Re: [Dtls-iot] Fwd: I-D Action: draft-mglt-dice-ipsec-for-application-payload-00.txt
"Kumar, Sandeep" <sandeep.kumar@philips.com> Thu, 24 July 2014 11:04 UTC
Return-Path: <sandeep.kumar@philips.com>
X-Original-To: dtls-iot@ietfa.amsl.com
Delivered-To: dtls-iot@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D1A4B1A01AC for <dtls-iot@ietfa.amsl.com>; Thu, 24 Jul 2014 04:04:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.619
X-Spam-Level:
X-Spam-Status: No, score=-1.619 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_FONT_FACE_BAD=0.981, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S60E2vW85frX for <dtls-iot@ietfa.amsl.com>; Thu, 24 Jul 2014 04:04:14 -0700 (PDT)
Received: from emea01-db3-obe.outbound.protection.outlook.com (mail-db3lp0081.outbound.protection.outlook.com [213.199.154.81]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CD69D1A0181 for <dtls-iot@ietf.org>; Thu, 24 Jul 2014 04:04:13 -0700 (PDT)
Received: from DBXPR04CA005.eurprd04.prod.outlook.com (10.255.191.153) by DB3PR04MB0634.eurprd04.prod.outlook.com (25.160.45.148) with Microsoft SMTP Server (TLS) id 15.0.990.7; Thu, 24 Jul 2014 11:04:10 +0000
Received: from AM1FFO11FD026.protection.gbl (2a01:111:f400:7e00::170) by DBXPR04CA005.outlook.office365.com (2a01:111:e400:9800::25) with Microsoft SMTP Server (TLS) id 15.0.995.14 via Frontend Transport; Thu, 24 Jul 2014 11:04:09 +0000
Received: from mail.philips.com (206.191.240.52) by AM1FFO11FD026.mail.protection.outlook.com (10.174.64.215) with Microsoft SMTP Server (TLS) id 15.0.980.11 via Frontend Transport; Thu, 24 Jul 2014 11:04:09 +0000
Received: from DBXPRD9003MB059.MGDPHG.emi.philips.com ([169.254.7.61]) by DBXPRD9003HT002.MGDPHG.emi.philips.com ([141.251.25.207]) with mapi id 14.16.0459.000; Thu, 24 Jul 2014 11:04:09 +0000
From: "Kumar, Sandeep" <sandeep.kumar@philips.com>
To: Carsten Bormann <cabo@tzi.org>, "dtls-iot@ietf.org" <dtls-iot@ietf.org>
Thread-Topic: [Dtls-iot] Fwd: I-D Action: draft-mglt-dice-ipsec-for-application-payload-00.txt
Thread-Index: AQHPpuiE+eHEAV0LrkCgEWQndjl73puvECoV
Date: Thu, 24 Jul 2014 11:04:08 +0000
Message-ID: <BE6D13F6A4554947952B39008B0DC0153E7F94EC@DBXPRD9003MB059.MGDPHG.emi.philips.com>
References: <20140724022351.29540.43421.idtracker@ietfa.amsl.com>, <985793D3-5AA5-4710-AABA-15BDEFDEF328@tzi.org>
In-Reply-To: <985793D3-5AA5-4710-AABA-15BDEFDEF328@tzi.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: multipart/alternative; boundary="_000_BE6D13F6A4554947952B39008B0DC0153E7F94ECDBXPRD9003MB059_"
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:206.191.240.52; CTRY:US; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(428002)(2473001)(377424004)(189002)(85714005)(199002)(51704005)(374574003)(512874002)(2656002)(97736001)(54356999)(83072002)(86362001)(87936001)(92566001)(21056001)(44976005)(19580395003)(6806004)(107886001)(107046002)(15975445006)(19625215002)(83322001)(19580405001)(84676001)(92726001)(15202345003)(99396002)(84326002)(76176999)(33656002)(50986999)(85852003)(76482001)(55846006)(104016003)(105586002)(71186001)(81342001)(46102001)(80022001)(95666004)(64706001)(74662001)(106116001)(77982001)(77096002)(68736004)(16236675004)(79102001)(4396001)(31966008)(81542001)(85306003)(81156004)(106466001)(69596002)(101416001)(20776003)(74502001)(567094001)(24704002)(19607625011); DIR:OUT; SFP:; SCL:1; SRVR:DB3PR04MB0634; H:mail.philips.com; FPR:; MLV:sfv; PTR:ErrorRetry; MX:1; A:1; LANG:en;
X-Microsoft-Antispam: BCL:0;PCL:0;RULEID:
X-Forefront-PRVS: 028256169F
Received-SPF: None (: philips.com does not designate permitted sender hosts)
Authentication-Results: spf=none (sender IP is 206.191.240.52) smtp.mailfrom=sandeep.kumar@philips.com;
X-OriginatorOrg: philips.com
Archived-At: http://mailarchive.ietf.org/arch/msg/dtls-iot/tBEcWaIE2i7CHMTxQ-FhlCOQ-1E
Subject: Re: [Dtls-iot] Fwd: I-D Action: draft-mglt-dice-ipsec-for-application-payload-00.txt
X-BeenThere: dtls-iot@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DTLS for IoT discussion list <dtls-iot.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtls-iot>, <mailto:dtls-iot-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dtls-iot/>
List-Post: <mailto:dtls-iot@ietf.org>
List-Help: <mailto:dtls-iot-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtls-iot>, <mailto:dtls-iot-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jul 2014 11:04:17 -0000
Thanks Carsten and Daniel for the quick draft. Indeed IPsec could have been a candidate if we did not have the initial goal of reusing as much of DTLS codebase for the various IoT security operations. Just a quick question, since you are using AES-CCM, how do you ensure different nonces for the different senders in your scheme? regards Sandeep Sent from Windows Mail From: Carsten Bormann<mailto:cabo@tzi.org> Sent: Wednesday, July 23, 2014 10:39 PM To: dtls-iot@ietf.org<mailto:dtls-iot@ietf.org> To stir the pot a little bit on draft-keoh-dice-multicast-security, Daniel and I have written a short straw man draft to show how the same objective can already be achieved using existing widely deployed standards-track protocols. This is a little less efficient, but does the job. (Further efficiencies could be achieved by compressing away some of the redundant information, see the draft for some ideas.) Thanks to Daniel for being available on short notice for this little mischievous act. I’m no longer sure I don’t actually want to use this. Grüße, Carsten Begin forwarded message: > From: internet-drafts@ietf.org > Subject: I-D Action: draft-mglt-dice-ipsec-for-application-payload-00.txt > Date: 23 Jul 2014 22:23:51 -0400 > To: i-d-announce@ietf.org > Reply-To: internet-drafts@ietf.org > > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > > > Title : IPsec/ESP for Application Payload > Authors : Daniel Migault > Carsten Bormann > Filename : draft-mglt-dice-ipsec-for-application-payload-00.txt > Pages : 9 > Date : 2014-07-23 > > Abstract: > This document is a strawman specification describing how IPsec/ESP > could be used to secure application payloads, in particular to enable > multicast applications where DTLS would be used for unicast. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-mglt-dice-ipsec-for-application-payload/ > > There's also a htmlized version available at: > http://tools.ietf.org/html/draft-mglt-dice-ipsec-for-application-payload-00 _______________________________________________ dtls-iot mailing list dtls-iot@ietf.org https://www.ietf.org/mailman/listinfo/dtls-iot ________________________________ The information contained in this message may be confidential and legally protected under applicable law. The message is intended solely for the addressee(s). If you are not the intended recipient, you are hereby notified that any use, forwarding, dissemination, or reproduction of this message is strictly prohibited and may be unlawful. If you are not the intended recipient, please contact the sender by return e-mail and destroy all copies of the original message.
- [Dtls-iot] Fwd: I-D Action: draft-mglt-dice-ipsec… Carsten Bormann
- Re: [Dtls-iot] Fwd: I-D Action: draft-mglt-dice-i… Kumar, Sandeep
- Re: [Dtls-iot] Fwd: I-D Action: draft-mglt-dice-i… Carsten Bormann