Re: [Lake] I-D Action: draft-ietf-lake-edhoc-07.txt

Göran Selander <goran.selander@ericsson.com> Mon, 24 May 2021 13:14 UTC

Return-Path: <goran.selander@ericsson.com>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3C673A27D8 for <lake@ietfa.amsl.com>; Mon, 24 May 2021 06:14:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.799
X-Spam-Level:
X-Spam-Status: No, score=-2.799 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.698, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fj-QGSePww03 for <lake@ietfa.amsl.com>; Mon, 24 May 2021 06:14:05 -0700 (PDT)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2052.outbound.protection.outlook.com [40.107.21.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 244073A27D7 for <lake@ietf.org>; Mon, 24 May 2021 06:14:04 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=iHjDubjpjxaGZE8jDILAIhkWgAv6kLpTVFJl1U8YGCuVW9R9OZOztWFOx6ueAaAJkucV8a+DCi/jT2nJaeEb0hDQ/Moij0R8nyFPa629DnrojenTRkh5sYqodJ/O8yt+/fV8qWCVuj7jOOteu8k+6hP/amK14VsWwmUDMBxE7HKZW5sX/znWSEgXZj9+ld0eFm9HeKvgh5wxbHJsO9eCszEGfVXaUVkQLn9tRUFixfZQtbNxrFEOy3jG9Bp0g4Da6lqksfkzUUGuBWaYzRcTDg5UpZofG4qcM3xTiHqauZvdstCJ6nHpQU34NeQZy3D+ba7mP1ahONMV4nCp25I29g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=p6tSyEdVnOjqfEWtPhMGusc9ojtXezDTGavVxa2lIu8=; b=D9biD6afRi1M6SR/gwz5GZKcVfYte28oapwXIC3SaYjjVSc+3O/0QJl+ZnM0TTJiB2JOzosWW74noG5zWXmzhKZhUpJRv9jFXiWKVIuY+ePMTFT1C9N8jMKsawKHb/DfPeqSqX0tFkQrbtOortk+FWpm3worjbnqgOsfBsWfd7DqYXzkAVDoBNqztc1Tq52+EBjzCOFb48PbHtjVZOrYNiid5cYeLaEzaHk0ZIaW+Uldf9KgSW5Z6EiyRBmPFToF/WFoLO4+Wo1xAT1ttTb8d3uD9ErZ0nzVrTuIeNwn3iKbXNd9kphHM7ELhmJyBk1o40F8zT06C/v/jxRqxzw0lA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=p6tSyEdVnOjqfEWtPhMGusc9ojtXezDTGavVxa2lIu8=; b=lLIZ2u2fafBrRvcJHKTPI1CCZPPGE7nWdu8IPRMYv9j+WTk59Qsv/ctRUPw19L0cPuvqVWLYHFI1tSjbApAC9KkWwe5A80ICriJuWKflTV0sPRsdnNxZOZHnM8e6AIImbGhq6F/UXsNQq7SU1JA9LaKw6DUnwrvXxl26pbxhpFk=
Received: from HE1PR07MB3500.eurprd07.prod.outlook.com (2603:10a6:7:31::20) by HE1PR0701MB2251.eurprd07.prod.outlook.com (2603:10a6:3:1d::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.15; Mon, 24 May 2021 13:14:02 +0000
Received: from HE1PR07MB3500.eurprd07.prod.outlook.com ([fe80::9420:9cac:653c:5208]) by HE1PR07MB3500.eurprd07.prod.outlook.com ([fe80::9420:9cac:653c:5208%6]) with mapi id 15.20.4173.018; Mon, 24 May 2021 13:14:02 +0000
From: =?utf-8?B?R8O2cmFuIFNlbGFuZGVy?= <goran.selander@ericsson.com>
To: "lake@ietf.org" <lake@ietf.org>
Thread-Topic: [Lake] I-D Action: draft-ietf-lake-edhoc-07.txt
Thread-Index: AQHXUJ3oZF0zGK3xVUKL+k0bL/xX3KryvZ6A
Date: Mon, 24 May 2021 13:14:02 +0000
Message-ID: <0AA996C9-5AEA-49E8-8407-D7BE1DD6D0AE@ericsson.com>
References: <162186170253.23559.12842052704792678339@ietfa.amsl.com>
In-Reply-To: <162186170253.23559.12842052704792678339@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.50.21051903
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [188.149.173.81]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 237c046a-e617-4bd6-bfec-08d91eb5cccb
x-ms-traffictypediagnostic: HE1PR0701MB2251:
x-microsoft-antispam-prvs: <HE1PR0701MB225143A8E396048164AC67B2F4269@HE1PR0701MB2251.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: yHDM7o1ofa+blOaCbRD8lHmmh8+lCcv7IThNKyG2TMbRm77Jgl5CItYhZE++PvnvMSxQmxve0MpPvwIRPI9/KqAcPgaXBPw/UlMDWQ1Bja/0ssKkSNtZAfo/YSDCTqkkEx6ivBJDVUL25sZetwyMzaDra13wz89QZligH49tGWZU31KZqIkLoF5fNsqDzTEUjFs2ZYvqqveS1eJW+ANO8Bkax77u0JtYpagpxUpYzUTNXoYStN6myFiOoPXuaXfv/xySCu/ilM0TBTCGKNHw+4gb15SAdKDqhK7EAvDfhzpG7w/2qAtXKzxFefNtS0QYSvxGKZy+ennsk3qGrNcxwdwCbwq26BSlKKeyzw+bX0brclRMLRCn5QY/lnyG6i4dSL3U7+ImW/53idEmyh6COzYpKEuT3m8HQ7sL6Z0NVpCbqA/Gi9Z9RtoclBCr+QiiC9riWT4YkJKbQKoJS7M7ed5j8X4h2prNtSoBbHJQSvyfZ3R/C6vWju4uwqvZRT4+stThYJoDXN/SFUgqvHj1CuDcyuJ92LmbA0mA6zb+OEXYYbvl0cIyae0C9iTcLhC07B7u6aj42NybdWgV2PWbtlT4UYKKCjD74dNJ7lZQwExqOIL26UzDFwg3kYf504Dy9cFHIBoDh5SosmpTY33YImlwujSPtb4ITXLAIHo98brAAYFWAfyB5y2MsFoaGX+MF4fdEmmGJVs6FRQJ9tFjefQY6hvx+vXqSbKQnt6bmsPzMtXcsTWqkFHAWJXr3RWMYgETm8fk9cSAfRpclUZbLg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR07MB3500.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(26005)(33656002)(6486002)(76116006)(66476007)(85202003)(66556008)(66946007)(6512007)(36756003)(66446008)(71200400001)(64756008)(85182001)(6916009)(2906002)(38100700002)(2616005)(6506007)(186003)(66574015)(8936002)(5660300002)(966005)(122000001)(8676002)(498600001)(86362001)(83380400001)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: =?utf-8?B?bWpibVdDdFVrdVpWeFpkbEgwUzM2aWhrUEMxVVE4UDhZN2Q5dGxoVmtGc0NJ?= =?utf-8?B?SGFqWFR4MFFkVFJyck9tM2VzSEM2TndpLyswdnhjd3lWRXA3SU5HQ3drVE9F?= =?utf-8?B?OHI4WHlZeTl3SWhneU1KUE5QNzI5L3hBelhERVJnbXNtb1V0RkdnUEhISWtz?= =?utf-8?B?R2tNNUFGSkpIaVhxQk9ucGMvNnBmMHRSMW9BR29LaytzL1BvaHo0dTBDK2ha?= =?utf-8?B?eTJFUGZMTVRsOW1aWnhyRHN4b1JzTUNUd2tFcWFwbTRnR1NxTzBkcisyZVJw?= =?utf-8?B?Tm1OVysrd29jVTJQdkJHaVVrUXh2cXJ6NEkvR00waDk5QzhqS1FhK2gxcHMw?= =?utf-8?B?OVp5MTNDNElmODBJT1JwSGdtNDNHWHVQNno0RTRxYmVOTkVoVURySkZRTUxJ?= =?utf-8?B?WnM1c25ycUkvY3BWZ3N4TXJXY2pUN2RiWDAyQmlVcGltOUJOY05oUlNqVVlh?= =?utf-8?B?REg4ZnRxcDFBdTdCb1BtN3RPTW80ZVZoL1pFSytkWXR3UnFFUTZ5SHIvZmly?= =?utf-8?B?cEdlS1J3SzBING5Xb3N4UkZzK0hZbExHM29PRmk0VWZWQm9ZMTNrKzdUMUNP?= =?utf-8?B?OExCVnA5dkF1TG1vQ3JMbjQvOXFEbkh4WkRNOU5oMGtWU2xnVjFpOGFXcmx4?= =?utf-8?B?bStTb0duK1ZNODJKL0V0bmF1VU14R1Z3VU5yajNjVXdJR1VvRlEvWjQyMzJO?= =?utf-8?B?YXBPYi9Ha2JWYkg2YWdJb0kwSHJLc3ljU1EvNkFDa0YwUFdQeXdsajJjVmtu?= =?utf-8?B?RUkvMTV2bGprOE9aelVlR2hvOG9PM2tZMVplN08vN2h4a2o2SDg5clZiZWs5?= =?utf-8?B?RnFFZWFHSWw2RVdJWDdXRm1la0FXeFJIMUpUVFpzbjY4UldTSS9sMjB4aWJ0?= =?utf-8?B?T0YzeXg5ZW45K1ZHZ091VHBPUjJrWEpnNjFJb2pBVXo3eE9iMVZBNTRpM0w5?= =?utf-8?B?QkthbkJXWW96bUVBNHZOTEc5VWFEQzVnSlI0cHMvcWRwNHpEemYzbm1MdnZI?= =?utf-8?B?VENGUzBGOWlhWk92Wm1VQUpNQURwRXF2U3pzUGJWQVR4dGZjcytyRHA0dUdu?= =?utf-8?B?V3h5Q3RXNHdZZGJFZTl4cHBONmYxZmk5U1Y3YitpWGNyUlJzVkVWbHo5TS9L?= =?utf-8?B?SE5qbnR5UmttaFZDYzh2U0JBM3RYZWlDZUNQMWpCOFpTaXQ0UksrRW4yaG9M?= =?utf-8?B?YkZDRURrVTVmUlQzRFpKaHRuNjlXMHVjazNzWmVKZXlHVXpOMkhXVFFLN2xE?= =?utf-8?B?OFVud0JTdy9QaXpJZEtsVkZuRE5tNHIyQnRoT1NQQlVaQ3ViN2lySWVXTHY0?= =?utf-8?B?dGxIc1JpdnA1dWUreHZPOTlZQmhyR0tCRlNvUTBxdDh2OU8wUDN1dStRdFk1?= =?utf-8?B?U0VNYkdvTHhHS3FmMUFmZ1huem9kcjBnSkYxQlB3ckFEZTlWcTZVVGdIZGph?= =?utf-8?B?cnJkY0dBcGVtQ1lNcm50Z2Z6cFNuTWpFUGp6cy9EUHV1c0J0VndhVUpqVHI0?= =?utf-8?B?VzBncTVBeEhrNFVMVVdqTlExQzlwSktKeExjaWg3a3BMR3ZORjRrMEl6R3Zu?= =?utf-8?B?bkl1Wjk5Ymg4QUtNS3BxOWx6RnQ1aHhNaWh3ajhzVzRCZzNEMFlMVXpybHlq?= =?utf-8?B?V04wZnlDTlB2WlBTRS9CNEJKSlJKb1ZBNThWWXZSdS9DTlZSUCtXRC8ySlBZ?= =?utf-8?B?RGNYa09jVUdKU2R6N1dHdXFVYjZZNU5xdTM4cEdIb0lOVEhTSVNGZlBwbElU?= =?utf-8?B?eHR6aENUcG9ZRmF3dDFML1l6a1pRNngvTUY5N08ydkU3SFk3VThxQ1p0b1FI?= =?utf-8?B?eTY0Si9TZFlaMzRZdm51QT09?=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <AAF840B5DC116E4597D793757E130795@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR07MB3500.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 237c046a-e617-4bd6-bfec-08d91eb5cccb
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 May 2021 13:14:02.1515 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 8vCIneaOHIhF6HUPxSnp8uRJu/iAkTujgJwXhG1N03WZjgHDBHSRWyzrGHCpORz50VUcjw+Si4h5jiyNz+MHRgj//yrMmYr4PcO89YOhLQo=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2251
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/FLvtdX1yBIdr5jzE6EHJX_g3afQ>
Subject: Re: [Lake] I-D Action: draft-ietf-lake-edhoc-07.txt
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 May 2021 13:14:10 -0000

Hello all,

We have uploaded -07 covering the latest concluded issues.  Main changes from -06 to -07:

   * Changed transcript hash definition for TH_2 and TH_3
   * Removed "EDHOC signature algorithm curve" from cipher suite
   * New IANA registry "EDHOC Exporter Label" 
   * New application defined parameter "context" in EDHOC-Exporter
   * Changed normative language for failure from MUST to SHOULD send error
   * Made error codes non-negative and 0 for success
   * Added detail on success error code
   * Aligned terminology "protocol instance" ->  "session"
   * New appendix on compact EC point representation
   * Added detail on use of ephemeral public keys
   * Moved key derivation for OSCORE to draft-ietf-core-oscore-edhoc
   * Additional security considerations
   * Renamed "Auxililary Data" as "External Authorization Data"
   * Added encrypted EAD_4 to message_4

We did not update the test vectors in -07. There are other PRs in progress to be discussed at the LAKE interim next week and those impact the message format so implementers may want to wait for -08 before updating the code.

Göran


On 2021-05-24, 15:08, "Lake on behalf of internet-drafts@ietf.org" <lake-bounces@ietf.org on behalf of internet-drafts@ietf.org> wrote:


    A New Internet-Draft is available from the on-line Internet-Drafts directories.
    This draft is a work item of the Lightweight Authenticated Key Exchange WG of the IETF.

            Title           : Ephemeral Diffie-Hellman Over COSE (EDHOC)
            Authors         : Göran Selander
                              John Preuß Mattsson
                              Francesca Palombini
    	Filename        : draft-ietf-lake-edhoc-07.txt
    	Pages           : 100
    	Date            : 2021-05-24

    Abstract:
       This document specifies Ephemeral Diffie-Hellman Over COSE (EDHOC), a
       very compact and lightweight authenticated Diffie-Hellman key
       exchange with ephemeral keys.  EDHOC provides mutual authentication,
       perfect forward secrecy, and identity protection.  EDHOC is intended
       for usage in constrained scenarios and a main use case is to
       establish an OSCORE security context.  By reusing COSE for
       cryptography, CBOR for encoding, and CoAP for transport, the
       additional code size can be kept very low.


    The IETF datatracker status page for this draft is:
    https://datatracker.ietf.org/doc/draft-ietf-lake-edhoc/

    There is also an HTML version available at:
    https://www.ietf.org/archive/id/draft-ietf-lake-edhoc-07.html

    A diff from the previous version is available at:
    https://www.ietf.org/rfcdiff?url2=draft-ietf-lake-edhoc-07


    Internet-Drafts are also available by anonymous FTP at:
    ftp://ftp.ietf.org/internet-drafts/


    -- 
    Lake mailing list
    Lake@ietf.org
    https://www.ietf.org/mailman/listinfo/lake