <6D27AD8D-3B90-4100-9440-3375946F420B@gmail.com> <541BD0E0.1090409@sics.se>
In-Reply-To: <541BD0E0.1090409@sics.se>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.1.247.134]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginalArrivalTime: 19 Sep 2014 11:27:51.0449 (UTC) FILETIME=[BF76D890:01CFD3FC]
X-Barracuda-Connect: sahara.interdigital.com[10.0.128.27]
X-Barracuda-Start-Time: 1411126073
X-Barracuda-URL: http://10.1.245.3:8000/cgi-mod/mark.cgi
X-Virus-Scanned: by bsmtpd at interdigital.com
X-Barracuda-BRTS-Status: 1
X-Barracuda-Spam-Score: 0.00
X-Barracuda-Spam-Status: No, SCORE=0.00 using global scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=9.0 tests=
X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.3.9647 Rule breakdown below pts rule name description ---- ---------------------- --------------------------------------------------
Archived-At: http://mailarchive.ietf.org/arch/msg/dtls-iot/N7PDmOuI1tfpSLOdbT9zvHjb5Kg
Subject: Re: [Dtls-iot] DTLS multicast security
X-BeenThere: dtls-iot@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DTLS for IoT discussion list <dtls-iot.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtls-iot>, <mailto:dtls-iot-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dtls-iot/>
List-Post: <mailto:dtls-iot@ietf.org>
List-Help: <mailto:dtls-iot-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtls-iot>, <mailto:dtls-iot-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Sep 2014 11:27:57 -0000

Hi Dorothy,


I agree with Ludwig that having a secure multicast is considered a benefit by many.  For example, during the recent IESG review of the base CoAP Group Communication spec there were several comments made by AD's reflecting the need for a secure multicast solution to be developed by IETF.  See for example:

http://www.ietf.org/mail-archive/web/core/current/msg05566.html

	"The lack of security controls is an issue, experimental
	would be good until it is resolved as there is a lot of work to be done
	in this space and it is active."


So, I think we still need to have a Work Item to develop a secure group communication solution.  However, perhaps we can modify the description of the Work Item and not have it exclusively linked to a DTLS-based approach for secure group communication.  We should allow for other approaches if people want to propose them.  But we should still definitely keep working on this topic (i.e. secure group communication).

A separate thought is that we may also want to progress the existing http://datatracker.ietf.org/doc/draft-keoh-dice-multicast-security/ but put it on an Experimental track.  That way we can get experience with the solution but not put it directly on Standards track.   


Best Regards,


Akbar

-----Original Message-----
From: dtls-iot [mailto:dtls-iot-bounces@ietf.org] On Behalf Of Ludwig Seitz
Sent: Friday, September 19, 2014 2:45 AM
To: dtls-iot@ietf.org
Subject: Re: [Dtls-iot] DTLS multicast security

On 09/18/2014 10:41 PM, Dorothy Gellert wrote:
> Dear WG,
>
> Last week our AD and the WG chairs, myself and Zach, met to discuss the progress of the DTLS multicast security Work Item.
> it seems as though we have reach an impasse with regards to the issues raised on the mailing list with multicast security and DTLS.
>
> If this is the consensus of the WG  we can progress the WG without this Work item and move forward with the other 2 work items, the dtls profile and practical issues around the DTLS handshake.
>
> I'd like to request feedback from the WG on this plan.
>
> Thanks,
> Dorothy
>

When making a decision on this, please note that secure multicast would be considered a considerable benefit by some. See e.g. 
http://www.ietf.org/mail-archive/web/ace/current/msg00826.html

Regards,

Ludwig

--
Ludwig Seitz, PhD
SICS Swedish ICT AB
Ideon Science Park
Building Beta 2
Scheelevägen 17
SE-223 70 Lund

Phone +46(0)70-349 92 51
http://www.sics.se

v2.23.0 | Report a Bug | By Email