[Lake] FW: 1 week 2nd WGLC on requirements and scoping text
Göran Selander <goran.selander@ericsson.com> Tue, 02 June 2020 07:15 UTC
Return-Path: <goran.selander@ericsson.com>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CFFF93A0878 for <lake@ietfa.amsl.com>; Tue, 2 Jun 2020 00:15:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bz4IWF9umc1E for <lake@ietfa.amsl.com>; Tue, 2 Jun 2020 00:15:30 -0700 (PDT)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60059.outbound.protection.outlook.com [40.107.6.59]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3409D3A0870 for <lake@ietf.org>; Tue, 2 Jun 2020 00:15:30 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cfCMTB+j9G2gPxd1zVISonvl04gGw7+yD55voVxcans5HDdnC5Vx0Sy8WH9IjxQ88+D9MpT3GbGZF9N+TMetQydog0FHGKdibSfDoTfzojqmhlcw00ihF9pcPcVx8m551NsAhqOPxQAjYed0wzStx0X6jYXw3KKo7GhKEgoC7r8ssoST8knSZbHMquGU2fqcADs1MITdqtptHQ842DBMKnGjMK3OG76l2tET+smrbm4ZmEIp4n5fJJDrQkAyRjxZoWB4uUiTnkORHNgYGLxkks63p8EBMxStwuwj5hbRx1T5xUAthKSCFrCxvpZt43S8208cIFiPAZHI0Oj10fAK0Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RfGioYPT6M8OQkZEKhEo462NcBze+hAgpBtz8PGVQ20=; b=LUnk/KZU/tGZoJjAQQBHJ/qmPxKeX75/7vCb8rjU81DSUax5TNLQ/E4A+A8JtnDe0YgD74ptj1v4IpjgD4Erc/Ul/nSedlEkZAUg3qxhtvjjR+BOgHKyneCZY0koKxF0kYshAdbvj3hXB1zif1iJFU42SeWCsMmu+BPMPgqbbbLH0ninkgDdXHAt6ccL4KygwV+/AlejStGzOq6WlktcrLtVhto7TPpMDWoNvjeL9PXlM7ydK0FC4evwxunUmS4RmXZSQHnddVk6mhj3PphLoGUuQpiW4aIKeGgGy99BVlWbPrTNnwjKA/osj75qwn2ir4vq1jq1XjyGOp2zfI054A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RfGioYPT6M8OQkZEKhEo462NcBze+hAgpBtz8PGVQ20=; b=K8P5l5JYphfGsg5SntaVb92ORwixkgIbPpfbu81AMKnPmcnPBtD18vs/AN41GwzblgeXzD8fsVYp0v1LNqyPdWAQuXENcpnhVRhiEvdYyWQt29yIuNCbzu5c46HBoEHuepkZ3hccggyxhcjmBV+DykK6+QQn+Mj3cd0hYpe6+wc=
Received: from AM7PR07MB6945.eurprd07.prod.outlook.com (2603:10a6:20b:1bf::11) by AM7PR07MB6359.eurprd07.prod.outlook.com (2603:10a6:20b:139::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3066.8; Tue, 2 Jun 2020 07:15:27 +0000
Received: from AM7PR07MB6945.eurprd07.prod.outlook.com ([fe80::55ba:3006:67fc:f931]) by AM7PR07MB6945.eurprd07.prod.outlook.com ([fe80::55ba:3006:67fc:f931%7]) with mapi id 15.20.3066.017; Tue, 2 Jun 2020 07:15:27 +0000
From: Göran Selander <goran.selander@ericsson.com>
To: Eric Rescorla <ekr@rtfm.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>, "lake@ietf.org" <lake@ietf.org>
Thread-Topic: [Lake] 1 week 2nd WGLC on requirements and scoping text
Thread-Index: AQHWMg9uMV+gY2/qvkeRxlvFCW+VBajEk1yAgACFOoA=
Date: Tue, 02 Jun 2020 07:15:27 +0000
Message-ID: <47998971-8781-46E2-930E-21C2A774FA18@ericsson.com>
References: <3ca570db-8509-04cf-1878-291b28e00842@cs.tcd.ie> <CABcZeBMTQQkcXj+vpRZkZc1ZCpK+LfL_hG7-W2gNk+OFr-Q5Vw@mail.gmail.com>
In-Reply-To: <CABcZeBMTQQkcXj+vpRZkZc1ZCpK+LfL_hG7-W2gNk+OFr-Q5Vw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.37.20051002
authentication-results: rtfm.com; dkim=none (message not signed) header.d=none;rtfm.com; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [213.89.246.8]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 9461c3c8-81c2-4daf-97c3-08d806c4ba08
x-ms-traffictypediagnostic: AM7PR07MB6359:
x-microsoft-antispam-prvs: <AM7PR07MB635965F0A346DA453263ED2DF48B0@AM7PR07MB6359.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0422860ED4
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 9ur0FNKssFzdakPQym+PUHEj+ppzdCfcoIY77Dug4LqWu9CiAi0QxKDUZq3iyKYFA4LTDGzqXYDeVxto1/ix1oPtbcyOqogaH876uV6LznjatASXTss2aWHaHB56+4Dk0kfr7D1cx17NtuUx3u4kOtWFJaqluQlnVb/Cyee2G1PKSJIdQ+8LBE9+S5qo0rUAmF3eps03G7Gbb9U4Zr6VZnUY0x3/mqjm7b4/GGQHDVyoTP6+7N8/Nj4/er4yvePX9k7gcsMzBLFjGH2kcUg1tSqCSuFDfjPdYpXQgrrNkQwSnpALcvrMWANPcSlq/2SuvXFUYVliSVYzJxZA5P/273SwhfZQ1OYQhh9Bp2yFWf4K8Hq6F1NLy1WuNdwhIPOa+DUNiPVZ+O7VFdM3UMZ56A==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM7PR07MB6945.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(396003)(366004)(39860400002)(376002)(346002)(136003)(2616005)(53546011)(6506007)(186003)(2906002)(26005)(33656002)(6486002)(5660300002)(8676002)(478600001)(966005)(110136005)(316002)(8936002)(166002)(66574014)(83380400001)(6512007)(99936003)(85202003)(71200400001)(64756008)(66616009)(86362001)(66446008)(76116006)(66556008)(36756003)(66946007)(91956017)(66476007)(85182001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: E3CQ3RjRqZBI/fGr+J8Vf6olW+kLNlz9oofsHl0oGcWpLz11i9kVv2xfl5FOjqTG5BoEtqDViuuLO1afmiJ0RP38jjeP2jfTw7Vd2xrU78PGzfE+IqgdJ2FRd9hhacRuM8XI0Fs1KA3MChL7piX3Z2n6aad35mKGlxRYKCk2945o3gk/FXz5Bi2F4fJXpjKx4G1+YVaw1hIC09G2ovVawvd/4iJmz8DlOpwhzognEbZ6YSJ4GA0/2vCr0JTpX+srkwyyHU5fueZlulvkp4ALyzIBaIHS9CAaL1NdaI7Ncszagxto+5qk9QZmxIsI0vtzQwbUtn8x5G2fyjtnRYAOWgwwKwTRa4AdMJF+tBX++BsiohjWBLCOJ7EuvQygVavkW3YF9dV5epNQhhVqZqYt+xj/+othHx4P7BlzlD6yLMq2a62sm5cOlKJ5glIBIBY9ufB6lwhJzqZRjQGimurGdRsjE9C14e1uU5F7Gq/oPfE=
x-ms-exchange-transport-forked: True
Content-Type: multipart/mixed; boundary="_004_47998971878146E2930E21C2A774FA18ericssoncom_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 9461c3c8-81c2-4daf-97c3-08d806c4ba08
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Jun 2020 07:15:27.6471 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: IIbuEEDLCf52AC9RyIN06EzMPilmWAgjdOAyj6euGKwEheE61TCmfdHfKRdLxC6CuM8qsvjW9dA/TK55kZPvrFWB9i8nE+ZEKhL0M6zklKE=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM7PR07MB6359
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/HgEeZRGFRQWkDZagXmbfrDsa5UE>
Subject: [Lake] FW: 1 week 2nd WGLC on requirements and scoping text
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jun 2020 07:15:33 -0000
From: Lake <lake-bounces@ietf.org> on behalf of Eric Rescorla <ekr@rtfm.com> Date: Tuesday, 2 June 2020 at 03:19 To: Stephen Farrell <stephen.farrell@cs.tcd.ie> Cc: "lake@ietf.org" <lake@ietf.org> Subject: Re: [Lake] 1 week 2nd WGLC on requirements and scoping text On Sun, May 24, 2020 at 2:08 PM Stephen Farrell <stephen.farrell@cs.tcd.ie<mailto:stephen.farrell@cs.tcd.ie>> wrote: Hi all, First: my apologies for taking so long on this. (I got sidetracked by an unexpected project.) ISTM we have pretty good, if rough, consensus on enough of the text to proceed, but with one important part that needs checking. (See below.) I'd like to start a 1 week 2nd WGLC with the main focus being to establish whether we have rough consensus on the scoping text below. (Which can be see in context at [2].) That text was the main outcome of our virtual meeting last month. So, please send mail to the list saying if you are happy enough to proceed on this basis. If you are not, then I'd appreciate if you could suggest alternate text with as few changes as possible. This 2nd WGLC closes on June 1st. If I see rough consensus to proceed at that point, I'll plan to start a call for adoption for the edhoc draft. If not, we'll have to discuss how to proceed with our AD, as I think that would mean that the WG is very badly stuck. The scoping text added was: As illustrated above, the setting is much more diverse in terms of credentials and trust anchors than that of the unconstrained web. In order to deliver a timely result, there is a need to initially focus on what is considered most important at the time of writing: RPK (by reference and value) and certificate by reference. Information about validity of a certificate may be omitted from the AKE if available over unconstrained links. The case of transporting certificate validation information over the AKE may be specified in the initial phase if there is a lightweight solution that matches existing standards and tools. A subsequent extension beyond the initial focus may be inevitable to maintain a homogenous deployment without having to implement a mix of AKE protocols, for example, to support the migration path described above. The AKE needs to make clear the scope of cases analysed in the initial phase, and that a new analysis is required for additional cases. Stephen It's not clear how to read this in the context of other parts of the document, for instance: https://tools.ietf.org/html/draft-ietf-lake-reqs-03#section-2.2 which says: In order to allow for these different schemes, the AKE must support PSK- (shared between two nodes), RPK- and certificate-based authentication. These are also the schemes for which CoAP is designed (see Section 9 of [RFC7252]<https://tools.ietf.org/html/rfc7252#section-9>). How is one supposed to interpret this text? [GS] Since OSCORE is an extension to CoAP it is expected to support the schemes for which CoAP is designed. But in the discussion following the virtual IETF 107 LAKE WG meeting we restricted the initial focus, leading to the addition of section 2.2.1 and the following text in the paragraph after the one you quoted: ”In order to provide a clear initial effort, Section 2.2.1<https://www.ietf.org/id/draft-ietf-lake-reqs-03.html#initial-focus> lists a set of credential types of immediate relevance; the mechanism for selecting credential scheme is presumed to enable future extensibility if needed.” The ability to extend beyond the initial focus is also repeated in the text from Section 2.2.1 which Stephen quoted in his mail: ”A subsequent extension beyond the initial focus may be inevitable to maintain a homogenous deployment without having to implement a mix of AKE protocols, for example, to support the migration path described above.” It seems to me that the working group has a sufficient good understanding and support for where to start this work and to allow for extensibility, so I propose we do just that. We may in parallel make clarifications to the requirements as needed. In fact, I expect we will revisit the requirements throughout the work as more insights are gained, potential inconsistencies discovered, etc., but that should not stop us from moving the work forward now. Göran -Ekr Thanks, Stephen. [1] https://tools.ietf.org/html/draft-ietf-lake-reqs-03 [2] https://tools.ietf.org/html/draft-ietf-lake-reqs-03#section-2.2.1 -- Lake mailing list Lake@ietf.org<mailto:Lake@ietf.org> https://www.ietf.org/mailman/listinfo/lake
- [Lake] 1 week 2nd WGLC on requirements and scopin… Stephen Farrell
- Re: [Lake] 1 week 2nd WGLC on requirements and sc… Hannes Tschofenig
- Re: [Lake] 1 week 2nd WGLC on requirements and sc… Stephen Farrell
- Re: [Lake] 1 week 2nd WGLC on requirements and sc… Francesca Palombini
- Re: [Lake] 1 week 2nd WGLC on requirements and sc… Christian Amsüss
- Re: [Lake] 1 week 2nd WGLC on requirements and sc… Blomqvist, Peter
- Re: [Lake] 1 week 2nd WGLC on requirements and sc… Eduardo Ingles (UM)
- Re: [Lake] 1 week 2nd WGLC on requirements and sc… Ivaylo Petrov
- Re: [Lake] 1 week 2nd WGLC on requirements and sc… Tomas Gustavsson
- Re: [Lake] 1 week 2nd WGLC on requirements and sc… Mališa Vučinić
- Re: [Lake] 1 week 2nd WGLC on requirements and sc… Marco Tiloca
- Re: [Lake] 1 week 2nd WGLC on requirements and sc… Michael Richardson
- Re: [Lake] 1 week 2nd WGLC on requirements and sc… Shahid Raza
- Re: [Lake] 1 week 2nd WGLC on requirements and sc… Eric Rescorla
- [Lake] FW: 1 week 2nd WGLC on requirements and sc… Göran Selander
- Re: [Lake] FW: 1 week 2nd WGLC on requirements an… Eric Rescorla
- Re: [Lake] 1 week 2nd WGLC on requirements and sc… Göran Selander
- Re: [Lake] 1 week 2nd WGLC on requirements and sc… Eric Rescorla
- Re: [Lake] 1 week 2nd WGLC on requirements and sc… Göran Selander
- Re: [Lake] 1 week 2nd WGLC on requirements and sc… Stephen Farrell