Re: [Lake] Review of draft-ietf-lake-edhoc-12

Marco Tiloca <marco.tiloca@ri.se> Mon, 13 December 2021 21:40 UTC

Return-Path: <marco.tiloca@ri.se>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2461A3A0BEF for <lake@ietfa.amsl.com>; Mon, 13 Dec 2021 13:40:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.952
X-Spam-Level:
X-Spam-Status: No, score=-3.952 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, NICE_REPLY_A=-1.852, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ri.se
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id alspaXkl1iFT for <lake@ietfa.amsl.com>; Mon, 13 Dec 2021 13:40:18 -0800 (PST)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70048.outbound.protection.outlook.com [40.107.7.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CD8453A0C14 for <lake@ietf.org>; Mon, 13 Dec 2021 13:40:15 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kgUnXDWu/12XdBqD3WZ6NAQKNDiQxh7QNKqmCzHBsb/yRAy8l7I/M/iKBZBIETmoYG4uTER0tHbrBYGdI4YtiUO724pWEUEXbGXwPvE3Q1woVU+f7T5d8CX6/SMPZ8D7O/BsCYFAKeUX6W+y0581FNheq3gmwZuoRRqlUpvRv5TiyuY2nFowwmd8lOcM1619qog6citGNxeYxOAZGzEwSUIDwT694otm89d34wu+Gb89KhInnsqkRnWFXcY6KPcdHVqEU0i+k9zbAu7duzQcoz8g9WwA5qmNnC2wRk6nb+F3Zn0D72FjiCv2DUQubJO7gisutd8Eg3yrlDwGDWJlng==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=wdqta1ZfvSzFqkyT4dXS5qHi0fvMXoX9D0GgO6U22pw=; b=SRP7B6mG9/rs4+Efw9ok2I8nC7FWCpSKk6iOtKuF42ANejMk3McGR7rZ4nVsal0spErdaNxWgFaaz+8VREGFtPWYCinXBrs2i8Hwy+hoWdS8fk1B/z6mNUlWlrxACXDu6zsYMmE8zXPoYHPo9LB621JszLq0rAB6eueHjol8oL38p4zBuK3p/TEUAEPt6bGXHG4HhcejC93wBYBA3UhZRff5ouW9CMT1uhym9zhopJJOS2sUswciF1JWLdvkT5QRZbWm0dutHdsISwrj3qfzDHqjYe2/nHXjz/MrOtuJ/05lcMwKCo6ILtSyiN0VhTSAfuAk6qIwq6IbVCCXLMY3QQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ri.se; dmarc=pass action=none header.from=ri.se; dkim=pass header.d=ri.se; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ri.se; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wdqta1ZfvSzFqkyT4dXS5qHi0fvMXoX9D0GgO6U22pw=; b=Qe179eHQaUttL5kxg2cWOJ8Cz3cq6UtXFG06XvNRvt9F66blKSPaTcpcwScCG5N/l7EqTLnkKtztszXdB/7ahodkPl1Q/d8tGLNO5qyy7Hwa+slkBYXzmZKpRsdSU0K7Ufcf1ZPDbzj/qlEC1ywzcHb/NFmsqEH6GqWMWhn6lQs=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ri.se;
Received: from DB8P189MB1032.EURP189.PROD.OUTLOOK.COM (2603:10a6:10:16e::14) by DB6P189MB0405.EURP189.PROD.OUTLOOK.COM (2603:10a6:6:3d::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.16; Mon, 13 Dec 2021 21:40:11 +0000
Received: from DB8P189MB1032.EURP189.PROD.OUTLOOK.COM ([fe80::20b1:5d0e:9de4:7ca1]) by DB8P189MB1032.EURP189.PROD.OUTLOOK.COM ([fe80::20b1:5d0e:9de4:7ca1%8]) with mapi id 15.20.4778.018; Mon, 13 Dec 2021 21:40:11 +0000
To: =?UTF-8?Q?G=c3=b6ran_Selander?= <goran.selander=40ericsson.com@dmarc.ietf.org>, "lake@ietf.org" <lake@ietf.org>
References: <5bc7e680-1513-f838-1188-8e2b67630430@ri.se> <AM4PR0701MB219541145A4E91D7624F5E3AF4699@AM4PR0701MB2195.eurprd07.prod.outlook.com>
From: Marco Tiloca <marco.tiloca@ri.se>
Message-ID: <ec1d1807-48a6-03cd-cdba-90204fc6d99c@ri.se>
Date: Mon, 13 Dec 2021 22:40:08 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.14.0
In-Reply-To: <AM4PR0701MB219541145A4E91D7624F5E3AF4699@AM4PR0701MB2195.eurprd07.prod.outlook.com>
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="Rrjqq89ZsNlaLO8GCknJUQ8T5UCA0kBrr"
X-ClientProxiedBy: GV3P280CA0044.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:9::11) To DB8P189MB1032.EURP189.PROD.OUTLOOK.COM (2603:10a6:10:16e::14)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 63cf6295-ae3a-4275-3da2-08d9be81238a
X-MS-TrafficTypeDiagnostic: DB6P189MB0405:EE_
X-Microsoft-Antispam-PRVS: <DB6P189MB0405D26C7E6078392B3AD1AA99749@DB6P189MB0405.EURP189.PROD.OUTLOOK.COM>
X-MS-Oob-TLC-OOBClassifiers: OLM:10000;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: dnsm9LXLUFqghvb+A0EsN+foPQJPhQ+rsBSz9xeQGWUEcKB4SGa86oLOfFViBm/kq9FLlV5UcisdDjD6jnb1U7OFE4kUP18GZ7FgUI5hy8N7cKo5vEL/eyjvTMmoMeyW8NsCoJmXAf3yZw4nDxLfMkM+F+gt0e7HetMoPYwT0YJAM8zYND/OM300YNNRmfGdo4icgKtck8/t+0Y+wEpmGthWCq5nimvgndHySokg3RjBpP28zShHMh80h2YdyMMpVH41+eSPk1yKtQ02ouHIl3t6eMBIlHI5eRD1u0mLsNZZxC+6/DVSh7kTakinlutXlnlhsjIemELaeKVK8qw7hQIocOc8Vq77loyeems5+eUSFMbkzxdZDYEPy/9K8sWjtiWnKWwYxUcihT8jVNXCT0/Z2DPHbY1mN/oRJwmaY2JZN7dmWGKbxk9Fa8jw2jhtj807ISd3Ihq41qIq2hDp7mBseLYfJsOSHrQgpa1ByupC9TMCaqfuxb/QO1YLef402bfWAqLhjPr/rugBJkypKWAgnE+LCl3ZSoa92QUdggX/1AN78MH/VZAEsh0sa/1e2iz0zDW07XxzPLr7mE0kzqI4NSgUQzpNQkm/L5f3H1y81HNZ9qtP7qr7+NSPUfz40/ZzEwsdqMYU3kWiLFF28xI9aPTulOPfz3tmGSoWvKFyqLMBzFSrCb8T/NgI8HQvl7aYUZb01GQDMIjMwPs33215LhfuoFEgQhoWFxpb4VqCfPgcLcE6wtIIgUEdmaeLJ7yuxOhuvjY6U4RlqzBjxIGfeeooG6SsmLD0DmUcKsGmvAOCq+A28YgFWip7Ikj4
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB8P189MB1032.EURP189.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(366004)(8676002)(966005)(4001150100001)(8936002)(53546011)(38100700002)(31696002)(508600001)(6506007)(2906002)(45080400002)(19627405001)(186003)(26005)(36756003)(66946007)(86362001)(6486002)(21480400003)(6512007)(316002)(166002)(66574015)(44832011)(6666004)(235185007)(2616005)(83380400001)(31686004)(66556008)(66476007)(5660300002)(110136005)(45980500001)(43740500002); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?Windows-1252?Q?g333/gmY3GFXtZatS/F/a7TNp5A9IeZXf5gICQUS8Npg09b6RN9IO6xR?= =?Windows-1252?Q?qFC1czr71pRxA3yCnqQKbyLmLReZjGJcVDpXTevD3QdK5thtvbwME3Ou?= =?Windows-1252?Q?rMZF6GmyEjHds84GjLKvGtiE/8biYBZJy/yNP5qjmZLvbkffhWP1c0gh?= =?Windows-1252?Q?o7lWg3DaWFWHdisSWm0Y6Kg0AWddpOYhe4IMobgryH6hfKPhHdZ9A+K6?= =?Windows-1252?Q?d1dFv0gLTGeiPSUWI5HhNcO1op6pPxd15+w0RSsWy/OT/oMdPjBNv6qz?= =?Windows-1252?Q?YrZ+XmQjx8qoxEgjd61Fa0F5UIWGoOkT0WAGqP0E0B3VX3YmZl8rSr6S?= =?Windows-1252?Q?qMbCPU6DcKS/VYvQe7gPZ55A/u8gIKfYSykJ96h+ZqRjQs5A02dIljRh?= =?Windows-1252?Q?QUgQSdD/l8OMETfQkBIL2KGuqhzOwYrwSpheXlGfYzEfXG1bBca8RDOa?= =?Windows-1252?Q?5cV8S6KyOgwOl/s6LZgaS46XcWjilxnEtld6X08DQAeFzLHFhiuKcrcT?= =?Windows-1252?Q?L1IZ7b7NAKd+b9Q4tRxTDohO8ifUBS//rxRnqRFQCu7Gcj4FP5Wpxfgn?= =?Windows-1252?Q?ufbZqBdcY7dAnHKjtgoJ5GRrhqA/Uw1SUjPz6njoeZG9Q5ncVXUzN/Zb?= =?Windows-1252?Q?px1mvJ9T0ZS7aCGcK3QpaPgwxTtgxh92IwKtxZr0PHaZebzmnqE6NL7E?= =?Windows-1252?Q?dxMX9OcAlefRfclzmB3TxCJzwwFIIhtj7CseAQM2ha2KFj1PCkU5tQhj?= =?Windows-1252?Q?XjkEru3ENYeDIl5h7c4K2OfEIwZkkemDlcQYhWQMiUJuZgET7JljpWm8?= =?Windows-1252?Q?8LwMyZkyl7PNLZzgFlDroUbFTKzy12OHD2ceqvw7LL56PdLSpXX7HxXz?= =?Windows-1252?Q?HumLZ+rZvYbtYMdCIMoYAzw3qsxx/Izu4HzUznapM+QA/qJUaHHgpsXU?= =?Windows-1252?Q?qBjnKyqq5eVbK+OboMPL5eYOq0Y0QsZRAvxIczuDSijHQy7mg53qcOQE?= =?Windows-1252?Q?5I0TCjFnPzfxleXULizQ8iTbNDTcNMPKHlcMRXMQExiSto+xr7wQSqtv?= =?Windows-1252?Q?/gOHT1ydAp+TwHNeo62E4Qf8NNkqTyujksFlVv3ALMzK+Awrzd3h5E5R?= =?Windows-1252?Q?vMV1VFT5FldzqBMSgbl5H2nSsSFmRjySwiFXUucZYY0YBBogulQaEily?= =?Windows-1252?Q?89aCixORWI1zPy9Ewo4yPU+QuC8h1KJZVEThVXhmmWHGEAuVGJsFPo1Y?= =?Windows-1252?Q?RB36yVJJkA7DwesEsGGpDmZs+OAOuLkSi2rxJRnG/qoepGifqwaBZymN?= =?Windows-1252?Q?+rr13qDypTo8FJidSrwoN6v/VIhGfg/+NkXOFSyktFX99/TyIrNrdLI2?= =?Windows-1252?Q?d5SgeaSWNAVoovUT3+CJQOcQG5A/caMTqZekwrP4udnCdq1X+uBB+oXf?= =?Windows-1252?Q?FTMHJg4WERRZMQLOCI5F1EJYs4Ipf2t6h9uA2tqn4C77eAyMrcYbpT4O?= =?Windows-1252?Q?NSn514EHnYYjb7dAMn45EQPsChFAc2uDV5DOkT+s34DWH96e0Iz9hI+A?= =?Windows-1252?Q?29GTSVzUGyQQkn+BbgKTA+QMjZqtyUlwK0no1mJ1Xta6EcDdttSVB2tr?= =?Windows-1252?Q?tScL00kmNvSEbmNmVPJRmJLNN1MD5VMC003sJb208cF+KPltOo5TOBi4?= =?Windows-1252?Q?P+UYQ3D5BtiMjP2Oe+nHo5A4214+ZNho1rN+xNt83MJdS7IwO0A/M7MQ?= =?Windows-1252?Q?xZYvMvDgs83IvBY0bGw=3D?=
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-Network-Message-Id: 63cf6295-ae3a-4275-3da2-08d9be81238a
X-MS-Exchange-CrossTenant-AuthSource: DB8P189MB1032.EURP189.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Dec 2021 21:40:10.7993 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: R2mi24F4Rws5MQ8QphV7uxfASKH/pDadPWiWQ8v/fbdVoE9fpNcDkMcthlgZrjkTaOFoSO7zrkvopZCTaD1uUw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6P189MB0405
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/VioOCfKajn1_1BuzUtmBQ176BQg>
Subject: Re: [Lake] Review of draft-ietf-lake-edhoc-12
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Dec 2021 21:40:29 -0000

Hi Göran,

Thanks for addressing my comments!

Please, see below my reply to three points from your response. Other 
than that, PR #199 looks good to be merged.

Best,
/Marco


On 2021-12-13 15:47, Göran Selander wrote:
>
> Hi Marco,
>
> Thanks for the review. It is recorded as github issue #192 and a 
> proposed update to the draft is in PR #199.
>
> Comments inline. Please let us know if you have further comments on 
> the updates made or if it is OK to merge #199 and close #192.
>
>
> *From: *Lake <lake-bounces@ietf.org> on behalf of Marco Tiloca 
> <marco.tiloca=40ri.se@dmarc.ietf.org>
> *Date: *Wednesday, 3 November 2021 at 17:26
> *To: *lake@ietf.org <lake@ietf.org>
> *Subject: *[Lake] Review of draft-ietf-lake-edhoc-12
>
> Hi all,
>
> As promised, please find below my review of EDHOC v -12.
>
> Best,
> /Marco
>
> =============
>
> [Section 1.1]
>

==>MT
(trimming)
<==

> * s/compromise of the long-term keys/compromise of the long-term
> identity keys
>
> [GS] The term "identity key" is not used elsewhere in the document. 
> The term "long-term key" is used throughout the document including the 
> security considerations and is a common term used in protocol analysis 
> which is what this text talks about. So I think it makes sense to not 
> change here. The alternative would be to talk about "private 
> authentication key" which is also used in the document, but more in 
> the context of identities.
>

==>MT
I see, then it's good to keep "long-term keys".
<==

>
> [Section 8.7]
>
> * "... but intended to simplify ..."
>
>     Since "security context" is mentioned in the following sentences, it
> is better to explicitly mention that they are referring to the
> application protocol and not to EDHOC anymore.
>
> [GS] I didn't make this proposed change because "security context" is 
> not limited to OSCORE, so this sentence applies also to EDHOC. If you 
> still find this misleading, please explain in what way it is so.
>

==>MT
Ok, I think the confusion comes from not using "security context" as 
related to the EDHOC execution earlier in the document. That has rather 
been referred as "protocol state".

Perhaps it's worth clarifying this in Section 3.4.1, that now states 
twice "the retrieval of protocol state during EDHOC protocol execution." 
This may become "the retrieval of protocol state and its security 
context during EDHOC protocol execution".
<==

>
> [Appendix A.3]
>
> * "EDHOC message_2 or the EDHOC error message is sent from the server to
> the client in the payload of a 2.04 (Changed) response. EDHOC message_3
> or the EDHOC error message is sent from the client to the server's
> resource in the payload of a POST request. If needed, an EDHOC error
> message is sent from the server to the client in the payload of a 2.04
> (Changed) response."
>
>     This text should also be a remnant of old versions. When using EDHOC
> for OSCORE, EDHOC error messages as CoAP responses are sent as error
> responses, see the first paragraph in Appendix A.3.1. The text above can
> rather, more generically, be:
>
>     "The server sends to the client EDHOC message_2 in the payload of a
> 2.04 (Changed) response, or an EDHOC error message in the payload of a
> response. If needed, the client sends to the server an EDHOC error
> message in the payload of a POST request. Otherwise, the client sends to
> the server EDHOC message_3 in the payload of a POST request. If needed,
> the server sends to the client an EDHOC error message in the payload of
> a response."
>
> [GS] Good spotted, I modifed the original text in a different way:
>
> NEW
> EDHOC message_2 or the EDHOC error message is sent from the server to 
> the client in the payload of the response, in the former case with 
> response code 2.04 (Changed), in the latter with response code as 
> specified in Section 8.3.1 EDHOC message_3 or the EDHOC error message 
> is sent from the client to the server's resource in the payload of a 
> POST request. If EDHOC message_4 is used, or in case of an error 
> message, it is sent from the server to the client in the payload of 
> the response, with response codes analogously to message_2.
>

==>MT
Looks good, although I guess you meant "as specified in Appendix A.3.1. 
EDHOC message_3 ..." , rather than "as specified in Section 8.3.1 EDHOC 
message_3 ..."
<==

> Thanks!
>
> Göran
>
>
>
>

-- 
Marco Tiloca
Ph.D., Senior Researcher

Division: Digital System
Department: Computer Science
Unit: Cybersecurity

RISE Research Institutes of Sweden
https://www.ri.se

Phone: +46 (0)70 60 46 501
Isafjordsgatan 22 / Kistagången 16
SE-164 40 Kista (Sweden)