Re: [MLS] [new-work] WG Review: Messaging Layer Security (mls)
Eric Rescorla <ekr@rtfm.com> Sat, 26 May 2018 22:18 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7624E129C70 for <mls@ietfa.amsl.com>; Sat, 26 May 2018 15:18:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.908
X-Spam-Level:
X-Spam-Status: No, score=-1.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, T_DKIMWL_WL_MED=-0.01, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hSXPv5InlLEq for <mls@ietfa.amsl.com>; Sat, 26 May 2018 15:18:48 -0700 (PDT)
Received: from mail-ot0-x244.google.com (mail-ot0-x244.google.com [IPv6:2607:f8b0:4003:c0f::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3CEDF12EABD for <mls@ietf.org>; Sat, 26 May 2018 15:18:48 -0700 (PDT)
Received: by mail-ot0-x244.google.com with SMTP id l13-v6so9824189otk.9 for <mls@ietf.org>; Sat, 26 May 2018 15:18:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=2uWXrYwKK4uN9rrwzMhYP0nOIY7ofIncz2S3L4DB0Zc=; b=tZkeLKHGwoVFxWMIRSuM8NQSq9PRsEdtX6/5FVYIqFkQcfWhNX8EG9gr5oFJdP2TDc b/aAM2494IsowRl+k96+16AAzNuUMu7wIdrR8NMgMMm/AxU6zqZCSA3B8gAsJJ3KhLsU eupnpz4Ca4z6Ch6f6+0FgpKQ7KUOTUADGw3Z76QK626ESMEQXE80Z+Bi3/KbEUoPbHSF L1x5xzIlje83XclAe2V+Y6V9LTcBh3gkLw3S74spqiwrD2eWQDLIYZ9mI8HO+StScwTW tY/fDXYwgMJAip8MlKcy1HBI3njgSc2MU/9l6ZoHmGn7fUAfvX4LRTXy40R5X1cYvOZB 2wMw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=2uWXrYwKK4uN9rrwzMhYP0nOIY7ofIncz2S3L4DB0Zc=; b=NBvIZd3WlCHddSGgy/y/8sGXwjteyPBUg4id9UbKf7Zacray9Ri2rHOMVhYhMY2fx6 J9aT5jEgVlo5Wo70lcGeo0x2kPZGWkTORBKlOkiBVduohJzFGTvS7ihSv9dlu/a9uaD9 MsPIWnqjqE6Yh60BVtQG++TVqUQ3ch2p4pMCCcJMy2B3hfaErHPA4rkpgWxEitW7ZdkU x7uhpslQvQKViOO8QI1JXBKVbCyFVR2Gwn2nG7FyRPz+Ei4keURrzn4xmPfRlrK35wgf RGBgR/eOLTK25REB/NMFUS9sHImLWphzqALvcZWeyT4BP2dptFNnAPvtmdfl5fry54xk 0wmw==
X-Gm-Message-State: ALKqPwdrcZ9FvsCypFk6T5KFC7oaQtmMQ4MgSsj9eEmRgMGU9WqC0XQx clNVFDQ8bEzzIaPvYotE0G4NzYDAdAiI5XxCFX8xpA==
X-Google-Smtp-Source: ADUXVKKPrY+uZPH9ZmL1Vlo/Xr7Tsb74jAF95oYE6jrUHNRzzSHAy8Jnj0gLETuMgSfKUyNdGBmztEhfRfBKgak5FW0=
X-Received: by 2002:a9d:1055:: with SMTP id o21-v6mr5351717oto.371.1527373127592; Sat, 26 May 2018 15:18:47 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:ac9:66:0:0:0:0:0 with HTTP; Sat, 26 May 2018 15:18:07 -0700 (PDT)
In-Reply-To: <CAKKJt-fdAgGXwk2p0Rn0RMRMJ096OqHpFL0Jc1WZiBezz7F2Kg@mail.gmail.com>
References: <152630665840.10130.3108627350220292581.idtracker@ietfa.amsl.com> <41fb6ec6-b370-0598-a831-d9a605bbc758@mozilla.com> <CABcZeBMvemAeYhJkbffrWbBW_pxcSzM_xa=U+HwURdz76T1iwA@mail.gmail.com> <db43afca-735f-17d1-81c3-70ae868cf9e4@mozilla.com> <CAKKJt-fdAgGXwk2p0Rn0RMRMJ096OqHpFL0Jc1WZiBezz7F2Kg@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Sat, 26 May 2018 15:18:07 -0700
Message-ID: <CABcZeBPRcjTR9VV3qW2rAYhhA9aLmR8yx=F1iJuvwxLqwVBSsQ@mail.gmail.com>
To: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>
Cc: Peter Saint-Andre <stpeter@mozilla.com>, mls@ietf.org, IESG <iesg@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000b5c14a056d2344d2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/ICeydLz3PyCLr3krQL-BNTUHGTg>
Subject: Re: [MLS] [new-work] WG Review: Messaging Layer Security (mls)
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 26 May 2018 22:18:52 -0000
I think even Class 2 devices should be out of scope. If it happens to be the case that the protocol works for them, then great, but it shouldn't be a design consideration. More to the point, I don't really understand why this needs to be in the charter. Again, the default assumption should be that devices aren't constrained; if each charter is going to need to say that, we're going to need to revise a lot of WG charters. -Ekr On Sat, May 26, 2018 at 2:46 PM, Spencer Dawkins at IETF < spencerdawkins.ietf@gmail.com> wrote: > FWIW, > > On Fri, May 25, 2018 at 11:23 AM Peter Saint-Andre <stpeter@mozilla.com> > wrote: > >> On 5/24/18 8:05 AM, Eric Rescorla wrote: >> > >> > >> > On Mon, May 14, 2018 at 8:55 AM, Peter Saint-Andre <stpeter@mozilla.com >> > <mailto:stpeter@mozilla.com>> wrote: >> > >> > Two points: >> > >> > 1. It would be helpful to specify the expected capabilities of >> devices >> > on which the resulting protocol might be deployed, such as only >> personal >> > devices (e.g., phones and tablets) or also Internet of Things >> devices. >> > If IoT devices are in scope (I hope they are!), then citing RFC 7228 >> > would be good: >> > >> > https://datatracker.ietf.org/doc/rfc7228/ >> > <https://datatracker.ietf.org/doc/rfc7228/> >> > >> > >> > I think the default is we assume reasonably powerful general purpose >> > computers, >> >> Constrained devices are indeed hard to design for (and there are many >> dimensions of constraint - code size, memory, storage, battery, etc.). I >> wouldn't necessarily argue for supporting Class 0 devices (which >> according to RFC 7228 are "very constrained sensor-like motes"), but >> Class 2 devices (which are "fundamentally capable of supporting most of >> the same protocol stacks as used on notebooks or servers") would be >> great. I'm not sure where to draw the line and whether to include Class >> 1 devices (which "are quite constrained in code space and processing >> capabilities, such that they cannot easily talk to other Internet nodes >> employing a full protocol stack such as using HTTP, Transport Layer >> Security (TLS), and related security protocols and XML-based data >> representations"). >> >> > so if people want IoT to be designed for -- which it >> > shouldn't, IMO -- then that would have to be stated in the charter. >> >> No matter what we decide, it would be good to make that explicit in the >> charter. >> > > I'd agree with Peter in general, but especially in this case - it seems > unhelpful to the working group to make them figure out whether to include > Class 1 devices in their work, after they've been chartered. > > Spencer > > >> >> Peter >> >> >>
- [MLS] WG Review: Messaging Layer Security (mls) The IESG
- Re: [MLS] [new-work] WG Review: Messaging Layer S… Peter Saint-Andre
- Re: [MLS] [new-work] WG Review: Messaging Layer S… Eric Rescorla
- Re: [MLS] [new-work] WG Review: Messaging Layer S… Peter Saint-Andre
- Re: [MLS] [new-work] WG Review: Messaging Layer S… Spencer Dawkins at IETF
- Re: [MLS] [new-work] WG Review: Messaging Layer S… Eric Rescorla
- Re: [MLS] [new-work] WG Review: Messaging Layer S… Spencer Dawkins at IETF