[Iotops] Re: WGLC on draft-ietf-iotops-security-protocol-comparison-06

Marco Tiloca <marco.tiloca@ri.se> Tue, 21 January 2025 22:13 UTC

Return-Path: <marco.tiloca@ri.se>
X-Original-To: iotops@ietfa.amsl.com
Delivered-To: iotops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D83DC1E1644; Tue, 21 Jan 2025 14:13:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ri.se
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i-8C8o1Zbk9T; Tue, 21 Jan 2025 14:13:47 -0800 (PST)
Received: from GVYP280CU001.outbound.protection.outlook.com (mail-swedencentralazon11022142.outbound.protection.outlook.com [52.101.82.142]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9E49BC1E163C; Tue, 21 Jan 2025 14:13:45 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=iHpJCQC5kpThHmTDSTV4kP7IPQiI17JajiFj69hmA64FuWFH2WqgY7QMTXaf/Cp2zQOKPKEVj8luRojL8c3X0IGVNpK2is2h82ZA64fSeWTnlg+NIHmYUSGFWe3eySp9oN4nRKCeh6bWUZIQegBD9K3x/lyl0ONF5a6nEMsMdywqHAUsuCXG3kv6KN7ob+2YW2scSLxTsKMRmxbWVKFjY5f11xdSyPaA6guVPecAbS+dOBMkHE8cb8OioCCP+mHcP7CQbo/URkKwObmcAyiKjc5yEVTxjvMeo3kd0/vTjMOumdNLX2rmcqR3Pexms1uDBOaG6EAxDQfGgcECQdNnTA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=cr6ay5n4j7h2gYQGMCJG01QXqoz4yujEflMLfZGRHYI=; b=SgxuvElLQ3qsXStwH9msD0WJwOT/fpe/FOnWEQ9rWwbK9MU+MR+Uq5JxaLE94okQBZpCRZJBaZbsd2PXpe16b0caZd8NVDkz51YxlFEk+dn+2oI9t+IWRyqIEskdkLNjJIrYcJNuVPoUdFNpphm/cnwHZRx73Nef8Ia/GCOLAzw1Dblrt7/1I1W3ToEMLp8MrKHJEwfpLy+wMZpwxo5LzwvAZX9vE5J9v+mazFjp/PZtuAkDdCg7D2y2EBgh9ofh++tjsDPl/Smeg8nq/6s1+YgK6IZbaS+0sC5xazPrNAnAZtiTx42uSNCunl9rPWyfAWuvitj3X83ZGLlorRGEAQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ri.se; dmarc=pass action=none header.from=ri.se; dkim=pass header.d=ri.se; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ri.se; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cr6ay5n4j7h2gYQGMCJG01QXqoz4yujEflMLfZGRHYI=; b=HuF0yUSjoFNj2MA4JUlTaiY2cnquM/GW0rEWS8zB+LC96J8zIRh+KnRLbNclJf0SVjsKFzncnCBUVWwu8bMHjkpkwMFZVWdWmGCklWJoO18TMgCCDRiBCn93bAp56zx7l17xtDVA+gBd0EXAoQddvpD3LlzUInCxp6RZB8D2aAGjeEK5bhndoVNmPXWQZEwiFNtfsh0KsOutoFsDh8lJw4IpI2Fdguza+eOu1L+vQPiRPluplAa04Jm7w2yon4TblF9Gup7CBH0WVnJHknJBn626ioq4H5EvJlpBnSsFBpguqHrMZgkFvbfkVTeSCLXt+Ur30Ulrv+tgiEQrVLZa5w==
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ri.se;
Received: from GV3P280MB0450.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:11::7) by MM0P280MB0040.SWEP280.PROD.OUTLOOK.COM (2603:10a6:190:f::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8377.17; Tue, 21 Jan 2025 22:13:41 +0000
Received: from GV3P280MB0450.SWEP280.PROD.OUTLOOK.COM ([fe80::18fb:b9d3:ba43:257a]) by GV3P280MB0450.SWEP280.PROD.OUTLOOK.COM ([fe80::18fb:b9d3:ba43:257a%6]) with mapi id 15.20.8377.009; Tue, 21 Jan 2025 22:13:41 +0000
Message-ID: <42335dc0-1dc5-463e-a10c-41adb4f11f04@ri.se>
Date: Tue, 21 Jan 2025 23:13:40 +0100
User-Agent: Mozilla Thunderbird
To: Francesca Palombini <francesca.palombini@ericsson.com>, Alexey Melnikov <alexey.melnikov@isode.com>, "iotops@ietf.org" <iotops@ietf.org>
References: <71ca11c6-f0e4-4eaa-a208-4562bc59288a@isode.com> <d8b785fb-676f-414b-8e2b-f4d1fad678db@ri.se> <PAXPR07MB78388DEB32A23BAD064BB51A98E62@PAXPR07MB7838.eurprd07.prod.outlook.com>
Content-Language: en-US
From: Marco Tiloca <marco.tiloca@ri.se>
Autocrypt: addr=marco.tiloca@ri.se; keydata= xsBNBFSNeRUBCAC44iazWzj/PE3TiAlBsaWna0JbdIAJFHB8PLrqthI0ZG7GnCLNR8ZhDz6Z aRDPC4FR3UcMhPgZpJIqa6Zi8yWYCqF7A7QhT7E1WdQR1G0+6xUEd0ZD+QBdf29pQadrVZAt 0G4CkUnq5H+Sm05aw2Cpv3JfsATVaemWmujnMTvZ3dFudCGNdsY6kPSVzMRyedX7ArLXyF+0 Kh1T4WUW6NHfEWltnzkcqRhn2NcZtADsxWrMBgZXkLE/dP67SnyFjWYpz7aNpxxA+mb5WBT+ NrSetJlljT0QOXrXMGh98GLfNnLAl6gJryE6MZazN5oxkJgkAep8SevFXzglj7CAsh4PABEB AAHNNk1hcmNvIFRpbG9jYSAobWFyY28udGlsb2NhQHJpLnNlKSA8bWFyY28udGlsb2NhQHJp LnNlPsLAdwQTAQgAIQUCWkAnkAIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRDuJmS0 DljaQwEvCACJKPJIPGH0oGnLJY4G1I2DgNiyVKt1H4kkc/eT8Bz9OSbAxgZo3Jky382e4Dba ayWrQRFen0aLSFuzbU4BX4O/YRSaIqUO3KwUNO1iTC65OHz0XirGohPUOsc0SEMtpm+4zfYG 7G8p35MK0h9gpwgGMG0j0mZX4RDjuywC88i1VxCwMWGaZRlUrPXkC3nqDDRcPtuEGpncWhAV Qt2ZqeyITv9KCUmDntmXLPe6vEXtOfI9Z3HeqeI8OkGwXpotVobgLa/mVmFj6EALDzj7HC2u tfgxECBJddmcDInrvGgTkZtXEVbyLQuiK20lJmYnmPWN8DXaVVaQ4XP/lXUrzoEzzsBNBFSN eRUBCACWmp+k6LkY4/ey7eA7umYVc22iyVqAEXmywDYzEjewYwRcjTrH/Nx1EqwjIDuW+BBE oMLRZOHCgmjo6HRmWIutcYVCt9ieokultkor9BBoQVPiI+Tp51Op02ifkGcrEQNZi7q3fmOt hFZwZ6NJnUbA2bycaKZ8oClvDCQj6AjEydBPnS73UaEoDsqsGVjZwChfOMg5OyFm90QjpIw8 m0uDVcCzKKfxq3T/z7tyRgucIUe84EzBuuJBESEjK/hF0nR2LDh1ShD29FWrFZSNVVCVu1UY ZLAayf8oKKHHpM+whfjEYO4XsDpV4zQ15A+D15HRiHR6Adf4PDtPM1DCwggjABEBAAHCwF8E GAECAAkFAlSNeRUCGwwACgkQ7iZktA5Y2kPGEwf/WNjTy3z74vLmHycVsFXXoQ8W1+858mRy Ad0a8JYzY3xB7CVtqI3Hy894Qcw4H6G799A1OL9B1EeA8Yj3aOz0NbUyf5GW+iotr3h8+KIC OYZ34/BQaOLzdvDNmRoGHn+NeTzhF7eSeiPKi2jex+NVodhjOVGXw8EhYGkeZLvynHEboiLM 4TbyPbVR9HsdVqKGVTDxKSE3namo3kvtY6syRFIiUz5WzJfYAuqbt6m3TxDEb8sA9pzaLuhm fnJRc12H5NVZEZmE/EkJFTlkP4wnZyOSf/r2/Vd0iHauBwv57cpY6HFFMe7rvK4s7ME5zctO Ely5C6NCu1ZaNtdUuqDSPA==
In-Reply-To: <PAXPR07MB78388DEB32A23BAD064BB51A98E62@PAXPR07MB7838.eurprd07.prod.outlook.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------781sWaREfVElfxgcJI3zcIHq"
X-ClientProxiedBy: GV2PEPF0000756A.SWEP280.PROD.OUTLOOK.COM (2603:10a6:158:401::3e8) To GV3P280MB0450.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:11::7)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: GV3P280MB0450:EE_|MM0P280MB0040:EE_
X-MS-Office365-Filtering-Correlation-Id: 39bba21b-53bc-449a-adc3-08dd3a68dce9
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|376014|1800799024|13003099007|8096899003;
X-Microsoft-Antispam-Message-Info: M5mN9ES57dvYYg+xMD5YcXTGy01kLVQjyhYysllNkyJoIMXBywiwL4BcHh7x31NERJbzqoZxNZVjaln1ENsEmJfuP5VqAAymZS5YFTCkafTOcbpTsGWHVfBZ7qdp0CHTiS9OUJyMBs3BePbaJDyg27XD3HGxs+IdLDfkAXAwcW4bcQTAZjnDeZtdlfncqhaVJ5Xo96CcvpEdp41Hmra5SO/m+eVZbCjO0PQSY/3ZVtuLpVk27QkcbKDM+tkLYx3D+ifdr3hELrrKAlWDq/95qJ6k57nJhCO0HATCjZnrdCu1xSJXs8BkAm0MaGYcCy/2ouEqZO3WD+Acr516VYbL227dKl5qD4ao/UUVJnkrnP8l9cfuU0wZ9Lxr33vBgQ+638M/PY1V8RIVOixx2bKGdygdqxQ3ugI+lI4/sAbfoh6CSgrTK34C3sPKvKsXjKawyuDtsLLCRDgFMMAPPG+TvunZcx+JHBS/NZCRf86ObwOqidTcxl2/X7lD5rVI/9t6lY6w0qR3gOHaNPtO8jnGM5vy26omF7qViFfiqpz4shF+h2a7VFS7QRN7PHKvGr2/uQaVBsdoSdEIfSjIC5ZrCAx1KXWCgYFRKc94w6GQHXwJKKpQXvfRMYgMcgckpXCmGTvdkbE5hXXHPBCQsERjNFfBOfVRtnhtKYcLNDxrLEPajzZjOULEfkWzhs84+nGtLvSFOZJxJTnq6VBjS4z1NxjtPWg2P9cUTzxDcYA6E24DHFmU7aqWOlEVCgzPAthWpLXCBXw1M180ylLEvtSNBZWWDJMJBWgczmqirlCD1SF60mjXACLPaxlGV5i1sYFHuOgsEEzxAlcMAXbyM/DC1+mUBZGG1hn2oTqhMAJxpDzjwWd0Lu1mBuByUPnAO8AJI6eZOGgB61rVE+XMKHm/nBRt1vrUeji7vE7yoIg4tUVHCFi9cFpGZTAyqQN9ObePPfiGl2w6bVP/0l1Wc1BQ113fRtUZEzRGi0+y8MD4bJq1KusyIv3HA2fNhBDTeFhUW1vrkmmvcpfMGv7L5Ni4lvbn/uihLvJqo7zpKaEodVlgGHTk8T9FlrPG26t/TXdxxC7CvF/UMAl1nm2Y6CeHO/orelWjQB2eKGYTZcFRT4FVQ+VE6REBzGHCseqC3mWoshnRioWywIqAHKxiECf+Lfj67LcylR1zKtZeVrgLXw9QOqurg55yWT/q8/5y/VlfjGLZGUqi4SN7UuuwOV6C30+rAjOPcDJd8eAEzPRDHHMYTIY2+A6AzHavSn/C9HSMf91AgDgZ8ud7HqOV4j87NrRmwmt+Fev1JxadOlZ290Qf1C/kPFtEWmAcyNIfnlgvOH/wvb4ZfpIrgr/DeXCfuQ==
X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:GV3P280MB0450.SWEP280.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024)(13003099007)(8096899003);DIR:OUT;SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 38YpJ8wTjss+oylJu7CmAIw2mD4/sFOPXf36TI7B24B5Hqq3asQeDSDyHuO4bZFm1L9dMExtZG5jBZYrUnDfU1zvxbLIXUev9FqN0NNYjAD75rh54XvwLqc0YROL8EJbqJIGsGo8T6DjJX0YaRCqB+MrPNQ91xycAo35YFnWtpKFYFs6R9zQIrm4yBsbSQ5CStKvlFONS4HNAAkPd8R9WmiGqWn5lVfqCi3XoXQAVBS8N3HnSTRHu65/bQcX2nYA6oGEt8MXGHC0XggiUA2zUgl9WjTt+20vHcAZ6GZk4ZvZE0k42RvVgkuxTfIHDjnRKN9HZhYHIwZnwuRZIi6HocZ/EyVtX8QVyaiPLEHdVJG7sVSxystVMv5kN5nQMnMA4NyuHRVqBQisiVq51Fa3rbRHnOhKgeY+rspkN5UvqdpbrH5eVDCoZZJ3t0Db9GxGax4WrndudHg70bpKlutJTwN8/jR5orr2g2XgZ1q5PC5YLe08rapNR6QM6svjxCq3ZtmbJrH1rz2ySoGaecdJJSZeo9/GQiV24LXmTFnL/QqbLTYfrgY5ZozHfHsC2rfxncEzAWlmWWRNlt9mvQDbxUn4LR4VvXvc6rEyKSgpHKv3MiYu/cIUNid9hPFa4zLkUAkeo3jLGaiUrVJ3RlgqA8fvJ+xovq1CpzyLjbxg3kl7bJhdm6Ksz2Am4Mt9hcPwIbKKu1CxTnLw6txmdRAz94eKRvxzKgNEeGJsbUVJmJd2cYGL1yjZv7SHplLiGmWs8Cn3Dg9Wy6GqqHeb0Ge+ZXDRizhuRNbp0GoAh3TeS4IwAOaakTBc/ehRqznCHJK+rXc4wvhyiD7C+tQ8O535VgAe1Y0QI5TYqNFFJXGx5s3oDtjzuT7TFAOpLr7fECcc0UN4Y2W9u2w17A08mIbm21yj0tocyunt9/qpz2B5Y60Qj8zrBajBZ3YNaDZGbJ38rotEoCJ6zw1r4DZG3EuG8vPvNA0GEpyIAHQx0Tkcas4jYeAPIKJ/DS/ItvfMLuhf7H6Y2JZN7OqrlhG5GKEteWz0AqNr2e0a+DmS51CzskYeE8Gb0DMZ4hTNiTFdKNOByTPe+7tNd+EoWh9kA912d33kdwJsEoFQZU9yVvQcevucMUWpFss5IZm7u+q75wFTb1agYikA/Q6Ltwtdji8LroXlLT2VS6FPtQQASlTkDE5HgX1QfuZUibiyKxy7YgnLgXd4l8EPF/LqzQm9Z4yNef/sXY2u3WTduWGi5Iz1myL/FSPRdPpGAPltG9VyGQHlALDFO6zFeWDQhjl6jUJyo2fLpUoqWKSviq9WPY8+1AmrCG97XFFxLCQapOmotvO5g3jXwHJqTKtuhhqxRyW4hTSR8hGWa73aFs7uahHUnjbG3+Emqtvn484UzC9Hh4sUhByK/cwtqSZooqPkjWv7eu4uf+r70FIdwhU8nxW3nYzlngk0fpC0s6p9aVvFCYKKRwunnc5pc87le96P17W0FfrYhkD3ZcstmQyJp7UNCdxvLl7OiMWM/JdvH1fKGe09+xDq17+7eCL9aZ2Av6kUTZtYUomV8W05g2TTY47n2DybVkJGsAOvgpCnrgvwpTX8
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-Network-Message-Id: 39bba21b-53bc-449a-adc3-08dd3a68dce9
X-MS-Exchange-CrossTenant-AuthSource: GV3P280MB0450.SWEP280.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Jan 2025 22:13:41.4976 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: jEH/vMFk1vMczlXHKC2sz0n0K/AWAq77WnRZu78PNHcnB8FhKTME8McbEu3qH//8Q4fDR6tdTtKibgYkyOAMOQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MM0P280MB0040
Message-ID-Hash: ZI7RVK37UTJUB5J3YDH6NQWNUW6L36RZ
X-Message-ID-Hash: ZI7RVK37UTJUB5J3YDH6NQWNUW6L36RZ
X-MailFrom: marco.tiloca@ri.se
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "iotops-chairs@ietf.org" <iotops-chairs@ietf.org>, "draft-ietf-iotops-security-protocol-comparison.authors@ietf.org" <draft-ietf-iotops-security-protocol-comparison.authors@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Iotops] Re: WGLC on draft-ietf-iotops-security-protocol-comparison-06
List-Id: IOT Operations <iotops.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/iotops/O-hMTNVuO-ShVpXsPqiPZsAyTxg>
List-Archive: <https://mailarchive.ietf.org/arch/browse/iotops>
List-Help: <mailto:iotops-request@ietf.org?subject=help>
List-Owner: <mailto:iotops-owner@ietf.org>
List-Post: <mailto:iotops@ietf.org>
List-Subscribe: <mailto:iotops-join@ietf.org>
List-Unsubscribe: <mailto:iotops-leave@ietf.org>

Hi Francesca,

Thanks, it looks good to me.

Best,
/Marco

On 2025-01-21 11:49, Francesca Palombini wrote:
>
> Hi Marco,
>
> Thank you very much for this review! I agree with your comments below 
> and have incorporated your suggested changes in the new version(just 
> posted, 
> https://datatracker.ietf.org/doc/html/draft-ietf-iotops-security-protocol-comparison-08 
> ).
>
> Detailed answers inline (but nothing controversial).
>
> Thanks,
>
> Francesca
>
> > 
>
> > Hi all,
>
> > 
>
> > I have reviewed this document and I think it's largely ready.
>
> > 
>
> > Please find below some suggestions for rephrasing, clarifications, and
>
> > minor fixes.
>
> > 
>
> > Best,
>
> > /Marco
>
> > 
>
> > =============
>
> > 
>
> > [Section 1]
>
> > 
>
> > * "... and long waiting times between frames can be sent (or resent in
>
> > the case of transmission errors)."
>
> > 
>
> >    I think you mean
>
> > 
>
> >    "... and long waiting times can be experienced between the frames
>
> > that are sent (or resent in the case of transmission errors)."
>
> > 
>
> >
>
> FP: right, we still want to keep the causality of "can lead to 
> unacceptable times due to...", so rephrased to:
>
> NEW:
>
> Too large payload sizes can easily lead to unacceptable completion 
> times due to fragmentation into a large number of frames and long 
> waiting times between sending each frame (or resending frames, in the 
> case of transmission errors).
>
> > [Section 2]
>
> > 
>
> > * "... when used in the combined mode with OSCORE according to ... "
>
> > 
>
> >   Consistent with the formulation in Appendix A, this should be
>
> > 
>
> >   "... when used over OSCORE with the EDHOC + OSCORE combined request ... "
>
> >
>
> FP: Indeed, now as suggested.
>
> > 
>
> > [Section 3]
>
> > 
>
> > * "The algorithm used/offered are P-256 [SP-800-186] or Curve25519
>
> > [RFC7748], ECDSA [FIPS-186-5] with P-256 and SHA-256 or Ed25519
>
> > [RFC8032], AES-CCM_8, and SHA-256 [FIPS-180-4]."
>
> > 
>
> >    Proposed rephrasing:
>
> > 
>
> >    "The algorithm used/offered are: P-256 [SP-800-186] or Curve25519
>
> > [RFC7748]; ECDSA [FIPS-186-5] with P-256 and SHA-256, or EdDSA with
>
> > Ed25519 [RFC8032]; AES-CCM_8; and SHA-256 [FIPS-180-4]."
>
> > 
>
> FP: Thanks, changed as suggested.
>
> > * "DoS protection with DTLS HelloRetryRequest or the CoAP Echo Option is
>
> > not considered."
>
> > 
>
> >    Proposed rephrasing:
>
> > 
>
> >    "DoS protection with DTLS HelloVerifyRequest [RFC6347], or
>
> > HelloRetryRequest [RFC9147], or the CoAP Echo Option [RFC9175] is not
>
> > considered."
>
> FP: right, changed as suggested.
>
> > 
>
> > * "The choices of algorithms are based on the profiles in [RFC7925],
>
> > [I-D.ietf-uta-tls13-iot-profile], and [I-D.ietf-core-oscore-edhoc]."
>
> > 
>
> >   draft-ietf-core-oscore-edhoc does not play a particular role in this
>
> > respect. I think that a better reference about this point is simply
>
> > Section 3.9 of RFC 9528. Proposed rephrasing:
>
> > 
>
> >   "The choices of algorithms are based on the profiles in [RFC7925] and
>
> > [I-D.ietf-uta-tls13-iot-profile], and on the used EDHOC application
>
> > profiles, see Section 3.9 of [RFC9528]."
>
> > 
>
> FP: thanks, changed as suggested.
>
> > 
>
> > [Section 3.1]
>
> > 
>
> > * "If 8 bytes identifiers are used instead of 1 byte, the RPK numbers
>
> > for flight #2 and #3 increases with 7 bytes and the PSK numbers for
>
> > flight #1 increases with 7 bytes."
>
> > 
>
> >   I think you mean:
>
> > 
>
> >   "If 8 bytes identifiers are used instead of 1 byte, the RPK numbers
>
> > for flight #2 and #3 increase of 7 bytes and the PSK numbers for flight
>
> > #1 increase of 7 bytes."
>
> > 
>
> FP: good point, but I think it is probably "increase by"
>
> > * "... and the mandatory to implement algorithms CCM_8, P-256, and ECDSA
>
> > [I-D.ietf-uta-tls13-iot-profile] [I-D.ietf-core-oscore-edhoc]."
>
> > 
>
> >   Instead of draft-ietf-core-oscore-edhoc, the right reference to use
>
> > for EDHOC is Section 8 or RFC 9528, where the mandatory-to-implement
>
> > algorithms are defined.
>
> FP: indeed, changed.
>
> > 
>
> > * "... with 8 bytes tags which is the mandatory to implement in
>
> > [I-D.ietf-uta-tls13-iot-profile] and [I-D.ietf-core-oscore-edhoc]."
>
> > 
>
> >    Like for the previous comment and with some editorial rephrasing,
>
> > this should be
>
> > 
>
> >    "... with 8 bytes tags, consistent with the algorithms that are
>
> > mandatory to implement as per [I-D.ietf-uta-tls13-iot-profile] and
>
> > Section 8 of [RFC9528]."
>
> FP: Thanks, changed as suggested.
>
> > 
>
> > * "If 16 bytes tag are used, the numbers in the #2 and #3 columns
>
> > increases with 8 and the numbers in the Total column increases with 16."
>
> > 
>
> >   I think you mean
>
> > 
>
> >   "If 16 bytes tag are used, the numbers in the #2 and #3 columns
>
> > increase of 8 bytes and the numbers in the Total column increase of 16
>
> > bytes."
>
> > 
>
> FP: right, I rephrased as above (but used "increased by")
>
> > 
>
> > [Section 3.6.2]
>
> > 
>
> > * "Signatures increase the size of flight #2 and #3 with (64 - 8 + 1)
>
> > bytes while x5t increases the size with 13-14 bytes."
>
> > 
>
> >   Actually, the increase due to signatures is (64 - 8 + 2) for
>
> > message_3 with kid. Also, it's worth spelling out that the increase due
>
> > to x5t is in comparison with kid.
>
> > 
>
> >   Proposed rephrasing:
>
> > 
>
> >   "For flight #2 and #3, signatures increase the message size of 57-58
>
> > bytes, while x5t increases the size with 13-14 bytes compared to kid."
>
> > 
>
> FP: as suggested, but kept the 64-8+1 formulation as well
>
> > 
>
> > [Section 4.1]
>
> > 
>
> > * "... , and [I-D.ietf-core-oscore-edhoc]."
>
> > 
>
> >    Like in other comments above, this should be
>
> > 
>
> >    "... ,  and Section 8 of [RFC9528]."
>
> > 
>
> FP: fixed
>
> > * In Figures 5, 6, and 7, the overhead for a Group OSCORE pairwise
>
> > request is 1 byte more than for the corresponding OSCORE request (i.e.,
>
> > the OSCORE request using a sequence number of the same size, or a Sender
>
> > ID of the same size).
>
> > 
>
> >   This is correct, when considering a zero-length ID Context. In that
>
> > case, the OSCORE Option for the Group OSCORE request has the 'h' flag
>
> > bit set to 1, and consistently includes the 1-byte field 's' with value
>
> > 0 and the zero-length field 'kid_context'.
>
> > 
>
> >   I think it's better to explicitly write the assumption of having a
>
> > zero-length ID Context = ''. It would also be consistent with the later,
>
> > more detailed Section 4.7 where that assumption is indeed made explicit.
>
> > 
>
> FP: agreed. Now added:
>
> OLD:
>
> The following overheads apply for all sequence numbers and Sender IDs 
> with the same length.
>
> NEW:
>
> The following overheads apply for all sequence numbers and Sender IDs 
> with the same length, and for an ID Context of zero-length.
>
> > 
>
> > [Section 4.6]
>
> > 
>
> > * For each of the three messages, the text says:
>
> > 
>
> >   "Ciphertext (including encrypted code):"
>
> > 
>
> >   Based on Section 5.3 of RFC 8613, this should be
>
> > 
>
> >   "Ciphertext (including a 1-byte encrypted code and a 1-byte payload
>
> > marker):"
>
> > 
>
> >   The overhead bytes are still correctly indicated: in these messages,
>
> > the 1-byte payload marker within the ciphertext is the actual
>
> > contributor to the OSCORE overhead, while the 1-byte payload marker
>
> > before the CoAP payload of the protected message is not.
>
> > 
>
> FP: Ok, I have added "and payload marker", however I have not added 
> "1-byte". I'd like the reader to understand that both the code and the 
> payload marker are encrypted.
>
> > 
>
> > [Section 4.7]
>
> > 
>
> > * "Assuming 1 byte ID Context and Sender ID this adds 2 bytes to requests."
>
> > 
>
> >   The first part of the sentence contradicts the statement in the next
>
> > paragraph, about assuming the zero-length ID Context = '' as intended.
>
> > 
>
> >   This sentence should simply be
>
> > 
>
> >   "Assuming the zero-length ID Context and 1-byte Sender ID, this adds
>
> > 1 byte to requests."
>
> > 
>
> >   This would also be consistent with the summary in Section 4.1, where
>
> > a Group OSCORE request in pairwise mode adds 1 more byte of overhead,
>
> > compared to the corresponding OSCORE request that has the same size of
>
> > Sender ID and Sequence Number.
>
> > 
>
> FP: Right. However I believe this was not meant to be the assumption 
> for the calculations below, but rather an example. I have rephrased:
>
> NEW:
>
> For example, if the length of the ID Context is 1 byte and the length 
> of the Sender ID is 1 byte, this adds 2 bytes to requests.
>
> > * The text says:
>
> > 
>
> >   OSCORE request (21 bytes, 15 bytes overhead):
>
> >   93 09 05 42
>
> > 
>
> >   It should say:
>
> > 
>
> >   OSCORE request (21 bytes, 15 bytes overhead):
>
> >   93 19 05 00 42
>
> > 
>
> FP: good point!
>
> > * The text says:
>
> > 
>
> >   Option Value (flag byte, ID Context length, sequence nr, Sender ID):
>
> >   19 00 05 42
>
> > 
>
> >   It should say:
>
> > 
>
> >   Option Value (flag byte, sequence nr, ID Context length, Sender ID):
>
> >   19 05 00 42
>
> FP: yes, thanks for catching this too.
>
> > 
>
> > * The text says:
>
> > 
>
> >   "Ciphertext (including encrypted code):"
>
> > 
>
> >   Based on Section 5.3 of RFC 8613, this should be
>
> > 
>
> >   "Ciphertext (including a 1-byte encrypted code and a 1-byte payload
>
> > marker):"
>
> > 
>
> >   The overhead bytes are still correctly indicated: in these messages,
>
> > the 1-byte payload marker within the ciphertext is the actual
>
> > contributor to the OSCORE overhead, while the 1-byte payload marker
>
> > before the CoAP payload of the protected message is not.
>
> > 
>
> FP: right, same as above.
>
> > 
>
> > [Nits]
>
> > 
>
> FP: These are all fixed now. Thank you very much!
>
> > Section 1
>
> > - s/but also high latency, and/but also by high latency and
>
> > - s/multi-hop where the/multi-hop and the
>
> > - s/CoRE (CoAP, OSCORE)/CoRE (CoAP, OSCORE, Group OSCORE)
>
> > - s/LPWAN (SCHC)/LPWAN (SCHC) and SCHC
>
> > - s/TLS (cTLS)/TLS (DTLS, cTLS)
>
> > 
>
> > Section 2
>
> > - s/This section give/This section gives
>
> > - s/OSCORE and Group OSCORE is part/OSCORE and Group OSCORE are part
>
> > - s/compressed with the Static Context/compressed with Static Context
>
> > - s/Use of SCHC can/The use of SCHC can
>
> > - s/and IP supports fragmentation/and IP support fragmentation
>
> > 
>
> > Section 3
>
> > - s/The length of key identifiers are 1 byte./The length of key
>
> > identifiers is 1 byte.
>
> > - s/The length of connection identifiers are 1 byte./The length of
>
> > connection identifiers is 1 byte.
>
> > 
>
> > Section 3.1
>
> > - s/Figure 2 compares of message sizes/Figure 2 compares the message sizes
>
> > - s/The numbers in Figure 2, Figure 2, and Figure 3/The numbers in
>
> > Figure 1, Figure 2, and Figure 3
>
> > 
>
> > Section 3.2.1.1
>
> > - s/the overhead is 185/, the overhead is 185
>
> > 
>
> > Section 3.2.1.1
>
> > - s/the overhead is 454/, the overhead is 454
>
> > - s/ed25519 he overhead is/ed25519, the overhead is
>
> > 
>
> > Section 3.2.1.2
>
> > - s/RPK the overhead is 255/RPK, the overhead is 255
>
> > - s/signature the overhead is 255/signature, the overhead is 255
>
> > - s/, the overhead is 255 - 7/, the overhead is 255 - 7
>
> > 
>
> > Section 3.2.4
>
> > - s/can be a RPK/can be an RPK
>
> > 
>
> > Section 3.2.4.1
>
> > - s/X.509 the following/X.509, the following
>
> > 
>
> > Section 3.2.4.2
>
> > - s/X.509 the following/X.509, the following
>
> > 
>
> > Section 3.2.7
>
> > - s/in TLS consists of/in TLS consist of
>
> > 
>
> > Section 3.2.6
>
> > - s/the DTLS 1.3 flight sizes changes/, the DTLS 1.3 flight sizes change
>
> > 
>
> > Section 3.4
>
> > - s/on expected size/of expected sizes
>
> > - s/In TLS 1.2 the number/In TLS 1.2, the number
>
> > 
>
> > Section 3.5
>
> > - s/Using secp256r1 instead x25519 add/Using secp256r1 instead of x25519
>
> > adds
>
> > - s/Using ecdsa_secp256r1_sha256 instead ed25519 add/Using
>
> > ecdsa_secp256r1_sha256 instead of ed25519 adds
>
> > 
>
> > Section 3.6
>
> > - s/static Diffie-Hellman are identified/static Diffie-Hellman keys are
>
> > identified
>
> > 
>
> > Section 3.7
>
> > - s/overhead of fragmentation/overhead due to fragmentation
>
> > 
>
> > Section 3.6.2
>
> > - s/Figure 4: Typical message sizes in bytes/Figure 4: Typical EDHOC
>
> > message sizes in bytes
>
> > 
>
> > Section 4
>
> > - s/TLS 1.2 and TLS 1.3/TLS 1.2, and TLS 1.3
>
> > 
>
> > Section 4.1
>
> > - s/Figure 6, and {fig-overhead3}/Figure 6, and Figure 7
>
> > - s/all numbers increases with 8./all numbers increase of 8.
>
> > 
>
> > Section 4.2.1
>
> > - s/The nonce follow the/The nonce follows the
>
> > 
>
> > Section 4.2.3
>
> > - s/calculations in this section uses/calculations in this section use
>
> > 
>
> > Section 4.8
>
> > - s/As can be seen/As it can be seen
>
> > - s/requests with 20%/requests by 20%
>
> > - s/terminated in CoAP proxies/terminated at CoAP proxies
>
> > 
>
> > Section 5
>
> > - s/for respective protocol/for the respective protocol
>
> > 
>
> > Appendix A
>
> > - s/Assuming a that/Assuming that
>
> > - s/that CoAP Content-Format is/that the Content-Format CoAP option is
>
> > - s/the CoAP URI/that the CoAP URI
>
> > - s/URI-Path/Uri-Path  (2 instances)
>
> > 
>
> > 
>
> > On 2024-04-17 19:48, Alexey Melnikov wrote:
>
> > > Dear IOTOPS participants,
>
> > >
>
> > > This message is starting 2 weeks WGLC on
>
> > > draft-ietf-iotops-security-protocol-comparison-06 ("Comparison of CoAP
>
> > > Security Protocols") that will end on May 2nd 2024. If you've read the
>
> > > document and think that it is ready (or not ready) for publication as
>
> > > an RFC, please send a message in reply to this email or directly to
>
> > > IOTOPS chairs (iotops-chairs@ietf.org) If you have detailed comments,
>
> > > these would also be very helpful at this point.
>
> > >
>
> > > As a reminder, we will park this document after WGLC until the time
>
> > > when its depencies are stable/complete.
>
> > >
>
> > > Thank you,
>
> > > Alexey, for IOTOPS chairs
>
> > >
>
> > 
>
> > --
>
> > Marco Tiloca
>
> > Ph.D., Senior Researcher
>
> > 
>
> > Phone: +46 (0)70 60 46 501
>
> > 
>
> > RISE Research Institutes of Sweden AB
>
> > Box 1263
>
> > 164 29 Kista (Sweden)
>
> > 
>
> > Division: Digital Systems
>
> > Department: Computer Science
>
> > Unit: Cybersecurity
>
> > 
>
> > https://www.ri.se
>

-- 
Marco Tiloca
Ph.D., Senior Researcher

Phone: +46 (0)70 60 46 501

RISE Research Institutes of Sweden AB
Box 1263
164 29 Kista (Sweden)

Division: Digital Systems
Department: Computer Science
Unit: Cybersecurity

https://www.ri.se