Re: [Iot-directorate] [Emu] Iotdir early review of draft-ietf-emu-eap-noob-01
Mohit Sethi M <mohit.m.sethi@ericsson.com> Sat, 11 July 2020 15:04 UTC
Return-Path: <mohit.m.sethi@ericsson.com>
X-Original-To: iot-directorate@ietfa.amsl.com
Delivered-To: iot-directorate@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C08603A0FE2; Sat, 11 Jul 2020 08:04:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id slKsuJle4_pz; Sat, 11 Jul 2020 08:04:02 -0700 (PDT)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70049.outbound.protection.outlook.com [40.107.7.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B3773A0FDF; Sat, 11 Jul 2020 08:04:02 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=I33YPZbslRYOKOJ1E5mIcs4V9gDbWc/nIb/Nw00GClG7jiVPYKVJGLa6KqvYPERrvIBPMV4zxcgbWwWbeGNyDyo6yHGVTwkjoilIDwoOzIhSFtqPgHNIAoNQMAVIv8cOkyjDMx3XV/VorXuji/VADfk06yHLvrDmwYzsjW0idepCdDJ/zGJGn+aHP0u234Y+a01XC/DG2LKL53WocDRYneOG6iPDg7w5tDiRc8b5EcNwv9ma+s7dm4Gd+KyiIKAw9PiY45xu9kePmCubZGWBhgWV/KUhENZFrNjee3IF7nP05YdkqdmgXFqez1wwJ3ILJNh/zW5+qheC7WY4FmQEsQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7lE7mU+vJcU+oXklAsDTB2EwdZz0eqJldfztYckuDTo=; b=Xnu78cIjfRjWTfjk0YNBwcvgj4aLmjhuCFmx3uHI7DcThFdth3NG7Dgdh4BIiab3QwOs5waLVAMLayW/TDuLk9E7kOrORQbHMO0dimg6OZbY6FA/TVR2Y4oI24W663jittHOTXjfo5dHlJt+ttgTbceBaJ66uewiTXF0LcEJMPPhG9auJPgxg5fLgiMASBbBuxD5TQMfdQnQ4dbE+ZUVMiE+dJ2lJcfyOMVDnBURxu/Mic4W43M4FxgCiv2uuHV9iwmrN+KCwwApTeVINbiS7wqPGNN35Vz7bAeQNG+HGG7faekgbjkq3dl1rwLxZ1NALFv/xSvJ9kY1mHW8Rwn3Pw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7lE7mU+vJcU+oXklAsDTB2EwdZz0eqJldfztYckuDTo=; b=vVtm/e6pSPUVKwolVg9gQeH3A/tIWjcohmCj35XXTpnlTd4Iz+hkuhor89RdWblmy+TBcnJeRmCv02f7sIwsnjYR4d+S7+Y53LdGmMP06GY1tXj8+G1isd786aJ5IgWwsbblCENMIe+S05dx4r6LTYCa0bWLv5CLDihWeTgnTT8=
Received: from VI1PR07MB3390.eurprd07.prod.outlook.com (2603:10a6:802:1e::16) by VI1PR07MB5310.eurprd07.prod.outlook.com (2603:10a6:803:b0::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3174.15; Sat, 11 Jul 2020 15:03:59 +0000
Received: from VI1PR07MB3390.eurprd07.prod.outlook.com ([fe80::211c:500c:f155:7b16]) by VI1PR07MB3390.eurprd07.prod.outlook.com ([fe80::211c:500c:f155:7b16%4]) with mapi id 15.20.3195.010; Sat, 11 Jul 2020 15:03:59 +0000
From: Mohit Sethi M <mohit.m.sethi@ericsson.com>
To: Carsten Bormann <cabo@tzi.org>, Mohit Sethi M <mohit.m.sethi=40ericsson.com@dmarc.ietf.org>
CC: Michael Richardson <mcr+ietf@sandelman.ca>, "emu@ietf.org" <emu@ietf.org>, Dave Thaler <dthaler@microsoft.com>, "iot-directorate@ietf.org" <iot-directorate@ietf.org>
Thread-Topic: [Iot-directorate] [Emu] Iotdir early review of draft-ietf-emu-eap-noob-01
Thread-Index: AQHWV4jiLX8wB2JelkaJeYn6Rb38yKkCee6A
Date: Sat, 11 Jul 2020 15:03:59 +0000
Message-ID: <7154bceb-a26b-289f-3f1d-b3d78ad758e3@ericsson.com>
References: <159200881222.13853.13790945720958773822@ietfa.amsl.com> <962.1594228341@localhost> <cd4eb7c4-2780-2c10-9946-c44862deef73@ericsson.com> <DBE32082-A1B3-4D70-AD21-322AFFCE525A@tzi.org>
In-Reply-To: <DBE32082-A1B3-4D70-AD21-322AFFCE525A@tzi.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.8.0
authentication-results: tzi.org; dkim=none (message not signed) header.d=none;tzi.org; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [2001:14bb:180:32e0:4410:998:b5bb:a856]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: da12081a-c976-4979-194c-08d825aba407
x-ms-traffictypediagnostic: VI1PR07MB5310:
x-microsoft-antispam-prvs: <VI1PR07MB531028E45E04DDBBFFEBC082D0620@VI1PR07MB5310.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: aHTIzaGE+y8XO6zhsxrlG+qr5WxRgzuxu2L3g8K21VyHFoHkNXbTK5owFrW6A6+SaFSfg/pptw64Z8y5NCL0ResNcjVy/9qCzQonzQkSBd6NDHLn7Uz5Eopl5Hk8gDx8xDsmzH8V5Fd/KY6FcMQNyFDevNIUfmYWXTutnfj2GLLWuoNycXj23supcpyIKAog9vDKnYAvN25II0RBnh/Hk5gUfYRaXHil2i830pH/F4/jXOyDRH6yTQLdJ97HyWGjCW3IW7QIHV5TFVsxAs5NRf8dX9/sg9RoovVYAxUgMmx5a6Ufmyc2nYTPELIxXBdWHUZihR475/iU8ZV4AnkyEqV7+tsuotjs9ucysMGaej+8aUES58K/VVbEl1l7OkEKJ8NJ/11uTRAOYcEI+3YZ14RxL1yxTe9vG2YuC0vL0HVevgzbiGLI3xrVvfdc/9PGcy9l/sDniCHI7S+dRZbx7w==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1PR07MB3390.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(396003)(39860400002)(136003)(346002)(376002)(366004)(36756003)(4326008)(2906002)(54906003)(5660300002)(31686004)(110136005)(2616005)(316002)(66556008)(66446008)(66476007)(71200400001)(76116006)(31696002)(66946007)(64756008)(53546011)(6506007)(86362001)(6512007)(8676002)(186003)(8936002)(478600001)(966005)(6486002)(43740500002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: Pvg75B72zO9HIm6lbCAjtGZr2P1shG6/6zcQKKtwwzWD0tA9t4N5gUMg86W5cP8z0LbDcaTqivBsDWAtvb/Ch+hD1AKNb34hVp2ZxUmR3pWi6Zp9QBQZjLv/VbQXn+KKYajfR8APdoz+qT1Jq8QNedwGAxQmX6+qdrTlClgINC9YRtf1HQ9WroFp6JYynBp0Fj5Nsx2UUFkGwyQq60WO9YqpbbpKZarDYIQpLUlyrVpgCeB/dztSO9kcmRhVFwA6hhlM1hldQB9XoFznpSADZxVfreh4wCavGgVeT89UpJmRYAFPIZxBxZcGNauWHC9ZHrJX2NxsmrW4JYCO9WoOPg+BkpjnCfcsB0BpU2jTzy6BQXN51WkRBZ8eEUk0dwwKosIMKMElilnddQJIP7fyH81mPYE5WiELzbGzgStf+oL3kM5kPiHajJuKljgqfXqwuC214HQRh9gCGu1wAGUtTq8i76CcJgzIKIuq89gRshdGRSA+29XDudqCfWBgqhYSiXZgZmlXgdRyDBpo851xwdXAyb4Mtnp8cbZkfSMaIzM=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <BC2FAF3C3A56E44898A0FCD8375169E2@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: VI1PR07MB3390.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: da12081a-c976-4979-194c-08d825aba407
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Jul 2020 15:03:59.3119 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Juce8i8MfycE9lxUDSYZ7FbLnfgYUJQhE3ssvL/d3ImEpVdR1JLAa9uu0uZEw91a/kLkspt7OQuRyycSJbrugPvlh3S8PQmpjBhKKV5ThY8=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB5310
Archived-At: <https://mailarchive.ietf.org/arch/msg/iot-directorate/Xq52YnStfu_IM6mGYwIGHYlbfbM>
Subject: Re: [Iot-directorate] [Emu] Iotdir early review of draft-ietf-emu-eap-noob-01
X-BeenThere: iot-directorate@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Mailing list for the IoT Directorate Members <iot-directorate.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/iot-directorate>, <mailto:iot-directorate-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/iot-directorate/>
List-Post: <mailto:iot-directorate@ietf.org>
List-Help: <mailto:iot-directorate-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/iot-directorate>, <mailto:iot-directorate-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Jul 2020 15:04:05 -0000
Thanks Carsten. This is very valuable input for the working group before it makes a critical decision. --Mohit On 7/11/20 4:40 PM, Carsten Bormann wrote: > Hi Mohit, > > >> On 2020-07-11, at 15:27, Mohit Sethi M <mohit.m.sethi=40ericsson.com@dmarc.ietf.org> wrote: >> >> Hi Michael, >> >> Thanks for the input. This is indeed something we should discuss at the upcoming virtual EMU meeting. >> >> Some colleagues (Ingles Sanchez et al.) have also investigated and documented the savings that might result from the use of CBOR in EAP-NOOB: https://hal.archives-ouvertes.fr/hal-02880326/document > That paper simply translates a JSON-like structure into CBOR, without using any of the additional benefits of using CBOR (e.g., numeric map labels). > So I would expect the benefits of moving to CBOR to be larger than described in this paper. > >> EAP-NOOB also relies on the JWK specification for encoding public keys. While CBOR equivalent is defined in RFC 8152, it is a rather large document that contains all the functionality of JWK, JWS, JWA (as far as I understand). Following smaller modular specifications was somehow easier at the time. > RFC 8152 does have a section structure, so you don’t need to read all of it to just get the equivalent of JWK. > >> What is more important is that wpa_supplicant currently has a JSON encoder and parser (https://protect2.fireeye.com/v1/url?k=be5e912f-e0fe3fe2-be5ed1b4-866132fe445e-d1e084c426bf1ae9&q=1&e=3870678c-1f3b-4f09-8cde-269a88395e80&u=https%3A%2F%2Fw1.fi%2Fcgit%2Fhostap%2Ftree%2Fsrc%2Futils%2Fjson.c). I think you would agree that wpa_supplicant is probably the most important tool for those using EAP (at least on 802.11). >> >> One could use an external library since there are many CBOR implementations available: https://protect2.fireeye.com/v1/url?k=e6a1854a-b8012b87-e6a1c5d1-866132fe445e-29d16d211c0fc3e9&q=1&e=3870678c-1f3b-4f09-8cde-269a88395e80&u=https%3A%2F%2Fcbor.io%2Fimpls.html. However this has two major downsides: >> >> - Adding an external library dependency implies that the overall system becomes more brittle. > To the contrary. An implementation of JSON just for one application is likely to have received less testing and overall development attention than an industrial-strength library. If you for some reason don’t agree with that, you can always create another CBOR implementation in an afternoon :-) > >> - Updating and maintaining two components is definitely harder than one. > Not sure I follow. > >> As said, this is worth discussing at the meeting since it would result in a large change to the existing EAP-NOOB implementations. > Certainly! > I just wanted to make sure you don’t make your decision for the wrong reasons. > > Grüße, Carsten >
- [Iot-directorate] Iotdir early review of draft-ie… Dave Thaler via Datatracker
- Re: [Iot-directorate] Iotdir early review of draf… Michael Richardson
- Re: [Iot-directorate] [Emu] Iotdir early review o… Mohit Sethi M
- Re: [Iot-directorate] [Emu] Iotdir early review o… Carsten Bormann
- Re: [Iot-directorate] [Emu] Iotdir early review o… Mohit Sethi M
- Re: [Iot-directorate] [Emu] Iotdir early review o… Benjamin Kaduk