Re: [Pidloc] Next Generation IoT authentication
Dirk.von-Hugo@telekom.de Mon, 04 October 2021 09:07 UTC
Return-Path: <Dirk.von-Hugo@telekom.de>
X-Original-To: pidloc@ietfa.amsl.com
Delivered-To: pidloc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A0FFC3A12F3 for <pidloc@ietfa.amsl.com>; Mon, 4 Oct 2021 02:07:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.549
X-Spam-Level:
X-Spam-Status: No, score=-2.549 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.452, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=telekom.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IY3FOiPieo_Z for <pidloc@ietfa.amsl.com>; Mon, 4 Oct 2021 02:07:45 -0700 (PDT)
Received: from mailout21.telekom.de (mailout21.telekom.de [194.25.225.215]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B2D0E3A12F4 for <pidloc@ietf.org>; Mon, 4 Oct 2021 02:07:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telekom.de; i=@telekom.de; q=dns/txt; s=dtag1; t=1633338464; x=1664874464; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=N1ilnxfOO1BeqDu+nt3FOjw2H+F2eEql82MiX1EZP24=; b=Aqv/oFdXZMRdJ3NwocVinWVqeUO4sLXr6Dk5hQU/avnYm915UNExx/9C BbVnwdEV2S3n02TcCZAoPSEJAPsiCFngqCe8gmNMbxk6+Tj3mwHtTf1Yh 9T6IjSpDwJnEhhVHXu6oyRN4h/mn0bZx1CKp/K4UEJs46h6cLBs1Y4+KI hih157NyXpvqpszOVcDNEcekCd+rM99yvYlMZ4drIB54tJJP7grfHTycV x1ahZDjto5wVA+j7vx5vQQKBrgmvyMvxKnk/iQRWpRDb94zrzeAU+rx7J nlLMhRQ8QrCOgnc5/7pxOuCn+8gwj8asUHGSOAaGRYFmXE4UoTgZ1HfrR Q==;
IronPort-SDR: fWkQrzmmkA79Vh054Sql3WdcUuJx9eOr7lUCDngwEKXL9LMxAMlkVDCS0IxK0L1V6hTgFW6pE7 OipODwh4dDdw==
IronPort-Data: A9a23:r/hgG6+ftKjnmJB+lW+qDrUDtHyTJUtcMsCJ2f8bNWPcYEJGY0x3zmEWW23SOPuLa2GheY1wO42090sF7cXTn4BmTwA5qy5gHilAwSbn6XR1DatR0xt/pqQvdWo/hyklQoSGfJ1cokP0/E/3a+G59SUkjMlke5KnYAL6EnEoLeNbYHd54f5Ts7ZRbr9A2bBVMSvU0T/Bi5G31Gue5tJBGjl8B5RvCP9YlK+aVDsw5jTSbB3Q1bPUvyF94Jk3fcldI5ZkK7S4ENJWR86bpF241lr10jx8VpWpn/DnN0wMXrPIOwGKzHFRXsBOgDAb/mprjf99bqdBLxsO49mKt4kZJNFlmZ2qSkE3OauJuPkSVDFEHiVzPqpDvrPKSZS6mZDLnxGdLiqzmZ2CC2lzZ+X04N1fCGVD5fUeJCoAKAiOm/i727mmYuZpj8UnasLsOesiVttIpd3CJe8qTJuSH+PG6JlEmTY2ms1UG//aIcEebFJSgN37S0UnEj8q5FgWxo9EXkXCTgA=
IronPort-HdrOrdr: A9a23:w4NuXqiuWmcQY+5Fh6PVzWsdCXBQXr8ji2hC6mlwRA09TyX4rbHMoB1173XJYVoqNU3I+urhBEDjex3hHPdOiOF7AV7FZmXbUQCTTb2Kg7GM/wHd
Received: from qdec94.de.t-internal.com ([10.171.255.41]) by MAILOUT21.dmznet.de.t-internal.com with ESMTP/TLS/ECDHE-RSA-AES128-GCM-SHA256; 04 Oct 2021 11:07:41 +0200
IronPort-SDR: DUgnWcmgONR7TC90pzZlrbtOsBIY1VP8V7pac9MGapRb082D/ArRAjeBjFv64pa29JEqCQDo13 hzZqj4zBvsplBPACEhwWKMfXeKzTebzzs=
X-IronPort-AV: E=Sophos;i="5.85,345,1624312800"; d="scan'208,217";a="409859111"
X-MGA-submission: MDHB1fM0bK0Q1U9jHHmL7eBBYZB+q81scfGr8qBHAunSoBPzwoDVja0L/uC3mNUKI6GzcYrhaIvgJlVfGOouqVpBwKkboOqaA7M8A+K+y+8wtjhOX34Gry+LRzrFu0WbtAt0ULEHJHz8qX2G5/AcOqpFiXcKZIT8dxkC3NnY/TQg+g==
Received: from he105717.emea1.cds.t-internal.com ([10.169.118.53]) by QDEC97.de.t-internal.com with ESMTP/TLS/ECDHE-RSA-AES128-SHA256; 04 Oct 2021 11:07:41 +0200
Received: from HE105716.EMEA1.cds.t-internal.com (10.169.118.52) by HE105717.emea1.cds.t-internal.com (10.169.118.53) with Microsoft SMTP Server (TLS) id 15.0.1497.23; Mon, 4 Oct 2021 11:07:31 +0200
Received: from HE106564.emea1.cds.t-internal.com (10.171.40.16) by HE105716.EMEA1.cds.t-internal.com (10.169.118.52) with Microsoft SMTP Server (TLS) id 15.0.1497.23 via Frontend Transport; Mon, 4 Oct 2021 11:07:31 +0200
Received: from DEU01-BE0-obe.outbound.protection.outlook.com (104.47.7.176) by O365mail01.telekom.de (172.30.0.234) with Microsoft SMTP Server (TLS) id 15.0.1497.23; Mon, 4 Oct 2021 11:07:28 +0200
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cKpT0L4JAOGhqQqW1zjC9U4h8BhsFbISaSn5S8mSS7vHWSZlikzeuJ2+JiXHwDeqgDoXS7i3YIkjNzj8TYZYfZVb2BQDe5HwwO09kF/iSIYVIrZha57TKUaMkThCkPcmobG1R9DIM8e87pHJsHX4IqFk8qCx0qvZzBTVqnypnvWwDsOmVyCfEjd3F0XHSRlrz7iM2RDK1Oyh9fk522SMRfVgZ8BBzuKuNYcNb/h2rYwZX8x3q9rSCulxClVQtwLvC5Vp03f5ZQCR9hDqQs+ZhsCqWP7GrdclWbCjGbczN8yWDQYMTGB6hucDMp5O7W/qbGD/SSpiTJGSyjfueuFsmQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=N1ilnxfOO1BeqDu+nt3FOjw2H+F2eEql82MiX1EZP24=; b=dlAPi3uS/WgS0jupNKTEHuksIj7YvxghZj72Pb84ERxMoN3O104UZghQVwBhLY3GJRjJh4A9/JsEOZlQ4NzW1iMLam5NFCHRfKQIxouA2bmoPAkiQYrdzup39hSqPJJVVQn9yst1uAlgyU/WE1aOfkxVbohvfucN+gVowKJNWoF9I02JV3PCPlar+HBe9Dk19QqI4bw79CVBztQ6dJpe6q6I1OMfOnsoSbuilipfYeSfdwMDFPkdaE/XyBkjZu0ATDxN4+Ocr86te31iIYbmeL9JKpa3XtFsZDCbVm62+h9IzzE95FpqGnQDu6goKTlAON1XuF8jepbOWTHbVw3Ntg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=telekom.de; dmarc=pass action=none header.from=telekom.de; dkim=pass header.d=telekom.de; arc=none
Received: from FR0P281MB0527.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:26::11) by FR3P281MB0331.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:32::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.9; Mon, 4 Oct 2021 09:07:30 +0000
Received: from FR0P281MB0527.DEUP281.PROD.OUTLOOK.COM ([fe80::5de0:562c:6c5e:4a46]) by FR0P281MB0527.DEUP281.PROD.OUTLOOK.COM ([fe80::5de0:562c:6c5e:4a46%8]) with mapi id 15.20.4587.016; Mon, 4 Oct 2021 09:07:30 +0000
From: Dirk.von-Hugo@telekom.de
To: alexandre.petrescu@gmail.com, pidloc@ietf.org
Thread-Topic: [Pidloc] Next Generation IoT authentication
Thread-Index: Ade4+RSpJV7ZhiwFRkSx/vsfoNASqAAAvckAAABYqYAAABkokA==
Date: Mon, 04 Oct 2021 09:07:30 +0000
Message-ID: <FR0P281MB05279E64F86802871D0CBFA3D1AE9@FR0P281MB0527.DEUP281.PROD.OUTLOOK.COM>
References: <FR0P281MB0527550B3547197CC3699E0CD1AE9@FR0P281MB0527.DEUP281.PROD.OUTLOOK.COM> <3ac5144b-ca42-9d3f-d85d-1fca03af9dd4@gmail.com> <c70e99f0-b5c1-45cd-2b42-4701f47cdf25@gmail.com>
In-Reply-To: <c70e99f0-b5c1-45cd-2b42-4701f47cdf25@gmail.com>
Accept-Language: de-DE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=telekom.de;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 99ac8a9d-5a8f-4597-7aef-08d987166537
x-ms-traffictypediagnostic: FR3P281MB0331:
x-microsoft-antispam-prvs: <FR3P281MB0331C95ED2F7AD44F8DC6553D1AE9@FR3P281MB0331.DEUP281.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: r0QmgqwUq7E8NjTrDVjnHRb6LJB0piDhNtmK0RD+ukoH5UAi6/c01eL7fJ+lZ6Y6pe4f+PuYoH+Z1nrKtRVUzK/PGFblze8tsz4YB27T9IS9aPB41Mf3xoYamgWTJlnozbLdxZF/5JXUqt0feJlpOz5Fk1sc/9rPjlWx9Ton8xkBkdbovfUdpHT7Jz6b3knFKoK7R9hneJZbo6+Tm3yQFoFoAxfQlVaJfpMeLPcqv+c8sLDkbabVSPJWnF/+5iQFGRO548u+judKs4nO+Bofm9FhXmrIvlPV0N6qHekq4BNkF1k+MXui52CZ6vzQpWjfHbdYs64nuV4qYRArS9Kp9MEl2jW5kbzPeK2UEjCqTu+PM+WiMS6bFs3FCwFnuZ+amHU7xLh8Kpb0v/9GAAvfW1L+XCpqrwS1l25GLZUTo0sq/ELFG8nnHS55kmTLo82uHWP9If5ozv0pNEc2g6nGUiA9pWRx/77pHePyrfrM5nSMJUuxvC8bpsIu2c5t6/usyaQn/6wCRQicaLb6RzB4zyqtcEzi+kMSMKOW9cszhqq1Niv7Ck8qg4csyQGLLsxFe5Bn8iJW+D6HmnvfnONeVG2w/zt9PUtg8TvYBV3Vu+xgf2wD8swoR0kPLTRB+FGCrmFV/KMpuEhVZw02u9dcZeh5+jC3P1mxOBUWOhVrF5ODaOaJ+ziBka1r5jKVKBIqnTyflO2zIfMqt/vRYDR0kbHCMkysRkf4OhgAR0Q9qeNFFxXTWrC7Qcb0nCKv+tVF5aXXGci6NzpIx6RqR/VcK02Oslwor8hcthuX2QzRy+M=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:FR0P281MB0527.DEUP281.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(366004)(33656002)(53546011)(8676002)(5660300002)(38070700005)(6506007)(316002)(110136005)(26005)(7696005)(8936002)(86362001)(66556008)(66574015)(83380400001)(71200400001)(66446008)(508600001)(52536014)(966005)(55016002)(64756008)(76116006)(186003)(2906002)(66946007)(66476007)(38100700002)(122000001)(9686003)(166002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: W12E2P2r+XVj5GTA4fll4PBIRiZYxglbS5VmdcyW5A7mYT9taRBA7LGN9JgSSWuIoVC+h+/xfUx5tD+GiNSwlLAWRpobq65hsF/dOqu+X5FYYqo4oijzbcYTyKkWRnpd+nEZK+AWCRun+yR6OrDgMpjYNmChut1oJ0h5CnnpaJHDbixvs3XPeWyMJPOiiha9neX0I1CBgXt2qCYEth/2nc4HzIRbVXbfVw549or42cNpozfz1hzkd2IonlLX/3QcdVdAzheMHc40s27TstlA8Aibyp5wmpFSJIXPSt1fhyhNkZdcw8yfM7bcGx6Av0i/y+SolKPULwP00nbZTdCd4H65DIO1Sp3i0bMa352h3S4WQ1b/XwY6qDROaad4pHrxwflCLtPtHaF5qJEpI7M2Lo2KtgKQye7yPDry8zhvCh6KPNFjH7OhnGebk0r8Vg+4yzsFweo1ZMZw1IDDPQPOmSfYyYZly+HFJMkMBMxOIyc06MWLwWbwLWqGOUgETdgPyeeauerLMqNns/59/qk9QKtYJCL1sBgp8QtUIaodOn3ISFqfmLpBDAYevBaUIV8rPw3tpWlR9Q1AlOmfC2CXFMBSw7YMRL4H31V8iBlzCOOt29u8P80aAjc7GibxLG7exRmq9B4yZVryjP+ICeKTG+s09JC2JTSuRCwL29ISXmvAvf/iofM7diiriHXKfTV0OAwW34LS1LPGH6mFpX71acyzlD5l7lVZvDeoOEfY352yXzIESumy+Vvl/lLw9IEyFwItLGlACLxmshE+D0oNlWuScQlCjK1Kwh1emhoP6c8TrkFJ2PRV5M5qipT6c/hnOmcDj/FT2BScNEUx0Ec6vfBVh4j47bjkIVMxYjVa9yShXMg67+FOVA1j+bnkujhF0oRNkzEJgmsAo8LUJhGAgwBbMZd1ZBzjQ01liZW68iL0TSWUQOsY3gzy6WydARWYpag85E+lqMr+cqwUQsF7hcTAk6uVJlAldipZnRh1rbd+o4Vx87UIY29s3+jcGMm8I+1lriePuKMy1btr0yUhv37EZDaS76i97qvYEpxW/07ZySOo6s2dtniOErZC+tN79vd87dhIl/16mK6o4xxn8QR4NBEfwgCMhUIDsmaWvLuSvcUp1sLdrP/KoePhXxjGEqgx3EHnpGK2zBYmd6oOAJb6kb2KEaPhdgwK3maf9HSQblxl2aMGw8s1i/BqK+k8y+k5rr1dM8SxwJKMx3ha432JaoMs0q9ydUTcjv9mD+r8iMIdjfaloaG8+yaHi7Ai8EFncEtetguU3Ee6spP3OiOAx+XyUBJzkLfNNDbBCTzrso0oJ7VTbQiNxeNi+aIx
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_FR0P281MB05279E64F86802871D0CBFA3D1AE9FR0P281MB0527DEUP_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: FR0P281MB0527.DEUP281.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 99ac8a9d-5a8f-4597-7aef-08d987166537
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Oct 2021 09:07:30.6084 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bde4dffc-4b60-4cf6-8b04-a5eeb25f5c4f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: sIEUShePkzE/j8BDHT/NsieoBdLqt6uD+e0RnYeEZ3YkKFDobCtVobmvG7di0FiKpLlnZB0ArdeGjzDjMKcjFBJdy1I/UWUC5l6jBbjYpRg=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: FR3P281MB0331
X-OriginatorOrg: telekom.de
Archived-At: <https://mailarchive.ietf.org/arch/msg/pidloc/cPS3Zhthpsc6ct86raHVLpBoKY0>
Subject: Re: [Pidloc] Next Generation IoT authentication
X-BeenThere: pidloc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: ssues in hardware based Internet of Things authentication <pidloc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pidloc>, <mailto:pidloc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pidloc/>
List-Post: <mailto:pidloc@ietf.org>
List-Help: <mailto:pidloc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pidloc>, <mailto:pidloc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Oct 2021 09:07:52 -0000
Hi Alex, thank you for the questions. As we see as an explorative topic surely existing authentication models as used for 4/5G and WiFi might be a good start point to evolve from towards whatever might be applicable for B5G (beyond 5G) … which is not yet clearly defined as we know. And of course the mechanisms should be at least as secure as existing multi-x procedures and not introduce new unresolvable security risks … 😉 Best Regards Dirk From: Pidloc <pidloc-bounces@ietf.org> On Behalf Of Alexandre Petrescu Sent: Montag, 4. Oktober 2021 10:54 To: pidloc@ietf.org Subject: Re: [Pidloc] Next Generation IoT authentication sorry, I just found out that there exist smoke detectors on 4G... sorry. Alex Le 04/10/2021 à 10:44, Alexandre Petrescu a écrit : Hi,Dirk, It is not clear to me whether this looks at: - user authentication in systems beyond 5G ? - authentication for IoT devices on 5G or on WiFi? - multiple factor and multiple device authentication in the recent Internet? (PC+smartphone at payment time, mandated by banks in Europem recently). Le 04/10/2021 à 10:25, Dirk.von-Hugo@telekom.de<mailto:Dirk.von-Hugo@telekom.de> a écrit : Dear all, as posted already last week on 6GIP ML we would like to discuss issues with authentication of IoT devices in future (e.g., beyond 5G) heterogeneous access networks as part of the need for new authentication models. We want to announce that the list description at https://www.ietf.org/mailman/listinfo/pidloc has been changed accordingly in order to better align with the most recent issues of interest on such user-independent authentication. You may also find some use cases here: https://futurenetworks.ieee.org/images/files/pdf/Webinars/2021_FNI_WiFi_6G.pdf (as, e.g., mentioned on slide 37) The slide is wrong. DEspite the usually accepted concept of a smoke detector connected on 5G (or 4G), there is no such thing. Smoke detectors have strong requirements on radio reachability, battery life and their operational cheking periodicity. 4G/5G are way out of these specs. What can there be are smoke detectors on WiFi or on Ethernet. At that point the 4G/5G drop out of the picture. Alex We are looking forward to your comments and ideas! Thanks! Best Regards Behcet & Dirk
- [Pidloc] Next Generation IoT authentication Dirk.von-Hugo
- Re: [Pidloc] Next Generation IoT authentication Alexandre Petrescu
- Re: [Pidloc] Next Generation IoT authentication Alexandre Petrescu
- Re: [Pidloc] Next Generation IoT authentication Dirk.von-Hugo