IETF Logo Mail Archive

Re: [Lake] Call for adoption for draft-selander-lake-edhoc - respond by June 22

Robert Cragie <Robert.Cragie@arm.com> Mon, 22 June 2020 13:59 UTC

Return-Path: <Robert.Cragie@arm.com>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D892F3A0D3F for <lake@ietfa.amsl.com>; Mon, 22 Jun 2020 06:59:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=iMyBv88q; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=iMyBv88q
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rIgYkFlc2QBS for <lake@ietfa.amsl.com>; Mon, 22 Jun 2020 06:59:06 -0700 (PDT)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2072.outbound.protection.outlook.com [40.107.21.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 940D03A0D3D for <lake@ietf.org>; Mon, 22 Jun 2020 06:59:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=54U6zYrl/+AJsllRsa9Er1cjXLf72PGQyMU/cCwaPxk=; b=iMyBv88q0mQXU7aQjHLogpumpaXTEYJC6jh3SDjpfCE+lh+1RnZ68U01ps+PTTsE1t5qWOAyNIV+GaPyCeYPi0ew4NZ8mZQ46vdqDAGfOAO4lug6XUjN/Mjaj9GHH5ngS4JZGX69winw5qse67VuTc7TEthOafG2gPwI0sBi86c=
Received: from MR2P264CA0128.FRAP264.PROD.OUTLOOK.COM (2603:10a6:500:30::20) by AM5PR0801MB1764.eurprd08.prod.outlook.com (2603:10a6:203:37::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3109.22; Mon, 22 Jun 2020 13:59:02 +0000
Received: from VE1EUR03FT058.eop-EUR03.prod.protection.outlook.com (2603:10a6:500:30:cafe::f) by MR2P264CA0128.outlook.office365.com (2603:10a6:500:30::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3109.22 via Frontend Transport; Mon, 22 Jun 2020 13:59:02 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=bestguesspass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by VE1EUR03FT058.mail.protection.outlook.com (10.152.19.86) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3109.22 via Frontend Transport; Mon, 22 Jun 2020 13:59:02 +0000
Received: ("Tessian outbound 217a52b9caed:v59"); Mon, 22 Jun 2020 13:59:02 +0000
X-CR-MTA-TID: 64aa7808
Received: from 7ba5ec7fad22.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 47E3DCB0-0B75-4C9F-A099-40D7713AB225.1; Mon, 22 Jun 2020 13:58:57 +0000
Received: from EUR05-AM6-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 7ba5ec7fad22.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Mon, 22 Jun 2020 13:58:57 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Mfuclzl+cSXe8XTFsWQBgwuunF5SndBYqq5EVGIkoDeSJLB3nIH3Auo++PVJlsdojDTAx2qXwMdjVsPz/5ym5xMg4VYXn0he85RgbjCcbxcQDmW0K2F0hhr7op1lCPhEHRviYvGO9ya2NBz6UCOJ0AQv+I9zgExm9Yzbo3PrJXLR00KxDfnI4XrYlItE9xlvnd7whoBO3ENyhI0KWvGp9VyN6PYa2dhBPIQh6EJeVHys9blA6rbyeG5M+sKOmQg6Yvqv4nE02qbfctghx9IURoaU2BIuXER97qD8X3XdfvyxIuy3B3NhGWk8CZRA04Q0neenv4q77m38UdCLUXt7ZA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=54U6zYrl/+AJsllRsa9Er1cjXLf72PGQyMU/cCwaPxk=; b=KQuICCWX2a32lvJmJv16urGuK4oItz7iegUv8PKxSraDn7xyxBmNcSVtDwqgahp3dTXz+xJsetBxIfweFDK6tCAndX6McgNbsZa7mwR2Y751Faau5Dn6OJ7DCSC5aA0gNHXMz5VJS4L91Sc1tzAlWIMgnK7EeiYmD382ehDA/gqrvfPPAkYYg9WBYMIUX4u9AE3mNW09/fPAo9CzHNT9rACj2B7M4/tz0qX7hYIQCbCrNplxpqohBpYRcP+Os81T+R7x4ssXKJNQPxej5yt2hu54KyrDIBoZ9uu3hxuW4+n8+1C9wSCMzsZyf7lpuKiJA6gbppi04d1RwWMFpaKzUw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=54U6zYrl/+AJsllRsa9Er1cjXLf72PGQyMU/cCwaPxk=; b=iMyBv88q0mQXU7aQjHLogpumpaXTEYJC6jh3SDjpfCE+lh+1RnZ68U01ps+PTTsE1t5qWOAyNIV+GaPyCeYPi0ew4NZ8mZQ46vdqDAGfOAO4lug6XUjN/Mjaj9GHH5ngS4JZGX69winw5qse67VuTc7TEthOafG2gPwI0sBi86c=
Received: from DB7PR08MB3482.eurprd08.prod.outlook.com (2603:10a6:10:42::27) by DB7PR08MB3561.eurprd08.prod.outlook.com (2603:10a6:10:42::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3109.23; Mon, 22 Jun 2020 13:58:55 +0000
Received: from DB7PR08MB3482.eurprd08.prod.outlook.com ([fe80::9c52:4452:ad30:1172]) by DB7PR08MB3482.eurprd08.prod.outlook.com ([fe80::9c52:4452:ad30:1172%4]) with mapi id 15.20.3109.027; Mon, 22 Jun 2020 13:58:55 +0000
From: Robert Cragie <Robert.Cragie@arm.com>
To: "lake@ietf.org" <lake@ietf.org>
Thread-Topic: Re: [Lake] Call for adoption for draft-selander-lake-edhoc - respond by June 22
Thread-Index: AdZImF7orqeOws8bRtOwokwxJ4dU1g==
Date: Mon, 22 Jun 2020 13:58:55 +0000
Message-ID: <DB7PR08MB3482851CE0E241F9493F9B17E2970@DB7PR08MB3482.eurprd08.prod.outlook.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: 204e1329-b119-4f4f-ae79-b1566d546dd8.0
x-checkrecipientchecked: true
Authentication-Results-Original: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=arm.com;
x-originating-ip: [86.167.141.222]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 58562d68-c530-47d3-b8ca-08d816b46b66
x-ms-traffictypediagnostic: DB7PR08MB3561:|AM5PR0801MB1764:
X-Microsoft-Antispam-PRVS: <AM5PR0801MB17648740C79321D5998DB2BEE2970@AM5PR0801MB1764.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
x-ms-oob-tlc-oobclassifiers: OLM:10000;OLM:10000;
x-forefront-prvs: 0442E569BC
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: gKtkXKHgNCAPHLVe/v7Xbzv+O9K2IFj4oUfZl82Ih9EOiMn1Y92gOEOC508DczEhqvx2Zp4QBc9x9FtyxOJYz34nDxtV64ArW5HG0tItK3YOQdfAF2CV3iplQR2ybuUJ/uouZfROKNd5NFyNcdUZ0rsFWmqn19nchvIOJD0CaJZFpGeZt+aKGeMn4h7OsLS0RfmHlOsS02ri05v6lW583YPft14B5eOmVcm2rK0Ouw8SjIIRquLXUkUXPfy/NChYudtMA5i+WjiNgrYjbz5xgADC/VQ3LzmvoZaP7CWpTA6GuOf3LqVPrvW9esmW5XSDnpgDLTfP0OAQb1BVfJ6W4l1pywfY+v0q8rnIZuTH7mtZMLlB/sWETKy3z8NdiVq7LqyfTQAkp1u8BSnIF/bvMw3qshHCtKcNOGKEPewEy5Ilkl0+Q1sI2Hghd/nZ/D6wXPZ6ukgyBcnxJImd0Mwfw1ilmKnPenxbCr2b9oLkLdg=
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR08MB3482.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(136003)(396003)(346002)(376002)(366004)(39860400002)(66574015)(86362001)(8936002)(33656002)(166002)(478600001)(64756008)(66446008)(66476007)(66946007)(76116006)(66556008)(83380400001)(55016002)(26005)(9686003)(966005)(2906002)(52536014)(316002)(186003)(5660300002)(8676002)(6506007)(53546011)(7696005)(71200400001)(6916009); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: Orq7AMExVIPY8RvWG96JDjMxXUkyVKwqkwb5KUKRC97ZfZZtOs88+2AAFbjX3HzdaxdLVNVkYBiV1XuFuMEkTA+6Nj1rZko4Ipbsdwh5Xqohzw5jquJpANwsQUPsd4zPycwyDSONE6NY+UfyyOalNFNLvWe/ylz7thtNdW5eGWP7yLwuqDw3Nu0NWQlzjqga9+vKE5WNlbTnnhNM2b44FziUfjCzGfDVGLL+MZnAFRFXQqvvia05Dtkk95A6KnuG6GY41jzX9a9owp/fytupDhJ8e1L05MnxTHVLZ7VmhelmmrzkIF4n9nnPLJnsbhRLl6/v1b2Qq9cCmH9uaJlarrnkBEZpUif3/jZ2sAp3Aa7J4cMtGsHoBw9dTTITtMVgXK5ZqMucvUYzY1odAczzzhhZwugbbQID6qStjEQJbjcfdZ6U6t9EVuZNqXc8auJ9+lZUDQfHb+D+/31oEoJjxHmtQ2XJ2aK9PdGxr9NQl7XoTgE6fH2g+k/6s93gvfVY
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_DB7PR08MB3482851CE0E241F9493F9B17E2970DB7PR08MB3482eurp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR08MB3561
Original-Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: VE1EUR03FT058.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFTY:; SFS:(4636009)(376002)(136003)(346002)(396003)(39860400002)(46966005)(336012)(166002)(8676002)(86362001)(81166007)(356005)(478600001)(9686003)(8936002)(70586007)(966005)(55016002)(70206006)(83380400001)(6916009)(26005)(82740400003)(7696005)(6506007)(66574015)(53546011)(52536014)(186003)(47076004)(5660300002)(316002)(2906002)(82310400002)(33656002)(36906005); DIR:OUT; SFP:1101;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 755d36da-db92-4f7c-7c26-08d816b46767
X-Forefront-PRVS: 0442E569BC
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: J2jys0B6SMNwi4t9bVL7Wc+rYvUvlzi2aKLyP/mupiFjujMafHuU/+g24eZXNR5Wkh8WBEGJGi0Ek5E3gFJwhxxar9L0hKa+vOVdoZfm+r60jrLQu0db3zKKVB/PoJ8lDm2O19zFvI6r1bVVEsd9/lWu/Aqb2hsf6+bcNkxIo6221aJ8ZBLI/LXaT7q27FjRupQoO4jXJ/g0XO8iu0fw1mowdw5BC5YUB1HyCpOy+5cBiq0LcjTZq5xhoSv7gZIXIpfRpacG+88HLJHNElSnZv83wfrmB0B02v5fLIfc+BjH94VA01GeLnvmTh+GhTImV/AFihMetSx9C/TMf9Bqqsc4Q7J+p+OBKKJVSJ04Emh0a/wqLIYUu0tLxX3mhdxDL/r4YUwVyq4BuRfV2hg6Re65UIYSfauuXM0tkLiXnreqtoT/1/ZMieQYCM3iRtu0alggvn426WCCfagYLWiIIT20VMw4HwI+A1yhu9zQ4tGx05V9f4BeDi1dtB3Um+Nvo8+yYwmejVYganhZ3fRdnfCsgqA+Ypxu0w1ttgXtFn0=
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Jun 2020 13:59:02.3214 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 58562d68-c530-47d3-b8ca-08d816b46b66
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM5PR0801MB1764
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/AcVzie3kD8wNCAOsT1avS0JbKPY>
Subject: Re: [Lake] Call for adoption for draft-selander-lake-edhoc - respond by June 22
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Jun 2020 13:59:09 -0000

I oppose the adoption of EDHOC as I believe EDHOC and OSCORE are reinventing the wheel.

There seems to be this view that TLS and DTLS are unsuitable for IoT and technologies such as LPWAN and low power wireless PANs (e.g. 802.15.4). However, I would like to point out that we were successfully deploying:

1. Network admission using PANA, EAP and EC certificate-based TLS with Zigbee IP [1]
2. Application layer security using EC certificate-based TLS with SEP 2.0 [2]

This was ten years ago on microcontrollers with considerably less capability than those available now. Zigbee IP never gained much traction, however the successor to Zigbee IP, Thread, also deploys:

1. Network admission using EC JPAKE and EC certificate-based DTLS and CoAP-based relay mechanism [3]

The reason for using TLS in both cases as a basis was entirely due to not wanting to reinvent the wheel and come up with a new approach, as we acknowledged the hard work and effort put in by the TLS working group in not only coming up with the protocols and ciphersuites but also the significant amount of scrutiny and testing that implementations had gone through, hardening both the implementations and the standards themselves.

There is no doubt that the key exchange transactions we used could be made more efficient but, in my view, the correct approach is to build upon the solid foundation of TLS through efforts such as cTLS and not to try and start again.

Robert

[1] https://datatracker.ietf.org/meeting/83/materials/slides-83-lwig-5
[2] https://www.ei.se/Documents/Projekt/Funktionskrav%20elm%C3%A4tare/2017/SEP%202pkt0.pdf
[3] https://www.threadgroup.org/Portals/0/documents/support/CommissioningWhitePaper_658_2.pdf

From: Lake <lake-bounces@ietf.org> On Behalf Of Mališa Vucinic
Sent: Monday, June 8, 2020 3:55 PM
To: lake@ietf.org
Subject: [Lake] Call for adoption for draft-selander-lake-edhoc - respond by June 22

Hi all,

Since we now have a rough consensus on the requirements document, we are proceeding with the selection of the LAKE for OSCORE our working group is chartered to work on. Given:

- the LAKE working group charter,
- a wide community support over an extensive period of time for draft-selander-lake-edhoc,
- adoption of the cTLS draft by the TLS working group where it will be further developed,
- that no other drafts have been submitted for consideration of the LAKE working group,

we are now launching a call for adoption for https://tools.ietf.org/html/draft-selander-lake-edhoc-01.

Please reply to this thread whether you support the adoption, and indicate if you are ready to review if this draft becomes a working group document.

The call for adoption ends on June 22nd, 2020.

Your LAKE chairs.

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email