IETF Logo Mail Archive

Re: [Lake] [core] 🔔 Working Group Last Call (WGLC) of draft-ietf-core-oscore-edhoc-06

Christian Amsüss <christian@amsuess.com> Tue, 14 March 2023 16:21 UTC

Return-Path: <christian@amsuess.com>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4A7DDC13739F; Tue, 14 Mar 2023 09:21:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OnB8QpEET49h; Tue, 14 Mar 2023 09:21:18 -0700 (PDT)
Received: from smtp.akis.at (smtp.akis.at [IPv6:2a02:b18:500:a515::f455]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7148CC14E515; Tue, 14 Mar 2023 09:21:14 -0700 (PDT)
Received: from poseidon-mailhub.amsuess.com (095129206250.cust.akis.net [95.129.206.250]) by smtp.akis.at (8.17.1/8.17.1) with ESMTPS id 32EGL9db020822 (version=TLSv1.2 cipher=ECDHE-ECDSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 14 Mar 2023 17:21:09 +0100 (CET) (envelope-from christian@amsuess.com)
X-Authentication-Warning: smtp.akis.at: Host 095129206250.cust.akis.net [95.129.206.250] claimed to be poseidon-mailhub.amsuess.com
Received: from poseidon-mailbox.amsuess.com (hermes.amsuess.com [10.13.13.254]) by poseidon-mailhub.amsuess.com (Postfix) with ESMTP id 247F81D1E7; Tue, 14 Mar 2023 17:21:05 +0100 (CET)
Received: from hephaistos.amsuess.com (089144218008.atnat0027.highway.a1.net [89.144.218.8]) by poseidon-mailbox.amsuess.com (Postfix) with ESMTPSA id A74301F541; Tue, 14 Mar 2023 17:21:04 +0100 (CET)
Received: (nullmailer pid 13013 invoked by uid 1000); Tue, 14 Mar 2023 16:21:02 -0000
Date: Tue, 14 Mar 2023 17:21:02 +0100
From: Christian Amsüss <christian@amsuess.com>
To: Marco Tiloca <marco.tiloca@ri.se>
Cc: core@ietf.org, lake@ietf.org
Message-ID: <ZBCe7kvbKL2+wQBT@hephaistos.amsuess.com>
References: <F02C5E48-A196-45EC-8576-6BC67EC26AD3@tzi.org> <Y+1b4qX6Ya7BCbvk@hephaistos.amsuess.com> <1d38ecf9-4a70-046d-fa47-05b75ebb2feb@ri.se>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="YFB7vqqxOBcWDy9T"
Content-Disposition: inline
In-Reply-To: <1d38ecf9-4a70-046d-fa47-05b75ebb2feb@ri.se>
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/54OqC6bT_oPEfLs6qeYv4Hfh2n0>
Subject: Re: [Lake] [core] 🔔 Working Group Last Call (WGLC) of draft-ietf-core-oscore-edhoc-06
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Mar 2023 16:21:22 -0000

Hello Marco,

thanks for the update.

I have one note, but that's more on the general
how-do-we-describe-CoAP-processing and likely not actionable in this
document:

On Tue, Mar 14, 2023 at 02:33:23PM +0100, Marco Tiloca wrote:
> > * 3.2.1 item A is quite a mouth-ful to say that "On Inner Block-wise,
> >    3.2 only applies to the first block", but I see that given how the
> >    rest is phrased, it is unavoidable.
> > 
> >    Maybe using the term "first application CoAP request" suggested above
> >    opens an avenue for making this easier to comprehend.
> 
> ==>MT
> Yes, we have rephrased as you suggest.
> <==

I still think we should manage to do better when layering documents,
so that sections like this would not be phrased in conditional form any
more -- but this is probably as good as things get here without
rewriting more of the ecosystem.

(On the long run, I'd hope we'll find the right terminology to express
that the application builds a request, then it gets passed into a
fragmenter, then gets OSCORE encrypted, then gets EDHOC things added,
then gets passed into an outer fragmenter, then passed to a transport,
and that each of these steps is quite independent from the others
while still providing details such as a reduced MTU size -- but so far
we can't even do that in APIs, and I dare say it's more complicated to
do it cleanly in specifications that also need to be true to
implementations that do roll some of these steps into one software
component).

BR
c

-- 
To use raw power is to make yourself infinitely vulnerable to greater powers.
  -- Bene Gesserit axiom

v2.23.0 | Report a Bug | By Email