Re: [Lake] Call for adoption for draft-selander-lake-edhoc - respond by June 22

Christopher Wood <caw@heapingbits.net> Mon, 22 June 2020 00:38 UTC

Return-Path: <caw@heapingbits.net>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3ED33A0855 for <lake@ietfa.amsl.com>; Sun, 21 Jun 2020 17:38:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=heapingbits.net header.b=DHuVX3wt; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=HupUymBh
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FFLzUG_YFG8M for <lake@ietfa.amsl.com>; Sun, 21 Jun 2020 17:38:45 -0700 (PDT)
Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D8F703A0854 for <lake@ietf.org>; Sun, 21 Jun 2020 17:38:45 -0700 (PDT)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.west.internal (Postfix) with ESMTP id 415761D38; Sun, 21 Jun 2020 20:38:45 -0400 (EDT)
Received: from imap4 ([10.202.2.54]) by compute1.internal (MEProxy); Sun, 21 Jun 2020 20:38:45 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=heapingbits.net; h=mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type:content-transfer-encoding; s=fm1; bh=kjiH+ U6KxV/5PLVWxZ98RvQZAmXnKrIm3MslrzFnDZw=; b=DHuVX3wtlsJEkjrVCo1S9 2MeYY4+xSTxWP5GBL3JdUDxI5PSn5BghiTpwWGckB1j18x84XEX91AWzGTXBZd37 XW0Sbpv6BuHr5vqNTxAD/S7G7reO6QGWYYW0nZk6twyJ7KB2ji51vK74AAKcOuJS Dkywln4hS0Emjau007bpfHMnKPiIxefmsEuXNJNACmTqzemtaQDD7GB8v8n5Myj9 4sMViOlXbPqyt2R02kXyaYFvq3qIb2XRsPhpk5XonzcnAdAXXLgX2ZNUEYsQGtnx VOxDQjcaM5/Fyux6K4N2xp+Nijnh66R02wt4XcLJOf3gsyg4YvdAO9yOWquBPzxL g==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm3; bh=kjiH+U6KxV/5PLVWxZ98RvQZAmXnKrIm3MslrzFnD Zw=; b=HupUymBhJkdiMIcy2sMsJS/fLf7IbMtu1JxjDD0PoCarptjmbO3Ur9Fm1 sU5AedionzRw6nBAMTNlpknNjnEuWgZKKScA78gau6HiwkaBCLpPzeUX7eCoKvmZ 43rEO/wFIQhFLTcaq8IboEL7M9E85wux5qTrzvn+7Ow05W7Oa0Z8LcwRreJ75HVn VmsscoiDA8K6RqTFOe6XEH/wkdX1HRtwX+yUNOBWQ5a6sLieY66IG43jJI1daWMJ g7Gjb1xmZ9HMaHLEnuah52e7KYqP/OBx4De3TlLV+yWYFkhWvI75n/P8yUC4Eo2R XdR49tVfhI1y/T/O7D/1xsp5fIFRw==
X-ME-Sender: <xms:k_3vXphIVbIUWz6vQAgU74xKMgjzeRJLbBnGmbNtgn3nAYPtTITdbA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduhedrudekuddgfeekucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepofgfggfkjghffffhvffutgfgsehtqhertderreejnecuhfhrohhmpedfvehh rhhishhtohhphhgvrhcuhghoohgufdcuoegtrgifsehhvggrphhinhhgsghithhsrdhnvg htqeenucggtffrrghtthgvrhhnpeetiedvlefffedtvdelhfdthfdvgfetffehtdejlefg heekleelvdduffeltdelkeenucffohhmrghinhepihgvthhfrdhorhhgnecuvehluhhsth gvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomheptggrfieshhgvrghpihhn ghgsihhtshdrnhgvth
X-ME-Proxy: <xmx:k_3vXuCUnpEZQnughFOjQzJdKAf4K92hdhEqHmvW3_VaRGZvmN-5XQ> <xmx:k_3vXpH7JvDwgJsI_E6Br2rk15knAXF5NDdmydUWT3s-tWjJJWcu2g> <xmx:k_3vXuTOLDOkM6ELy4RnvoLNYh1rGzF2SgSgsceGz8BgbUo4WdkVjw> <xmx:lP3vXl8uXWcsaeDdEEw-4o_F8RlKr_int_SMNI_0NTENdojjQdBdlg>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id D76043C00A1; Sun, 21 Jun 2020 20:38:43 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.3.0-dev0-543-gda70334-fm-20200618.004-gda703345
Mime-Version: 1.0
Message-Id: <47465501-a826-44ea-a0c3-1e9e6efeb5ce@www.fastmail.com>
In-Reply-To: <23d5f254-d1f3-81ae-8b43-bc0706f4a28f@cs.tcd.ie>
References: <89EA6A63-AB99-4649-9F08-D6FBDE1DEF2F@inria.fr> <e86bb20d-8092-9b13-76b9-220de4f00e64@ri.se> <f8337bf9-40d2-557c-0e15-53571644900a@afnic.fr> <bfe96788-ec1a-2c9e-2fab-d52fb9fd8990@um.es> <640332b4-188d-4ca7-9c41-310a3d0a73ed@www.fastmail.com> <23d5f254-d1f3-81ae-8b43-bc0706f4a28f@cs.tcd.ie>
Date: Sun, 21 Jun 2020 17:38:22 -0700
From: "Christopher Wood" <caw@heapingbits.net>
To: "Stephen Farrell" <stephen.farrell@cs.tcd.ie>, lake@ietf.org
Content-Type: text/plain;charset=utf-8
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/dC4KV_A_jZIcPZ3R1UP35qQfKtM>
Subject: Re: [Lake] =?utf-8?q?Call_for_adoption_for_draft-selander-lake-edhoc?= =?utf-8?q?_-_respond_by_June_22?=
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Jun 2020 00:38:48 -0000

Top-posting, since I think clarifying will help answer the comments below.

As observed below, cTLS is underway elsewhere in the IETF. That does *not* mean this WG needs to pick an entirely separate AKE. On the contrary, this WG ought to evaluate -- per the charter -- whether cTLS meets the needs of LAKE. If it does, and if folks favor that AKE, then the primarily outcome of this WG seems to be in formulating requirements which led to that decision. (That would be a fine outcome as far as I'm concerned. The success of a WG is not predicated on how many documents it produces.)

In sum, I think this adoption call is premature and goes against what the charter lays out. Let's do our due diligence here. 
I strongly believe Introducing yet another AKE into the standards pool is something we should not do without serious contemplation.

Best,
Chris

On Sun, Jun 21, 2020, at 5:29 PM, Stephen Farrell wrote:
> 
> Hiya,
> 
> I've a couple of questions below as I don't quite get the
> basis for your conclusion. (I'm not trying to argue your
> conclusion but I don't understand it and would like to.)
> 
> On 22/06/2020 00:51, Christopher Wood wrote:
> > I do not support adoption.
> > 
> > The charter of this WG states:
> > 
> > draft-selander-ace-cose-ecdhe is a candidate starting point for the
> > LAKE produced by the WG. Any work available from TLS or other WGs
> > that satisfies the determined requirements will also be evaluated for
> > suitability, but does not preclude the WG from freely selecting its
> > preferred LAKE for OSCORE.
> > 
> > Unless I missed it, work from TLS was not seriously evaluated for
> > suitability.
> 
> I don't understand what work you mean. cTLS has been
> adopted by the TLS WG and will be developed there. I
> don't understand what useful thing this WG could do
> about that.
>
> > In fact, it seems we jumped right over it and landed on
> > draft-selander-ace-cose-ecdhe.
> 
> Yes. That is the only other serious proposal of which
> I'm aware.
> 
> > The cTLS authors demonstrated that this variant of the protocol can
> > indeed meet the requirements set out in draft-ietf-lake-reqs-04,
> > without compromising any of the benefits that the TLS ecosystem
> > brings to the table. (Support for different server authentication
> > modes, for example, is something TLS is well equipped to support.)
> 
> That's fine, but doesn't seem to speak to this adoption
> call.
> 
> > 
> > I understand that the TLS WG adopted cTLS and will continue its
> > development there. However, that does not seem relevant for what this
> > WG chooses. 
> 
> I really don't understand that. We have 2 serious
> proposals. One will be processed elsewhere. The question
> before us now is whether to pursue the other one or
> not. It seems entirely relevant to me that we are left
> with one or zero things to work on in this WG.
> 
> > By analogy, this would be similar to QUIC developing its
> > own key exchange protocol since UDP is just slightly different from
> > TCP. 
> 
> I don't find that analogy that useful tbh. QUIC is a
> transport area WG chartered to develop a transport
> protocol. This WG was chartered to do work on the topic
> of key exchange, so I don't think the analogy holds.
> 
> > Clearly, that was not the path chosen, and I think it would be a
> >  mistake to do that here without seriously considering cTLS.
> 
> Again - I've no clue what "seriously considering" might
> mean. cTLS is being worked on. If we do not adopt edhoc
> then what would this WG be doing? I don't think is makes
> much sense for a WG to exist merely to "seriously consider"
> a work item in another WG:-)
> 
> Cheers,
> S.
> 
> 
> > 
> > Best, Chris
> > 
> > On Sun, Jun 21, 2020, at 1:13 PM, Jesus Sanchez-Gomez wrote:
> >> Hello All,
> >> 
> >> I support the adoption of this document.
> >> 
> >> I've worked with the technology in research projects/papers
> >> yielding good results.
> >> 
> >> There are several use cases where this technology is a good
> >> solution for different research projects at the University of
> >> Murcia and Odin Solutions.
> >> 
> >> While I've practical experience with this technology working 
> >> specifically in LoRaWAN, its design makes it a good fit for any 
> >> constrained radio link/LPWAN.
> >> 
> >> Also, it has potential to be implemented beyond LPWANs, like more 
> >> generic IoT scenarios with large scalability.
> >> 
> >> Best Regards,
> >> 
> >> 
> >> -- Jesús Sánchez Gómez Contratado predoctoral // Phd Student.
> >> Fundación Séneca. Comunidad Autónoma de la Región de Murcia +34 868
> >> 88 96 74 +34 635 33 26 09 jesus.sanchez4@um.es Department of
> >> Information and Communication Engineering Faculty of Computer
> >> Science University of Murcia 30100 Murcia, Spain
> >> 
> >> -- Lake mailing list Lake@ietf.org 
> >> https://www.ietf.org/mailman/listinfo/lake
> >> 
> > 
> 
> Attachments:
> * 0x5AB2FAF17B172BEA.asc
> * signature.asc