Re: [Lake] 1 week 2nd WGLC on requirements and scoping text

Tomas Gustavsson <tomas.gustavsson@primekey.com> Mon, 01 June 2020 12:15 UTC

Return-Path: <tomas.gustavsson@primekey.com>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E117D3A10DA for <lake@ietfa.amsl.com>; Mon, 1 Jun 2020 05:15:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=primekey.com header.b=VhZhiYmx; dkim=pass (1024-bit key) header.d=primekey.com header.b=VhZhiYmx
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uxVQAlRzm1XS for <lake@ietfa.amsl.com>; Mon, 1 Jun 2020 05:15:27 -0700 (PDT)
Received: from mail.primekey.com (mail.primekey.com [84.55.121.163]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2F9493A10C1 for <lake@ietf.org>; Mon, 1 Jun 2020 05:15:04 -0700 (PDT)
Received: from mail.primekey.com (localhost [127.0.0.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.primekey.com (Postfix) with ESMTPS id D723B6AA0090 for <lake@ietf.org>; Mon, 1 Jun 2020 14:05:31 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=primekey.com; s=mail; t=1591013131; bh=O38J6yGnB5yxvPVge6eyH0ManmdzFdesQngE2XGuRyM=; h=To:From:Subject:Date:From; b=VhZhiYmxYuU3wssiJor/FlPQVDiM3f93h3UZA1My/NY722/V60nU9VSLOoA+Ww55A /wM+WA0EujENTIhzHJIigFkluzeF/aziOrH0gg6Ifn/WmaTyKsMjIUFTrB1stPtfWa GKnwdsKvTRFl8I8bfwBGMfZ6Fhu/RxXvRD5FZePc=
Received: from [10.11.0.7] (gatekeeper.primekey.se [84.55.121.162]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.primekey.com (Postfix) with ESMTPSA id B6DD36AA0082 for <lake@ietf.org>; Mon, 1 Jun 2020 14:05:31 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=primekey.com; s=mail; t=1591013131; bh=O38J6yGnB5yxvPVge6eyH0ManmdzFdesQngE2XGuRyM=; h=To:From:Subject:Date:From; b=VhZhiYmxYuU3wssiJor/FlPQVDiM3f93h3UZA1My/NY722/V60nU9VSLOoA+Ww55A /wM+WA0EujENTIhzHJIigFkluzeF/aziOrH0gg6Ifn/WmaTyKsMjIUFTrB1stPtfWa GKnwdsKvTRFl8I8bfwBGMfZ6Fhu/RxXvRD5FZePc=
To: lake@ietf.org
From: Tomas Gustavsson <tomas.gustavsson@primekey.com>
Autocrypt: addr=tomas.gustavsson@primekey.com; prefer-encrypt=mutual; keydata= xsBNBEyuwwYBCAD31Jsxn1lf7rnFc7y3Ol+TE7pU7ohO78kMdoVrZdAMnU9W0P33GedbU+kF 8/RFq7HlXV8a91RkgtdcMAK8tSdtBKDGZCOJZm5qOZ/EHikY8k/7s1wgSQSF4hYSG/IABCCA W139joDFl4L3buWyk2lsYX1HDBpuXGDL5HFyu165T0ZVlt23T04xmAwpIHUViKUWw1QYnlRz s66Desn2WeP+X8/QlqF1zOTUXbgrThB1X/Oh2+wzP08HVoTQCzlrEMeb9x2k+oa8PtVdnflh nZKBtyyBkZxRoHG3tNKcaf7JLoadSXcSKSKvfApcsxpP2JpkQgIhLi3JWik/Z+RR2WD1ABEB AAHNMFRvbWFzIEd1c3RhdnNzb24gPHRvbWFzLmd1c3RhdnNzb25AcHJpbWVrZXkuY29tPsLA dwQTAQgAIQUCWX8yTAIbIwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRBibcSbAEP+QGAU CAC82dn8XCQ8Ei7gxQAdRSc2imaP/388i/ObDMYhNhg5j4gXs3tkfxuCvhwkzskUFgOtmaEy uz/gIiVjQIsjQrHh5tl9M0q2tqbDHJpWfE6/SkXPUmTqQ0VGyq1MmZ3/zg2jSoll74qBSfdH V7sWugRXeCBxfaPeYo8DdPCGi27yrdL8zb3xkJ3BxPcDGNdkLm+Yza+qAOrssCD7MSLN+6Sd ML5Xcmw6pgRPlQ0aCsM7scrwgBNb7KrwxaqBxqwcuqF0NMgNjeiEHi2Oj3HOZdYU4Blk2GFq 9zHuCzTWumgNOlfksZ9K3ZMJBn6KLPot5bVXIKdnHwWRzoKMDxkSZjM5zsBNBEyuwwYBCADZ 98eCFQ64zKo1OKkUgEJHO1JdsiqRO1znu6KyaTcd2vXfOCGkFFVBL+vjzzyyYV7Sg1/AaG4r l9TKJCwvx8mUmTJkKQspTfOj6AY33bmfMB/8LBYj2BjtxXyMucPjNTJqbL2r1HeGPV2nwyof MAyo2qcYuiLs20Ob7U8vooOV3GDDKEkXtJYZzTEU6qabGsepGIvMu770OZwvm4akQiCGe5sQ 4+/UH1pMZQNi+/fGbONFx+TUVMM8EkXD6dQ5WoL+xPabPjqiUmR7EBvg0uocr70Ag93tWk1d 4RgFcicjwMFcPg4TZ8Y/3Y7Nmbyo14+4SMNfNPFLgQMawL+cLLkdABEBAAHCwF8EGAECAAkC GwwFAlYXhXUACgkQYm3EmwBD/kA2igf/QNpPe7sLt3KdRD3x4cStxGjLCWyj7x1YLVnV4Nnu TvaNhC+KHx3uG39y1x3PJQwslpeSQ6JipOUmxeQjjGJGQZLV41L1PCJVhCL98Dinr6dJkYB7 cAVhfmW8PI51jiANExLZu8U5gnthj5CGv4428ODQgSoRI0demG3HmVCNrKdap+orhT8zRkq8 DuHTO01U7PKsfvQ2k8AqSAC/JjMOs1mpFe032IApXxlZkE+33Q3dE5BiJmICYg8hsRXvpKTm ZMCdNZJUQLq+XNpg6RtAPQIPMmCepXrE9M/KuH+jFS2G5+Hx5VBSM644E1G2i+HOPCVdHjof iaNi3V/ItEG3jw==
Message-ID: <bba65240-671d-d924-f6f8-ad8bc9269f7e@primekey.com>
Date: Mon, 1 Jun 2020 14:05:47 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.8.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/r1s7-b_ALrP_ktnOTgkaURUEKjE>
Subject: Re: [Lake] 1 week 2nd WGLC on requirements and scoping text
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Jun 2020 12:15:36 -0000

Hi,

We are working with PKI for IoT and are happy with the initial focus of
the requirements.

Regards,
Tomas Gustavsson
-- 
PrimeKey Solutions AB
Solna Access Plan A8,
Sundbybergsvägen 1, 171 63 Solna, Sweden
Mob: +46 (0)707421096
Internet: www.primekey.se
Twitter: twitter.com/primekeyPKI


-----Original Message-----
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Sent: Sun, 24 May 2020 21:08 UTC
To: lake@ietfa.amsl.com
Subject: [Lake] 1 week 2nd WGLC on requirements and scoping text

Stephen Farrell <stephen.farrell@cs.tcd.ie> Sun, 24 May 2020 21:08
UTCShow header

Hi all,

First: my apologies for taking so long on this. (I got
sidetracked by an unexpected project.)

ISTM we have pretty good, if rough, consensus on enough of
the text to proceed, but with one important part that needs
checking. (See below.)

I'd like to start a 1 week 2nd WGLC with the main focus
being to establish whether we have rough consensus on the
scoping text below. (Which can be see in context at [2].)
That text was the main outcome of our virtual meeting last
month.

So, please send mail to the list saying if you are happy
enough to proceed on this basis. If you are not, then I'd
appreciate if you could suggest alternate text with as
few changes as possible.

This 2nd WGLC closes on June 1st. If I see rough
consensus to proceed at that point, I'll plan to start a
call for adoption for the edhoc draft. If not, we'll have
to discuss how to proceed with our AD, as I think that
would mean that the WG is very badly stuck.

The scoping text added was:

   As illustrated above, the setting is much more diverse
   in terms of credentials and trust anchors than that of
   the unconstrained web.  In order to deliver a timely
   result, there is a need to initially focus on what is
   considered most important at the time of writing: RPK
   (by reference and value) and certificate by reference.
   Information about validity of a certificate may be
   omitted from the AKE if available over unconstrained
   links.  The case of transporting certificate validation
   information over the AKE may be specified in the initial
   phase if there is a lightweight solution that matches
   existing standards and tools.

   A subsequent extension beyond the initial focus may be
   inevitable to maintain a homogenous deployment without
   having to implement a mix of AKE protocols, for example,
   to support the migration path described above.  The AKE
   needs to make clear the scope of cases analysed in the
   initial phase, and that a new analysis is required for
   additional cases.

Thanks,
Stephen.

[1] https://tools.ietf.org/html/draft-ietf-lake-reqs-03
[2] https://tools.ietf.org/html/draft-ietf-lake-reqs-03#section-2.2.1