Re: [Secdispatch] EDHOC Summary

"Pascal Thubert (pthubert)" <pthubert@cisco.com> Mon, 01 April 2019 12:06 UTC

Return-Path: <pthubert@cisco.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E27412010C; Mon, 1 Apr 2019 05:06:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=DF+D3qsL; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=e5HGa06n
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RMMU_q7pOjJQ; Mon, 1 Apr 2019 05:06:06 -0700 (PDT)
Received: from alln-iport-3.cisco.com (alln-iport-3.cisco.com [173.37.142.90]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9171C120100; Mon, 1 Apr 2019 05:06:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=15678; q=dns/txt; s=iport; t=1554120365; x=1555329965; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=N2LaIsPQDZ8wzpRUHGwFNcw5rU+M7rV0ufAzarxZx+4=; b=DF+D3qsLw5YKFJOviy9F8KI6Ef4ZtvYoCOoV7VgxvQxTXKFArj0iePrY UwGsiWGrXwP4VEomxNpmPeKnAk4iOtVU8uxyVjyyKzsIXMbOgP18rtm9i aDANrjulA4ooJaHjCLq0lZBNNZoAyFtpm3qyDKyiagNOsAEb4yfHxMGcd Q=;
IronPort-PHdr: =?us-ascii?q?9a23=3Ame0dwRDA/GyjNjhOcZhzUyQJPHJ1sqjoPgMT9p?= =?us-ascii?q?ssgq5PdaLm5Zn5IUjD/qs03kTRU9Dd7PRJw6rNvqbsVHZIwK7JsWtKMfkuHw?= =?us-ascii?q?QAld1QmgUhBMCfDkiuNOLqciY3BthqX15+9Hb9Ok9QS47z?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0ADAACS/aFc/5BdJa1jGQEBAQEBAQE?= =?us-ascii?q?BAQEBAQcBAQEBAQGBUQQBAQEBAQsBgQ4vUANodAQLJwqEBINHA4RSimCCV5J?= =?us-ascii?q?GhEmBLoEkA1QOAQEYAQwHg3pGAheFLCI0CQ0BAQMBAQkBAwJtHAyFSgEBAQE?= =?us-ascii?q?DAQEhChMBASwLAQ8CAQgRAQMBASgDAgICJQsUAwYIAgQBDQUIgxuBEUwDFQE?= =?us-ascii?q?CDJ8SAooUcYEvgnkBAQWBMQEDAw1BgnMYggwDBYEvAYsyF4FAP4FXgkw+gmE?= =?us-ascii?q?BAQIBARaBSSsJglQxgiaNA4QjlCcJAodvjAmQLoN+iz+GEY09AgQCBAUCDgE?= =?us-ascii?q?BBYFNODWBIXAVO4I4AQEyggqDboUUhT9yDIEcjhQBgR4BAQ?=
X-IronPort-AV: E=Sophos;i="5.60,296,1549929600"; d="scan'208,217";a="255796310"
Received: from rcdn-core-8.cisco.com ([173.37.93.144]) by alln-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 01 Apr 2019 12:06:04 +0000
Received: from XCH-ALN-018.cisco.com (xch-aln-018.cisco.com [173.36.7.28]) by rcdn-core-8.cisco.com (8.15.2/8.15.2) with ESMTPS id x31C64cL026714 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 1 Apr 2019 12:06:04 GMT
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by XCH-ALN-018.cisco.com (173.36.7.28) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 1 Apr 2019 07:06:03 -0500
Received: from xhs-aln-001.cisco.com (173.37.135.118) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 1 Apr 2019 07:06:03 -0500
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-001.cisco.com (173.37.135.118) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Mon, 1 Apr 2019 07:06:03 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector1-cisco-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=N2LaIsPQDZ8wzpRUHGwFNcw5rU+M7rV0ufAzarxZx+4=; b=e5HGa06nIcPqiK1pxKSjEQ76D4Pjd1f6S9shOHTB/wf8XdRgtA271Ajmo6CDy2dfzX5db3Afa48rdNmHzT+UP3RvUXJZDqM1zEnIkSaRraWVqrUQX5oikQc9JCU/y3Od4xr936hDfs8e7+GUzA6EhmADF0r7osa+a/AITyNv3Kg=
Received: from MN2PR11MB3565.namprd11.prod.outlook.com (20.178.250.159) by MN2PR11MB3663.namprd11.prod.outlook.com (20.178.253.96) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1750.17; Mon, 1 Apr 2019 12:06:01 +0000
Received: from MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::975:4644:7891:e2b1]) by MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::975:4644:7891:e2b1%3]) with mapi id 15.20.1750.017; Mon, 1 Apr 2019 12:06:01 +0000
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: =?utf-8?B?TWFsacWhYSBWdcSNaW5pxIc=?= <malisa.vucinic@inria.fr>, "Thomas Watteyne" <thomas.watteyne@inria.fr>
CC: "secdispatch@ietf.org" <secdispatch@ietf.org>, 6tisch <6tisch@ietf.org>, 6tisch-chairs <6tisch-chairs@ietf.org>
Thread-Topic: [Secdispatch] EDHOC Summary
Thread-Index: 3ogcPYDenFGsRTCB8gJNHpq5AmS495mYaAMAgAAi9lA=
Date: Mon, 1 Apr 2019 12:05:39 +0000
Deferred-Delivery: Mon, 1 Apr 2019 12:04:59 +0000
Message-ID: <MN2PR11MB35652FD7B081A56AFE3CC34DD8550@MN2PR11MB3565.namprd11.prod.outlook.com>
References: <1912967484.2862085.1553967089097.JavaMail.zimbra@inria.fr> <5BFE7704-2EF0-4F53-9299-299FEC3687D3@inria.fr>
In-Reply-To: <5BFE7704-2EF0-4F53-9299-299FEC3687D3@inria.fr>
Accept-Language: fr-FR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pthubert@cisco.com;
x-originating-ip: [173.38.220.57]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: fa2c5450-9aaa-4649-9264-08d6b69a68d9
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600139)(711020)(4605104)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(7193020); SRVR:MN2PR11MB3663;
x-ms-traffictypediagnostic: MN2PR11MB3663:
x-ms-exchange-purlcount: 11
x-microsoft-antispam-prvs: <MN2PR11MB36631210B3C9AB9C41074022D8550@MN2PR11MB3663.namprd11.prod.outlook.com>
x-forefront-prvs: 0994F5E0C5
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39860400002)(366004)(136003)(346002)(396003)(376002)(199004)(189003)(9686003)(14444005)(54906003)(99286004)(54896002)(55016002)(236005)(256004)(478600001)(25786009)(7736002)(33656002)(4326008)(53936002)(966005)(66066001)(81156014)(14454004)(68736007)(6436002)(229853002)(8936002)(6306002)(74316002)(110136005)(7696005)(106356001)(81166006)(26005)(105586002)(6506007)(53546011)(186003)(6116002)(606006)(6246003)(2906002)(8676002)(76176011)(52536014)(97736004)(486006)(11346002)(86362001)(5660300002)(71190400001)(71200400001)(476003)(6666004)(446003)(316002)(3846002)(66574012)(790700001)(102836004); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB3663; H:MN2PR11MB3565.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: bgLEBWoEXknbQ6VIShMeZoRiFw0Bjb+xd1rFgPQQnmTSv9LiGJR+KuYOMcXEcNn8aWCtz15vYlKpKm9z08AeRTbEus82uRVTPuAz0DdrSXcd6YaAVjMcpzJcjhJOG297P+HZFiE1u+E6bMfiTS0VHvQ7XzPqhODV7p21DrxIE8IT5xMY4Jb3eqh4skfSKLn7ntEye8iuxmrsXevhDTBnPL/MO03+eu7zJAHQZ4pzEetRZx0hmuqyYdZbIYyNh4WGhrQh777yxVmoUT5s2iTrbW0fgbFCGu2+x7RVbpW9XtW6xAh0TVGPg6fIFCVy3AZZ2AlREYYdj8o7eD/4iSdH7sbWA4yUWzbjmZg3YqjKcJIkZg9cS75Bx7nVCXD0hzKe9LrNCUVZJM0v2Ys1SkA8CRm8cB2db5nUI6CmkYJNFMI=
Content-Type: multipart/alternative; boundary="_000_MN2PR11MB35652FD7B081A56AFE3CC34DD8550MN2PR11MB3565namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: fa2c5450-9aaa-4649-9264-08d6b69a68d9
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Apr 2019 12:06:01.7990 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB3663
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.28, xch-aln-018.cisco.com
X-Outbound-Node: rcdn-core-8.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/E0M1msLAmkSACB6T6wcG5h28XXE>
Subject: Re: [Secdispatch] EDHOC Summary
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Apr 2019 12:06:09 -0000

Since I had the discussion privately, minimal security and edhoc were discussed at 6TiSCH at pretty much every meeting, plenary or interim, since around IETF 97.

The minutes for an IETF are located in https://datatracker.ietf.org/doc/minutes-xx-6tisch/ where xx is the IETF number.
See for instance IETF 98 https://datatracker.ietf.org/doc/minutes-98-6tisch/; one can also google https://www.google.com/search?client=firefox-b-d&q=6tisch+minutes+edhoc
There was also a side meeting at IETF 103, all reported in the minutes https://bitbucket.org/6tisch/meetings/wiki/181108_ietf103_bangkok

One may also consult the minutes from the 6TiSCH WiKi  https://bitbucket.org/6tisch/meetings/wiki/browse/ where all are stored since inception of the WG.

All the best,

Pascal

From: Mališa Vučinić <malisa.vucinic@inria.fr>
Sent: lundi 1 avril 2019 11:59
To: Thomas Watteyne <thomas.watteyne@inria.fr>
Cc: secdispatch@ietf.org; 6tisch <6tisch@ietf.org>rg>; 6tisch-chairs <6tisch-chairs@ietf.org>
Subject: Re: [Secdispatch] EDHOC Summary

+1

We are happy to contribute to this effort through feedback on the design, implementation for constrained devices and its evaluation in 6TiSCH networks.

Mališa

On 30 Mar 2019, at 18:31, Thomas Watteyne <thomas.watteyne@inria.fr<mailto:thomas.watteyne@inria.fr>> wrote:

The 6TiSCH WG has produced a set of documents [1,2] that specify the use of OSCORE to secure message exchanges at the application layer including network access. At the side meeting in Prague two years ago involving several ADs and WG chairs, the 6TiSCH chairs have indicated the need for an efficient authenticated key exchange protocol that we could use during the network access to key OSCORE. We have also restated this request at the SECDISPATCH interim a couple of weeks ago.

The EDHOC specification was discussed on numerous occasions during the 6TiSCH working group meetings and the approach on using it for the extension of [1] towards zero-touch [3] deployments had a wide consensus. We welcome the work in this area to be done, and strongly support any decision of the security ADs that leads to the fast progress of this specification.

[1] https://datatracker.ietf.org/doc/draft-ietf-6tisch-minimal-security/
[2] https://datatracker.ietf.org/doc/draft-ietf-6tisch-architecture/
[3] https://datatracker.ietf.org/doc/draft-ietf-6tisch-dtsecurity-zerotouch-join/

_______________________________________________
Secdispatch mailing list
Secdispatch@ietf.org<mailto:Secdispatch@ietf.org>
https://www.ietf.org/mailman/listinfo/secdispatch