IETF Logo Mail Archive

Re: [dtn] Interoperability context and/or COSE

"Birrane, Edward J." <Edward.Birrane@jhuapl.edu> Wed, 29 July 2020 00:59 UTC

Return-Path: <Edward.Birrane@jhuapl.edu>
X-Original-To: dtn@ietfa.amsl.com
Delivered-To: dtn@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F4073A0C86 for <dtn@ietfa.amsl.com>; Tue, 28 Jul 2020 17:59:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=jhuapl.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HdcgpAv8W7MR for <dtn@ietfa.amsl.com>; Tue, 28 Jul 2020 17:59:25 -0700 (PDT)
Received: from aplegw02.jhuapl.edu (aplegw02.jhuapl.edu [128.244.251.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 456743A0DE4 for <dtn@ietf.org>; Tue, 28 Jul 2020 17:59:19 -0700 (PDT)
Received: from pps.filterd (aplegw02.jhuapl.edu [127.0.0.1]) by aplegw02.jhuapl.edu (8.16.0.42/8.16.0.42) with SMTP id 06T0uBsS109515 for <dtn@ietf.org>; Tue, 28 Jul 2020 20:59:16 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jhuapl.edu; h=from : to : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=JHUAPLDec2018; bh=+Kl1o9oGqB6VjwBGaSnACJlBn2oVru83vmTv/LjKqCg=; b=gYrxxLtJgYzS5ownCUDPR+rjk1KohQLEK3OyLNlGxi7Lk+2srcOna6EMDwuShOFFsRxt wWJ0xXD3kPpB7pSiGevG/W8AD8NcpmuYZXZRu8tqrQy8fYc+5/DouNags4YYgyW2OJMF zhn6kEnLtLLCisTIuLkAsBTAZXDqN8xJsblT4riDgQCwew6a9hy79Nb7pyj2xtL8/t8C b6F8SU5E7DWj1ER5UsWU3V1UaASWGprkKPXVL1j26m5sMRq4rpaNWcqjdcjqYUEo49Bc 9I/XM9CQpRm0XuVv+lDT8kYgaL1LWJuopnQ8prL4p9NnEm2MbYQiR6Zf+GRXT9u2gGUG RQ==
Received: from aplex01.dom1.jhuapl.edu (aplex01.dom1.jhuapl.edu [128.244.198.5]) by aplegw02.jhuapl.edu with ESMTP id 32gmmqaujt-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for <dtn@ietf.org>; Tue, 28 Jul 2020 20:59:16 -0400
X-CrossPremisesHeadersFilteredBySendConnector: aplex01.dom1.jhuapl.edu
Received: from aplex01.dom1.jhuapl.edu (128.244.198.5) by aplex01.dom1.jhuapl.edu (128.244.198.5) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 28 Jul 2020 20:59:16 -0400
Received: from aplex01.dom1.jhuapl.edu ([fe80::19f5:dcc5:c696:1a50]) by aplex01.dom1.jhuapl.edu ([fe80::19f5:dcc5:c696:1a50%25]) with mapi id 15.00.1497.006; Tue, 28 Jul 2020 20:59:16 -0400
From: "Birrane, Edward J." <Edward.Birrane@jhuapl.edu>
To: "dtn@ietf.org" <dtn@ietf.org>
Thread-Topic: [dtn] Interoperability context and/or COSE
Thread-Index: AQHWZTCeOXo4WjwgTkKLPLRxnWMVdKkdvAqQ
Date: Wed, 29 Jul 2020 00:59:15 +0000
Message-ID: <485d7159414c46cb985138cdc057c9ae@aplex01.dom1.jhuapl.edu>
References: <D6D8C3D0-441B-477D-99C5-0E30F0F40E12.ref@antarateknik.com> <D6D8C3D0-441B-477D-99C5-0E30F0F40E12@antarateknik.com>
In-Reply-To: <D6D8C3D0-441B-477D-99C5-0E30F0F40E12@antarateknik.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [128.244.198.168]
Content-Type: multipart/alternative; boundary="_000_485d7159414c46cb985138cdc057c9aeaplex01dom1jhuapledu_"
MIME-Version: 1.0
X-OrganizationHeadersPreserved: aplex01.dom1.jhuapl.edu
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235, 18.0.687 definitions=2020-07-28_17:2020-07-28, 2020-07-28 signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dtn/Sa4n4rlSEpBzcWp5U0Yw_BCpFrE>
Subject: Re: [dtn] Interoperability context and/or COSE
X-BeenThere: dtn@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Delay Tolerant Networking \(DTN\) discussion list at the IETF." <dtn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtn>, <mailto:dtn-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dtn/>
List-Post: <mailto:dtn@ietf.org>
List-Help: <mailto:dtn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtn>, <mailto:dtn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jul 2020 00:59:27 -0000

I agree that the COSE security context is useful and well written.

But I also agree with Mehmet; if we need to produce a “default” security context it should be made as simple as possible. To that end, I think a new version of the interop security contexts, re-imagined to be default operational security contexts that can also be used for interoperability is the way to go.

-Ed


Edward J. Birrane, III, Ph.D.
Embedded Applications Group Supervisor
Principal Staff, Space Exploration Sector
Johns Hopkins Applied Physics Laboratory
(W) 443-778-7423<tel:(443)%20778-7423> / (F) 443-228-3839<tel:(443)%20228-3839>

From: dtn <dtn-bounces@ietf.org> On Behalf Of Mehmet Adalier
Sent: Tuesday, July 28, 2020 6:44 PM
To: Rick Taylor <rick@tropicalstormsoftware.com>; dtn@ietf.org
Subject: [EXT] Re: [dtn] Interoperability context and/or COSE

APL external email warning: Verify sender dtn-bounces@ietf.org<mailto:dtn-bounces@ietf.org> before clicking links or attachments



Regarding the questions posed below:
Yes, I believe that the BPsec interoperability security context should be useable in environments beyond interoperability-testing. I am not sure what ‘production grade’ entails, but I will be more than happy to contribute to this effort.

Regarding “Should the COSE security context replace the BPSec-interop document?”
I have extensively reviewed the COSE RFC. While this is a well written RFC, I am not convinced that the overhead introduced provides a tangible security benefit. While it attempts to standardize, its complexity increases the amount of processing code and the attack surface. My vote will be no, it should not replace the BPsec interop document.

mehmet


From: dtn <dtn-bounces@ietf.org<mailto:dtn-bounces@ietf.org>> on behalf of Rick Taylor <rick@tropicalstormsoftware.com<mailto:rick@tropicalstormsoftware.com>>
Date: Monday, July 27, 2020 at 6:09 AM
To: "dtn@ietf.org<mailto:dtn@ietf.org>" <dtn@ietf.org<mailto:dtn@ietf.org>>
Subject: [dtn] Interoperability context and/or COSE

Hi All,

At IETF-108 a question was raised as whether the existing BPSec interoperability security context should be useable in environments beyond interoperability-testing.

A second question was raised: whether the COSE security context would actually make a good replacement for the BPSec interoperability security context draft.

The chairs are interested in discovering WG consensus on the following topics:


  1.  Should BPsec-interop be updated to be ‘production grade’?
  2.  Should the COSE security context be adopted as a WG document?
  3.  Should the COSE security context replace the BPSec-interop document?

Cheers,

Rick & Marc
_______________________________________________ dtn mailing list dtn@ietf.org<mailto:dtn@ietf.org> https://www.ietf.org/mailman/listinfo/dtn

v2.23.0 | Report a Bug | By Email