IETF Logo Mail Archive

Re: [T2TRG] RESTful Design & Security

Hannes Tschofenig <hannes.tschofenig@gmx.net> Tue, 07 March 2017 18:39 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: t2trg@ietfa.amsl.com
Delivered-To: t2trg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F9861294C1 for <t2trg@ietfa.amsl.com>; Tue, 7 Mar 2017 10:39:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x4tiIiH3nFW7 for <t2trg@ietfa.amsl.com>; Tue, 7 Mar 2017 10:39:36 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BA41112948C for <T2TRG@irtf.org>; Tue, 7 Mar 2017 10:39:35 -0800 (PST)
Received: from [192.168.91.177] ([80.92.114.23]) by mail.gmx.com (mrgmx002 [212.227.17.190]) with ESMTPSA (Nemesis) id 0LfBX6-1bwWnf1mbA-00olXn; Tue, 07 Mar 2017 19:39:27 +0100
To: Michael Richardson <mcr+ietf@sandelman.ca>
References: <c15a387f-9dd3-987e-2901-b86fd8f60108@gmx.net> <10144.1488908366@obiwan.sandelman.ca>
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Openpgp: id=071A97A9ECBADCA8E31E678554D9CEEF4D776BC9
Message-ID: <952c4a16-174f-2457-1f11-8f733e738f90@gmx.net>
Date: Tue, 07 Mar 2017 19:39:24 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0
MIME-Version: 1.0
In-Reply-To: <10144.1488908366@obiwan.sandelman.ca>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="nrMPRTFHct4IN3tJMCciwVS2ngmc9HB0G"
X-Provags-ID: V03:K0:2W9gxmw452xQDNhpnx/bgq6fo8jS861TgCLcoh6gLvFu3y7lo/f xYjdtqZJQ7tUWKK162eFLe2krYlhNJDs1gqpa0UY9T32QwsVx1RM4XWnAh7vV8l70N+Fl/P JVrJv03kw0xOCMaY52n/NsgxXFv5347dGRGW7iPDFR3Sen86sm7ViHvooJtyLpW+67e0UzP /jINbI07jzmGWTy0V0M3Q==
X-UI-Out-Filterresults: notjunk:1;V01:K0:MtyFXUheBbI=:1wbMILmdK9Zcyqylm+KmbK UAKsZ9VGku/qiM1BkinipU1uD20Ku9IwMC3br5xw4vjXBIEnn8dChXJarmgaDTS8+6TV6ZYe+ pZUhuiOH16pWpVa5QXieqdpPRlPNvb9gQNCufGSP8leFcELi96vAoGIF7/2h42Imp2U7618f5 4Jhxaqmlj3FZthoxZQhKcS219Y5dwCkjRvB8gQBkcIO3pOM16kgR6XSrM+xiajEIk/mFXRLi7 2ctg9ukofJzgVZ8An9PiECg6s5ovuS3gw8zH9ZO1ms7npg4XqoO1siRjcHQzaufmiVmKHuVp5 Svmv++3afkCqd9NQfMi3ZI7F8fGmQ3ByPlghIvWyvL0iwCUsECP/jkRH9ZqaTFve7O51zsB46 81L3GEQavl5ND9SrhOEqcy4uA3EoJO4IBdwlL9tm90kdoBekfp4cSLjZh43H3znZeEQGx7KoJ a6gJlieq5u9/Y08TV6vOCXkzH+ArwuMMiPUWkE+FGCeeMb6SIDxChXnevsMPEq5YNSryUs22J R0Q4pAEWu3dSl3XclRxzzIVUBXEluJaHJcMET7YNwqx3wcYLpURu1lFe/tOhKaEeww9MUacpf UwGFo5BQ9FlyzvvVay52SMIYjS4NW3EEosc6EBEZRr8JuHCseEyzns+pUU2aEP1/vQz4ZKCTP uweYN2jjUx+KVZdkZ1xFT9NWUf/5LBQ3S0YcOOIMLZ6qhGrfRmPKEcVaQXRrgv73swUxv4Vji v4Bpl7Y+mkS0k4OSZ2D1m/0/f0GABvvEEpkZx4JLvsVnE+YuMEsD1ZujUbQ=
Archived-At: <https://mailarchive.ietf.org/arch/msg/t2trg/j3oev195rmMqZY7rQv8M03uIqHU>
Cc: "t2trg@irtf.org" <T2TRG@irtf.org>
Subject: Re: [T2TRG] RESTful Design & Security
X-BeenThere: t2trg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IRTF Thing-to-Thing \(T2T\) Research-Group-in-creation" <t2trg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/t2trg>, <mailto:t2trg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/t2trg/>
List-Post: <mailto:t2trg@irtf.org>
List-Help: <mailto:t2trg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/t2trg>, <mailto:t2trg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Mar 2017 18:39:38 -0000

OSCOAP does not work when

* you mix protocols,
* use a middlebox for some processing interactions (such as data
aggregation), and
* when one of the protocols is a non-RESTful protocol, such as BLE or MQTT.

Unfortunately, these the use cases we are facing in current IoT
deployments. For similar reasons we cannot use RFC 8075 either.

Maybe you are seeing different deployment environments.

Ciao
Hannes

On 03/07/2017 06:39 PM, Michael Richardson wrote:
> 
> Hannes Tschofenig <hannes.tschofenig@gmx.net> wrote:
>     > Needless to say that these challenges have also been observed in other
>     > protocols as well, such as HTTP and even SIP.
> 
>     > What is the story for providing application layer security?
> 
> OSCOAP seems to be end-to-end to me.
> 
> --
> Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
>  -= IPv6 IoT consulting =-
> 
> 
>

v2.23.0 | Report a Bug | By Email