Re: [dtn] Interoperability context and/or COSE
Mehmet Adalier <madalier@antarateknik.com> Tue, 28 July 2020 22:44 UTC
Return-Path: <madalier@antarateknik.com>
X-Original-To: dtn@ietfa.amsl.com
Delivered-To: dtn@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CDF1C3A09ED for <dtn@ietfa.amsl.com>; Tue, 28 Jul 2020 15:44:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yahoo.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 25vdsZ64eFgY for <dtn@ietfa.amsl.com>; Tue, 28 Jul 2020 15:44:07 -0700 (PDT)
Received: from sonic304-28.consmr.mail.ne1.yahoo.com (sonic304-28.consmr.mail.ne1.yahoo.com [66.163.191.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 12F8E3A09EB for <dtn@ietf.org>; Tue, 28 Jul 2020 15:44:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1595976246; bh=awzN3L2HWvFIPKV543a+T23+qly8cNo97d9REoDOfj4=; h=Date:Subject:From:To:References:From:Subject; b=L7p7WiXCqZJHZM6DpK7tH3BEzcJPdZTFLi5wE1SzcGiA1jLQvtZ9F7qmWvLbDG3E/Mqc4s/IH5KeGvV24dz74FfHdOEeXwWOZuuKqoFBWzw0gF4qBz7RM3ZpDuxSExxX3tZOWLIOGl6l5EqoBFDJE1U1fHgWU4lIRRQ7RsWwDLGhpMiLdsU/VQksyI+42pMt6tyIfk9pU+or/yVfdQSO6+NTH4YV+6QNk75/BwEzNj4bTpBbtXHdqX77pAlYz8L4x6T59KrJgB/LB2J0vPhcXoKFPUqcHvrrf2xHFIHyYPl6+/0+/74uIWU4aYIFkP1wu3V7vrcDiNw7aunqFyXToA==
X-YMail-OSG: SL7ktvEVM1lCjh.N8YjxA2GUqfofIm4t69B8.BfLtgRJCs3CXYyRhrCASszOwfp xZvmMQ5WdLvvYRX.XYfYSmPSji8xVSdazzIOMpzGcSTuNYLvTrj5XAADPGHrWhQJ6SKP.kqj8n5T Jxk1wzqgUg1qano4xqJgSoii3AW0zZMc9oVuEpBmYFyg.On3tjYChXKHoKdaES5YVEJt0gTIUsSK cBW2wEgWWgNNUCygE5WJXrgdLus3ITS0u97fp11TwMFEcjdO21WjY9dAsooSMAUjNco3fGS28bQy YUPtEVupZDi2oHFRSTGmN3LhqNB.UO3V4FrXDvzL5xc3REa99gFqt4F378nnLiUbystMiiT1CEo0 3q_T14WMiuJ5Cw4eUFZQasAJDyTp0WJfCLgSdEdzxqzoMIz9hAKV33Hbr.tsSHXSdBY8NaKoZBeF qB3uBMT0qD2Um4w0c9fxUMJrmoY_2.dQ3eUrwetsIsdljLQiYzFr04gh35ehAcBcSqm6iteU6cVN 7kqStjjEBWGqYd8KT3K61DZAhkjOPdKq2uz6cRknZpuB0Svr6BphyuOJctAOMVsN1LZ5Jacs4i6Y odQRxmzho1YYJUks3SZMOWjMj2tUc3tT_hfac36hLG_6XXo0qtSOBqFaiUGNZQIC983hp4hlcAVY b7QyDVDLN8i_PeLR2SO1WIGAZmv2.383uWVtLa8dFcVueiSSib.oyCRuZ6p7UcI.2Zz6hEyM9Wju aI5RMo7M6gh_3K5ASR9x7t93SyJrHNBhypQ.KmisSBrB0BI_FDJL2LRuGpJjjuD9MXu.TJN8BxW2 6hnkDlYRVdwc5xkpN1wvCpS9YcA225BGaCXfpU1.GNloA8k0zBBQVQwHZwaEH.s5a9L_qAN9TEAF Jlw6hBSCavGri49lk3f_Hym96ZQz21cACQt_ZAN9_dZcFjjiWAEP6zj9GP9skGe.zu6AZN_w0bjz PkG.v1c60.JDyY9weojZv3zPafFm07f317ynzyvlcy0cTYDh6EAEFhtiP4Y4iYBLVidIR8o1.wuL xGi6MTv1ZsnWHDbaVspNApzzium2MAnNGPCfbtTrzMLN_0Gyaorg1wEPTODtBiugnnLIV2d42cOr 6TaegQ45aas6EmTO7XWf1Ki7yt7vDvOHumb1sBRvKdnWTFARtawUPD_FZXAghn8XgLdodqgPyDc6 Hbes7bl7NvTtDUUlculddDarbbW6dU9rDe_Q09iTMpyp5nzAl8ilXncFqYPIz7dmxm9o6srYYbVo vmThMggtiCjTf8_N8wSCbnvNVTUiSRhP1awseActIcF2OUQaLm0FwjhiT4nuSxmXYFJDfv9Q7b36 QMASnSPCYw7B5yqFCN3rFx4w273NRTdVC230wD5i_lMkwjokmpOv74H9brnDKI8.s_6tC62yilI1 82PSu2Wr74m6cSl8PQ94M
Received: from sonic.gate.mail.ne1.yahoo.com by sonic304.consmr.mail.ne1.yahoo.com with HTTP; Tue, 28 Jul 2020 22:44:06 +0000
Received: by smtp431.mail.gq1.yahoo.com (VZM Hermes SMTP Server) with ESMTPA ID 9c07329a18eb995f251af45dc2f299c7; Tue, 28 Jul 2020 22:44:03 +0000 (UTC)
User-Agent: Microsoft-MacOutlook/10.20.0.191208
Date: Tue, 28 Jul 2020 15:44:00 -0700
From: Mehmet Adalier <madalier@antarateknik.com>
To: Rick Taylor <rick@tropicalstormsoftware.com>, "dtn@ietf.org" <dtn@ietf.org>
Message-ID: <D6D8C3D0-441B-477D-99C5-0E30F0F40E12@antarateknik.com>
Thread-Topic: [dtn] Interoperability context and/or COSE
Mime-version: 1.0
Content-type: multipart/alternative; boundary="B_3678795842_968138547"
References: <D6D8C3D0-441B-477D-99C5-0E30F0F40E12.ref@antarateknik.com>
X-Mailer: WebService/1.1.16271 hermes_yahoo Apache-HttpAsyncClient/4.1.4 (Java/11.0.7)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dtn/LTmtwtcD5OAAIsZmQ_SwrS0JKr8>
Subject: Re: [dtn] Interoperability context and/or COSE
X-BeenThere: dtn@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Delay Tolerant Networking \(DTN\) discussion list at the IETF." <dtn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtn>, <mailto:dtn-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dtn/>
List-Post: <mailto:dtn@ietf.org>
List-Help: <mailto:dtn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtn>, <mailto:dtn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jul 2020 22:44:09 -0000
Regarding the questions posed below: Yes, I believe that the BPsec interoperability security context should be useable in environments beyond interoperability-testing. I am not sure what ‘production grade’ entails, but I will be more than happy to contribute to this effort. Regarding “Should the COSE security context replace the BPSec-interop document?” I have extensively reviewed the COSE RFC. While this is a well written RFC, I am not convinced that the overhead introduced provides a tangible security benefit. While it attempts to standardize, its complexity increases the amount of processing code and the attack surface. My vote will be no, it should not replace the BPsec interop document. mehmet From: dtn <dtn-bounces@ietf.org> on behalf of Rick Taylor <rick@tropicalstormsoftware.com> Date: Monday, July 27, 2020 at 6:09 AM To: "dtn@ietf.org" <dtn@ietf.org> Subject: [dtn] Interoperability context and/or COSE Hi All, At IETF-108 a question was raised as whether the existing BPSec interoperability security context should be useable in environments beyond interoperability-testing. A second question was raised: whether the COSE security context would actually make a good replacement for the BPSec interoperability security context draft. The chairs are interested in discovering WG consensus on the following topics: Should BPsec-interop be updated to be ‘production grade’? Should the COSE security context be adopted as a WG document? Should the COSE security context replace the BPSec-interop document? Cheers, Rick & Marc _______________________________________________ dtn mailing list dtn@ietf.org https://www.ietf.org/mailman/listinfo/dtn
- [dtn] Interoperability context and/or COSE Rick Taylor
- Re: [dtn] Interoperability context and/or COSE Mehmet Adalier
- Re: [dtn] Interoperability context and/or COSE Birrane, Edward J.
- Re: [dtn] Interoperability context and/or COSE Brian Sipos