Re: [Lake] Call for adoption for draft-selander-lake-edhoc - respond by June 22

Richard Barnes <rlb@ipv.sx> Mon, 22 June 2020 21:49 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 170833A11E8 for <lake@ietfa.amsl.com>; Mon, 22 Jun 2020 14:49:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CctZ72YxjGa2 for <lake@ietfa.amsl.com>; Mon, 22 Jun 2020 14:49:27 -0700 (PDT)
Received: from mail-qt1-x830.google.com (mail-qt1-x830.google.com [IPv6:2607:f8b0:4864:20::830]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CBD7B3A11E6 for <lake@ietf.org>; Mon, 22 Jun 2020 14:49:26 -0700 (PDT)
Received: by mail-qt1-x830.google.com with SMTP id o38so5233382qtf.6 for <lake@ietf.org>; Mon, 22 Jun 2020 14:49:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=kW7igc50suyI5n52GHzUHwAfxjdpuRudwE9xCodJ5Aw=; b=Vvdee1rPD5a6ZZvcCNgPmf3qsxl1pO0+YzdZE59iPZBV7Fp4wGb2jNJkkDJGqCMOte 94PcZfexrxYDrigBbKCG0SRquZyQxalA54L1zwMbLWzZ3EQ0EcihwBdgUbE79sJo9btY gQDKhOxop+3nN5/Uh8ivGvzGOemAWBWsGP9MoDNkkBIqpXisdXLNx2ZSzaHn5W7wQOus MSE2voTFynLn4PCyDXfvZaVa2HW+mWuzpFsMP6WE8hkuY9oA0p3k3N12H/ZxfbSEnXZX VnlM2Xk0IeVE+8DPmG/XF7AkvHmR4QFN921RZzk4V04o9kOeBee+/UwixXylMtmr/+vb yrKw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=kW7igc50suyI5n52GHzUHwAfxjdpuRudwE9xCodJ5Aw=; b=VANJZFNwD6i/njIY008/j31I9RtGJ7Jv5i/mC664iS8hyQ/sBtU7TLXGz6/V+7Ucv5 9/OlcDZy6FLK1d3NNyBWfSJlvU2O4THKbFsxG7qSPelu0LHYvXezvXMuMYAvMathS7z0 l41BFm05QyBH7LV9F5iWfAi2tsu9v/NK03ixGoJf+hwoYbNRgrPxFtlXR9+J7nG/MK8e fMr0Km9oKco6GkvyCnFS+XQBaa1wWyLD6nZ5P2X7Vfs1akE5UnPQSgQxf9EEQGylgHRp Q/BVJMgUIlxlafIcfsFX/T/cqj2nGRjBY3MN1X/G0iFDTJnS2ix+1jj6xpZCUwBSZC4c KwTQ==
X-Gm-Message-State: AOAM530QfJPLHrqBFnT2kYdV4jgnikZM8YRB09qDhjKR5JDwP7Ht1hbz 6RGFDHJPfXHAe31R8nTkaMt/ZwiRs/xeboS6o0Lz7zv7v7mHNw==
X-Google-Smtp-Source: ABdhPJz1i2Jqxafk1gh0qFvHpUoDb86B1zHAfPL9crlIiJv4bRA2n5jCIScTCDqs2q9MwzLtZlwbR17PwwSmBEj1fD4=
X-Received: by 2002:ac8:346e:: with SMTP id v43mr17424844qtb.265.1592862565227; Mon, 22 Jun 2020 14:49:25 -0700 (PDT)
MIME-Version: 1.0
References: <89EA6A63-AB99-4649-9F08-D6FBDE1DEF2F@inria.fr>
In-Reply-To: <89EA6A63-AB99-4649-9F08-D6FBDE1DEF2F@inria.fr>
From: Richard Barnes <rlb@ipv.sx>
Date: Mon, 22 Jun 2020 17:49:08 -0400
Message-ID: <CAL02cgQ_eLnnwztRShbFbra6eFEvY5pv7Q2Mrk+rxMaHxd7ubw@mail.gmail.com>
To: =?UTF-8?B?TWFsacWhYSBWdcSNaW5pxIc=?= <malisa.vucinic@inria.fr>
Cc: lake@ietf.org
Content-Type: multipart/alternative; boundary="000000000000606e3505a8b33751"
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/gkDEj9iriFVM03ESu2FRsX9BTEM>
Subject: Re: [Lake] Call for adoption for draft-selander-lake-edhoc - respond by June 22
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Jun 2020 21:49:29 -0000

Hi all,

I oppose adoption of EDHOC, for both process and technical reasons.

At the process level, it is ridiculous to move for adoption immediately
after declaring consensus on the requirements.  Unless you're going to use
the requirements to evaluate solutions, there's no point having them, and
there has been no discussion on this list as to how the two solutions
compare in light of the agreed requirements.

Mališa, Your call for adoption also incorrectly suggests that because cTLS
has been adopted by TLS and no other drafts have been submitted to LAKE,
then EDHOC is basically the only option.  That is not true -- the group
could declare consensus that the focus should be on cTLS, declare victory,
and close down.  That would also fulfill the charter.

I continue to believe that cTLS is a better option for solving this
problem.  From the beginning, those of us involved in cTLS have pointed out
that having more choices for security protocols in the ecosystem has
costs.  We have also put forward concrete protocol proposals, backed by
implementation, that show that cTLS can meet the requried constraints.
Neither argument has been addressed by the EDHOC proponents.

More directly, it is hard to evaluate whether EDHOC is a suitable starting
point given that it has been a very dynamic target over the last several
versions, and earlier iterations have had security issues.  Starting from
the thoroughly-vetted baseline of TLS is a safer approach than designing
from whole cloth.  One can focus on specific questions around the things
that are being changed, rather starting analysis all over again.

I also believe that the IETF should focus its work on protocols that will
have real-world impact.  It is clear that EDHOC is popular among
academics.  Opinion appears much more split among people who work on
shipping code for real IoT devices.  Until we can get some real consensus
among actual implementors, we should not move forward.

--Richard

On Mon, Jun 8, 2020 at 9:54 AM Mališa Vučinić <malisa.vucinic@inria.fr>
wrote:

> Hi all,
>
> Since we now have a rough consensus on the requirements document, we are
> proceeding with the selection of the LAKE for OSCORE our working group is
> chartered to work on. Given:
>
> - the LAKE working group charter,
> - a wide community support over an extensive period of time for
> draft-selander-lake-edhoc,
> - adoption of the cTLS draft by the TLS working group where it will be
> further developed,
> - that no other drafts have been submitted for consideration of the LAKE
> working group,
>
> we are now launching a call for adoption for
> https://tools.ietf.org/html/draft-selander-lake-edhoc-01.
>
> Please reply to this thread whether you support the adoption, and indicate
> if you are ready to review if this draft becomes a working group document.
>
> The call for adoption ends on June 22nd, 2020.
>
> Your LAKE chairs.
> --
> Lake mailing list
> Lake@ietf.org
> https://www.ietf.org/mailman/listinfo/lake
>