IETF Logo Mail Archive

Re: [Lake] Call for adoption for draft-selander-lake-edhoc - respond by June 22

Hannes Tschofenig <Hannes.Tschofenig@arm.com> Fri, 26 June 2020 08:57 UTC

Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C19973A11ED for <lake@ietfa.amsl.com>; Fri, 26 Jun 2020 01:57:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=b6MR+ScK; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=b6MR+ScK
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UDLkV7w3HAO9 for <lake@ietfa.amsl.com>; Fri, 26 Jun 2020 01:57:05 -0700 (PDT)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60050.outbound.protection.outlook.com [40.107.6.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B0913A11E9 for <lake@ietf.org>; Fri, 26 Jun 2020 01:57:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Q12WTFiyeBLkCaSRpbVj29FFJSdvAJjZeY+l/50TNnw=; b=b6MR+ScKIgbrzuZ7xDeRMiwspm17BcmSyGULsHUY2jOv/pTcG3c3lz6mhwdfLaJH0/9MLY8X4DBQRpFzZTFI2pKnAv+6kxg46lpVlzV/XWestFRjqNgluGnSgauIDNpgqQGhBmxL5jXzXkKffwcmRXAt+NiOn+q3u1nXndZpG/w=
Received: from AM6PR02CA0019.eurprd02.prod.outlook.com (2603:10a6:20b:6e::32) by AM7PR08MB5415.eurprd08.prod.outlook.com (2603:10a6:20b:10d::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3131.23; Fri, 26 Jun 2020 08:57:02 +0000
Received: from AM5EUR03FT028.eop-EUR03.prod.protection.outlook.com (2603:10a6:20b:6e:cafe::e1) by AM6PR02CA0019.outlook.office365.com (2603:10a6:20b:6e::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3131.21 via Frontend Transport; Fri, 26 Jun 2020 08:57:02 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=bestguesspass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM5EUR03FT028.mail.protection.outlook.com (10.152.16.118) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3131.20 via Frontend Transport; Fri, 26 Jun 2020 08:57:02 +0000
Received: ("Tessian outbound 217a52b9caed:v59"); Fri, 26 Jun 2020 08:57:02 +0000
X-CR-MTA-TID: 64aa7808
Received: from f5707db604f3.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 4C2A3299-BE78-4428-9F67-F4A8838EE167.1; Fri, 26 Jun 2020 08:56:57 +0000
Received: from EUR05-VI1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id f5707db604f3.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Fri, 26 Jun 2020 08:56:57 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=K2QzEOf576ki2tVqXC3dzJF/Jz+V/khvUACql4ivyQwZ/D/H/qdYndbcPFoO90j2cVyb6LAD/UJMNQczkqVu4cDG3THwc/1bXxbYORUeFsZNf5X/OEWXfE3MyCsSho/J8kPaBffTvBZrROE5er5K4OMgUlWYps+KQ0IIMXLXgQ3ec6eVgsK5XnmH2oug00bwTGnKE9s1ROfm/Ox0X8i7IOkeHsx+uEBpPc0Y7u1HuTZouDUEh6Vw+gfrnBhC1ckqitTyTDdfiWP3kBerMExL1kDEpomgI8vVQBi8jsXAY1/3ko71MPXYlXYtCBePLL1/dgTPVzoNzm/5hDitw/O3HA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Q12WTFiyeBLkCaSRpbVj29FFJSdvAJjZeY+l/50TNnw=; b=EfUq2s5VsxVDFJd1RpnseUp8DvgPYfKN0qz/a2e2QZhKjyCLqbvB3RdXqEQKZMH0drrnjgGlzTmohHIbIZXZAy74ROcNSMEjrmsJWgqyEPMrT2YYmarXjOUM4IsG1o6PrNgpUv/cxTt694r+tF4cuMUYVGpLM0a4M16GlB4CDLTwsMSf/0B4pHyfspMuewcIpHiSoBG9l1DhHjPi3zONCxbOpSTIFcKuQfWMLHfpQ9e/8ITarnYaCVpGkwzrAQ7guXvRuxVLJQIWY2YX7V2z5djLr2XVRgXiwS7QA/bJ4ChcVhPEbWPAS4kgtZ/uOUSOpI4x24ffGLNczv3lehCkIw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Q12WTFiyeBLkCaSRpbVj29FFJSdvAJjZeY+l/50TNnw=; b=b6MR+ScKIgbrzuZ7xDeRMiwspm17BcmSyGULsHUY2jOv/pTcG3c3lz6mhwdfLaJH0/9MLY8X4DBQRpFzZTFI2pKnAv+6kxg46lpVlzV/XWestFRjqNgluGnSgauIDNpgqQGhBmxL5jXzXkKffwcmRXAt+NiOn+q3u1nXndZpG/w=
Received: from AM0PR08MB3716.eurprd08.prod.outlook.com (2603:10a6:208:106::13) by AM4PR08MB2820.eurprd08.prod.outlook.com (2603:10a6:205:d::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3131.21; Fri, 26 Jun 2020 08:56:55 +0000
Received: from AM0PR08MB3716.eurprd08.prod.outlook.com ([fe80::39f5:e4d9:51ff:eae]) by AM0PR08MB3716.eurprd08.prod.outlook.com ([fe80::39f5:e4d9:51ff:eae%7]) with mapi id 15.20.3131.024; Fri, 26 Jun 2020 08:56:55 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: "Blomqvist, Peter" <Peter.Blomqvist@sony.com>
CC: "lake@ietf.org" <lake@ietf.org>
Thread-Topic: [Lake] Call for adoption for draft-selander-lake-edhoc - respond by June 22
Thread-Index: AQHWPZxvLJ+w4vBMzU261U8RplKJ76jlpjeAgABKVoCAAKrlAIAAK86AgACMToCAACjykIABjGeAgAAcpKCAABAFAIAAAU2ggABHOwCAATGa4A==
Date: Fri, 26 Jun 2020 08:56:55 +0000
Message-ID: <AM0PR08MB371614B9B5D9AE0E17557D70FA930@AM0PR08MB3716.eurprd08.prod.outlook.com>
References: <89EA6A63-AB99-4649-9F08-D6FBDE1DEF2F@inria.fr> <45709E7D-F538-4107-9078-DDC8DA670F58@sn3rd.com> <C4E5CAED-4849-4E8B-BC43-702D19D002C4@ericsson.com> <3867DDE5-2B74-4272-8080-D62A57AA0FEA@inria.fr> <082e49cf-d83f-3e02-ae0d-6b3ac334c3d1@gmail.com> <55D3EA37-6F03-4655-AF49-F57B474F1B97@inria.fr> <AM0PR08MB3716C3513D30F207B103BABEFA950@AM0PR08MB3716.eurprd08.prod.outlook.com> <VI1P193MB0511743F823CCB176F78CD9E83920@VI1P193MB0511.EURP193.PROD.OUTLOOK.COM> <AM0PR08MB37167B95E2633DA95C9AEB76FA920@AM0PR08MB3716.eurprd08.prod.outlook.com> <VI1P193MB05116132BEE59E830A08853C83920@VI1P193MB0511.EURP193.PROD.OUTLOOK.COM> <AM0PR08MB37167CFEA6322F28A8B48D92FA920@AM0PR08MB3716.eurprd08.prod.outlook.com> <VI1P193MB0511DAD083A645869DCA006E83920@VI1P193MB0511.EURP193.PROD.OUTLOOK.COM>
In-Reply-To: <VI1P193MB0511DAD083A645869DCA006E83920@VI1P193MB0511.EURP193.PROD.OUTLOOK.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: 348dea27-2611-4493-be2e-aa7e04e5b4b4.1
x-checkrecipientchecked: true
Authentication-Results-Original: sony.com; dkim=none (message not signed) header.d=none;sony.com; dmarc=none action=none header.from=arm.com;
x-originating-ip: [80.92.121.249]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 0ea59088-5404-444e-ac09-08d819aee4bd
x-ms-traffictypediagnostic: AM4PR08MB2820:|AM7PR08MB5415:
X-Microsoft-Antispam-PRVS: <AM7PR08MB5415525C805B07B7CA985147FA930@AM7PR08MB5415.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
x-ms-oob-tlc-oobclassifiers: OLM:9508;OLM:10000;
x-forefront-prvs: 0446F0FCE1
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: Qb5F6PTqYKEqDV+gyOkb7BrVl4diVJDbT+Egt2RJV64DEt2D9rxEI/9G+Xcj1ryZsC1mT8pFdU4CiB6a3cHCLs/tl/x0cLJhY618SxdRt12FMHghV8dX1S7ucusLwyIf0oYpJ/KrbNPcliAqtOJqlieqLDXTOxZ2hw6TGjUR+vf1f57SWq66WF4hd3f6Cjt6/gEyCddCz4dkuBHLTrTtpkcb3aW31X7DviHe9oXMxgXsfDXZfzqU478Dw5PLOqvLYoJgi5/3JBL5JdXD5Xk6liXI5SZj13BOpxRrT6PAMhaho3SjhxwDHT249QUSEp257PI7uS5EJlLiE0UcVsP+AJ+0RyTPNxLRN4keLKczQ+eALQ6b4ZqKYGjZejLQIhkKLNhCSsDPR1Us5f2XqFkAtg==
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR08MB3716.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(366004)(39860400002)(376002)(396003)(346002)(136003)(6506007)(8936002)(7696005)(966005)(478600001)(4326008)(6916009)(8676002)(9326002)(316002)(52536014)(83380400001)(86362001)(66556008)(26005)(9686003)(66476007)(66446008)(66946007)(55016002)(5660300002)(33656002)(64756008)(186003)(166002)(2906002)(76116006)(71200400001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: a5W8INqrxr6adNlIbwjey7obpOHlgMiTp8LttseaAQX0oUy8jxB1rMgSXCLwbXVk5Pjtx3Sy9gEpzP++gBJNwe9I1vT5gKlxW9bIlOYTl9KX/s3OHy3i/37biqZ0iCpQdO/M4N5VbbJsePXe1GNufr5p7SmPBgkS9Uf7A6Yq+i3WKMfT3DeF4U/26o+ohiA2xh+GzCXAiY1C0iUtaXSGnjT3h/NhobMamyJKGoUvpeqH4JJqJvoEbLYBWmy+TIFkJRDf7qwKbSqpAdDaa1vkxmQ3RSRjSxI5cI1oh6jPjYkqla/moKWolohBcNOEj0Mi0U/fOq71uhp8CMHY0h1qkyDcVMw+WCNcrhYmqdPWsqfk/KNKTKQ7atN4nSKLvWj90XJ6chXzYWQ0U3JkV0ax3PbZfyApgu46R9yvSh2RXEjN6uKjCfslHAkJ9/mC8ZTAFh1fYttVP66tRSUQ6eIS4vlkuqeGagaThccEzdff91oCBhNWEJ7fmauePP5ybxkl
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_AM0PR08MB371614B9B5D9AE0E17557D70FA930AM0PR08MB3716eurp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR08MB2820
Original-Authentication-Results: sony.com; dkim=none (message not signed) header.d=none;sony.com; dmarc=none action=none header.from=arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM5EUR03FT028.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFTY:; SFS:(4636009)(396003)(136003)(39860400002)(346002)(376002)(46966005)(4326008)(81166007)(6862004)(36906005)(82740400003)(6506007)(316002)(33964004)(7696005)(8676002)(52536014)(82310400002)(70206006)(478600001)(70586007)(966005)(86362001)(55016002)(47076004)(83380400001)(2906002)(26005)(9686003)(8936002)(356005)(5660300002)(33656002)(336012)(9326002)(166002)(186003); DIR:OUT; SFP:1101;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 8bfbfe90-0c4b-4568-8386-08d819aee0b6
X-Forefront-PRVS: 0446F0FCE1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: B3MthhSMCMxMcw3/Yxpafnx6LMuZ6Ddz6lTSKunH55VWXGCfX5vcySkRu4SgayuuajLaIkyt+iycglU/tue0TFxDOhuhemiCLzy2IhWvaHI4rOwH+WRsPb6/jOEND4d0rm18YJOd7dd0yYR7mDL70LiUFMy/16NVglpvcD0uyNaDtCIgk7NL60fTsNh8fpmIXKGI9WvigRHmXEyV1rHdRcI/RuIMPb6mwM8AcrFXXoeEINF1CgjXfuGEhPfV0wiS8Q5IK65cCuCjZI8ul27i2mHov52ftl6f36HwguNUYQZV3C3NYvvFxm4s/4ViIfw6vvTWYXYfh9292l8+yCT1ipltc/+ywBQT62zzFXQp56sk9O/r4VvJ0pKW4OBbZbZR3sRQEZpakNuFnzrUAH17oDuFg0Zl9uId4sDdpLxLX2brBCQw8vmvx0BG/UCfk0QZlu70d9ssSNSwlI0KIRgeLfem4gmckGhyDo8lorR6Fq8=
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jun 2020 08:57:02.4825 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 0ea59088-5404-444e-ac09-08d819aee4bd
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-AuthSource: AM5EUR03FT028.eop-EUR03.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM7PR08MB5415
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/sJV-V8fD5ZgX6ClAXme1Q3ga8vY>
Subject: Re: [Lake] Call for adoption for draft-selander-lake-edhoc - respond by June 22
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Jun 2020 08:57:08 -0000

Hi Peter,


  *   We can provide some input on use-cases and current issues we face with (D)TLS:.

This would be highly appreciated and timely given that there is this TLS / DTLS profile work ongoing in the UTA working group.


  *   Also please clarify “cTLS” – is that for key export or full replacement of OSCORE?

cTLS refers to the approach of compressing TLS. Here is the draft: https://tools.ietf.org/html/draft-ietf-tls-ctls-00
It has applicability beyond IoT, which is why the TLS working group adopted it.

OSCORE is conceptually similar to the TLS/DTLS record layer. The most natural way of using DTLS/TLS or cTLS would be to use it with its native record layer. Then, you obviously don’t need OSCORE.
For example, in this email thread Hari from u-blox referenced the work he did at u-blox as part of a government funded research project to protect CoAP from an IoT device over BLE to a gateway and then to the cloud. He is using OSCORE in his setup. We are using DTLS 1.2 over BLE (and then over WebSocket) in a commercial deployment where we protect CoAP entirely (end-to-end*) without using OSCORE.  We call this ATLS (application layer TLS) because TLS (or DTLS) is carried (at least in some segments of the communication path at the application layer). The ATLS spec (see https://tools.ietf.org/html/draft-friel-tls-atls-04) also adds a description on how to derive keying material for OSCORE.

Ciao
Hannes

(*): The term “end-to-end” is often over-sold because in most cases CoAP communication isn’t truly end-to-end. So, in practice one has to be careful to figure out what the “end points” in the communication are.
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email