Re: [Lake] 1 week 2nd WGLC on requirements and scoping text

Michael Richardson <mcr+ietf@sandelman.ca> Mon, 01 June 2020 19:27 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 717F73A14E4 for <lake@ietfa.amsl.com>; Mon, 1 Jun 2020 12:27:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XJVp_qvyH1_G for <lake@ietfa.amsl.com>; Mon, 1 Jun 2020 12:27:32 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AD2393A14E3 for <lake@ietf.org>; Mon, 1 Jun 2020 12:27:32 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id 2F4B738A7A for <lake@ietf.org>; Mon, 1 Jun 2020 15:25:08 -0400 (EDT)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id hJNiXKlDQ_Ca for <lake@ietf.org>; Mon, 1 Jun 2020 15:25:02 -0400 (EDT)
Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id 27F7338A45 for <lake@ietf.org>; Mon, 1 Jun 2020 15:25:02 -0400 (EDT)
Received: from [IPv6:::1] (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 8FAB2478 for <lake@ietf.org>; Mon, 1 Jun 2020 15:27:23 -0400 (EDT)
To: lake@ietf.org
References: <3ca570db-8509-04cf-1878-291b28e00842@cs.tcd.ie>
From: Michael Richardson <mcr+ietf@sandelman.ca>
Message-ID: <2c4e5358-f6a0-388f-756d-70542849b6a6@sandelman.ca>
Date: Mon, 1 Jun 2020 15:27:23 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0
MIME-Version: 1.0
In-Reply-To: <3ca570db-8509-04cf-1878-291b28e00842@cs.tcd.ie>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/dmxarh4C4uhSuVYhlB9NkTfmi6o>
Subject: Re: [Lake] 1 week 2nd WGLC on requirements and scoping text
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Jun 2020 19:27:34 -0000

On 2020-05-24 5:07 p.m., Stephen Farrell wrote:
> 
> Hi all,
> 
> First: my apologies for taking so long on this. (I got
> sidetracked by an unexpected project.)

..

>     As illustrated above, the setting is much more diverse
>     in terms of credentials and trust anchors than that of
>     the unconstrained web.  In order to deliver a timely
>     result, there is a need to initially focus on what is
>     considered most important at the time of writing: RPK
>     (by reference and value) and certificate by reference.
>     Information about validity of a certificate may be
>     omitted from the AKE if available over unconstrained
>     links.  The case of transporting certificate validation
>     information over the AKE may be specified in the initial
>     phase if there is a lightweight solution that matches
>     existing standards and tools.

Hi, RPK by value and certificate by reference are precisely this use 
case that comes from 6tisch/zerotouch constrained enrollment.
It is on the 802.15.4 links that the interop events I was part of in 
2019 experienced significant challenges with other AKEs.