[TLS] draft-friel-tls-atls-03

Hannes Tschofenig <Hannes.Tschofenig@arm.com> Tue, 09 July 2019 09:01 UTC

Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 17B5A1203B6 for <tls@ietfa.amsl.com>; Tue, 9 Jul 2019 02:01:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XhpoNGUYZze1 for <tls@ietfa.amsl.com>; Tue, 9 Jul 2019 02:01:15 -0700 (PDT)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50046.outbound.protection.outlook.com [40.107.5.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6BE71203B3 for <tls@ietf.org>; Tue, 9 Jul 2019 02:01:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NCCrYGfIzqewDbyrKWv6sFohJ9tTzCNvWAC6baqC1Qc=; b=vIJ+s707PTDfvBAnk6s5+XwhoGklrChUyhXaElOgbNtpS2LYzqAXZjM4SEcUZBGwu3tPX9UF0J0PuOLpXojsnAeShnkK9JchsGPxttrNO8dDLh3H/e9++lNcQ0Vh6dV5AQu8uf+XLCF7JnA7XIZ37zF4yN9O0b5urZINMZTfgMU=
Received: from VI1PR08MB5360.eurprd08.prod.outlook.com (52.133.244.88) by VI1PR08MB3725.eurprd08.prod.outlook.com (20.178.14.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2052.18; Tue, 9 Jul 2019 09:01:11 +0000
Received: from VI1PR08MB5360.eurprd08.prod.outlook.com ([fe80::9ce0:faf4:980d:dc77]) by VI1PR08MB5360.eurprd08.prod.outlook.com ([fe80::9ce0:faf4:980d:dc77%3]) with mapi id 15.20.2052.020; Tue, 9 Jul 2019 09:01:11 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: draft-friel-tls-atls-03
Thread-Index: AdU2M6bbA9UOLqBVTUGqAqIBs49gnA==
Date: Tue, 09 Jul 2019 09:01:11 +0000
Message-ID: <VI1PR08MB53600FC4FC6E5DFFDACAFECEFAF10@VI1PR08MB5360.eurprd08.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: 556d578e-f39d-46ee-a49a-fae1c3eec205.0
x-checkrecipientchecked: true
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
x-originating-ip: [80.92.119.152]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 85c3966a-5cbf-432c-b0aa-08d7044bfd79
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020); SRVR:VI1PR08MB3725;
x-ms-traffictypediagnostic: VI1PR08MB3725:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <VI1PR08MB37256587E4F690AFE1985C89FAF10@VI1PR08MB3725.eurprd08.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0093C80C01
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(366004)(39860400002)(136003)(396003)(376002)(346002)(40434004)(53754006)(199004)(189003)(53936002)(6436002)(606006)(6506007)(26005)(8676002)(102836004)(33656002)(68736007)(81156014)(81166006)(1730700003)(8936002)(25786009)(3846002)(790700001)(7736002)(6116002)(7696005)(5660300002)(966005)(14454004)(6916009)(71200400001)(99286004)(72206003)(74316002)(71190400001)(66066001)(52536014)(2351001)(9686003)(66476007)(66556008)(64756008)(66446008)(478600001)(2501003)(316002)(2906002)(5640700003)(236005)(476003)(55016002)(73956011)(54896002)(66946007)(86362001)(486006)(76116006)(256004)(14444005)(5024004)(6306002)(186003); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR08MB3725; H:VI1PR08MB5360.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: ZaIFMBZV4z0hwx9xuJtpXJ+QebuF9G75D8ydu14OJFHNQL21aFuXMGk6Cd/nMqp5LY3xu9g4Ug55h/FccpQmiNa8lRY90+0BVch86BssfDqHbO2ICFPoetguHzBqiwg93VTnR8TZakYM3Fn1k8fAmGfr5rBeML7L5XWKnwSWjIlvHYxt/e5/fYL3Ea8DOmrH/105Fusixt1DBZwNLKCgaqH88zYazak5fkDklMx0BLNSfedzK90VeBV0Hvgw3UgwrUXF/GgDNpzmkxrHT0QY57ahcOK0u09D/r28d+pEZpK0wuX91SbVkkroz4qjCSK7Up2k5sF0EzyH1XnVAFBFczW/G52d+gWBsXanyamqsWCFYjNFxBohGT2wXnZ26JjFTe9jPLNi/2kKpOMapKr33nFc4FCE5CaQFfr5dk0HwKk=
Content-Type: multipart/alternative; boundary="_000_VI1PR08MB53600FC4FC6E5DFFDACAFECEFAF10VI1PR08MB5360eurp_"
MIME-Version: 1.0
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 85c3966a-5cbf-432c-b0aa-08d7044bfd79
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Jul 2019 09:01:11.6742 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Hannes.Tschofenig@arm.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR08MB3725
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/SvTeyzRLPJn3GWhyYtPM-BzQl74>
Subject: [TLS] draft-friel-tls-atls-03
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Jul 2019 09:01:18 -0000

Hi all,

Owen and I have been working on a new version of ATLS, which you can find here:
https://tools.ietf.org/html/draft-friel-tls-atls-03

The plain version (with the DTLS record layer for protecting application data) is used by Cisco and by us in products.
We did, however, add extra functionality to allow the establishment of an OSCORE and COSE security context.
(Conceptually, this is similar to what was done many years ago with the DTLS-SRTP framework for media security.)

What this work provides us is re-use of existing TLS/DTLS stacks for application layer security.

While the actual standardization work is rather small, we noticed that the idea of using TLS/DTLS handshake at the application layer is still something that's difficult to understand.
I ran into people who thought it is not possible to use TLS/DTLS handshake at the application layer. For those people, the additional background text in the draft is quite helpful.

Ciao
Hannes
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.