[Lake] EDHOC Review

Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Fri, 05 November 2021 19:37 UTC

Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 4C5C33A0CA6 for <lake@ietfa.amsl.com>; Fri, 5 Nov 2021 12:37:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id mLpUI31kdGDw for <lake@ietfa.amsl.com>; Fri, 5 Nov 2021 12:37:34 -0700 (PDT)
Received: from mail-ua1-x931.google.com (mail-ua1-x931.google.com [IPv6:2607:f8b0:4864:20::931]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D87B03A0C9F for <lake@ietf.org>; Fri, 5 Nov 2021 12:37:33 -0700 (PDT)
Received: by mail-ua1-x931.google.com with SMTP id az37so19011494uab.13 for <lake@ietf.org>; Fri, 05 Nov 2021 12:37:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:from:date:message-id:subject:to; bh=x9qvH/hsLM7v682W9g4zY+bBzfhSRfO/0zbbcB3N2ZE=; b=Ldc3x9eBguv5hMU5U93WS0nWwbSCXinAQKUJ6wULAa8tP28uiiIdltglPMgj/woOQ1 rcPn6sb6uymYcyC2UrfN+y59yO/CAYPk7IKQO4INGwPfGXf5HP8d1sJLSlN1Is2UzUyF KIUMljQVdFWJOcfv8bg53R5YFlEXWA+iVFmMfZUq9Vs4VddLQYO13ID4XSJayrf1aR9X DwpNs8xlvT094v/QH6gLKTqKHrWhtKKHpGf8i85I0Xle2pOBFpgSpnJxSqp6aKzZ2NqZ BeolDDU1+br+RsdUyedYjat5eOCa7nJAhaHO/KFCRvwYhFaiqqCeNtw+XEZ0PMVTyW1G a/Jg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=x9qvH/hsLM7v682W9g4zY+bBzfhSRfO/0zbbcB3N2ZE=; b=FVP5xvMPZt21WdRY+WzCbYJFREQkQJvyUzU0NE8BGRMooWDVLuIPh+dVW/F0rPsYLY Opn3koz5D4iW6YPHuFVlnyb6qq9uPfEYSBc+B9xpNf+UjdgmH8vPNYGRvbgHA6Yj0R2o x1uObK9nltHQAytaUFFwlxf9HShRn+vGJvuPBclLNnXaan+CFG3Q8INjpNGFvGVGrLv2 Q54sQ8SRcqqa/D/bRGRODMTJ2i3B9itAnKAxvYTZ3Bi7RZj648J6hp7f2Fqoxh1S/Vl2 ApBthgxt10hgjqVzLgm+cyjObwwsne1Wgr2PWqiNQEBbbstAQJD0sTDigCrzhxYX4LEq yXHg==
X-Gm-Message-State: AOAM533y0gzcGi71iBsNJ705bIOjDcnbZ+eG5Yrl6wBCNC/WpRwb/jyO Ha7U5B68Ypc9qFWOVwJPCkNrpzK6gAcq1LexzXlaqBJfWcU=
X-Google-Smtp-Source: ABdhPJwpDrAVazJoDjhZonXyaZgi3Xmb0OGhvfs/lSiYZ4ytfPFxOVhs3Y+bHa9X5GwExWkjvFRH12GVPkss8TDA3gs=
X-Received: by 2002:a9f:3d85:: with SMTP id c5mr68786426uai.12.1636141051048; Fri, 05 Nov 2021 12:37:31 -0700 (PDT)
MIME-Version: 1.0
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Fri, 5 Nov 2021 15:36:55 -0400
Message-ID: <CAHbuEH7Jm6vZkWNORO+jEXi6wVfUyhtv1t_Q+ouSphTHiFVM0Q@mail.gmail.com>
To: lake@ietf.org
Content-Type: multipart/alternative; boundary="00000000000026778105d00fc698"
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/_WXM6xHrWf-QUk_at5KUJal3ius>
Subject: [Lake] EDHOC Review
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Nov 2021 19:37:35 -0000


I had offered to contribute a review at the last interim and am very glad
to see this document come to this part of the process after the large
efforts that went into its development and demonstrating it's value for use
with constrained devices.

Here are a few nits to consider:

Section 1.1 Nit


EDHOC does

   currently not support pre-shared key (PSK) authentication as

   authentication with static Diffie-Hellman public keys by reference

   produces equally small message sizes but with much simpler key

   distribution and identity protection.


EDHOC does not

   currently support pre-shared key (PSK) authentication as

   authentication with static Diffie-Hellman public keys by reference

   produces equally small message sizes but with much simpler key

   distribution and identity protection.

Section 1.2:

The intent of the following sentence is to convey that these libraries are
already in use for OSCORE, but the wording of the following sentence could
be a bit more clear:


By reusing existing libraries, the additional code size can be kept very



In using libraries already in the code base for OSCORE, the additional code
size can be kept very


Section 3.8


Section 4.3


In the following sentence: in most encryption algorithms the same key kan be

IANA Registries

I see for the registries created that Expert review [RFC8126] is required.
What documentation is required? Is it also Specification required or is
there other guidance for the experts when considering updates? I see this
is discussed in 9.14, but perhaps adding specification recommended in each
of the places a registry is created would be helpful.

Thank you for your work on this document and protocol!

Best regards,