IETF Logo Mail Archive

Re: [T2TRG] [core] Quick Doodle T2TRG security topics (Re: New topic for T2TRG?)

Göran Selander <goran.selander@ericsson.com> Mon, 20 December 2021 15:54 UTC

Return-Path: <goran.selander@ericsson.com>
X-Original-To: t2trg@ietfa.amsl.com
Delivered-To: t2trg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B471F3A0D9A for <t2trg@ietfa.amsl.com>; Mon, 20 Dec 2021 07:54:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.801
X-Spam-Level:
X-Spam-Status: No, score=-2.801 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.701, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tqfXW-C1XW7A for <t2trg@ietfa.amsl.com>; Mon, 20 Dec 2021 07:54:03 -0800 (PST)
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-db5eur01lp2057.outbound.protection.outlook.com [104.47.2.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E7BD3A0F0F for <t2trg@irtf.org>; Mon, 20 Dec 2021 07:54:03 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mHAy4HgvVLt8+YAepRwY1hkDejrAkal70CB3Nza8AeRg6zF5aYREbUaKpjj6KpvNTuBmq7B+4IM6Uv2OFeA81VDxzbDRDqDHUl7VPfuJn6LIjbamYDFc4nwNoq/y54tEN+k2Wsn6b2DeFlOYijfc20xTaVEBdHcc1LHFAoA3c1aoElKlctm2hVI3RdasX6/A0AcL1jm1mJqMnZCb26xM3vxk1yCxbt5VMAOA2StMy+Ims+R8kFILYiTfRtcWSLatrXLgnSEm7F3TNhcEPYOgEaKP2ex0lRjHQ2oGuyUHDWF7uz5K+K3W5GPdJ/TIA8oeJYHnN4brCvg8fnvruX2Uyw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=3mtdXnuZtbR9BOWEm5792IUKGeaIlMWTYPvQCICz+u8=; b=l59gxpd/z5FmFW5jMlxnsLKSO67YsninEO/rPlk5PUYmtcifktPuJd5YTJDdkQasvqiP369r08tjWtr6pVZLup/qWuWGcNbYI+2zsDAkRNxWj512cxJV4Br1+eQS2pdfxHnmxY8bKu60K3OnSJRXOshTFLtnxJvkb32GUYBHIjz86iwJ/qie6VT9Uk/xmp9xZkxqt5P7bTlZVPCbkeuLOMwRvViMv2NUI97mHRCBgMHtzOeEUShk5XO1s2tgWaBh3kV6B7Cpgf8bfayLlZLSVHLhTApAQBgaWSxELhHuxkZ8bFxCz2527tLMN7tWZzGE8wLEJjG58WOw4lgZ6uKGhA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3mtdXnuZtbR9BOWEm5792IUKGeaIlMWTYPvQCICz+u8=; b=skRymqW272eTrV9bPwILrVCSPdNy+lPAsdEGYDpyZ8vKpZVsDRdqFK9Hrkc2sGtxTLw24DCDysXkcW7YRCOhP+1lkyU2v/QtsGD5KD8lOqYMI3KO9p11ZlitswoiOKLtywt9AqomWIgH8oC7YwJ5azcX+GJltPUvXu58QsGv4jI=
Received: from AM4PR0701MB2195.eurprd07.prod.outlook.com (2603:10a6:200:45::6) by VI1PR07MB3296.eurprd07.prod.outlook.com (2603:10a6:802:23::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4823.14; Mon, 20 Dec 2021 15:53:58 +0000
Received: from AM4PR0701MB2195.eurprd07.prod.outlook.com ([fe80::90a9:5a2d:efb8:744b]) by AM4PR0701MB2195.eurprd07.prod.outlook.com ([fe80::90a9:5a2d:efb8:744b%4]) with mapi id 15.20.4823.014; Mon, 20 Dec 2021 15:53:58 +0000
From: Göran Selander <goran.selander@ericsson.com>
To: Michael Richardson <mcr@sandelman.ca>, Carsten Bormann <cabo@tzi.org>, "t2trg@irtf.org" <t2trg@irtf.org>, "core@ietf.org" <core@ietf.org>
Thread-Topic: [core] Quick Doodle T2TRG security topics (Re: [T2TRG] New topic for T2TRG?)
Thread-Index: AQHX9YWfUbDLzPibKEGO3FVg10ZGi6w7d+yAgAAJzuA=
Date: Mon, 20 Dec 2021 15:53:58 +0000
Message-ID: <AM4PR0701MB2195A52DA79B1E88364BCAD7F47B9@AM4PR0701MB2195.eurprd07.prod.outlook.com>
References: <YYkUABLfpU/SRaxX@hephaistos.amsuess.com> <YYqfI38dg8035RLn@hephaistos.amsuess.com> <YZPGVxFc7AvdYXNB@hephaistos.amsuess.com> <AM4PR0701MB21955D1AB35A1A335B5EFDD0F4669@AM4PR0701MB2195.eurprd07.prod.outlook.com> <97ED3090-7BBA-4ED8-B50B-26C5AC863EB5@tzi.org> <25576.1640012067@localhost>
In-Reply-To: <25576.1640012067@localhost>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 7c46c160-e0cf-495e-cf81-08d9c3d0ef56
x-ms-traffictypediagnostic: VI1PR07MB3296:EE_
x-microsoft-antispam-prvs: <VI1PR07MB3296EF3F1B0F425F79181B25F47B9@VI1PR07MB3296.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: yTDMOGzKZSpVzKSRXrVqnWpLSduIgJinXNBSkf18IpIHxDxRyh2j5ftf/DzZbb5P6kgnKXyrop+7Tkh3QtDNrCSlbLDUKuoXS931Gp554BwETlqb7jDr+2tZ7XqL0PcZO8FEOqPlg2aIfpu+gGpMlqkbGABr6dUL8ghqbUDmjfB4KKhC94gQy+jsbIeCrgncvd5b+Wvs/qZ4Fb0pOwK3KqFf1xa5DgNjKIbrPRB5MxotWMwrW0O9LIFFZ9n13FGjGSDO+V15B/+ddJM0Lizpss+qqWmeCS8VQHgadIwMds5IsXmvMSqR7ZtQxCg0zscMYwf3J5CsWY+/NxnOW8Me8amdeli4Z9vfesH++3ClnJ+L4FJvUoGtscXDb9BOBldDGX26dSoxfx3K0VVX5d59WKlje0wqesu/BH9nkBpi2BtaydB40gslPAC2aTriL+QEE9X+S7nn2Gc+WjaZR4OcZqMwvKkA/7+xzB0EBYCugifNr9iM18rpSB6cuzZC2J9IWsR35TZXtdgPdQGpepX/mIukOSYih+1Bazpy8we22gvaWMLn+pXA+3uZnJ6C/xYwjhfkkQtxkSUN0EffiKSEprRbvvPPQ+53CLurRMVbgUt8wQUBzSTnUq2L7AZbejX3SgXaK84uzxZHDdaGqSuT1qV8kc+B5ZCbKKsdN1LeWaLHubmE0jjOdz37lNA5doVCfKLiA84LyeSr3H3b/z74iqG6IDlJW6N4ohKZOWKOrfQwhrq5aKlOvdSndGbl4hMvGbC1kOtgFbfk6TkXlJD4919394w4tgPfrkK71vf+1R6UzIP7nMH5/PT/iCxtObeu65d+o8i2PSS0eTinAzmp+A==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM4PR0701MB2195.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(7696005)(6506007)(38070700005)(64756008)(71200400001)(66556008)(86362001)(66476007)(66446008)(52536014)(66946007)(76116006)(91956017)(8936002)(83380400001)(316002)(110136005)(66574015)(55016003)(8676002)(966005)(508600001)(9686003)(166002)(38100700002)(122000001)(26005)(186003)(82960400001)(33656002)(15650500001)(2906002)(5660300002)(20210929001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: U7wdF0bhtrWfV6G63rvHrukouqX41uuOV3RLkmswSJmOtRwzdQ+7xH1Qn0kK0yYT697c05q83GbbgCdYVFydn3CT+8J1winFp6hRLW3HCm1GU96CB3bpAUeCXcQSFseWtpdjffh6295FWoZmSpXJmzZSfpJ7An0TbansMteoXTPhf9U3AdVHKtzd4j5v+XfwAZSXVbMYqweMyOnwI2rq+j+Ttxnm26okuCBP7zj668EX3HXtDyaEgY4lEbxlBMGUd+6sfdHdWeB3bYiyWc9T84pih60Dm4Xqma2/Z6sA6QMjfKShalsX3Czj0aSXHaobbDnW87BGAtIndj9G/ITjXUgsVrrSye7kN/sEQ2CAIcW4ok5QYuxE1do06srQ/LKhlg3AVnaVT6PmxsFaNfdCf/DbOTPje6sFGIc5naI+7ZnV41m9rUwhkZxwvovwKbfpY8Q18j0XuMWyxJkW7klki4OSITXCvnXejAf9CYRB/v+4hzqx8edp6WNOdyHDrod+gGx6O6y9AnTQKyrGJ7ABlJJOBD4quuGM50nKgp6YHRVyMh5C2HnuMUJykVrM+q0VzReyo32R2Q3Es2EcfcZm50AjsYRbzXhte0F03Z6ju83VtCiyjTZdyZv6nbFHOmrpvOPSCEwmPeRB3tYYK0hjWw5KR47joytZMpdr3NBSXkFNGYdtdFgJ9E6ROjPUafDSnt3QFmfCtYlq9UA1fBFsclZuXz7WYkP+4obydVUKoN6Qx24QQx2qHxJe6Lgldz9N9VsBaqojDBNhQP24bOtw9M8H1cGc5C2NjFcWK4scVcBfoyZstf/gJ0z8i5hg32UMX1QPpc55YadGdTn28fXpu8SCV2/le4UbzUhe10P7Gxp66fmnRIHWS48obUD8CRrxLVMpc8DjOUnW+CBjuBas4CmzHfmWIyjH2QmFOLOSztRUtKpL2ZS9NYKpPyicJqh/9s6YfhKh2wuqKY+2gfLe0zhQW7dXlBx764T2gsYzhFczuMl1umDZ7d115gRv2kesSMm9k2naZYCX0CjQWCagQqLfo/0LyPSIuc7QirGtbvMTJIlRuFyWb6p+1Ae/EceduAt9x01depbvw6BDrEqDAsKLxcrLD+D73BSr73TWbou4Cij8/e5ypipT6C7f2AOeJW6EEuRcZLzD0cN5PXA85Malq3TyO36y0N4+SMWl+69etK/fLZqsHkRBxrD0uu9yjDJ0uWxXnlVwHXue8Ts2uQX7EW9/c/5jZs/hkp7wwUfFQ0pmYLlKbPDRiju/EFQOdQglA+SHSYfKS/YqhVB0/caSimoZ1m3cciEvd0p+UcTminHt6cRhCxY7LYAFcAwFmZqmKeoVT5BzbA0SmrCrWQz1HREnsAKP7uaEZThd4UvnMF5PlRx9N92IHvKmM5C8UOmOk+A6z+a5LQadxL1S570pbxHDon8bku/KjB/tFc8ADV8jPhK0ELxzSsXF22Dvnpvm+BYWVEF1HBvGOi6j85PbT8k1j65MqLGse56RC7bbSJA2aJnKar2rhl0FrkjjWS8kR+rXyGO47Vxcqklb5HJlN09Ya3v6KTSeo3W8xPs8OtDT2OWbohwMeXJe6Qs5ktbsCV2MMtyOjdwDkQ6O/nwLjHpBjW4bFuj/K4y9oPp+WUe8u+djZ0hhbX6wKbNwH0V3PbXf/dCsEsW8QyiZ0uwH8i8/EJVmFNQnnvL99D8=
Content-Type: multipart/alternative; boundary="_000_AM4PR0701MB2195A52DA79B1E88364BCAD7F47B9AM4PR0701MB2195_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM4PR0701MB2195.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 7c46c160-e0cf-495e-cf81-08d9c3d0ef56
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Dec 2021 15:53:58.5068 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: zySsvTu6CBMgxOOcjXdiG1OTr//gRAVyQY5zwkLLdU52zbgKxQpVo+3snIPbPkR6bDhxgbgdawZw4p5lef7gPAIOH0OB9jmrH8ZetWWaT4Q=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB3296
Archived-At: <https://mailarchive.ietf.org/arch/msg/t2trg/Vb7L-X9dhddlsBvWJ31qtyJ7nTs>
Subject: Re: [T2TRG] [core] Quick Doodle T2TRG security topics (Re: New topic for T2TRG?)
X-BeenThere: t2trg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IRTF Thing-to-Thing Research Group <t2trg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/t2trg>, <mailto:t2trg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/t2trg/>
List-Post: <mailto:t2trg@irtf.org>
List-Help: <mailto:t2trg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/t2trg>, <mailto:t2trg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Dec 2021 15:54:09 -0000


From: Michael Richardson <mcr@sandelman.ca>

Carsten Bormann <cabo@tzi.org> wrote:
    > I assume most people are mostly in holiday mode already.

a bit.

    > I have put up 9 potential meeting slots this week:
    > https://protect2.fireeye.com/v1/url?k=31323334-501d5122-313273af-454445555731-7e45b11ea3df9a0f&q=1&e=d35fe755-7487-44c5-97d7-2f7f0d483c98&u=https%3A%2F%2Fdoodle.com%2Fpoll%2F7e76k335hd6d28k3

I have mutable plans Tuesday, but I could be persuaded to change them.

    > This week’s meeting is mostly for planning and, first and foremost,
    > discussing the scope we want to communicate.
    > The actual first meeting of a seccore activity would probably then be
    > in 2022W2, but that is one of the things we want to discuss this week.

Understood.

    >> CoAP can be used in various settings beyond simple REST. How do we
    >>adapt existing security requirements and solutions to these new modes of
    >>operation? Some work of this kind is already in progress in the IETF but
    >>some issues go beyond the individual IETF WGs, or could benefit from
    >>additional contributions from a wider audience, reviews and information
    >>sharing.
    >> Examples include:
    >> - Rekeying with PFS vs. stateless operations [2]
    >> - Firmware updates using group communication
    >> - Efficient and secure tunnelling of CoAP in CoAP
    >> - Notifications surviving rekeying
    >> - Progressing pub-sub with CoAP

I guess this is really CoAP focused around OSCORE :-)
I'm not saying this is a problem, but it certainly explains "seccore" as a name.
[GS] The scope is for discussion but the proposal is security in settings making use of CoAP, and to start with the problem rather than specific solutions. "seccore" is some sort of abbreviation of "security in constrained RESTful environments".

If we produced a few roadmaps (or a less interestingly, a roadmap with a few
options), which explained some specific choices, I think that would be
useful.
I think that two or three Informational RFCs would be appropriate.
I prefer multiple RFCs rather than one RFC with three sections in order to
make procurement clearer.
[GS] Maybe someone else thought about roadmaps, I was more thinking about concrete problem statements. If the outcome is a T2TRG draft or a new IETF WG draft (or neither) may depend on the problem.
Göran

v2.23.0 | Report a Bug | By Email