Re: [Iotops] Error categories in constrained IoT authentication

Michael Richardson <> Mon, 15 February 2021 17:19 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 04B1E3A0E06 for <>; Mon, 15 Feb 2021 09:19:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: 0.001
X-Spam-Status: No, score=0.001 tagged_above=-999 required=5 tests=[SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id E5HB67UOftpH for <>; Mon, 15 Feb 2021 09:19:47 -0800 (PST)
Received: from ( [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 5106E3A0E09 for <>; Mon, 15 Feb 2021 09:19:46 -0800 (PST)
Received: from localhost (localhost []) by (Postfix) with ESMTP id CEA7F38988; Mon, 15 Feb 2021 12:23:22 -0500 (EST)
Received: from ([]) by localhost (localhost []) (amavisd-new, port 10024) with LMTP id LBHP0EO-En1O; Mon, 15 Feb 2021 12:23:22 -0500 (EST)
Received: from ( [IPv6:2607:f0b0:f:2::247]) by (Postfix) with ESMTP id 5E9EE38983; Mon, 15 Feb 2021 12:23:22 -0500 (EST)
Received: from localhost (localhost [IPv6:::1]) by (Postfix) with ESMTP id CDCE79E; Mon, 15 Feb 2021 12:19:44 -0500 (EST)
From: Michael Richardson <>
To: =?utf-8?B?R8O2cmFuIFNlbGFuZGVy?= <>, "" <>
In-Reply-To: <>
References: <>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Mon, 15 Feb 2021 12:19:44 -0500
Message-ID: <27125.1613409584@localhost>
Archived-At: <>
Subject: Re: [Iotops] Error categories in constrained IoT authentication
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IOT Operations <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 15 Feb 2021 17:19:49 -0000

Göran Selander wrote:
    > Hello IOTOPS,

    > There is a discussion in the LAKE WG regarding the potential need to
    > standardize error messages appearing in a security handshake protocol
    > targeting IoT devices. Is this something IOTOPS could contribute to
    > and/or review?


    > Assuming this might be the case, here is a background and some draft
    > error categories for discussion.

    > Background:
    > ---
    > LAKE is specifying a lightweight authenticated Diffie-Hellman exchange
    > called EDHOC [1] similar to the TLS 1.3 handshake but targeting
    > constrained IoT. The protocol consists of 3 messages and an error
    > message which may be sent in response to any non-error message. The
    > error message essentially consists of a diagnostic message field
    > containing a text string targeting the peer administrator.

    > All errors are fatal and cause the protocol to discontinue. The intent
    > with the error message is to provide a hint about the error to the peer
    > application, to enable logging of errors and appropriate management
    > operations. (Note that since the protocol failed to establish security
    > the error message is unprotected and needs to be treated accordingly.)

    > The question is what error messages need to be standardized, if any.

    > Detailed information can be provided by using the diagnostic text
    > string. But standardizing detailed error information adds complexity to
    > the specification and implementation, which would contradict one of the
    > design objectives. But perhaps we can we identify a small set of error
    > categories (codes) that require to be singled out, for example because
    > how they impact operations. Such categories could potentially be
    > complemented with text providing additional details.

I am imaging that the resulting error codes are not just sent to the peer,
but might be link-local multicast. They *could* be object signed by the sending device!
It is pretty clear how to do cheap multicast over wired and 802.11, but what
multicast means over an route-over LLN-mesh remains to be determined: it's
not free.

Consider the situation of being able to plug a diagnostic device into the
home LAN, and be able to find out what devices are failing in what way.

Significant privacy risk, for sure.
There could be some kind of blind applied so that the devices are not
immediately recognizable.
That could be as easy as just not including a strong identity.

But, security which fails in ways nobody can diagnose, is security that gets turned off.

I think that there is a sweet spot where we could get enough information to
do further investigation, while not blasting useless information around.

Michael Richardson <>   . o O ( IPv6 IøT consulting )
           Sandelman Software Works Inc, Ottawa and Worldwide