Re: [Dtls-iot] [OPS-DIR] Ops-dir review of draft-ietf-dice-profile-14

Hannes Tschofenig <hannes.tschofenig@gmx.net> Tue, 08 September 2015 19:22 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: dtls-iot@ietfa.amsl.com
Delivered-To: dtls-iot@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA1AE1B3673; Tue, 8 Sep 2015 12:22:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.61
X-Spam-Level:
X-Spam-Status: No, score=-2.61 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tl0sNR1WTC6c; Tue, 8 Sep 2015 12:22:44 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6BBB41B3339; Tue, 8 Sep 2015 12:22:44 -0700 (PDT)
Received: from [192.168.10.169] ([213.235.249.182]) by mail.gmx.com (mrgmx101) with ESMTPSA (Nemesis) id 0Lat5o-1YpJD53d4i-00kLwL; Tue, 08 Sep 2015 21:22:33 +0200
To: Tina TSOU <Tina.Tsou.Zouting@huawei.com>, "ops-dir@ietf.org" <ops-dir@ietf.org>, "ops-ads@tools.ietf.org" <ops-ads@tools.ietf.org>, "draft-ietf-dice-profile.all@tools.ietf.org" <draft-ietf-dice-profile.all@tools.ietf.org>
References: <4A95BA014132FF49AE685FAB4B9F17F657D2140B@dfweml701-chm> <613D87CD-DEED-46F3-A7FC-385778C01E8D@huawei.com>
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Openpgp: id=071A97A9ECBADCA8E31E678554D9CEEF4D776BC9
X-Enigmail-Draft-Status: N1110
Message-ID: <55EF356E.7040709@gmx.net>
Date: Tue, 8 Sep 2015 21:22:22 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0
MIME-Version: 1.0
In-Reply-To: <613D87CD-DEED-46F3-A7FC-385778C01E8D@huawei.com>
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="kaXp7hPatdMIPWumC6VBkSf4CtVbPDJJc"
X-Provags-ID: V03:K0:UDLOVcnF5Th4b6dG3+MLvXTwA2gr2HVKmbT1YKVrWRwqaAjvjWJ QFRHXp+o0hZTKcOzsOswZ9W7sbpivnJHTEJyMmTaKNh66sirdorSxJ/p/QxS8GppEFEb+mc piqkv4QZ4q4pfFfuInkXItYwoikN1FcquTHLM73SCTpqoK/EV272pXLjFk/sk2f3wHelBSS 5M5RPm/BxuchO/i9nYg6w==
X-UI-Out-Filterresults: notjunk:1;V01:K0:jThPTZVRwYk=:SmbzBYKKruJYbW5/gMLUsE Ze+bFoBr4hI/mgZDqr9nhcEggzN6YGb4/vzYPfUIqNKLsJMphE4cnoHM7c2h9UaYQWur+kBym WwAktFMbi2pPp+Niy6ySlgZeK6U9cnJRNmyaqc6mmiKpVABt7INlU5Uc6lgppDAhkqiapxUhy z5HEZ45lzusvZ/3zpbzx/xHGfuKI2FS/ICyxS70tKqXPyEzxwv7fPUXbBr21E14MBQ7sQiIM1 0M//HxD/O4sfz3euaix/ss5q7JU9N1LVFsGWtnnzUyPaX8TYc0jmkQN4/A/DK/j/eaIlkSq9V xBJ9+gaRP+2ZfQv6o5x0qwav8yUrJPZTKQdPnXti8UwmWojJrAfmiOPNwTlG6q/mSIIN8y47W d1I+4Rz5FtPKSZLv4QG9wOBoBg62LE0TDGToUe6GFGkNiZE+MQ1PQQ4d8dOzGaCxp5yqJBdbh x24WgTyDUq51KQ1YCrjkC7lXXcbkUhlyZyhU+a47pKmF1FgtEm3ZTuHRXZNy44C4/U1LtUdoh eSJ8/hxMv5OnacFgmNpuowyk9v37rXa5uvManrKtQgZAeQ95XJ3ZAnIkQqQvSqKWrEjpfnSJR v9dFsHEOB58Ueu0F1q41giiHn/3oNf1G845lo5v6c2yVYDcFsGdHb9Hlkaj++E+fNCvKBUScg pHfXHxLBHwyWFFlquA0jTWBkY9moF4dNaDqBoYaVNWh/uLttakuvJ8g5/Lvziz9osl7su7Kut B9f5pBUfRL+fQLsj
Archived-At: <http://mailarchive.ietf.org/arch/msg/dtls-iot/_pIDkuYwJ4zJm5gxfXiDpqMBWi8>
Cc: "dtls-iot@ietf.org" <dtls-iot@ietf.org>
Subject: Re: [Dtls-iot] [OPS-DIR] Ops-dir review of draft-ietf-dice-profile-14
X-BeenThere: dtls-iot@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DTLS for IoT discussion list <dtls-iot.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtls-iot>, <mailto:dtls-iot-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dtls-iot/>
List-Post: <mailto:dtls-iot@ietf.org>
List-Help: <mailto:dtls-iot-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtls-iot>, <mailto:dtls-iot-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Sep 2015 19:22:47 -0000

Hi Tina,

thanks for your detailed review.

On 09/05/2015 02:44 AM, Tina TSOU wrote:
> Dear all,
> 
> I have reviewed this document as part of the Operational directorate's
> ongoing effort to review all IETF documents being processed by the
> IESG.  These comments were written primarily for the benefit of the
> operational area directors.
> 
> Document editors and WG chairs should treat these comments just like any
> other last call comments.
> 
> 
> This I-D is almost ready for publication. Hopefully you can address my
> comments below:
> 
> **** Technical ****
> 
> Meta:
> In many cases, the recommendations being made are kind of intermixed
> with the "background" information. If the text is not reorganized such
> that the recommendations are more "separated" from the background info,
> it would be great if, e.g. in each section, you provide a summary
> (possibly in the form of a table) of all the recommendations being made.


I tried to put the recommendations at the end of the respective sections
and the background of how a particular features is relevant at the front.

While you are very familiar with the described documents the main target
audience, i.e., developers are so familiar with all the specifications
and their relevance for an IoT environment. When you look at the
security of IoT devices provided today then you will for sure agree with
me that there are not only security experts around. Hence, a bit more
background material will help these folks a lot to understand why we are
introducing certain features.

>> * Section 6.1, page 21:
>>> IoT device are assumed to have a software update
>>> mechanism built-in and it will allow updates of low-level device
>>> information, including credentials and configuration parameters.
>>> This document does, however, not mandate a specific software /
>>> firmware update protocol.
> 
> If you talk about software update mechanisms, you should probably make
> some comments about the software update mechanism. e.g., it should
> authenticate the software it downloads.
> 

The problem I encountered in referencing a software update mechanism, as
Stephen also pointed out in his reviews, is that I cannot easily point
to one single mechanism. I pointed to the mechanism specified in the OMA
LWM2M specification as one possible mechanism but it is also incomplete.
I believe that this is an area of work that requires a separate set of
specifications...


> 
> * Section 6.3, pages 24/25
>> Due to the use of Ephemeral Elliptic Curve
>> Diffie-Hellman (ECDHE) the recently introduced named Diffie-Hellman
>> groups [I-D.ietf-tls-negotiated-dl-dhe] are not applicable to this
>> profile.
> 
> I find this para graph hard to parse...
> 

Here is the new proposed wording:
"
The named Diffie-Hellman groups [I-D.ietf-tls-negotiated-dl-dhe] are not
applicable to this profile since it relies on the ECC-based counterparts.
"

> 
> * Section 6.4.4:
>> All certificate elements listed in Table 1 are mandatory-to-implement
>> for client and servers claiming support for certificate-based
>> authentication. No other certificate elements are used by this
>> specification
> 
> Should there be any RFC2119 language here?

Fixed.

> 
> 
> * Page 33:
>> Section 3.3 of [RFC7525] recommends to disable TLS/DTLS-level
>> compression due to attacks, such as CRIME.
> 
> Please provide a reference for CRIME -- RFC7525 doesn't seem to have
> one, either.
> 

Added a reference to the Wikipedia page.

> 
> * Page 35:
>> Since the upload happens on an irregular and unpredictable basis
>> and due to renumbering and Network Address Translation (NAT) the
>> DTLS handshake may need to be re-started (ideally using session
>> resumption, if possible).
> 
> Could you please elaborate why you mention "renumbering" as one of such
> reasons?

I tried to provide examples of IP address changes.
There is nothing special about renumbering as such.

I simplified the text:

"
The DTLS handshake may need to be re-started (ideally using session
resumption, if possible) in case of an IP address change.
"

> 
> 
> **** Editorial/Nits ****
> * Abstract:
> 
>> via sensor or
>> controls actuators for use in home automation,
> 
> s/sensor/sensors/
> 
> 
Fixed.

> * Section 1, pag 3:
> 
>> UDP is mainly used to carry CoAP messages but other
>> transports can be utilized, such as SMS or even TCP.
> 
> Please add appropriate references.

Fixed.

> 
> 
> * Section 1, pag 3:
> 
>> While the main goal for this document is to protect CoAP messages
>> using DTLS 1.2 [RFC6347]
> 
> Add a comma right after the reference.
> 
Fixed.

> 
> * Section 4.1.1.2, page 11:
> 
>> this might be too limiting and additional functionality is needed, as
>> shown in Figure 4 and Figure 4,
> 
> 
> * Section 4.2, page 13:
>> In this section, we assume a scenario where constrained devices run
>> TLS/ DTLS servers
> 
> Remove the extra space in "TLS/ DTLS".

Fixed.

> 
> 
> * Section 4.2, page 15:
>> several other eco-system factor
> 
> s/factor/factors/
> 

Fixed.

> 
> * Section 4.2, page 16:
>> to establish an shared
>> key
> 
> s/an/a/

Fixed.

> 
> 
> * Section 4.2, page 17:
>> and various position papers submitted to that topic
> 
> s/to/on/?
> 
Fixed.

> 
> * Section 4.2, page 17:
>> For a more fine-grained and
>> dynamic access control
> 
> Maybe rephrase as "For a finer-grained and more dynamic access control"?
> 
Fixed

> 
> * Section 4.2, page 17:
>> authenticate both endpoint
> 
> s/endpoint/endpoints/

Fixed.

> 
> 
> * Section 4.2, page 18:
>> CoAP 2.04 Changed
> 
> s/2.04/2.05 <x-apple-data-detectors://12>/?

I am not sure what this means.


> 
> 
> * Section 6.1, page 20:
>> has to be know
> 
> s/know/known/

fixed.

> 
> 
> * Section 6.1, page 21:
>> Whatever process for generating
>> these initial device credential
> 
> 
> * Section 6.1, page 21:
>> IoT device are assumed to have a software update
>> mechanism built-in and it will allow updates of low-level device
>> information, including credentials and configuration parameters.
>> This document does, however, not mandate a specific software /
>> firmware update protocol.
> 
> s/device/devices/
Fixed.

> 
> 
> * Section 6.2, page 21:
>> The use of pre-shared secrets is one of the most basic techniques for
>> TLS/DTLS since it is both computational efficient and bandwidth
>> conserving
> 
> s/computational/computationally/?
> 
> 
Fixed.


> * Section 6.3, page 24:
> 
>> namely the server_certificate_type*’
> 
> Not sure if e.g. the asterisk was included in error.
> 

A mistake. Fixed.

> 
> * Page 27:
>> 3. Certificates MUST NOT contains multiple names (e.g., more than
>> one dNSName field).
> 
> s/contains/contain/
> 
> 

Fixed.


> * Page 33:
>> For cases where the server constrained
> 
> Missing "is".
> 

Fixed.

> 
> Have a good weekend.
> 
> 
> Thank you,
> Tina
> 
Thanks!

Ciao
Hannes

> 
> _______________________________________________
> OPS-DIR mailing list
> OPS-DIR@ietf.org
> https://www.ietf.org/mailman/listinfo/ops-dir
>