Re: [Secdispatch] EDHOC Summary
Hannes Tschofenig <Hannes.Tschofenig@arm.com> Thu, 18 April 2019 15:17 UTC
Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 353FE1203BF for <secdispatch@ietfa.amsl.com>; Thu, 18 Apr 2019 08:17:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0hTZbQuF18-w for <secdispatch@ietfa.amsl.com>; Thu, 18 Apr 2019 08:17:37 -0700 (PDT)
Received: from EUR02-AM5-obe.outbound.protection.outlook.com (mail-eopbgr00076.outbound.protection.outlook.com [40.107.0.76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 33A2A12036B for <secdispatch@ietf.org>; Thu, 18 Apr 2019 08:17:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector1-arm-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0ac62AM8QT4KIIbAegen9yuWik/LJxm1tAVqE2MS/ks=; b=caB3Jjv2iwELmq5kjX/nTVP7AXbXKwUPFTdApwqnuTnx5vZ6darn0DLF8XyLdQLntM3k+g2x9lsu6SIeOtYkGS+kRazZCrXL/RGMsO8W9t25B1xAUtE9HGnwPC+PwEoYsf7heULY9ixKbzQR8CABj1oNyAvM0ioP1UWKFpM8us0=
Received: from AM6PR08MB3686.eurprd08.prod.outlook.com (20.178.91.22) by AM6PR08MB3237.eurprd08.prod.outlook.com (52.135.164.142) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1813.11; Thu, 18 Apr 2019 15:17:34 +0000
Received: from AM6PR08MB3686.eurprd08.prod.outlook.com ([fe80::7025:fc8a:7d0a:cb91]) by AM6PR08MB3686.eurprd08.prod.outlook.com ([fe80::7025:fc8a:7d0a:cb91%3]) with mapi id 15.20.1813.011; Thu, 18 Apr 2019 15:17:34 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: Göran Selander <goran.selander@ericsson.com>, "Owen Friel (ofriel)" <ofriel@cisco.com>, Richard Barnes <rlb@ipv.sx>, Michael Richardson <mcr+ietf@sandelman.ca>
CC: Carsten Bormann <cabo@tzi.org>, "secdispatch@ietf.org" <secdispatch@ietf.org>, Martin Thomson <mt@lowentropy.net>
Thread-Topic: [Secdispatch] EDHOC Summary
Thread-Index: AQHU9bryBp4FMEo1v0OmeS0uE21muKZBv2TQgAA2YwD//97IsIAALWsA////GOCAACXmAP//4EBQ
Date: Thu, 18 Apr 2019 15:17:34 +0000
Message-ID: <AM6PR08MB36865A27F0D15A61D588D434FA260@AM6PR08MB3686.eurprd08.prod.outlook.com>
References: <8BCAAD78-74D7-414C-82B2-EFB98D711D1E@ericsson.com> <AM6PR08MB36860F9597EBB248142E357EFA260@AM6PR08MB3686.eurprd08.prod.outlook.com> <2C9EADDC-2221-4321-9DE1-688DD7F97D34@ericsson.com> <AM6PR08MB3686F22C994D48D399033701FA260@AM6PR08MB3686.eurprd08.prod.outlook.com> <0EE8E3B3-DCEE-4B23-8669-15F7080F73AF@ericsson.com> <AM6PR08MB36865E3D02DA93B49E2EF216FA260@AM6PR08MB3686.eurprd08.prod.outlook.com> <96AE0619-F977-42F1-8062-3FE9FECC6A13@ericsson.com>
In-Reply-To: <96AE0619-F977-42F1-8062-3FE9FECC6A13@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
x-originating-ip: [80.92.121.58]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 426563d5-8c52-4352-76e9-08d6c410fbdd
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600141)(711020)(4605104)(4618075)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:AM6PR08MB3237;
x-ms-traffictypediagnostic: AM6PR08MB3237:
x-microsoft-antispam-prvs: <AM6PR08MB3237267A7C1EF5AA0BEB25B2FA260@AM6PR08MB3237.eurprd08.prod.outlook.com>
x-forefront-prvs: 0011612A55
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(366004)(346002)(376002)(136003)(39860400002)(40434004)(13464003)(199004)(189003)(52536014)(68736007)(97736004)(14454004)(478600001)(76176011)(5660300002)(102836004)(6506007)(99286004)(316002)(81156014)(186003)(486006)(53546011)(3846002)(11346002)(446003)(25786009)(8936002)(81166006)(6116002)(26005)(4326008)(53936002)(2906002)(55016002)(6246003)(5024004)(256004)(14444005)(54906003)(229853002)(9686003)(8676002)(305945005)(86362001)(6436002)(71190400001)(72206003)(7696005)(476003)(110136005)(33656002)(71200400001)(66574012)(74316002)(93886005)(66066001)(7736002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM6PR08MB3237; H:AM6PR08MB3686.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 6L6b8vSmKuvAbXw8wNtnkFC3pfhqvywWhdr9/NRDg7KoyBviU1jaYIzaNXWmeCgRhe1/mWcDwmL5eGKsHqSVnbVNvaAyox1JYsOU/SIHc62WytNWsGAJaPTWKguBIWhai9EY0fDzQxvn4qRwn+2QpN80Lrd8ZT83OO0DHCR/FFt93/zXRaQbvs2OVCUzdArCbcI618rsrvk0Zs3PVl9j+J7KBeLaV7hgD1YKiVzKhX04oLavSmiDrgeDcUb+5CCDoZgr058bG2z8dMNN9KfO3uIVcsz0Zd03s6m27buQ4RPRlCpmX/bv8IvT2Tr3lWBV2TBYlViZ8N0FbC/iRoFXqMKHGudgSfwQZVpTvW2kasqi1ZT6tuaeGsif9qDPKsf8pBARzYCdp9EklvzZeUqRkpxkzcFxBE0+YHXHFwPvEhw=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 426563d5-8c52-4352-76e9-08d6c410fbdd
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Apr 2019 15:17:34.2869 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB3237
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/cnL0aRFHA9FbOK12ooOrH5PVD6k>
Subject: Re: [Secdispatch] EDHOC Summary
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Apr 2019 15:17:41 -0000
Hi Goeran, Do you notice there is a difference between "the AKE should support the same transport as OSCORE" and "The key exchange protocol must at least be able to travel the same path." Ignoring the difference between the 'should' and the 'must' I wonder whether I could run a DTLS/TLS handshake between the two endpoints and then derive keys for OSCORE and whether that would still be OK in your view. Ciao Hannes -----Original Message----- From: Göran Selander <goran.selander@ericsson.com> Sent: Donnerstag, 18. April 2019 17:08 To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>; Owen Friel (ofriel) <ofriel@cisco.com>; Richard Barnes <rlb@ipv.sx>; Michael Richardson <mcr+ietf@sandelman.ca> Cc: Carsten Bormann <cabo@tzi.org>; secdispatch@ietf.org; Martin Thomson <mt@lowentropy.net> Subject: Re: [Secdispatch] EDHOC Summary On 2019-04-18, 16:55, "Hannes Tschofenig" <Hannes.Tschofenig@arm.com> wrote: Hi Goeran, > [GS] The context is this: OSCORE is deployed over a number of hops with different transports. The key exchange protocol must at least be able to travel the same path. This is now a different requirement than stated previously. We are making progress. [GS] No, this is the requirement "the AKE should support the same transport as OSCORE". That does not exclude that the AKE supports other transport. Göran IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
- [Secdispatch] EDHOC Summary Roman Danyliw
- Re: [Secdispatch] EDHOC Summary Jim Schaad
- Re: [Secdispatch] EDHOC Summary Michael Richardson
- Re: [Secdispatch] EDHOC Summary Alexey Melnikov
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Jim Schaad
- Re: [Secdispatch] EDHOC Summary Salz, Rich
- Re: [Secdispatch] EDHOC Summary John Mattsson
- Re: [Secdispatch] EDHOC Summary Kathleen Moriarty
- Re: [Secdispatch] EDHOC Summary Michael Richardson
- Re: [Secdispatch] EDHOC Summary Antonio Skarmeta
- Re: [Secdispatch] EDHOC Summary sandoche Balakrichenan
- Re: [Secdispatch] EDHOC Summary Benjamin Kaduk
- Re: [Secdispatch] EDHOC Summary DAN GARCIA CARRILLO
- Re: [Secdispatch] EDHOC Summary Stephen Farrell
- Re: [Secdispatch] EDHOC Summary Kathleen Moriarty
- Re: [Secdispatch] EDHOC Summary Carsten Bormann
- Re: [Secdispatch] EDHOC Summary Jesús Sánchez-Gómez
- Re: [Secdispatch] [core] EDHOC Summary Jari Arkko
- Re: [Secdispatch] [core] EDHOC Summary Pascal Thubert (pthubert)
- Re: [Secdispatch] [core] EDHOC Summary Laurent Toutain
- Re: [Secdispatch] [lp-wan] [core] EDHOC Summary ana minaburo
- Re: [Secdispatch] [lp-wan] [core] EDHOC Summary Renzo Navas
- Re: [Secdispatch] EDHOC Summary Roman Danyliw
- [Secdispatch] EDHOC Summary Blomqvist, Peter
- Re: [Secdispatch] EDHOC Summary Shahid Raza
- Re: [Secdispatch] EDHOC Summary Martin Thomson
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary John Mattsson
- Re: [Secdispatch] EDHOC Summary Christopher Wood
- Re: [Secdispatch] EDHOC Summary Martin Thomson
- Re: [Secdispatch] EDHOC Summary John Mattsson
- Re: [Secdispatch] EDHOC Summary Carsten Bormann
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Eric Rescorla
- Re: [Secdispatch] EDHOC Summary Richard Barnes
- Re: [Secdispatch] EDHOC Summary Eric Rescorla
- Re: [Secdispatch] EDHOC Summary Richard Barnes
- Re: [Secdispatch] EDHOC Summary Michael Richardson
- Re: [Secdispatch] EDHOC Summary Richard Barnes
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Tero Kivinen
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Tero Kivinen
- Re: [Secdispatch] EDHOC Summary Carsten Bormann
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Jim Schaad
- Re: [Secdispatch] EDHOC Summary Owen Friel (ofriel)
- Re: [Secdispatch] EDHOC Summary Hannes Tschofenig
- Re: [Secdispatch] EDHOC Summary Hannes Tschofenig
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Hannes Tschofenig
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Hannes Tschofenig
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Hannes Tschofenig
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Hannes Tschofenig
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Hannes Tschofenig
- Re: [Secdispatch] EDHOC Summary Benjamin Kaduk
- Re: [Secdispatch] EDHOC Summary Benjamin Kaduk
- Re: [Secdispatch] EDHOC Summary Benjamin Kaduk