Re: [Dtls-iot] Latest dice profile draft
"FOSSATI, Thomas (Thomas)" <thomas.fossati@alcatel-lucent.com> Tue, 20 October 2015 04:18 UTC
Return-Path: <thomas.fossati@alcatel-lucent.com>
X-Original-To: dtls-iot@ietfa.amsl.com
Delivered-To: dtls-iot@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 165041B2AA8 for <dtls-iot@ietfa.amsl.com>; Mon, 19 Oct 2015 21:18:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.91
X-Spam-Level:
X-Spam-Status: No, score=-6.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S_cZDnQTUphq for <dtls-iot@ietfa.amsl.com>; Mon, 19 Oct 2015 21:18:10 -0700 (PDT)
Received: from smtp-fr.alcatel-lucent.com (fr-hpgre-esg-01.alcatel-lucent.com [135.245.210.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C0FB01B2AA4 for <dtls-iot@ietf.org>; Mon, 19 Oct 2015 21:18:09 -0700 (PDT)
Received: from fr711usmtp1.zeu.alcatel-lucent.com (unknown [135.239.2.122]) by Websense Email Security Gateway with ESMTPS id D4018E4EAA4CB; Tue, 20 Oct 2015 04:18:05 +0000 (GMT)
Received: from FR711WXCHHUB01.zeu.alcatel-lucent.com (fr711wxchhub01.zeu.alcatel-lucent.com [135.239.2.111]) by fr711usmtp1.zeu.alcatel-lucent.com (GMO) with ESMTP id t9K4I6Kp023025 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 20 Oct 2015 06:18:06 +0200
Received: from FR711WXCHMBA08.zeu.alcatel-lucent.com ([169.254.4.234]) by FR711WXCHHUB01.zeu.alcatel-lucent.com ([135.239.2.111]) with mapi id 14.03.0195.001; Tue, 20 Oct 2015 06:18:06 +0200
From: "FOSSATI, Thomas (Thomas)" <thomas.fossati@alcatel-lucent.com>
To: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>
Thread-Topic: Latest dice profile draft
Thread-Index: AQHRClQNYrWNoM+oSkC+jWnIFkzTF55zRYaAgABxroA=
Date: Tue, 20 Oct 2015 04:18:05 +0000
Message-ID: <D24B7AAE.37BC3%thomas.fossati@alcatel-lucent.com>
References: <D24A79AC.37ACC%thomas.fossati@alcatel-lucent.com> <CAKKJt-ekDv5zrBhAsZN2VF7p8vRXGGo6m+iV9sOkofdmEwZ6cA@mail.gmail.com>
In-Reply-To: <CAKKJt-ekDv5zrBhAsZN2VF7p8vRXGGo6m+iV9sOkofdmEwZ6cA@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.5.7.151005
x-originating-ip: [135.239.27.41]
Content-Type: multipart/alternative; boundary="_000_D24B7AAE37BC3thomasfossatialcatellucentcom_"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/dtls-iot/QsVUgHdZ3zT80xVdwXdqBSa5S1Y>
Cc: Ben Campbell <ben@nostrum.com>, Barry Leiba <barryleiba@computer.org>, "dtls-iot@ietf.org" <dtls-iot@ietf.org>
Subject: Re: [Dtls-iot] Latest dice profile draft
X-BeenThere: dtls-iot@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DTLS for IoT discussion list <dtls-iot.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtls-iot>, <mailto:dtls-iot-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dtls-iot/>
List-Post: <mailto:dtls-iot@ietf.org>
List-Help: <mailto:dtls-iot-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtls-iot>, <mailto:dtls-iot-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Oct 2015 04:18:12 -0000
Hi Spencer, There are no timing side-channel concerns here — it's purely an interop affair — so we removed the superfluous "constant time" requirement. In fact, thanks for asking the right question :-) From: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com<mailto:spencerdawkins.ietf@gmail.com>> Date: Monday, 19 October 2015 23:31 To: Thomas Fossati <thomas.fossati@alcatel-lucent.com<mailto:thomas.fossati@alcatel-lucent.com>> Cc: "dtls-iot@ietf.org<mailto:dtls-iot@ietf.org>" <dtls-iot@ietf.org<mailto:dtls-iot@ietf.org>>, Ben Campbell <ben@nostrum.com<mailto:ben@nostrum.com>>, Barry Leiba <barryleiba@computer.org<mailto:barryleiba@computer.org>> Subject: Re: Latest dice profile draft Hi, Thomas, On Mon, Oct 19, 2015 at 4:53 AM, FOSSATI, Thomas (Thomas) <thomas.fossati@alcatel-lucent.com<mailto:thomas.fossati@alcatel-lucent.com>> wrote: Hi everybody, We think we've addressed all IESG comments: https://datatracker.ietf.org/doc/draft-ietf-dice-profile/ballot/#ben-campbell https://datatracker.ietf.org/doc/draft-ietf-dice-profile/ballot/#spencer-dawkins https://datatracker.ietf.org/doc/draft-ietf-dice-profile/ballot/#barry-leiba (thank you Ben, Spencer and Barry), and submitted a new version of the profile draft. Please, check the diff from –16 at https://www.ietf.org/rfcdiff?url2=draft-ietf-dice-profile-17 I'm happy, but just to make sure you didn't break anything making me happy ... I asked about providing a reference for "constant time" in this text: For use with this profile the PSK identities SHOULD NOT assume a structured format (such as domain names, Distinguished Names, or IP addresses) and a constant time bit-by-bit comparison operation MUST be used by the server for any operation related to the PSK identity. The -17 corresponding text substituted "byte-by-byte" for "bit-by-bit", which I don't have an opinion about, but "constant time" simply disappeared. Was that intentional? Thanks, Spencer This is the version that will be sent to the RFC editor. Cheers and thanks very much to all of you for the great work, Thomas & Hannes.
- [Dtls-iot] Latest dice profile draft FOSSATI, Thomas (Thomas)
- Re: [Dtls-iot] Latest dice profile draft Barry Leiba
- Re: [Dtls-iot] Latest dice profile draft Spencer Dawkins at IETF
- Re: [Dtls-iot] Latest dice profile draft FOSSATI, Thomas (Thomas)