Re: [Secdispatch] EDHOC Summary
Göran Selander <goran.selander@ericsson.com> Thu, 18 April 2019 07:47 UTC
Return-Path: <goran.selander@ericsson.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7CE9120094 for <secdispatch@ietfa.amsl.com>; Thu, 18 Apr 2019 00:47:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.023
X-Spam-Level:
X-Spam-Status: No, score=-1.023 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_EXCESS_BASE64=0.979, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I-x9TmQlKhbB for <secdispatch@ietfa.amsl.com>; Thu, 18 Apr 2019 00:47:22 -0700 (PDT)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-eopbgr80042.outbound.protection.outlook.com [40.107.8.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B3511120048 for <secdispatch@ietf.org>; Thu, 18 Apr 2019 00:47:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gIfdFR/+RKMwYyGTXwrWKYjKGxYnzUNOaTzW2CqmjDc=; b=Y0uEsC0ONHCKXi86NwyWAR3he5/FdarqpCPL1ctMXvRL6F+OWS1j8J5a6JDm8/1XUVJ7plnADNS1SEpCyPiVzfp3JlU25wazeiOYyvVZQ/r7z85QICGk912pS6cNLgSGT0yWdC4w9LL/Zxkc3WMo036Vxps7CYzkKM3bs2Cl7xg=
Received: from HE1PR07MB4172.eurprd07.prod.outlook.com (20.176.166.25) by HE1SPR01MB13.eurprd07.prod.outlook.com (10.170.251.161) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1813.10; Thu, 18 Apr 2019 07:47:18 +0000
Received: from HE1PR07MB4172.eurprd07.prod.outlook.com ([fe80::c587:c2ec:e227:84fd]) by HE1PR07MB4172.eurprd07.prod.outlook.com ([fe80::c587:c2ec:e227:84fd%4]) with mapi id 15.20.1835.007; Thu, 18 Apr 2019 07:47:18 +0000
From: Göran Selander <goran.selander@ericsson.com>
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, "Owen Friel (ofriel)" <ofriel@cisco.com>, Richard Barnes <rlb@ipv.sx>, Michael Richardson <mcr+ietf@sandelman.ca>
CC: Carsten Bormann <cabo@tzi.org>, "secdispatch@ietf.org" <secdispatch@ietf.org>, Martin Thomson <mt@lowentropy.net>
Thread-Topic: [Secdispatch] EDHOC Summary
Thread-Index: AQHU9bryBp4FMEo1v0OmeS0uE21muA==
Date: Thu, 18 Apr 2019 07:47:18 +0000
Message-ID: <8BCAAD78-74D7-414C-82B2-EFB98D711D1E@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.18.0.190414
authentication-results: spf=none (sender IP is ) smtp.mailfrom=goran.selander@ericsson.com;
x-originating-ip: [213.89.213.86]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 1332b7bd-193a-4d20-4b5c-08d6c3d21567
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600141)(711020)(4605104)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:HE1SPR01MB13;
x-ms-traffictypediagnostic: HE1SPR01MB13:
x-microsoft-antispam-prvs: <HE1SPR01MB13AFD79897E0671F44D89AF4260@HE1SPR01MB13.eurprd07.prod.outlook.com>
x-forefront-prvs: 0011612A55
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(366004)(376002)(396003)(346002)(39860400002)(199004)(189003)(40434004)(8936002)(2616005)(110136005)(54906003)(6436002)(6246003)(71200400001)(71190400001)(486006)(58126008)(83716004)(86362001)(316002)(66574012)(102836004)(6116002)(476003)(85202003)(26005)(3846002)(6506007)(25786009)(478600001)(53936002)(81166006)(81156014)(8676002)(6512007)(97736004)(4326008)(66066001)(2906002)(14454004)(36756003)(186003)(82746002)(5660300002)(68736007)(5024004)(85182001)(99286004)(7736002)(305945005)(14444005)(256004)(33656002)(229853002)(6486002); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1SPR01MB13; H:HE1PR07MB4172.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: xZaZ845f5LjCg2l+6FgUQUseiJl8yxm77qf6XvGzi3AsVlb+arX0C1i2XRpqO4z501IR3nZLWx4s57ThYhUwVePEiun9ygv2D4QHqheZoOqGXqmo3WaTlzAf3gjPd4Grh20L7qcqDviK9jKSq0BNyDCIizhkO3J5/7aNjCVNjCdQ70sgNNlx9Fgl86j70yKVxy2L7sXuKrNf1LVymV3UtEtWVZeDdTLluxXAhqeaKo+nQ5CzR3gbAKYinE+VK9RKk8c/4PHgOQBNTta5Bz5jNFIe8G9Yl0g+Ty+5nlQGVsi4WN5yVCgPFPcI1DId2XheThn+38U33K7i7DhHSy6btEF8aDVBFfIqTepZ0LWqKDQXC8qunb6Fh8Rme5PAqln/0zKQk5909a8IBRSzE4Z7iRUtn4fhRj/PRHBSlJDX6f0=
Content-Type: text/plain; charset="utf-8"
Content-ID: <2DCF198F7E51BD40BAE916DCE5211F73@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 1332b7bd-193a-4d20-4b5c-08d6c3d21567
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Apr 2019 07:47:18.7772 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1SPR01MB13
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/bet0Qb3l078IzPrWulImECJjEmE>
Subject: Re: [Secdispatch] EDHOC Summary
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Apr 2019 07:47:24 -0000
Hi Hannes, On 2019-04-16, 09:26, "Secdispatch on behalf of Hannes Tschofenig" <secdispatch-bounces@ietf.org on behalf of Hannes.Tschofenig@arm.com> wrote: > Richard Barnes <rlb@ipv.sx> wrote: > > I'd like to push back on this point. It may be that EDHOC has been around for > > a while and been well-socialized with the IoT crowd, but it is clearly > > deficient in several other types of maturity, e.g., robustness of formal > > analyses and state of implementations (AFAICT). I would like to point out that initially the work on EDHOC was intentionally not positioned as a TLS replacement (or even competitor). For years I was told that it is supposed to be used in addition to and on top of TLS. Fast forward a few years the story is very different now. [GS] The AKE for OSCORE clearly must support the same transport as OSCORE. From first individual submission to the approved version of OSCORE, the introduction section states that OSCORE may or may not be used over TLS/DTLS. (The approved version recommends the use of additional TLS for certain hops, but not over constrained networks.) OSCORE/AKE over TLS is similar to TLS over IPsec/IKEv2. Göran This type of positioning helps you to avoid dealing with a number of folks in the IETF (in this case with the TLS crowd) but it does not help in the long run. Ciao Hannes PS: FWIW this is not the first time this has happened. ANIMA wasn’t any different when the proponents claimed that IoT was out of scope. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
- [Secdispatch] EDHOC Summary Roman Danyliw
- Re: [Secdispatch] EDHOC Summary Jim Schaad
- Re: [Secdispatch] EDHOC Summary Michael Richardson
- Re: [Secdispatch] EDHOC Summary Alexey Melnikov
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Jim Schaad
- Re: [Secdispatch] EDHOC Summary Salz, Rich
- Re: [Secdispatch] EDHOC Summary John Mattsson
- Re: [Secdispatch] EDHOC Summary Kathleen Moriarty
- Re: [Secdispatch] EDHOC Summary Michael Richardson
- Re: [Secdispatch] EDHOC Summary Antonio Skarmeta
- Re: [Secdispatch] EDHOC Summary sandoche Balakrichenan
- Re: [Secdispatch] EDHOC Summary Benjamin Kaduk
- Re: [Secdispatch] EDHOC Summary DAN GARCIA CARRILLO
- Re: [Secdispatch] EDHOC Summary Stephen Farrell
- Re: [Secdispatch] EDHOC Summary Kathleen Moriarty
- Re: [Secdispatch] EDHOC Summary Carsten Bormann
- Re: [Secdispatch] EDHOC Summary Jesús Sánchez-Gómez
- Re: [Secdispatch] [core] EDHOC Summary Jari Arkko
- Re: [Secdispatch] [core] EDHOC Summary Pascal Thubert (pthubert)
- Re: [Secdispatch] [core] EDHOC Summary Laurent Toutain
- Re: [Secdispatch] [lp-wan] [core] EDHOC Summary ana minaburo
- Re: [Secdispatch] [lp-wan] [core] EDHOC Summary Renzo Navas
- Re: [Secdispatch] EDHOC Summary Roman Danyliw
- [Secdispatch] EDHOC Summary Blomqvist, Peter
- Re: [Secdispatch] EDHOC Summary Shahid Raza
- Re: [Secdispatch] EDHOC Summary Martin Thomson
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary John Mattsson
- Re: [Secdispatch] EDHOC Summary Christopher Wood
- Re: [Secdispatch] EDHOC Summary Martin Thomson
- Re: [Secdispatch] EDHOC Summary John Mattsson
- Re: [Secdispatch] EDHOC Summary Carsten Bormann
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Eric Rescorla
- Re: [Secdispatch] EDHOC Summary Richard Barnes
- Re: [Secdispatch] EDHOC Summary Eric Rescorla
- Re: [Secdispatch] EDHOC Summary Richard Barnes
- Re: [Secdispatch] EDHOC Summary Michael Richardson
- Re: [Secdispatch] EDHOC Summary Richard Barnes
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Tero Kivinen
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Tero Kivinen
- Re: [Secdispatch] EDHOC Summary Carsten Bormann
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Jim Schaad
- Re: [Secdispatch] EDHOC Summary Owen Friel (ofriel)
- Re: [Secdispatch] EDHOC Summary Hannes Tschofenig
- Re: [Secdispatch] EDHOC Summary Hannes Tschofenig
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Hannes Tschofenig
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Hannes Tschofenig
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Hannes Tschofenig
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Hannes Tschofenig
- Re: [Secdispatch] EDHOC Summary Göran Selander
- Re: [Secdispatch] EDHOC Summary Hannes Tschofenig
- Re: [Secdispatch] EDHOC Summary Benjamin Kaduk
- Re: [Secdispatch] EDHOC Summary Benjamin Kaduk
- Re: [Secdispatch] EDHOC Summary Benjamin Kaduk