[Lake] Updated issues
Göran Selander <goran.selander@ericsson.com> Fri, 06 November 2020 13:33 UTC
Return-Path: <goran.selander@ericsson.com>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E5BB93A118C for <lake@ietfa.amsl.com>; Fri, 6 Nov 2020 05:33:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eOIDOr1JVbaD for <lake@ietfa.amsl.com>; Fri, 6 Nov 2020 05:33:28 -0800 (PST)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2073.outbound.protection.outlook.com [40.107.21.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9B5FB3A1188 for <lake@ietf.org>; Fri, 6 Nov 2020 05:33:27 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Mz2jqhXgLfoLA45Zm4F9qqg5tJFDJTCYPO0E1FgOJo9ah8sUkvqJ0RtKsZXJIR12+Ox4LRH4NVRMz92KB/1Pyques9LjvMNL99om2UH3cKG035qbwhZltyopQuXceGnl105icWjoEs1v727hLEBxhYy+4tIJbKfg0/sVB/ODoWTszM70dGL0Yd0tcI5nWm1I7JDk32SFV+tgYnGr+j3E82S9AnJmcSPtVzZD9+FoHhfDUOf2Ug33Jnl2S/Y9OX+N1N/eWvtTlB+NsE7HMIKuQvWFnkovBqUlfPllBsq++hnl9EVLSdvrTdD2KRXqk0x1JKh/tpfkuW632fJUQEcXhw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6nE/Zse319tPAy0lmMPB6mq2huLNhFHc3hMuysdfD2o=; b=R3hchPqrbRNX6YGa1XQXHxQ9QNgOl53bqoXYFuM1WXOgiHU7ochiUfIXQt/KjnefZMpJHl1U9cKgnEwinDt6WBhjdvlsykNsQ0l8R/idTrN3C4iUlPT6SqV/PapzjMe7s6gISM1WPvel0dsmaK+QiAKB2g4n6wEE5OtYGZ6BiSj7pqyeFHDKQJBUW6LSTKOy0Pt7YxyKjDjALPdHdUks4mixMOjdM7TTkvWYyl9xZptcyXFdqDvFadvFfQ8UODbIbhu+gPg1MOrM4CiJJoq1yLC4+BM7Y5ztjXwHthZzDwVQEx9h/Fffyk+q5FH9J1RkX2Zuoo8drUiY9FvMNss8MQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6nE/Zse319tPAy0lmMPB6mq2huLNhFHc3hMuysdfD2o=; b=rx7JGEx35QYRTU0+Pr52qxLu3Ai67IV0khrNVnNuSHj1xZ7HnnyA6BL5+WhtQGAQkhaNQIyky6WJr1/MUtMDDDic+B0spb9YUzqDQECwyI6EBGjNUt7yktjXg7kIZoPSKcvfncAYDtZivZ5EpDivTIOAZHDok/2DcE5h1TgAsxk=
Received: from HE1PR0702MB3674.eurprd07.prod.outlook.com (2603:10a6:7:82::14) by HE1PR0701MB2954.eurprd07.prod.outlook.com (2603:10a6:3:4d::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3541.15; Fri, 6 Nov 2020 13:33:24 +0000
Received: from HE1PR0702MB3674.eurprd07.prod.outlook.com ([fe80::c99c:9978:10bb:e231]) by HE1PR0702MB3674.eurprd07.prod.outlook.com ([fe80::c99c:9978:10bb:e231%3]) with mapi id 15.20.3541.015; Fri, 6 Nov 2020 13:33:24 +0000
From: Göran Selander <goran.selander@ericsson.com>
To: "lake@ietf.org" <lake@ietf.org>
Thread-Topic: Updated issues
Thread-Index: AQHWtDhI8oM91NA/CEKUKKOlSfEimw==
Date: Fri, 06 Nov 2020 13:33:24 +0000
Message-ID: <HE1PR0702MB36749F1B3CCB382D8EAF29D2F4ED0@HE1PR0702MB3674.eurprd07.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [83.251.145.232]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: e1c45851-4b0d-42aa-c39b-08d88258896a
x-ms-traffictypediagnostic: HE1PR0701MB2954:
x-microsoft-antispam-prvs: <HE1PR0701MB295434C4388D680100BB5B96F4ED0@HE1PR0701MB2954.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: HZ1kBsotgxEwRInnqowCrNntX8Oiawpt6Zv4Xe7Khu/2WkZSx/1Ww2FwR/02d88Qbm5Vq9eiitX9AvqJlMsM7jTv231FVWSSKSTvxFmeDRn65ELNEI6sbt1/eYJO5cyoAXv8lWiNFGCzsj8dYHZ7/0TauuYoGHlrBmqPDj9VR4t0yEY3aWfecZZ7sro8gy5jb3tJ+DbN/BY9/QmDtPqmpK4amuqusrg2YLRkGnHL1V6XeaY/3YHjRRExGq+pblCqpQIDqGlrghZmhCdAhwIKdSNV8zelK7P6bm+Dwo/hr/CGY1UJw9pmaFbWVw/wulYh1M0RuFczPRoIQLzstOvf/OCV8tAjSDLyxz3rmeH5q+DPFINoUfWCmdPa5YG+5kjZwEcNEEDV46sqY4/aJnY3mQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0702MB3674.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(39860400002)(136003)(396003)(346002)(376002)(366004)(66556008)(83380400001)(66946007)(66476007)(186003)(76116006)(33656002)(166002)(5660300002)(8936002)(478600001)(6506007)(3480700007)(71200400001)(966005)(26005)(8676002)(66446008)(64756008)(2906002)(7116003)(316002)(86362001)(55016002)(6916009)(15650500001)(9686003)(52536014)(7696005)(66574015); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: MSjCUma7VIHPsc9bOkqE+xPzXXEfLrcndquyvI4ysYMHdequK1/2GUiYa6XFyfS93PV1reoMEeuKUhG21eBIzBJS8pcPt4xx7e9A5Qmvnp82T50/oA0OSxvf9tH1hQ7orMkYvRmIALQKPjwxLhItVceX0k3jS6Pe+eU1Y56NlgBmvotWDhi7RidHFygrSeCoAV6k5TAihQZAflfi79sOw6uyixUq1wOQFzfP8m2dQ+wGZ6Z0UbkC6iig+AVQIjpJxcn5phXm96h9KK7R3hODXY2vtKS3VWiGxlbUkbE6Vx1LEHP3z1Z60n3SgZ0y1TzZikNE121oY4nAHDvWDfqTsK7bqYlcEq9mR5HNObPCwkzH2UZtT/fcWe5f8tT2tcHzBgr+dbL6udsMjSnn167CEC/UsJ+ckfB2k2f4olaxzeFVrBgZlozMq24U/V9d5XSycVAfZk0bh2Hj/zGMch0YAOOFExuffOOdpUpPC0l63gg8yN+Dgr3TVPdxbgcGceXJd7HAxoAwmN1XkpSPDUpyi1fypeNaDO1HZvTwt9viSE5OBr/detyCvhi9wdGMBW5jtAEr1cRIJlDSc83jSdZq+SAdH7W4sYHiY5a7kdlLywFaDzgQSh2ncUzenHiurr8fzfPb5s0d+JindKIJ/jjcXA==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_HE1PR0702MB36749F1B3CCB382D8EAF29D2F4ED0HE1PR0702MB3674_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0702MB3674.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e1c45851-4b0d-42aa-c39b-08d88258896a
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Nov 2020 13:33:24.5074 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: uEDbMQuROPUAVjpzfJPzUMjHfy+dHH4TBjPZRYvFU7ZrU+FVtXr3s0iqNimPIEW1DEAWnBkszKpH6DBbFIbDs1uLETlLKPcOXyEOYOrCBQg=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2954
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/w-K2ktBSZ1K7d9Co20jWb2Yxg5s>
Subject: [Lake] Updated issues
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Nov 2020 13:33:30 -0000
We also updated the Github issues: https://github.com/lake-wg/edhoc/issues It now includes all input known to us, and with specific questions that needs to be answered, summarized below. We would appreciate additional feedback to progress the specification. Please provide your preferences, either in the issue tracker or by responding to this mail. Thanks! 1. Use of SHA-512 and MTI ciphersuite We propose not to replace SHA-256 with SHA-512 in cipher suites 0/1. Any disagreement? Which option for MTI cipher suite do you prefer: 1. Change to ECDSA-based 2. Keep EdDSA with SHA-512/accept that it may not be implemented 3. Define a new EdDSA-based cipher suite using SHA-256 * Do you think that would be deployed? Related issues: * Ciphersuites requiring multiple SHA (#2) * Use of SHA-512 in constrained IoT (#21) * Mandatory to implement cipher suite (#22) 1. Future-proofing EDHOC Shall we specify the key exchange as a KEM? (#17) Shall we replace HKDF with a more general extract-and-expand to allow KMAC? (#19) 1. Rekeying AEAD Shall we solve rekeying of AEAD within EDHOC, or let the data protection protocol, e.g. OSCORE, handle it more efficiently? (#20) 1. Agreement/negotiation of parameters/options Are we happy with the assumptions on which parameters to negotiate and which are agreed beforehand? Related issues: * Agreement/negotiation of parameters/options (#23) * Agreement of method (#11) 1. Verification of intended peer Should the “subject name” in raw public keys be recommended or even mandatory? (#8) 1. Injective agreement Should EDHOC introduce a fourth (optional) message? Related issues: * Optional message_4 for key confirmation (#18) * Injective agreement issue (was: G_IY in session key material) (#10) 1. Resumption Is there any need for a resumption mechanism in EDHOC? (#25) 1. Forward and backward secrecy Is there a need for a more lightweight protocol component that provides both forward and backward secrecy or is it sufficient with PK-based ECDHE and PSK-FS? (#24) We would like to discuss these at IETF 109. Göran
- [Lake] Updated issues Göran Selander