Re: [Lake] FW: New Version Notification for draft-selander-lake-edhoc-01.txt

Michael Richardson <mcr+ietf@sandelman.ca> Sun, 15 March 2020 15:26 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 227213A17F4 for <lake@ietfa.amsl.com>; Sun, 15 Mar 2020 08:26:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uZS7v4OzTYst for <lake@ietfa.amsl.com>; Sun, 15 Mar 2020 08:26:53 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DDCE13A07E7 for <lake@ietf.org>; Sun, 15 Mar 2020 08:26:51 -0700 (PDT)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id C91543897D; Sun, 15 Mar 2020 11:25:28 -0400 (EDT)
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id E1C12DCB; Sun, 15 Mar 2020 11:26:44 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>
cc: "lake\@ietf.org" <lake@ietf.org>
In-Reply-To: <0BF0EBF2-3729-4F44-8741-E38D04250352@ericsson.com>
References: <158377530368.5487.16131956287497512046@ietfa.amsl.com> <0BF0EBF2-3729-4F44-8741-E38D04250352@ericsson.com>
X-Mailer: MH-E 8.6; nmh 1.7+dev; GNU Emacs 25.1.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature"
Date: Sun, 15 Mar 2020 11:26:44 -0400
Message-ID: <10904.1584286004@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/t8cPKog2EyumRdJoVr8PGjJScbo>
Subject: Re: [Lake] FW: New Version Notification for draft-selander-lake-edhoc-01.txt
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Mar 2020 15:26:56 -0000

John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org> wrote:
    > - One LAKE requirement is to support mixed cerificate and RPK modes. To
    > minimize the overhead for such modes, we have merged the signature and
    > static DH modes into a asymmetric mode which allows mixed signature and
    > static DH authentication.

I might need a glossy photos with circles and arrows and a paragraph on the
back, but I think I understand.

    > - With the new mixed mode it was more optimal to use a MAC-then-Sign
    > approach like IKEv2 instead of Sign-then-MAC like TLS 1.3. This is also
    > more aligned with the SIGMA-I paper which does not discuss
    > Sign-then-MAC.

okay.

    > - Party U and V were renamed Initiator and Responder.

IKEv2 gets into this silly terminology where it winds up having an "Initial Initiator"
due to the way that it rekeys and some other considerations.  Let's not repeat that.
I kinda liked U/V myself.

--
Michael Richardson <mcr+IETF@sandelman.ca>ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-