Re: [Lake] I-D Action: draft-ietf-lake-edhoc-18.txt

Göran Selander <goran.selander@ericsson.com> Mon, 28 November 2022 22:57 UTC

Return-Path: <goran.selander@ericsson.com>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 432F7C1526FD; Mon, 28 Nov 2022 14:57:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.097
X-Spam-Level:
X-Spam-Status: No, score=-7.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ja9xuj_O8MNO; Mon, 28 Nov 2022 14:57:08 -0800 (PST)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on20608.outbound.protection.outlook.com [IPv6:2a01:111:f400:7d00::608]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EBA5EC1526EF; Mon, 28 Nov 2022 14:56:06 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=E6AaRYsVcqAvbH8nV0mqDJ8DUkV6/1JyRsR5OBjERh+ciin6DfL1ftd1RksqxKJuoe8dknyC88IC49VWoaKdh5WwjiFK3vZPNRgUZgqQaeFxyItF9BphhW8eDbCEzG6/9KbERhzyW+OmnBVyncP/AL3XsKuedrj1Lk3jqWakUbTl0FvptEVfFJQYAX2BdiB0oCKAHepFCjrtSaWVF78d2Xpr3yYlldMLmZkcByqFWgd8xEp6AxaxRRBRrf1NTh010KsKw3zPpWKaOSJQfW/L2ZkSRHTCF7BUUo3SVLT5n5TvSvRkm3pvC9FyXGUllOthO/+z7UPBy4lBFRir9G2pSg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=b1wtfSE/HtG4gAc5bGNRVpOrv26b5vvcyUJKyr+PX9I=; b=lVxAztc3uBd3757SpG0JqdBDfsHcHKBPOqB0K0v0i/d4t7v/59vfjJBQ9n5Kq59NmI+7ujf3tBlGgxTFaxkJMjV8SLbE1Qr1M1CZV3SPMclSGdDIWfgm2zNhF94aKR20vEQL+sD0upbA/PBcQ9g1F12eyYKxsAiQ7JGcnvVzkeEQJ02revKwEf2bhJXMC1e9BMyfr35nH8wLgm24ntHL7qE3u2xytjwMLQasCUhcT7F51KShj3sCcekAL4/r71ZT1lHyc9ZEgw3lxohJ1316NgS1FRstxD0MFKAEy78lF2eLu5P0icOhXJWF/M7i1/V7IUZ7WHXVlRFx/OgMLOtwZA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=b1wtfSE/HtG4gAc5bGNRVpOrv26b5vvcyUJKyr+PX9I=; b=WmUbjwcF9FOm5NjPtoZuN5ohaMOin9MIZ4eVedt7Ex8ZwnsRu2q8U0vumJaL0/SNez3zFsMGVbSuO5LyFzWDSY1dfRG9ft3lgGZ0sB7tjpPuV/tI81j7+xHjsQ2Ow8F4wcI0A3X/Lq5MecpaN6HBF0SfcxjmEykt9lKUUAoTlo0=
Received: from PAXPR07MB8844.eurprd07.prod.outlook.com (2603:10a6:102:24a::19) by AM8PR07MB7377.eurprd07.prod.outlook.com (2603:10a6:20b:245::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5857.23; Mon, 28 Nov 2022 22:56:01 +0000
Received: from PAXPR07MB8844.eurprd07.prod.outlook.com ([fe80::7ad4:6107:1b19:51f2]) by PAXPR07MB8844.eurprd07.prod.outlook.com ([fe80::7ad4:6107:1b19:51f2%3]) with mapi id 15.20.5857.019; Mon, 28 Nov 2022 22:56:01 +0000
From: Göran Selander <goran.selander@ericsson.com>
To: "lake@ietf.org" <lake@ietf.org>, "i-d-announce@ietf.org" <i-d-announce@ietf.org>
CC: "lake@ietf.org" <lake@ietf.org>
Thread-Topic: [Lake] I-D Action: draft-ietf-lake-edhoc-18.txt
Thread-Index: AQHZA1suCf3swowZ2U2XDnLm01yONq5U4y/v
Date: Mon, 28 Nov 2022 22:56:01 +0000
Message-ID: <PAXPR07MB88446AFD36DF0E9CC8AAD55AF4139@PAXPR07MB8844.eurprd07.prod.outlook.com>
References: <166966178927.49773.4323139843916357504@ietfa.amsl.com>
In-Reply-To: <166966178927.49773.4323139843916357504@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: PAXPR07MB8844:EE_|AM8PR07MB7377:EE_
x-ms-office365-filtering-correlation-id: 6f3063bc-c1d4-48a0-672f-08dad193b8aa
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: mXIgybVDNe3sUnCPAvQPRcr/6cpIuuPtWIlU+dP+vEKElHEbYqjrbtazOW8WUXdH9Vg5fmSmEEi3dhPGDVDEt1yqOB5e3gNH02ZBE4KwVVyD99SFpPXE3Q5avGYF8OD+HAR53BhcymJT+O/zKU3sE022O6SWp7uHGPqDvbokp032sdEbPhu+8FZy0uHpicdYcjN97O+mrnY7gbivMfsMjjJTHp6jUCKgq5tbTTomZ9WNejAEqu1HqCtG1GYk3uZYW9rink7EKI2t2pudHFiVSRYnDTKRP4tx4AGwsJV7Hs9396z22GAI7TH7LqfP+ZtJwgDPmbuR8foii2dbhHFk5MyPhJWbiu139jbUCw6xE3Rgs5VrU4IkGEc04ACpmORahSHcOwwWn9ZwPIkPCwe7WE7Sd7Liv6kfrFoEpi3srZY4cPp3A25msxrm5u8v3fl5eJ1ZR6hV4d8ETwmJsjaTPvWej+qyuL2pVYZDv0O+W+e8+SLLfES8jQtvZUcFStpWBAGYC36/6g1nB0GazZsPl8Kp0h7D6AlUpEbXwZq6ybt+OMrVO9OKtdD7KY+Ffq8E25T/Y2SuQcHRbAm3oPCkUUSSLarymmaVEaFCEvBHjmlXyiPHjDTgF470KYMlWhrn8HqHRzALgwmzt1STuYo8zUsTyu6qmonYNJuWjwcqZj9GpuQzHNgvFZDBD64bDn71P3Qw0Fem2j3t8Aej+fCgsKjtgejdcjpFrH2IqsGZzoVUuy7G9jUnvg1YewY/19CE5SDDvk02AcLBUr7MN7y3APu/mEKG4F5BUDP/97bVWxJoY8obhZYMYUEXsavkyuUA
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PAXPR07MB8844.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(366004)(136003)(396003)(376002)(346002)(39860400002)(451199015)(966005)(478600001)(83380400001)(6506007)(7696005)(53546011)(71200400001)(86362001)(316002)(82960400001)(9686003)(21615005)(110136005)(41300700001)(52536014)(33656002)(8936002)(5660300002)(66574015)(26005)(55016003)(38070700005)(4001150100001)(2906002)(166002)(38100700002)(450100002)(4326008)(8676002)(66556008)(66476007)(76116006)(66946007)(64756008)(66446008)(91956017)(186003)(122000001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: JHoAUpA/cNND1WtEQ9h9xuTTFaNd456QS2E2w412S7P+/l1YbC6Em4kkOYxJ+CubznJRZoRk8svgsC1v6KPG4FpqU9D/G9AMHjMP1OW2akZKJLX8o2APlAR5irCYHah2HoRNpm4dApfCt2dgCZqmeBdpkQ5r3m5y1oTf2u3IE9dhonaonsxq1pB57YiGroEhXjVzcU22bsr0tgjn/RK36Q9h/yTkh3g/IDsxA9fsO5sQgx6/hfkhTNiyA7Zqq2raCgOEfg6fH1PDgeXo5z9CyDPmgohJ7AkNSNcHCPugEBCVYXXxu0/3ZtGXyYmIprf2MWqv6+Xs7rkiYJzh7/PF107J2dyBfmPq000hpeOW7suTzBqQE/Ng8xH/z/Tln+hSZ39YC2KlPWYTbT+GaEHnXDYc0wWM7lKBDabPmA+o6IarqtPkGhg5aEK/MawzmaBX2MUqwJBZlQyW8zn6K4Ta+GneDmTEazAWJNDnCEm6iTazhGI1OYHvMQ80zCKAXYdi47iIQVPJ72DeXo9Oxxe/vRR7RzDmGVB2ueTP6KPJYLi2d8c6ipNvm0X0XK0BZ1JIu7DwJEjqaCbtWeDAfF/lln9w9Dy+Baw0jvcc4B1Vm3pPpGglpEbXQxp1KG3EVF3EyyIdN66pCUx+sY63/kYMoE4J3gcV6ZbadlQkOJhBhnJKYnhvuCSYELPWG0Kdri2MChGqUBzNV1p9f5wGuJSx+vbck29fY1GhVli0KT11oZAl4lDzlDnI7+Amz7WHGpQT1lv+Ipz3d8Zkv0m8FhIIThrRdzaCzOin4SeLUrx0b2M1r9Kzv8hkvE2C6UMTV8zwbzQb5Z1RZ0gletez+7njxFI80hop9YCYLZvGkeIBJJuhhiiTvHhW9D1icoyeYL59IjylyfHGLchoW9mNce5UhM+VOvtfY/TBNtHr7gjH7Z9L+oKaiPvVrZYjMgEjMkOBU1xvqk/YILHRTowR/0cJqnCwSOBcjH1qI6XUIYbDijnavVinLyVuD93h4XqZNLlO6h2fjbmBXTDhdkcDoLaoxQapMRWNWkjNGnuSMoB8pEG8nDKN5Vr0qf8LLw5NzHt0PBQ5rUjCwW88kOOKO87bggeEZwgcoiNOvICC3I8optJJEumwvh11mqZW1A0Q9kBAdaZLn8zHuUq/COCrIpi/Ksd27iY2v9TT2EB9vwKu5Ac0QO71+eRmYa06Agm2rS8UiyAsxkt00sC6XoTRMuCSdqUmhOrM1YGyDMEQ5sj1ZL3vOMEOq06USL/TX68MM0HeB+oWioSQ2MT1qteOqEYlcUrwD5FEKLH6+1PkZGFXMnHpBIzcGYTObGyxcUFMjFtTtzhUzD6ABPm16igCD3GISDiE++6fVnxaCFH9wYPSQzfjBDt6sYA4PCr32Ku4pw33Ekp++wQu4vXhu398pW0WMRRifM30XQ6jeH+Vo7YN+JYfmB4CywT5/V0nZXkGMNLLKDuhu8qcWobw67e4Hiydbl2D14tCsTwyUFRregoHvg4fIkWTsuMaDCi9oEzzxtG/SdfKjrIxY64j0WBQeBUD1hq/kxT8OiTaRlS6SJe2krlMLMcr82x31zaajAMUiUQOgRJmvaG3gHjnKV9KMHYPyCJS4aTl5PtVRe/D9tvZ77U=
Content-Type: multipart/alternative; boundary="_000_PAXPR07MB88446AFD36DF0E9CC8AAD55AF4139PAXPR07MB8844eurp_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PAXPR07MB8844.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6f3063bc-c1d4-48a0-672f-08dad193b8aa
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Nov 2022 22:56:01.4762 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: F0xfTvjSLjVLKMq7chb85LGVKgNmvoIdekYbyd+rpeY8qAbVKkAuEHysuAhiv+1u3x8ETOq0Dq1pcjYA8Kbbd9Gswxi0mhPImyS6tKSqEeM=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8PR07MB7377
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/LmtS6FyalSLGfgdnWxj51sDuBio>
Subject: Re: [Lake] I-D Action: draft-ietf-lake-edhoc-18.txt
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Nov 2022 22:57:13 -0000

All,

We have submitted edhoc-18 adressing all WGLC comments that can be handled for now.

The main changes are described in the change log. There are many edits following the detailed WGLC reviews, but the test vectors in the -traces draft are not impacted.

Three issues remain open:

#350: References to made security reviews –  to be added as they become available.
#353: Sufficient conditions for security of new EAD items – we think this may be hard to state meaningfully in general terms.
#372: State machine – needs to be detailed and decided if to include.

Please check and let us know if you have any further comments.

Göran




From: Lake <lake-bounces@ietf.org> on behalf of internet-drafts@ietf.org <internet-drafts@ietf.org>
Date: Monday, 28 November 2022 at 19:56
To: i-d-announce@ietf.org <i-d-announce@ietf.org>
Cc: lake@ietf.org <lake@ietf.org>
Subject: [Lake] I-D Action: draft-ietf-lake-edhoc-18.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Lightweight Authenticated Key Exchange WG of the IETF.

        Title           : Ephemeral Diffie-Hellman Over COSE (EDHOC)
        Authors         : Göran Selander
                          John Preuß Mattsson
                          Francesca Palombini
  Filename        : draft-ietf-lake-edhoc-18.txt
  Pages           : 99
  Date            : 2022-11-28

Abstract:
   This document specifies Ephemeral Diffie-Hellman Over COSE (EDHOC), a
   very compact and lightweight authenticated Diffie-Hellman key
   exchange with ephemeral keys.  EDHOC provides mutual authentication,
   forward secrecy, and identity protection.  EDHOC is intended for
   usage in constrained scenarios and a main use case is to establish an
   OSCORE security context.  By reusing COSE for cryptography, CBOR for
   encoding, and CoAP for transport, the additional code size can be
   kept very low.


The IETF datatracker status page for this draft is:
https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-454445555731-578c4d404c868b8a&q=1&e=642edaa4-c8f1-45aa-b6f7-271c0ee60530&u=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-lake-edhoc%2F

There is also an HTML version available at:
https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-454445555731-24284da70282b6bb&q=1&e=642edaa4-c8f1-45aa-b6f7-271c0ee60530&u=https%3A%2F%2Fwww.ietf.org%2Farchive%2Fid%2Fdraft-ietf-lake-edhoc-18.html

A diff from the previous version is available at:
https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-454445555731-28de5d9d8eb6e3bf&q=1&e=642edaa4-c8f1-45aa-b6f7-271c0ee60530&u=https%3A%2F%2Fwww.ietf.org%2Frfcdiff%3Furl2%3Ddraft-ietf-lake-edhoc-18


Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts


--
Lake mailing list
Lake@ietf.org
https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-454445555731-948db44c63f551b2&q=1&e=642edaa4-c8f1-45aa-b6f7-271c0ee60530&u=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Flake