IETF Logo Mail Archive

Re: [Secdispatch] EDHOC Summary

Göran Selander <goran.selander@ericsson.com> Thu, 18 April 2019 15:30 UTC

Return-Path: <goran.selander@ericsson.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E78112038E for <secdispatch@ietfa.amsl.com>; Thu, 18 Apr 2019 08:30:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.023
X-Spam-Level:
X-Spam-Status: No, score=-1.023 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_EXCESS_BASE64=0.979, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NhEO_tkUqXzV for <secdispatch@ietfa.amsl.com>; Thu, 18 Apr 2019 08:30:27 -0700 (PDT)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-eopbgr80049.outbound.protection.outlook.com [40.107.8.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C257E12008D for <secdispatch@ietf.org>; Thu, 18 Apr 2019 08:30:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4mMZo+KTxiQyvVCY15zokgaU0BecSMwHrsPX6ZrLSjY=; b=MjBv82PfRBIC2yHATwuKwi63+O0eSkZbknhP7M4kfqZHsbQK74n88Xaar6EI66yv6hdjvSn1MZ3xdaUkIpS6yOoV4+vOEeClAiDgMAUFFnrjwZc7nj42+olr06XPlqS6KiKSwWrMMrw8MzmwWqGE78gkFzTRoIdECkTf2AX/Hes=
Received: from HE1PR07MB4172.eurprd07.prod.outlook.com (20.176.166.25) by HE1PR07MB3497.eurprd07.prod.outlook.com (10.170.247.156) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1835.7; Thu, 18 Apr 2019 15:30:23 +0000
Received: from HE1PR07MB4172.eurprd07.prod.outlook.com ([fe80::c587:c2ec:e227:84fd]) by HE1PR07MB4172.eurprd07.prod.outlook.com ([fe80::c587:c2ec:e227:84fd%4]) with mapi id 15.20.1835.007; Thu, 18 Apr 2019 15:30:23 +0000
From: Göran Selander <goran.selander@ericsson.com>
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, "Owen Friel (ofriel)" <ofriel@cisco.com>, Richard Barnes <rlb@ipv.sx>, Michael Richardson <mcr+ietf@sandelman.ca>
CC: Carsten Bormann <cabo@tzi.org>, "secdispatch@ietf.org" <secdispatch@ietf.org>, Martin Thomson <mt@lowentropy.net>
Thread-Topic: [Secdispatch] EDHOC Summary
Thread-Index: AQHU9bryBp4FMEo1v0OmeS0uE21muKZBv2TQgAA2YwD//97IsIAALWsA////GOCAACXmAP//4EBQAATD4gA=
Date: Thu, 18 Apr 2019 15:30:23 +0000
Message-ID: <A265669C-FE58-4152-A104-1F79A79C811C@ericsson.com>
References: <8BCAAD78-74D7-414C-82B2-EFB98D711D1E@ericsson.com> <AM6PR08MB36860F9597EBB248142E357EFA260@AM6PR08MB3686.eurprd08.prod.outlook.com> <2C9EADDC-2221-4321-9DE1-688DD7F97D34@ericsson.com> <AM6PR08MB3686F22C994D48D399033701FA260@AM6PR08MB3686.eurprd08.prod.outlook.com> <0EE8E3B3-DCEE-4B23-8669-15F7080F73AF@ericsson.com> <AM6PR08MB36865E3D02DA93B49E2EF216FA260@AM6PR08MB3686.eurprd08.prod.outlook.com> <96AE0619-F977-42F1-8062-3FE9FECC6A13@ericsson.com> <AM6PR08MB36865A27F0D15A61D588D434FA260@AM6PR08MB3686.eurprd08.prod.outlook.com>
In-Reply-To: <AM6PR08MB36865A27F0D15A61D588D434FA260@AM6PR08MB3686.eurprd08.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.18.0.190414
authentication-results: spf=none (sender IP is ) smtp.mailfrom=goran.selander@ericsson.com;
x-originating-ip: [213.89.213.86]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: bac71b44-5371-4e84-024c-08d6c412c641
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600141)(711020)(4605104)(2017052603328)(7193020); SRVR:HE1PR07MB3497;
x-ms-traffictypediagnostic: HE1PR07MB3497:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <HE1PR07MB3497BEE3B64BD06565E8269CF4260@HE1PR07MB3497.eurprd07.prod.outlook.com>
x-forefront-prvs: 0011612A55
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(346002)(376002)(136003)(366004)(39860400002)(396003)(40434004)(189003)(199004)(13464003)(99286004)(14444005)(256004)(6246003)(102836004)(2906002)(66066001)(82746002)(85202003)(54906003)(4326008)(36756003)(5024004)(110136005)(5660300002)(8936002)(478600001)(68736007)(966005)(6436002)(14454004)(305945005)(53546011)(6506007)(7736002)(97736004)(26005)(6512007)(76176011)(6306002)(25786009)(71200400001)(71190400001)(446003)(486006)(85182001)(33656002)(186003)(93886005)(476003)(2616005)(86362001)(66574012)(229853002)(53936002)(83716004)(58126008)(6486002)(11346002)(316002)(8676002)(81166006)(81156014)(3846002)(6116002); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR07MB3497; H:HE1PR07MB4172.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: am2HeFvTW2YIGxnVgGjLAMdcOENM0GW78YBofuiitvdy3K0QzVJWbCpVwj5w/1SuOtpkg7JWFM5RBRBXth4Mr4w6l9vfum0VpdItVXGUY10FboVRv2DGY1JKmvU4fIx6XLwzJJehz3aptw68ESbH9R35ZG92Wu2hu982lBtEjhpK5g/hOrGmN7nXTZgs9wRakB+eGSe8c19cScxG/T06HX23gEcNiqAupYskIqU2Ss9ocow6nv+H7xhhhBgMnKdnmsNifHhU0OipA14/k9RSJNApgVGNralLh5ybuBhK3fX3BuiBaY0aVKhq8d3zSlZ8FQcB7e/6gqwPl80O8VizD8GduQ5SG39nN2VssrF5g63ZTucTQD65XSA2zkx9jMuIbEvnmIYVQ5WiC818SC+PJK0pWOJNPaiJZ4oJ/np/h7M=
Content-Type: text/plain; charset="utf-8"
Content-ID: <A095E79046873F4AB6AF27C4A7C98749@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: bac71b44-5371-4e84-024c-08d6c412c641
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Apr 2019 15:30:23.2967 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB3497
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/IRVM8KY5dtqc9bYDr6oVQpUtr-o>
Subject: Re: [Secdispatch] EDHOC Summary
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Apr 2019 15:30:29 -0000

Hi Hannes,

Why don't you and I celebrate Easter together? We will be staying in a nice place, you are welcome to join for endless discussions __

On 2019-04-18, 17:17, "Secdispatch on behalf of Hannes Tschofenig" <secdispatch-bounces@ietf.org on behalf of Hi Hannes.Tschofenig@arm.com> wrote:

    Hi Goeran,
    
    Do you notice there is a difference between
    
    "the AKE should support the same transport as OSCORE"
    
    and
    
    "The key exchange protocol must at least be able to travel the same path."
    
    Ignoring the difference between the 'should' and the 'must' 

[GS] Sure, there is no grading of the requirements.

I wonder whether I could run a DTLS/TLS handshake between the two endpoints and then derive keys for OSCORE and whether that would still be OK in your view.

[GS] Yes, if over the same transport. 

Göran

    
    -----Original Message-----
    From: Göran Selander <goran.selander@ericsson.com>
    Sent: Donnerstag, 18. April 2019 17:08
    To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>; Owen Friel (ofriel) <ofriel@cisco.com>; Richard Barnes <rlb@ipv.sx>; Michael Richardson <mcr+ietf@sandelman.ca>
    Cc: Carsten Bormann <cabo@tzi.org>; secdispatch@ietf.org; Martin Thomson <mt@lowentropy.net>
    Subject: Re: [Secdispatch] EDHOC Summary
    
    
    
    On 2019-04-18, 16:55, "Hannes Tschofenig" <Hannes.Tschofenig@arm.com> wrote:
    
        Hi Goeran,
    
        > [GS] The context is this: OSCORE is deployed over a number of hops with different transports. The key exchange protocol must at least be able to travel the same path.
    
        This is now a different requirement than stated previously. We are making progress.
    
    [GS] No, this is the requirement "the AKE should support the same transport as OSCORE". That does not exclude that the AKE supports other transport.
    
    Göran
    
    
    IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
    _______________________________________________
    Secdispatch mailing list
    Secdispatch@ietf.org
    https://www.ietf.org/mailman/listinfo/secdispatch

v2.23.0 | Report a Bug | By Email