[Lake] EDHOC Review
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Fri, 05 November 2021 19:37 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C5C33A0CA6 for <lake@ietfa.amsl.com>; Fri, 5 Nov 2021 12:37:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mLpUI31kdGDw for <lake@ietfa.amsl.com>; Fri, 5 Nov 2021 12:37:34 -0700 (PDT)
Received: from mail-ua1-x931.google.com (mail-ua1-x931.google.com [IPv6:2607:f8b0:4864:20::931]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D87B03A0C9F for <lake@ietf.org>; Fri, 5 Nov 2021 12:37:33 -0700 (PDT)
Received: by mail-ua1-x931.google.com with SMTP id az37so19011494uab.13 for <lake@ietf.org>; Fri, 05 Nov 2021 12:37:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:from:date:message-id:subject:to; bh=x9qvH/hsLM7v682W9g4zY+bBzfhSRfO/0zbbcB3N2ZE=; b=Ldc3x9eBguv5hMU5U93WS0nWwbSCXinAQKUJ6wULAa8tP28uiiIdltglPMgj/woOQ1 rcPn6sb6uymYcyC2UrfN+y59yO/CAYPk7IKQO4INGwPfGXf5HP8d1sJLSlN1Is2UzUyF KIUMljQVdFWJOcfv8bg53R5YFlEXWA+iVFmMfZUq9Vs4VddLQYO13ID4XSJayrf1aR9X DwpNs8xlvT094v/QH6gLKTqKHrWhtKKHpGf8i85I0Xle2pOBFpgSpnJxSqp6aKzZ2NqZ BeolDDU1+br+RsdUyedYjat5eOCa7nJAhaHO/KFCRvwYhFaiqqCeNtw+XEZ0PMVTyW1G a/Jg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=x9qvH/hsLM7v682W9g4zY+bBzfhSRfO/0zbbcB3N2ZE=; b=FVP5xvMPZt21WdRY+WzCbYJFREQkQJvyUzU0NE8BGRMooWDVLuIPh+dVW/F0rPsYLY Opn3koz5D4iW6YPHuFVlnyb6qq9uPfEYSBc+B9xpNf+UjdgmH8vPNYGRvbgHA6Yj0R2o x1uObK9nltHQAytaUFFwlxf9HShRn+vGJvuPBclLNnXaan+CFG3Q8INjpNGFvGVGrLv2 Q54sQ8SRcqqa/D/bRGRODMTJ2i3B9itAnKAxvYTZ3Bi7RZj648J6hp7f2Fqoxh1S/Vl2 ApBthgxt10hgjqVzLgm+cyjObwwsne1Wgr2PWqiNQEBbbstAQJD0sTDigCrzhxYX4LEq yXHg==
X-Gm-Message-State: AOAM533y0gzcGi71iBsNJ705bIOjDcnbZ+eG5Yrl6wBCNC/WpRwb/jyO Ha7U5B68Ypc9qFWOVwJPCkNrpzK6gAcq1LexzXlaqBJfWcU=
X-Google-Smtp-Source: ABdhPJwpDrAVazJoDjhZonXyaZgi3Xmb0OGhvfs/lSiYZ4ytfPFxOVhs3Y+bHa9X5GwExWkjvFRH12GVPkss8TDA3gs=
X-Received: by 2002:a9f:3d85:: with SMTP id c5mr68786426uai.12.1636141051048; Fri, 05 Nov 2021 12:37:31 -0700 (PDT)
MIME-Version: 1.0
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Fri, 05 Nov 2021 15:36:55 -0400
Message-ID: <CAHbuEH7Jm6vZkWNORO+jEXi6wVfUyhtv1t_Q+ouSphTHiFVM0Q@mail.gmail.com>
To: lake@ietf.org
Content-Type: multipart/alternative; boundary="00000000000026778105d00fc698"
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/_WXM6xHrWf-QUk_at5KUJal3ius>
Subject: [Lake] EDHOC Review
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Nov 2021 19:37:35 -0000
Greetings! I had offered to contribute a review at the last interim and am very glad to see this document come to this part of the process after the large efforts that went into its development and demonstrating it's value for use with constrained devices. Here are a few nits to consider: Section 1.1 Nit OLD: EDHOC does currently not support pre-shared key (PSK) authentication as authentication with static Diffie-Hellman public keys by reference produces equally small message sizes but with much simpler key distribution and identity protection. NEW: EDHOC does not currently support pre-shared key (PSK) authentication as authentication with static Diffie-Hellman public keys by reference produces equally small message sizes but with much simpler key distribution and identity protection. Section 1.2: The intent of the following sentence is to convey that these libraries are already in use for OSCORE, but the wording of the following sentence could be a bit more clear: OLD: By reusing existing libraries, the additional code size can be kept very low. PROPOSED: In using libraries already in the code base for OSCORE, the additional code size can be kept very low. Section 3.8 S/enrolment/enrollment/ Section 4.3 S/kan/can/ In the following sentence: in most encryption algorithms the same key kan be IANA Registries I see for the registries created that Expert review [RFC8126] is required. What documentation is required? Is it also Specification required or is there other guidance for the experts when considering updates? I see this is discussed in 9.14, but perhaps adding specification recommended in each of the places a registry is created would be helpful. Thank you for your work on this document and protocol! -- Best regards, Kathleen
- [Lake] EDHOC Review Kathleen Moriarty
- Re: [Lake] EDHOC Review Göran Selander
- Re: [Lake] EDHOC Review Kathleen Moriarty