Re: [Lwip] WGLC for draft-ietf-lwig-crypto-sensors-03
Zhen Cao <zhencao.ietf@gmail.com> Wed, 09 August 2017 00:42 UTC
Return-Path: <zhencao.ietf@gmail.com>
X-Original-To: lwip@ietfa.amsl.com
Delivered-To: lwip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5515F120720 for <lwip@ietfa.amsl.com>; Tue, 8 Aug 2017 17:42:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K_vgrlW5LYCO for <lwip@ietfa.amsl.com>; Tue, 8 Aug 2017 17:42:13 -0700 (PDT)
Received: from mail-ua0-x22c.google.com (mail-ua0-x22c.google.com [IPv6:2607:f8b0:400c:c08::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6296120227 for <lwip@ietf.org>; Tue, 8 Aug 2017 17:42:12 -0700 (PDT)
Received: by mail-ua0-x22c.google.com with SMTP id q25so22684256uah.1 for <lwip@ietf.org>; Tue, 08 Aug 2017 17:42:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=whYoLbSbjraETdzOgIXZi7vrIDqM2ogFz632c3dnMZA=; b=TlAymPVn+AHAcdLRV0iz0jhuHKmutdazRo5E0q6P+ViQN2rI128qEpbA9BxrQD2drR pFxB9vX320nELk/Va0pmB3wTlKSif0RW0AE9tYRSy/kDyiqOp4kuPLEIyCGI4xNurHiW 2VbhQbYKC3cBOP1UjZO21Wc8NoZQU1QVekJn21geYxga/dgh49eNdwDepbMODlNPtawg XWBbl7Ict6frec6zQiCgTIMCYUPYO1vOuvpjq0eo5Kp1Zk3Z1+Oxy9ISjQvjkvxD3NvB CvTfgyVFsakGMYIEbfUy4BfJGQULiTzgCNxmdC9/iXRCGQpfUF/xvkFoo8vlQT5mT+Gi tM+Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=whYoLbSbjraETdzOgIXZi7vrIDqM2ogFz632c3dnMZA=; b=rnwDgyTul08OPmUKzjndCwmB9RiV/NB7hZdOzzaKdmHUDbEKrrIn4KJf1pVDLFmI5h WW0K1aPtNYUGy9JNZwP9hP5oR954UvxlqkX37ys+8+D+pWnIbO+o97bjvsA6RBDNxM/f Mdy3AilzWmbUr/pQvsHgVKXh/63lqe5GhLfkzbWjeiGm8EGBVxxmJEZWh3zZOn3cD8Sg 5l49bBg0MvLC9kHpwWeODeOgyvObAxUo6+srREDsZaCQ6pDrISPG9DMQADxgrhsNPUlj Pm/pxXwUv0lob2MqmgToYeB9lD6/ol+IeWfmC5D7VETxvTsKqPXtupD1wQYW3qWXE6gQ TN0g==
X-Gm-Message-State: AHYfb5g5FsxKFMxl694U02fYw8YtVIsw+3+gojPhfSo+gYmdaJUdlc36 H7T3UIFA3qtxWNZPbJwvt1uxyVgv1w==
X-Received: by 10.176.18.217 with SMTP id o25mr3842859uac.77.1502239331852; Tue, 08 Aug 2017 17:42:11 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.176.92.91 with HTTP; Tue, 8 Aug 2017 17:42:10 -0700 (PDT)
In-Reply-To: <3790c9dd-7868-cd7b-c0e5-bd91d89e407a@ericsson.com>
References: <CAFxP68y0DDUhgqcTy9QBRWW=B4OfRCB1v8YRHkhPyWVenezgwQ@mail.gmail.com> <5354b483-0319-3038-3ceb-f73f9a55a1a0@ericsson.com> <E7B26433-5612-46A7-B5E4-08BC5437A17E@tzi.org> <72d88d35-5238-19b1-119b-107901d1cf38@ericsson.com> <001601d30f82$299b11f0$7cd135d0$@nm.ifi.lmu.de> <dfbac399-ab3e-0509-9efb-d3183ea4140c@ericsson.com> <000001d31026$5574dc80$005e9580$@nm.ifi.lmu.de> <3790c9dd-7868-cd7b-c0e5-bd91d89e407a@ericsson.com>
From: Zhen Cao <zhencao.ietf@gmail.com>
Date: Wed, 09 Aug 2017 08:42:10 +0800
Message-ID: <CAFxP68xFP9uYaS6BERvpnUo1My30cdBcxKEAvR7uEgDA5oQmQg@mail.gmail.com>
To: Mohit Sethi <mohit.m.sethi@ericsson.com>
Cc: Tobias Guggemos <guggemos@nm.ifi.lmu.de>, Carsten Bormann <cabo@tzi.org>, lwip@ietf.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/lwip/kpVQcGsmRfoX7q8Nl4I6s9NZYQo>
Subject: Re: [Lwip] WGLC for draft-ietf-lwig-crypto-sensors-03
X-BeenThere: lwip@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Lightweight IP stack <lwip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lwip>, <mailto:lwip-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lwip/>
List-Post: <mailto:lwip@ietf.org>
List-Help: <mailto:lwip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lwip>, <mailto:lwip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Aug 2017 00:42:15 -0000
Hi Mohit, >From the discussion, the potential update is not substantial to the key technique part of this document, it will be fine that we move the new version to the next step. BR, Zhen On Tue, Aug 8, 2017 at 5:48 PM, Mohit Sethi <mohit.m.sethi@ericsson.com> wrote: > Hi Tobias > > Your proposed text sounds good to me and I will update the document to > reflect the changes suggested. > > @Chairs: A procedural question; should I go ahead and submit another update > as the deadline for last call is now over? > > --Mohit > > > > On 08/08/2017 12:11 PM, Tobias Guggemos wrote: >> >> Hey, >> >> I don't think this needs another last call, if we don't want to broaden >> the scope of the document. >> I just feel that the proposed change would help to understand the actual >> scope of the document for a first-time-reader. >> Your proposed text helps, but you can certainly keep the "experiences" >> part, I'd just state that the document presents experiences with signing: >> The memo describes a possible deployment model where resource-constrained >> devices sign message objects, discusses the availability of cryptographic >> libraries for small device and presents some preliminary experiences with >> those libraries for signing operation on small devices. >> >> Regards >> Tobias >> >> >> -----Ursprüngliche Nachricht----- >> Von: Mohit Sethi [mailto:mohit.m.sethi@ericsson.com] >> Gesendet: Montag, 7. August 2017 18:20 >> An: Tobias Guggemos <guggemos@nm.ifi.lmu.de>; Carsten Bormann >> <cabo@tzi.org> >> Cc: lwip@ietf.org >> Betreff: Re: AW: [Lwip] WGLC for draft-ietf-lwig-crypto-sensors-03 >> >> Hi Tobias >> >> The abstract does say that "The memo describes a possible deployment model >> suitable", the keyword being "a". I agree that the title is a bit broad but >> that is because in section 13 and 14, we discuss some broader trade offs of >> doing security at the different layers of the protocol stack. Perhaps the >> abstract could use text "The memo describes a possible deployment model >> where resource-constrained devices sign message objects, discusses the >> availability of cryptographic libraries for small devices". If you think >> this change is needed, I could update the draft and hopefully we don't have >> to do another last call for this minor fix. >> >> --Mohit >> >> >> On 08/07/2017 04:36 PM, Tobias Guggemos wrote: >>> >>> Hey Mohit, >>> I see your point and that it is out of scope for the document. However, I >>> feel the title and the abstract is then a bit misleading and should say that >>> this document discusses security architectures and cryptographic functions >>> for authentication/signing only? >>> Just a thought to avoid missunderstandings. >>> Regards >>> Tobias >>> >>> -----Ursprüngliche Nachricht----- >>> Von: Lwip [mailto:lwip-bounces@ietf.org] Im Auftrag von Mohit Sethi >>> Gesendet: Sonntag, 6. August 2017 21:10 >>> An: Carsten Bormann <cabo@tzi.org> >>> Cc: lwip@ietf.org >>> Betreff: Re: [Lwip] WGLC for draft-ietf-lwig-crypto-sensors-03 >>> >>> Hi Carsten >>> >>> This document looks at a very specific deployment scenario where >>> resource-constrained devices sign message objects. Therefore, it only >>> documents the performance of ECDSA sign operation. >>> >>> I do think the numbers of Elliptic curve diffie-hellman key agreement are >>> useful for the community and the group should work on documenting them. I >>> did discuss this with Tobias (off-the-mailing list) and perhaps those >>> numbers can go in a separate document on minimal G-IKEv2. I currently have a >>> working implementation of x25519 Diffie-hellman key agreement on a R Pi but >>> I don't consider it constrained enough. Once I have more numbers, I will >>> definitely contribute. But for now I strongly believe that they don't fit >>> into the current document. >>> >>> --Mohit >>> >>> >>> On 08/06/2017 02:39 PM, Carsten Bormann wrote: >>>> >>>> Hi Mohit, >>>> >>>> One point that came up in the discussion in Prague was Diffie-Hellman >>>> performance. >>>> For a deployment that relies on symmetric keys for mutual >>>> authentication, it may be useful to do an (ECC) D-H key agreement to achieve >>>> forward security. >>>> I believe some numbers for that are available? >>>> It would be useful to include them in order to motivate the use of >>>> forward secure key agreement. >>>> >>>> Grüße, Carsten >>>> >>>> >>>>> On Aug 6, 2017, at 12:18, Mohit Sethi <mohit.m.sethi@ericsson.com> >>>>> wrote: >>>>> >>>>> Hi all >>>>> >>>>> The authors of the document believe that it is ready to move forward. >>>>> During the previous last call we had already received support from several >>>>> working group members. >>>>> >>>>> Based on the feedback during the previous last call, we removed the >>>>> performance measurements of RSA key sizes smaller than 2048 bits. We also >>>>> added performance measurements of ECDSA sign operation on ARM 32-bit >>>>> platforms. Additionally, we improved the text on the need for a random >>>>> number generator, more guidance on choosing the right platform, and why >>>>> larger flash memory size is needed for firmware updates. We also removed >>>>> some extraneous text from the background section. Any further comments are >>>>> welcome. >>>>> >>>>> --Mohit >>>>> >>>>> >>>>> On 07/31/2017 04:23 AM, Zhen Cao wrote: >>>>>> >>>>>> Hello Everyone, >>>>>> >>>>>> This email starts the WGLC for draft-ietf-lwig-crypto-sensors-03 >>>>>> https://tools.ietf.org/html/draft-ietf-lwig-crypto-sensors-03 >>>>>> >>>>>> This is a second WGLC with the new draft resolving the comments >>>>>> received from last round. >>>>>> >>>>>> We still appreciate very much if could you help review the document >>>>>> and send your comments to the mailing list. Thank you in advance. >>>>>> >>>>>> The WGLC will end in ONE week till August 7th, 2017. >>>>>> >>>>>> Thank the authors for their hard work again. >>>>>> >>>>>> Best regards, >>>>>> Zhen >>>>>> >>>>>> On Wed, Feb 22, 2017 at 11:15 AM, Zhen Cao <zhencao.ietf@gmail.com> >>>>>> wrote: >>>>>>> >>>>>>> Hello everyone, >>>>>>> >>>>>>> This email starts the WGLC for draft-ietf-lwig-crypto-sensors-02 >>>>>>> (https://tools.ietf.org/html/draft-ietf-lwig-crypto-sensors-02) >>>>>>> >>>>>>> Could you help review the document and send your comments to the >>>>>>> mailing list. Thank you in advance. >>>>>>> >>>>>>> The WGLC will end in two weeks from now. >>>>>>> >>>>>>> BR, >>>>>>> Zhen >>>>>> >>>>>> _______________________________________________ >>>>>> Lwip mailing list >>>>>> Lwip@ietf.org >>>>>> https://www.ietf.org/mailman/listinfo/lwip >>>>> >>>>> _______________________________________________ >>>>> Lwip mailing list >>>>> Lwip@ietf.org >>>>> https://www.ietf.org/mailman/listinfo/lwip >>>>> >>> _______________________________________________ >>> Lwip mailing list >>> Lwip@ietf.org >>> https://www.ietf.org/mailman/listinfo/lwip >>> >> > > _______________________________________________ > Lwip mailing list > Lwip@ietf.org > https://www.ietf.org/mailman/listinfo/lwip
- [Lwip] WGLC for draft-ietf-lwig-crypto-sensors-03 Zhen Cao
- Re: [Lwip] WGLC for draft-ietf-lwig-crypto-sensor… Mohit Sethi
- Re: [Lwip] WGLC for draft-ietf-lwig-crypto-sensor… Carsten Bormann
- Re: [Lwip] WGLC for draft-ietf-lwig-crypto-sensor… Mohit Sethi
- Re: [Lwip] WGLC for draft-ietf-lwig-crypto-sensor… Tobias Guggemos
- Re: [Lwip] WGLC for draft-ietf-lwig-crypto-sensor… Mohit Sethi
- Re: [Lwip] WGLC for draft-ietf-lwig-crypto-sensor… Tobias Guggemos
- Re: [Lwip] WGLC for draft-ietf-lwig-crypto-sensor… Mohit Sethi
- Re: [Lwip] WGLC for draft-ietf-lwig-crypto-sensor… Zhen Cao