Re: [Hipsec] Last Call: <draft-ietf-hip-dex-24.txt> (HIP Diet EXchange (DEX)) to Proposed Standard
Andrei Gurtov <andrei.gurtov@liu.se> Wed, 03 February 2021 09:30 UTC
Return-Path: <andrei.gurtov@liu.se>
X-Original-To: hipsec@ietfa.amsl.com
Delivered-To: hipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF5CE3A1670 for <hipsec@ietfa.amsl.com>; Wed, 3 Feb 2021 01:30:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MSGID_FROM_MTA_HEADER=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=liu.se
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PsPl310s-pOi for <hipsec@ietfa.amsl.com>; Wed, 3 Feb 2021 01:30:16 -0800 (PST)
Received: from carinthia.it.liu.se (carinthia.it.liu.se [130.236.56.10]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D29333A166F for <hipsec@ietf.org>; Wed, 3 Feb 2021 01:30:15 -0800 (PST)
Received: from e-mailfilter01.sunet.se (e-mailfilter01.sunet.se [IPv6:2001:6b0:8:2::201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by carinthia.it.liu.se (Postfix) with ESMTPS id AAF5580373 for <hipsec@ietf.org>; Wed, 3 Feb 2021 10:30:12 +0100 (CET)
DKIM-Filter: OpenDKIM Filter v2.11.0 carinthia.it.liu.se AAF5580373
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=liu.se; s=liu.liu; t=1612344612; bh=u4PBbshJKEP4Q+YFpKT4BL7na41xlqUQrARGKVE2fNQ=; h=Subject:To:References:From:Date:In-Reply-To:From; b=DrVvTUTG8M9LU10E/Q7T5y1P5onjWYC9le3mQpAqnmcUyuNZRi2XLuf7/zx4XA1Cg 1MGCLz9OQK4pMS1zT40gm+YJQTPZ+9PCkxCwlvft5xpjco8m4uDNr+fcusHzrWmRZR sk5JUa/jSUqK0livvZxc7RXOvXMOdu4eBan0+vdMqF3ONP+0RvWdn/cZjDRJD7Qp3H AO4aTNZqh475ueD6sNigkhwdK8vSXOSsxvNUQlAbRyQyW3aqo36Affh3NV/qT8o10n iCWnoEQnpQ3iWjkscRM/51ZERhHgsfiQh4T3h0bfz0ZY5ZLifL2OO/sfNzvyfvLexn P3gA/nsNtFQgg==
Received: from andania.it.liu.se (andania.it.liu.se [130.236.56.15]) by e-mailfilter01.sunet.se (8.14.4/8.14.4/Debian-8+deb8u2) with ESMTP id 1139UBQt090977 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for <hipsec@ietf.org>; Wed, 3 Feb 2021 10:30:12 +0100
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-db3eur04lp2052.outbound.protection.outlook.com [104.47.12.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by andania.it.liu.se (Postfix) with ESMTPS id AE4BEA16C3 for <hipsec@ietf.org>; Wed, 3 Feb 2021 10:30:11 +0100 (CET)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cCGnCYcT7eDOKV/GgMv5EO50r1h1mGwb5YP9LVC7FZstPpCcYzxhiT0uuIL671yQS9NCNkoH/hamurRBcyFn3QbVfl3GDOIUxDwd8r2FzhnLiejD5aL5f+kDF5q/mZYht4xsdAmb2N8/l+nk5LNIPnnuCFHT9KU5yREbw3vyKKfbPNEPiIb+t8+PK96t6RV7WPjP+2uxtl56kjSgZf5sfvccuF6QTb5mN6yXcBOWX2HRuNrvsGQtbkDRHSZuQjkxuFl67lNiFZ9ZsdPY2qbpwn+fIPidGNKo+SlhDrRIOrn72Fl9+gpVCzo+ojcWTAeGjSET02ocyOPV4myEBFGTpA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pfU3NI7iGcar2jqRCaHQJRoIeTeXYIS7UwbrOjB9FU4=; b=lNgB6pTOMz/HSPmwdNNgXSwODjMjY6d81dolsfWeicLJS4c/BsVmtV25CGJCF3Ixn137vkMwk13cvL1MYtC6eITrXjZIOJmKvGNY/spia+ZM2D2eod6Zk0L09AlWNjz6A54iB3nZyqg0ycJ8zvORRbHjJl7gpUVTx/CdNEl9txL4oOS9qyk60XSf2plonfkQJBNa/eJlDnwzln9fz0Clpgm3MbD83YHP5N8Af2PLOPMlV8qauDa9NBb2D0KXhkDdJ1H5tH2g87OJ6WuUZP0oCwlCUJWCaNCxujX7gR4EJOWJG8+XmsIG8qtaZfC10FKkP/VMuoSAUgLvtzRdaQfPfg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=liu.se; dmarc=pass action=none header.from=liu.se; dkim=pass header.d=liu.se; arc=none
Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=liu.se;
Received: from VI1P191MB0336.EURP191.PROD.OUTLOOK.COM (2603:10a6:803:2e::31) by VE1P191MB1134.EURP191.PROD.OUTLOOK.COM (2603:10a6:800:16c::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3825.19; Wed, 3 Feb 2021 09:30:10 +0000
Received: from VI1P191MB0336.EURP191.PROD.OUTLOOK.COM ([fe80::d1e0:c547:343e:fa01]) by VI1P191MB0336.EURP191.PROD.OUTLOOK.COM ([fe80::d1e0:c547:343e:fa01%7]) with mapi id 15.20.3825.019; Wed, 3 Feb 2021 09:30:10 +0000
To: hipsec@ietf.org
References: <161115411446.925.13438084676436304288@ietfa.amsl.com> <29AAD2A6-3AE1-4356-A444-7BFC9291C8CB@cisco.com>
From: Andrei Gurtov <andrei.gurtov@liu.se>
Message-ID: <4a9193d1-0096-fb2c-e0ab-88892b1fe375@liu.se>
Date: Wed, 03 Feb 2021 10:30:09 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.6.1
In-Reply-To: <29AAD2A6-3AE1-4356-A444-7BFC9291C8CB@cisco.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
X-Originating-IP: [217.210.49.61]
X-ClientProxiedBy: HE1PR0901CA0053.eurprd09.prod.outlook.com (2603:10a6:3:45::21) To VI1P191MB0336.EURP191.PROD.OUTLOOK.COM (2603:10a6:803:2e::31)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [192.168.50.200] (217.210.49.61) by HE1PR0901CA0053.eurprd09.prod.outlook.com (2603:10a6:3:45::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3825.17 via Frontend Transport; Wed, 3 Feb 2021 09:30:09 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 03df992c-cc63-43bf-3d0d-08d8c8264d23
X-MS-TrafficTypeDiagnostic: VE1P191MB1134:
X-Microsoft-Antispam-PRVS: <VE1P191MB1134D21A124738DD2463FC7B84B49@VE1P191MB1134.EURP191.PROD.OUTLOOK.COM>
X-MS-Oob-TLC-OOBClassifiers: OLM:10000;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: ONX0OxKrNE4qIzOW2IX3k9y7H8pnzjLAnbI7IWdsnLiCibdLE8DK22o7R5ifPVe8WHTyLYDf7T+TrAIJ9XnDhdbpeeMIdKa0r0h0B6Dk+44MhAE9wNAKWKtal5aj04DhGEg/iA6mIEmTD8Af7d/DNjZEk/BYREfJRPyQRaOAgxBqcri2MvRp0EeOxmNzCIjDPDsrljhFPyzOwQY1xRfMIDeNlua2w0UN2awhzfSqTN1fcletSLf1YDCNyFKe7GZlQ6wRPlmnPeV5+clCxC5Hi3N9s9sZ3rB5CyxkBLs/8PU1Lu5Y9l67/AaRVTX0pHYm1TjSJZ6WDH16ge8+jBFdZn1+rGjXzp+C4CSWCxOBfhkjm+nWvPQvvQMR2kWZ7b51sgpaiWYZ/TVqRESbyGn3a6LWo3bdbbgilg4RB9t0ys7cim8sdAx7T5EKEuKjNZJxQvHCjrQHmmpYxdL3DEBcAhaDHDZYmTBD3JeFTDVPYWXaMPXlmCcbre4AS2rLQDflOk5Akas5D3+QocbntCIW0rg3umchd/6n20pwobUc83BfTttzh5KVfQm7Nn435okMEaki4tc5iOfBYJ3OF6gWt7Uo1ykElPqvtu5EyM2Mp4sdlC0optiUXRjiGWCMaPRs4k7bT10oznI+0QX+kLv9BDbiObBu3l1syCLG5NjxqLSn5wUX/DbHR5xVvQu2tjSHbYSPpzshOy/dsO9z/kqy8A==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1P191MB0336.EURP191.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(346002)(376002)(39830400003)(366004)(396003)(6916009)(53546011)(8936002)(36756003)(31696002)(16576012)(34490700003)(83380400001)(86362001)(2906002)(26005)(31686004)(8676002)(6486002)(45080400002)(66946007)(2616005)(44832011)(52116002)(66556008)(66476007)(5660300002)(966005)(16526019)(508600001)(956004)(186003)(43740500002)(45980500001); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData: B3gJR0EMpP0hzHRRIi0TCiAbBRmIbwwKj8jS3qBFiRyeTJXFtfpmMsEJb7oFPuSsac1vBVnmuNcespKIdDXChFJmcmkZ+8ae7M9b7unbpbIo4n48fTms1TM3pkugjzSvzViFGHL7bGLlq1PM5hi9A9vWS0WG1nxDQjXSIU9pn+ADmNLOZ/MO3qOOsX1XTesbJkOxbG8NwV2qeuifzD4Ie4Py4hp9pEVAWcmQf597mr9eoeuLJPnk6Ktb0sGi1Kh4/OKeyDHLkvbc91S0aBldNp/CFQ8sBfIEDqRWC98k3oD+f3EEKBrcYWyTqulC9AvcecfPsWZoVMeuFJN7Lw8/5pN6dT2UkDemYCqqxIbZHr0ba/lvUYW9+yDzS62/qo9cowUoXVv2HYvp+e+6bZf3ouqhTcSahPZp5+bvt8nZeasIv6iCvSXTj3SaJrHNW3WQmdDwLiT3HSmSQ0OyqRRbirm/BS/+EKnCgdsTiDM3ZvPD5t54EIds7NZZOSazdyqZ6c2owB8Js/LX/DGGRL1BmgCnvMgwhQ7YTiH9pA8Bb0yG4F523eRFhyDk7VoUgrLjJBAhpH+RO0qNLfyg5mu3VOVgGSvWHeI/SyZCzzLS12bqMzyFGv5z/UFiwtbWip46CiLlvJy2pozcsrorXAXCLZCLzJ9MX+bLM+HH3mpYZl11qVF7xHV/jccUIcyUEMJ6H5lC4XgRxgGUh+SqkmZw23DXNqkj7lLdQD9XYyoeMzAASVKu6YuU9MPj7slaoi0AkDZ1UmRFJEJ8PA+a7TBbsxWXcVX0tpECOxrZ3AtVONCTS/gvJbA9uyNKiN66RnNpOtbk9LBwRcAnEvbSTAtT+nNMXwXkENEoFnwz7ezOuR48uwZxKjjeITV9pabVVflZB1pkYSPNCJFjUEw4Avh2p+5r6AaFWilDPcPNrqXnodZHCPQgM1dwROS55vuVveTIZ5Vcdx1H+GDBOvww5mqwrOtSsxKvPNozHS6Lwnew58L5bY/7djSfzD8OqrJgsj/VVefkL7qOid7HpdujG52KVtNZqTjFJguLLc1WyMqboyOqVtIbihOjfs8EIgBDEg7C
X-OriginatorOrg: liu.se
X-MS-Exchange-CrossTenant-Network-Message-Id: 03df992c-cc63-43bf-3d0d-08d8c8264d23
X-MS-Exchange-CrossTenant-AuthSource: VI1P191MB0336.EURP191.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Feb 2021 09:30:10.3101 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 913f18ec-7f26-4c5f-a816-784fe9a58edd
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: wNqFqwqMCWenLTn7beipKtoUJjEo4lFhi+VU3tioilKH1PHvnKBbcgAheMnoQmEj
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VE1P191MB1134
X-Bayes-Prob: 0.0001 (Score 0, tokens from: outbound, outbound-liu-se:default, base:default, @@RPTN)
X-p0f-Info: os=Linux 3.11 and newer, link=Ethernet or modem
X-CanIt-Geo: ip=104.47.12.52; country=IE; region=Leinster; city=Dublin; latitude=53.3331; longitude=-6.2489; http://maps.google.com/maps?q=53.3331,-6.2489&z=6
X-CanItPRO-Stream: outbound-liu-se:outbound (inherits from outbound-liu-se:default, base:default)
X-Canit-Stats-ID: 094oxubjC - 0caa02844106 - 20210203
X-CanIt-Archive-Cluster: PfMRe/vJWMiXwM2YIH5BVExnUnw
X-Scanned-By: CanIt (www . roaringpenguin . com)
Archived-At: <https://mailarchive.ietf.org/arch/msg/hipsec/5agWqDZYN0QERxcT7f2k5Jbe7Mc>
Subject: Re: [Hipsec] Last Call: <draft-ietf-hip-dex-24.txt> (HIP Diet EXchange (DEX)) to Proposed Standard
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hipsec/>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Feb 2021 09:30:19 -0000
I reviewed the latest version and think it is ready for publication. br Andrei On 1/20/2021 4:09 PM, Eric Vyncke (evyncke) wrote: > There have been several of *significant* changes since the IETF last call in November 2019 on the -11 revision, so, as the responsible AD, I am asking the IETF community for 3rd review on the latest revision -24. > > The changes include at least: applicability statement, use of the FOLD function, I_NONCE, input keying material for master/pair-wise key generation, security section, some deleted DH groups and ciphers. > > For your convenience the diff between the two versions: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Frfcdiff%3Furl2%3Ddraft-ietf-hip-dex-24%26url1%3Ddraft-ietf-hip-dex-11&data=04%7C01%7Candrei.gurtov%40liu.se%7C370565e71f474343976108d8bd55aebf%7C913f18ec7f264c5fa816784fe9a58edd%7C0%7C0%7C637467522989981278%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=lSa0YQ9%2BtdOFPnLhq5sHEAkFHlYDHQ6eRMv3lRGSFhg%3D&reserved=0 > > Thank you in advance for your valuable comments before the 3rd of February 2021, > > -éric vyncke > > PS: thank you for the previous reviewers, your comments have helped the authors to improve the document. Thank you as well to the authors for listening to those comments. > > -----Original Message----- > From: <iesg-secretary@ietf.org> on behalf of The IESG <iesg-secretary@ietf.org> > Reply-To: "last-call@ietf.org" <last-call@ietf.org> > Date: Wednesday, 20 January 2021 at 15:48 > To: IETF-Announce <ietf-announce@ietf.org> > Cc: Gonzalo Camarillo <gonzalo.camarillo@ericsson.com>, "draft-ietf-hip-dex@ietf.org" <draft-ietf-hip-dex@ietf.org>, Eric Vyncke <evyncke@cisco.com>, "gonzalo.camarillo@ericsson.com" <gonzalo.camarillo@ericsson.com>, "hip-chairs@ietf.org" <hip-chairs@ietf.org>, "hipsec@ietf.org" <hipsec@ietf.org> > Subject: Last Call: <draft-ietf-hip-dex-24.txt> (HIP Diet EXchange (DEX)) to Proposed Standard > > > The IESG has received a request from the Host Identity Protocol WG (hip) to > consider the following document: - 'HIP Diet EXchange (DEX)' > <draft-ietf-hip-dex-24.txt> as Proposed Standard > > The IESG plans to make a decision in the next few weeks, and solicits final > comments on this action. Please send substantive comments to the > last-call@ietf.org mailing lists by 2021-02-03. Exceptionally, comments may > be sent to iesg@ietf.org instead. In either case, please retain the beginning > of the Subject line to allow automated sorting. > > Abstract > > > This document specifies the Host Identity Protocol Diet EXchange (HIP > DEX), a variant of the Host Identity Protocol Version 2 (HIPv2) and > specifically developed for use on low end processors. The HIP DEX > protocol design aims at reducing the overhead of the employed > cryptographic primitives by omitting public-key signatures and > cryptographic hash functions. > > The HIP DEX protocol is primarily designed for computation or memory- > constrained sensor/actuator devices. Like HIPv2, it is expected to > be used together with a suitable security protocol such as the > Encapsulated Security Payload (ESP) for the protection of upper layer > protocol data. Unlike HIPv2, HIP DEX does not support Forward > Secrecy (FS), and MUST only be used on devices where FS is > prohibitively expensive. In addition, HIP DEX can also be used as a > keying mechanism for security primitives at the MAC layer, e.g., for > IEEE 802.15.4 networks. > > > > > > The file can be obtained via > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-hip-dex%2F&data=04%7C01%7Candrei.gurtov%40liu.se%7C370565e71f474343976108d8bd55aebf%7C913f18ec7f264c5fa816784fe9a58edd%7C0%7C0%7C637467522989981278%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=gdpptEioiBmuD05oC43afzYEIbxF9DmntVdDFlM3coI%3D&reserved=0 > > > > No IPR declarations have been submitted directly on this I-D. > > > The document contains these normative downward references. > See RFC 3967 for additional information: > rfc6261: Encrypted Signaling Transport Modes for the Host Identity Protocol (Experimental - IETF stream) > > > > > > _______________________________________________ > Hipsec mailing list > Hipsec@ietf.org > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fhipsec&data=04%7C01%7Candrei.gurtov%40liu.se%7C370565e71f474343976108d8bd55aebf%7C913f18ec7f264c5fa816784fe9a58edd%7C0%7C0%7C637467522989981278%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=jTLGcfXwfHhcrf0sSLvnqJW4avH5sNdYj0vhuVaJl%2Bo%3D&reserved=0
- [Hipsec] Last Call: <draft-ietf-hip-dex-24.txt> (… The IESG
- Re: [Hipsec] Last Call: <draft-ietf-hip-dex-24.tx… Eric Vyncke (evyncke)
- Re: [Hipsec] Last Call: <draft-ietf-hip-dex-24.tx… Jeff Ahrenholz
- Re: [Hipsec] Last Call: <draft-ietf-hip-dex-24.tx… Andrei Gurtov
- Re: [Hipsec] [Last-Call] Last Call: <draft-ietf-h… Eric Rescorla