[secdir] EDHOC and Transports

Tero Kivinen <kivinen@iki.fi> Fri, 25 January 2019 14:35 UTC

Return-Path: <kivinen@iki.fi>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id E81D4128BCC for <secdir@ietfa.amsl.com>; Fri, 25 Jan 2019 06:35:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.421
X-Spam-Status: No, score=-3.421 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_NEUTRAL=0.779] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id KRBm2G_5w7W3 for <secdir@ietfa.amsl.com>; Fri, 25 Jan 2019 06:35:45 -0800 (PST)
Received: from mail.kivinen.iki.fi (fireball.acr.fi []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 69B6F128B01 for <secdir@ietf.org>; Fri, 25 Jan 2019 06:35:45 -0800 (PST)
Received: from fireball.acr.fi (localhost []) by mail.kivinen.iki.fi (8.15.2/8.15.2) with ESMTPS id x0PEZcAa006976 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 25 Jan 2019 16:35:38 +0200 (EET)
Received: (from kivinen@localhost) by fireball.acr.fi (8.15.2/8.14.8/Submit) id x0PEZbpe016415; Fri, 25 Jan 2019 16:35:37 +0200 (EET)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <23627.7865.796955.746573@fireball.acr.fi>
Date: Fri, 25 Jan 2019 16:35:37 +0200
From: Tero Kivinen <kivinen@iki.fi>
To: Jim Schaad <ietf@augustcellars.com>
Cc: secdir@ietf.org
In-Reply-To: <00ac01d4b46c$00f9de30$02ed9a90$@augustcellars.com>
References: <00ac01d4b46c$00f9de30$02ed9a90$@augustcellars.com>
X-Mailer: VM 8.2.0b under 25.1.1 (x86_64--netbsd)
X-Edit-Time: 9 min
X-Total-Time: 10 min
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/jl1LGm3upow500TUMi5HXQ2rTDw>
Subject: [secdir] EDHOC and Transports
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Jan 2019 14:35:48 -0000

Jim Schaad writes:
> 3. 6LoPan over IEEE 802.15.4:  This has a packet size of 127 bytes.  The
> maximum frame overhead size is 25 bytes allowing for 102 bytes of message
> space.   If one assumes 20 bytes of overhead for CoAP then this means a
> protocol packet size of 82 bytes.  If one needs to break the message across
> multiple packets then the maximum data size is going to be 64 bytes using
> CoAP blockwise options.

IEEE 802.15.9 which provides framework for providing key management
for IEEE 802.15.4 do provide its own fragmentation and reassembly
service, thus allows bigger packets to delivered between devices. When
802.15.9 was being specified we saw that support for larger packets in
KMP is needed than what 802.15.4 provides (note, that in some cases
the phy layer limits the packet size even more), and thats why we did
define a fragmentation and reassembly protocol there too. 

Currently specified key management protocols for 802.15.9 include
802.1X/MKA, HIP, IKEv2, PANA, Dragonfly, 802.11/4WH, 802.11/GKH, ETSI
TS 102 887-2. Someone would need to write specification how to use
EDHOC over 802.15.9 to make it usable there too. Another omission in
the KMPs provided by the 802.15.9 is the TLS, as nobody wanted to
write that specification. In the IEEE there is some plans of doing
amendment to the 802.15.9 which could include some new key management
protocols, depending who would be interesting to write the text...