Re: [Sat] Version -02 of the SATP core protocol draft ---- FW: New Version Notification for draft-hargreaves-sat-core-02.txt
Thomas Hardjono <hardjono@mit.edu> Tue, 14 March 2023 14:36 UTC
Return-Path: <hardjono@mit.edu>
X-Original-To: sat@ietfa.amsl.com
Delivered-To: sat@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A7C2C14CF05 for <sat@ietfa.amsl.com>; Tue, 14 Mar 2023 07:36:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.896
X-Spam-Level:
X-Spam-Status: No, score=-6.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fWxYnfZAa24o for <sat@ietfa.amsl.com>; Tue, 14 Mar 2023 07:36:22 -0700 (PDT)
Received: from outgoing-exchange-7.mit.edu (outgoing-exchange-7.mit.edu [18.9.28.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 553D4C14E513 for <sat@ietf.org>; Tue, 14 Mar 2023 07:36:22 -0700 (PDT)
Received: from w92exedge3.exchange.mit.edu (W92EXEDGE3.EXCHANGE.MIT.EDU [18.7.73.15]) by outgoing-exchange-7.mit.edu (8.14.7/8.12.4) with ESMTP id 32EEa63g011388; Tue, 14 Mar 2023 10:36:16 -0400
Received: from oc11expo23.exchange.mit.edu (18.9.4.88) by w92exedge3.exchange.mit.edu (18.7.73.15) with Microsoft SMTP Server (TLS) id 15.0.1497.47; Tue, 14 Mar 2023 10:35:27 -0400
Received: from oc11expo23.exchange.mit.edu (18.9.4.88) by oc11expo23.exchange.mit.edu (18.9.4.88) with Microsoft SMTP Server (TLS) id 15.0.1497.42; Tue, 14 Mar 2023 10:35:54 -0400
Received: from oc11expo23.exchange.mit.edu ([18.9.4.88]) by oc11expo23.exchange.mit.edu ([18.9.4.88]) with mapi id 15.00.1497.042; Tue, 14 Mar 2023 10:35:54 -0400
From: Thomas Hardjono <hardjono@mit.edu>
To: Venkatraman Ramakrishna <vramakr2@in.ibm.com>, Denis Avrilionis <denis@compell.io>
CC: "sat@ietf.org" <sat@ietf.org>, Martin Hargreaves <martin.hargreaves@quant.network>, Rafael Belchior <rafael.belchior@tecnico.ulisboa.pt>, Claire Facer <Claire.Facer@quant.network>, Wes Hardaker <wjhns1@hardakers.net>
Thread-Topic: [Sat] Version -02 of the SATP core protocol draft ---- FW: New Version Notification for draft-hargreaves-sat-core-02.txt
Thread-Index: AQHZVGrrmnliUxNvdE+gp9am8GdQ+a73BnAA///oxB2AAEyugIADOuYA///ihT4=
Date: Tue, 14 Mar 2023 14:35:54 +0000
Message-ID: <26986aca1666420387c6bb0119af6338@oc11expo23.exchange.mit.edu>
References: <2dddee52ac644f0aa082e6216282b335@oc11expo23.exchange.mit.edu> <E1D2FB88-93EC-46C0-B472-F4842386A455@compell.io> <186368007b8641f4a6ec5a0470464b1a@oc11expo23.exchange.mit.edu> <5A829058-763B-4092-830D-253184447770@compell.io>, <BYAPR15MB22776309223DB56FD01FAB00B8BE9@BYAPR15MB2277.namprd15.prod.outlook.com>
In-Reply-To: <BYAPR15MB22776309223DB56FD01FAB00B8BE9@BYAPR15MB2277.namprd15.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [73.100.88.16]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/sat/Q-Qw71igRLuS1nbu9T9VF6PlXh4>
Subject: Re: [Sat] Version -02 of the SATP core protocol draft ---- FW: New Version Notification for draft-hargreaves-sat-core-02.txt
X-BeenThere: sat@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "The purpose of this mailing-list is to discuss the secure asset transfer \(SAT\) protocol and related aspects." <sat.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sat>, <mailto:sat-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sat/>
List-Post: <mailto:sat@ietf.org>
List-Help: <mailto:sat-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sat>, <mailto:sat-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Mar 2023 14:36:26 -0000
Thanks Rama, >>> Do we need the equivalent of an end-to-end (i.e., App-to-App) "transaction association reference" >>> created through an end-to-end negotiation (which would produce overhead)? Since most of this is out-of-scope for SATP, I think its is enough to say that somehow the Apps have established a "transaction association reference" between them out of band (OOB). (ps. an under-appreciated aspect of IPsec/IKE in RFC2401 is the separation of the Security Association (SA) establishment between the endpoints from the the usage of the SA, which permits IPsec to scale to several thousand channels/tunnels across the same pair of VPN gateways). >>> Would hop-to-hop (i.e., App-to-Gateway, G2G, G2A) not suffice, >>> especially since the initiator of the transfer and the sequence of the hops are unambiguous? It may be too complex to use the gateway G1 and G2 to establish a Transaction Association on behalf of App1 and App2, but I'm open to ideas :-) --thomas ________________________________________ From: Venkatraman Ramakrishna [vramakr2@in.ibm.com] Sent: Tuesday, March 14, 2023 8:12 AM To: Denis Avrilionis; Thomas Hardjono Cc: sat@ietf.org; Martin Hargreaves; Rafael Belchior; Claire Facer; Wes Hardaker Subject: RE: [Sat] Version -02 of the SATP core protocol draft ---- FW: New Version Notification for draft-hargreaves-sat-core-02.txt Denis, Can you elaborate on how "optimistic locking " would work, and how it would be immune to "double spending" hazards? Thomas, Do we need the equivalent of an end-to-end (i.e., App-to-App) "transaction association reference" created through an end-to-end negotiation (which would produce overhead)? Would hop-to-hop (i.e., App-to-Gateway, G2G, G2A) not suffice, especially since the initiator of the transfer and the sequence of the hops are unambiguous? Rama -----Original Message----- From: sat <sat-bounces@ietf.org> On Behalf Of Denis Avrilionis Sent: 12 March 2023 16:23 To: Thomas Hardjono <hardjono@mit.edu> Cc: sat@ietf.org; Martin Hargreaves <martin.hargreaves@quant.network>; Rafael Belchior <rafael.belchior@tecnico.ulisboa.pt>; Claire Facer <Claire.Facer@quant.network>; Wes Hardaker <wjhns1@hardakers.net> Subject: [EXTERNAL] Re: [Sat] Version -02 of the SATP core protocol draft ---- FW: New Version Notification for draft-hargreaves-sat-core-02.txt > Some question: > > (a) Is the contextID a common value shared only between an App and its gateway: eg. contextID1 is shared between App1 and G1 (and contextID2 between App2 and G2). > > or > > (b) Is the contextID a common value known to all 4 parties (for one transfer instance there is one contextID known to App1, App2, G1 and G2). IMO the contextID is unique for a specific transfer and encompasses the sessionID. It should be communicated to the network in order for the lock to be associated with the specific transfer of the specific Gateway (a reference to the contextID should be present inside the lock assertion). In a more general topic, we shall allow for implementations of “optimistic” locking for assets. Otherwise, the first gateway that locks an asset will hold the lock until SATP completes (commit or rollback). In other terms, this is a kind of pessimistic locking behaviour and in real-life cases, it would be very inefficient. > > > > One analogy that is well known to the IETF community is the Security Association (i.e. context at endpoints) using the IKE and IPsec protocols (for creating encrypted tunnels). > > In IPsec the endpoints (i.e. "VPN gateway") need to establish a Security Association (SA), which is separately negotiated using the IKE protocol. > > Part of the SA establishment is each side generating SPI values (Security Parameter Index) for the tunnel. > > Each VPN gateway then maintains their own SPI Database, which allows each endpoint to lookup in the database which key to apply to decrypt incoming traffic (encrypt outgoing traffic). There is a separate SPI for incoming traffic and for outgoing traffic. > > > In a sense, what we are talking about here is a kind of "Transaction Association" (TA) between the endpoints (which is App2 and App2). > > But this "Transaction Association" must be communicated down from the App to the gateway. The concept of context is also largely used in distributed transaction processing aiming at synchronising different data repositories. > > > > --thomas > > > > ________________________________________ > From: Denis Avrilionis [denis@compell.io] > Sent: Sunday, March 12, 2023 3:41 AM > To: Thomas Hardjono > Cc: sat@ietf.org; Martin Hargreaves; Rafael Belchior; Claire Facer; > Wes Hardaker > Subject: Re: [Sat] Version -02 of the SATP core protocol draft ---- > FW: New Version Notification for draft-hargreaves-sat-core-02.txt > > Hi Thomas, > > I proposed to present a message flow to cover the transfer context for our meeting 14 March. > @claire @wes please tell me if I can have 10’ to present on Tuesday. > > To my view the transaction context includes the session id so perhaps > we can refer to a transaction context ID throughout the flow, that > would be simpler than the couple <contextID, sessionID> > > -- > Denis > >> On 12 Mar 2023, at 00:46, Thomas Hardjono <hardjono@mit.edu> wrote: >> >> >> >> Folks, >> >> Attached below is the link to an update the core protocol draft. >> >> >> (a) The major updates to the draft : >> >> -- Uses the terms "Lock Assertion" and "Receipt" (instead of "Evidence"). >> >> -- Inclusion of an explicit "session_id" value in each message. >> >> -- The addition of a new subsection on the Commit-Ready message >> (which previously was not in draft-01) >> >> -- The message flows now matches our agreed flows in v16 of the color message-flow diagram PNG file (in our repo). >> >> >> >> (b) What was not added as yet (but text may be needed): >> >> The architecture draft-03 talks about a Context-ID, which is transfer-context information/parameter that App1 and App2 are assumed to have established in Stage 0 (which is out of scope for SATP). This occurs at the Application level/layer, before SATP gets kickstarted. >> >> The idea is that the Context-ID value could be (should be) bound somehow to the session_id so that the Applications can always see the progress of a transfer occurring between the two gateways. >> >> Because the App1 & App2 could have multiple independent transfers occurring simultaneously and some of those may be handled by the same pair of gateways G1 and G2, the combination of the <Context-ID, session_id> allows each transfer flow to be identifiable. >> >> We need to discuss this more, I think. >> >> >> >> Best >> >> --thomas >> >> >> ________________________________________ >> From: internet-drafts@ietf.org [internet-drafts@ietf.org] >> Sent: Saturday, March 11, 2023 5:29 PM >> To: Martin Hargreaves; Rafael Belchior; Thomas Hardjono >> Subject: New Version Notification for >> draft-hargreaves-sat-core-02.txt >> >> A new version of I-D, draft-hargreaves-sat-core-02.txt has been >> successfully submitted by Thomas Hardjono and posted to the IETF >> repository. >> >> Name: draft-hargreaves-sat-core >> Revision: 02 >> Title: Secure Asset Transfer Protocol (SATP) >> Document date: 2023-03-11 >> Group: Individual Submission >> Pages: 29 >> URL: https://www.ietf.org/archive/id/draft-hargreaves-sat-core-02.txt >> Status: https://datatracker.ietf.org/doc/draft-hargreaves-sat-core/ >> Htmlized: https://datatracker.ietf.org/doc/html/draft-hargreaves-sat-core >> Diff: https://author-tools.ietf.org/iddiff?url2=draft-hargreaves-sat-core-02 >> >> Abstract: >> This memo This memo describes the Secure Asset Transfer (SAT) >> Protocol for digital assets. SAT is a protocol operating between two >> gateways that conducts the transfer of a digital asset from one >> gateway to another. The protocol establishes a secure channel >> between the endpoints and implements a 2-phase commit to ensure the >> properties of transfer atomicity, consistency, isolation and >> durability. >> >> >> >> >> The IETF Secretariat >> >> >> -- >> sat mailing list >> sat@ietf.org >> INVALID URI REMOVED >> lman_listinfo_sat&d=DwIGaQ&c=jf_iaSHvJObTbx-siA1ZOg&r=r1mDXzFktk7OyWx >> Vu-FHM6wafgkdPRwRR-Ae__aieFY&m=kZRMMSwnnVYHzqPS3JGh7IEDKJJMggxESw3WGv >> GZluAbOowt2PR2OI5KAN6n_f97&s=e0pGXNZXCLaXw0BMGOS6qPQwzVNmyApy3e7Nz9I5 >> jKU&e= -- sat mailing list sat@ietf.org https://www.ietf.org/mailman/listinfo/sat
- [Sat] Version -02 of the SATP core protocol draft… Thomas Hardjono
- Re: [Sat] Version -02 of the SATP core protocol d… Denis Avrilionis
- Re: [Sat] Version -02 of the SATP core protocol d… Thomas Hardjono
- Re: [Sat] Version -02 of the SATP core protocol d… Denis Avrilionis
- Re: [Sat] Version -02 of the SATP core protocol d… Venkatraman Ramakrishna
- Re: [Sat] Version -02 of the SATP core protocol d… Thomas Hardjono