From nobody Wed Jan  2 14:56:30 2019
Return-Path: <goran.selander@ericsson.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 25D8D12D4F1 for <secdispatch@ietfa.amsl.com>; Wed,  2 Jan 2019 14:56:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.387
X-Spam-Level: 
X-Spam-Status: No, score=-3.387 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.065, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_EXCESS_BASE64=0.979, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com header.b=R23QLpjP; dkim=pass (1024-bit key) header.d=ericsson.com header.b=Ein8RQx/
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Hs22KH3hPbJy for <secdispatch@ietfa.amsl.com>; Wed,  2 Jan 2019 14:56:26 -0800 (PST)
Received: from sesbmg22.ericsson.net (sesbmg22.ericsson.net [193.180.251.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 517AD130E11 for <secdispatch@ietf.org>; Wed,  2 Jan 2019 14:56:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/relaxed;  q=dns/txt; i=@ericsson.com; t=1546469784; x=1549061784; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=g58xRXECbuqJkuR+ykJ6xFbkMex5Qd5TtT6q3Kj3vLs=; b=R23QLpjPQflTqOILob1Z/eLGe8r5LRq23Ap3swP1VOHLLcrWxDELs2yFVQAeZNzA KsRSUddjUx93Ome/ZYtSHeJAYfn+7aZFDSwSEiTU42FYe4m14ROJW+3gNXTWq4w7 uD8L1LmcycxcT4d9mdtyOAdjYAaCm+J98RhCs18L8V0=;
X-AuditID: c1b4fb30-41b3a9e00000355c-ad-5c2d419816bc
Received: from ESESBMB504.ericsson.se (Unknown_Domain [153.88.183.117]) by sesbmg22.ericsson.net (Symantec Mail Security) with SMTP id E2.3B.13660.8914D2C5; Wed,  2 Jan 2019 23:56:24 +0100 (CET)
Received: from ESESSMR504.ericsson.se (153.88.183.126) by ESESBMB504.ericsson.se (153.88.183.171) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Wed, 2 Jan 2019 23:56:12 +0100
Received: from ESESBMB501.ericsson.se (153.88.183.168) by ESESSMR504.ericsson.se (153.88.183.126) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Wed, 2 Jan 2019 23:56:12 +0100
Received: from EUR02-HE1-obe.outbound.protection.outlook.com (153.88.183.157) by ESESBMB501.ericsson.se (153.88.183.168) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3 via Frontend Transport; Wed, 2 Jan 2019 23:56:11 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=g58xRXECbuqJkuR+ykJ6xFbkMex5Qd5TtT6q3Kj3vLs=; b=Ein8RQx/0inq5D4YFTrdjejSqOYxH4JxCjL6Ipx9nmAjSD9bcMwuZXTJHvywuvRjlWNzh/MnH52Cvk201YQa4BuFQujtOYCAdjYsqubBSJvyMXcPW9UaMnBO4X0uMPriqFWC4sfoptVMmNdQ8aVRd/iW3FmGpDODQCa0CGjRySM=
Received: from HE1PR07MB4172.eurprd07.prod.outlook.com (20.176.166.25) by HE1PR07MB4331.eurprd07.prod.outlook.com (20.176.167.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1495.6; Wed, 2 Jan 2019 22:56:10 +0000
Received: from HE1PR07MB4172.eurprd07.prod.outlook.com ([fe80::a006:7ef8:2fd:30a]) by HE1PR07MB4172.eurprd07.prod.outlook.com ([fe80::a006:7ef8:2fd:30a%4]) with mapi id 15.20.1495.005; Wed, 2 Jan 2019 22:56:09 +0000
From: =?utf-8?B?R8O2cmFuIFNlbGFuZGVy?= <goran.selander@ericsson.com>
To: "secdispatch@ietf.org" <secdispatch@ietf.org>
CC: John Mattsson <john.mattsson@ericsson.com>, Francesca Palombini <francesca.palombini@ericsson.com>
Thread-Topic: EDHOC
Thread-Index: AQHUou5Zx1xiDx+jgESY4I5hUyszWg==
Date: Wed, 2 Jan 2019 22:56:08 +0000
Message-ID: <D629D980-C059-474F-B259-2700F2EEAE41@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
user-agent: Microsoft-MacOutlook/10.14.0.181208
authentication-results: spf=none (sender IP is ) smtp.mailfrom=goran.selander@ericsson.com; 
x-originating-ip: [83.251.145.234]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; HE1PR07MB4331; 6:cEl8OS3W4qTcrNc4NcGMBKHcbSfPxGGtBxUdkfxY6AIfJjuAIt+SLrvgbJvUtWRcbT/Xt3hQQwwL26EBntu4qmTGca1ISXKRs7XlBbE0fOkdaN/nNDLK2/Rcsnut18G7BhULSzUtlWWncb14EMuI+TsaCE1aniySNwJfW5fhZM0IOcM+eGr7/w1MeDE1ZG+r39o1mZPzYe6hHwUOZvnDoVva1klKzWh2Wb0mTkgsr0rDYxvhI1rUqybiYo5YG2bEPzO17gMGGkWpdPs7vUsDoPmWBUK99AX53rD0y79aKszVJlV+/0oUuFoGWQESaMD4wr6UNXzc8WJJD26ILkAps9PpcEkRPtc4l2PMplnDyx4J8AxR0nJlhe7kWTj9iHGTbVXh04KQVfSJyBquBESanFcemsso/2LvJo4QI9UQGcou4MHbYYDGCDtncHi8GnG0IArtfXPpa4iIkZSNJunSLg==; 5:A8HICCcWN3NsLhLLkGXR2dyPWtFnDPJvhT+G1wXEW9+2cyLjlwmSYUl0ltZusn5fMjOi5cSUYVpKxEo7dgcn+UPLtouC05R4NN5gK77DFby3PsXfNEduT8ojtusOjoFIP2BvMQkEODUvjqZYAu0ZjnakWOMSythY3o3jLw5qR8CZNOlh47d33s+Kt8ZuCi9hsiBzW12P/Rd3SU5GVJSgTA==; 7:qMGxIKZ+X6MDHWuqA6P8gC8tv/E+ov4IKWC+3xAhYFzPgOzkTbyKbXotEdM5U3sEVsZ3I5G88Q9ENVYET1sKTDJd0jWt/FkGENMBo5wHZyqWgG4eD3nZP+b0pjLw+tF1yy2zQgZ/p8KxvgnsvsYEhA==
x-ms-exchange-antispam-srfa-diagnostics: SOS;SOR;
x-forefront-antispam-report: SFV:SKI; SCL:-1; SFV:NSPM; SFS:(10009020)(376002)(136003)(39860400002)(366004)(346002)(396003)(199004)(189003)(106356001)(105586002)(85202003)(2351001)(221733001)(66066001)(5660300001)(7116003)(14444005)(256004)(486006)(85182001)(476003)(68736007)(2906002)(8936002)(14454004)(7736002)(3846002)(71190400001)(6116002)(413944005)(966005)(82746002)(71200400001)(81156014)(81166006)(83716004)(3480700005)(1730700003)(8676002)(305945005)(66574012)(316002)(25786009)(102836004)(54906003)(97736004)(2501003)(26005)(6506007)(6486002)(6512007)(6306002)(5640700003)(86362001)(6916009)(99286004)(33656002)(107886003)(36756003)(186003)(4326008)(2616005)(53936002)(58126008)(478600001)(6436002)(215093002); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR07MB4331; H:HE1PR07MB4172.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; 
x-ms-office365-filtering-correlation-id: 9960ecac-497e-4c21-d0f3-08d671057c2e
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600109)(711020)(2017052603328)(7153060)(7193020); SRVR:HE1PR07MB4331; 
x-ms-traffictypediagnostic: HE1PR07MB4331:
x-microsoft-antispam-prvs: <HE1PR07MB43315D2A0A75AEA894701947F48C0@HE1PR07MB4331.eurprd07.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(3230021)(908002)(999002)(5005026)(6040522)(8220060)(2401047)(8121501046)(3231475)(944501520)(52105112)(93006095)(93001095)(10201501046)(3002001)(6041310)(20161123560045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123558120)(201708071742011)(7699051)(76991095); SRVR:HE1PR07MB4331; BCL:0; PCL:0; RULEID:; SRVR:HE1PR07MB4331; 
x-forefront-prvs: 0905A6B2C7
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: Nj6WQ1mIQU7W/D2kBBrI6N4JD5tzdCPbU0SOMkiFBXBNbOXT9JNRQhdfY5Hm5k6WWLblSJZcd5IVQuYeBua34uF4xWwwK7qx/F1I0GB+t1QI833fSDALa8AYHPDGp4ibQVFc+91eWl+J+nX1+gZ7EsPprY+frtRGVYAeEcsoTg761oFzYj+Ldlt+jplnyA+DDA6vWX8BCwQCQb3ui1M9bXapdJLXvoYkslu0nTWiGPK8WIO6Ewxp4t3ks/Xdxwc1kfNjqkVBfrjVWN3NEDe4buW2OySYv7zPCQ9wrJPkn4KvNzQmAquKKY7utMk7Kp5b
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <9DC5F22DAF93A348978DBF179BA20A12@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 9960ecac-497e-4c21-d0f3-08d671057c2e
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Jan 2019 22:56:08.9560 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB4331
X-OriginatorOrg: ericsson.com
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFupileLIzCtJLcpLzFFi42KZGbG9VHeGo26Mwb+5ShZrrl1ndWD0WLLk J1MAYxSXTUpqTmZZapG+XQJXxoPT61gKeoQqdk5tYG5gvCDYxcjBISFgIrHjf3IXIxeHkMAR RonnF74wQzhfGSWuHnjFAuc823qEFcJZzCRxub8fLMMiMIFZYunLKVBlE5kk/j38AeXcZZR4 8PIZUxcjJwebgIvEg4ZHYLaIgKHEjXs3WUFsZoEMifnf+phBbGEBPonf16czQ9QIS7zdPZ8d wtaTeLZyHwuIzSKgIvH6yCqwOK+AvcTHpe1g9YwCYhLfT61hgpgpLnHryXwwW0JAQGLJnvPM ELaoxMvH/8D2igroSzz4dIAdojdOomldAxtEjZLE7taTUPWyEpfmdzOCPCMh0MQusf/VFkaI hKHE8ZX7mSESl9kkDn66wgqR8JWYM2kJE0TiAqPEhNaLUKO0JD5fuQFlZ0s8/A/yAkjRRWaJ Rc9+ME1gNJyF5PRZwIhhFtCUWL9LHyLsIbFz430WCFtRYkr3Q/ZZ4BAQlDg58wnLAkbWVYyi xanFSbnpRkZ6qUWZycXF+Xl6eaklmxiBKeTglt8GOxhfPnc8xCjAwajEw5thoxsjxJpYVlyZ e4hRgoNZSYRXrFgnRog3JbGyKrUoP76oNCe1+BCjNAeLkjjvHyHBGCGB9MSS1OzU1ILUIpgs EwenVAPj3OAvcrl/L86MNBa3Mg7yn189+7mRxsntr7k/xAad7aiUmNPF+rFg+lFHbk3+Lpe0 jYd2bc47/kHR7czTC5s3re9/ucUu8lCkmO49xi+xrUt+bOKK0VTnrjHuyu/LubJifVV/pWla +IGyDaL6bRxxa3kY1kot0i9e9qel4/EsPU0XRZVV6y8rsRRnJBpqMRcVJwIAix/z8x0DAAA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/UollkQtwBu8TbTo9ANpnkcmpBxQ>
Subject: [Secdispatch] EDHOC
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Jan 2019 22:56:29 -0000

RGVhciBTZWNkaXNwYXRjaCwNCg0KV2UgaGF2ZSBiZWVuIGFkdmlzZWQgdG8gYXNrIHNlY2Rpc3Bh
dGNoIHRvIGNvbnNpZGVyIEVESE9DOiBodHRwczovL3Rvb2xzLmlldGYub3JnL2h0bWwvZHJhZnQt
c2VsYW5kZXItYWNlLWNvc2UtZWNkaGUNCg0KVGhvc2UgdGhhdCBmb2xsb3cgdGhlIEFDRSBXRyBz
aG91bGQgYmUgZmFtaWxpYXIgd2l0aCB0aGlzIGRyYWZ0LiBUaGUgcHJvYmxlbSBzdGF0ZW1lbnQg
YW5kIG1vdGl2YXRpb24gZm9yIEVESE9DIGlzIGRlc2NyaWJlZCBpbiBzZWN0aW9uIDEuIEluIGJy
aWVmLCB0aGUgdGFyZ2V0IGlzIGEgbGlnaHR3ZWlnaHQga2V5IGV4Y2hhbmdlIHByb3RvY29sIHN1
aXRhYmxlIGZvciBJb1QgYXBwbGljYXRpb25zLCB3aGljaDoNCmEpIGhhcyBzbWFsbCBtZXNzYWdl
IHNpemUgYW5kIHJldXNlcyBleGlzdGluZyBJb1QgcHJpbWl0aXZlcyB0byBlbmFibGUgbG93IG92
ZXJoZWFkIGFuZCBzbWFsbCBjb2RlIGZvb3RwcmludDsgDQpiKSBpcyBub3QgYm91bmQgdG8gYSBw
YXJ0aWN1bGFyIHRyYW5zcG9ydCwgdG8gZW5hYmxlIGVuZC10by1lbmQgc2VjdXJpdHkgaW4gSW9U
IGRlcGxveW1lbnRzIHdpdGggdmFyeWluZyB1bmRlcmx5aW5nIGxheWVyczsgYW5kDQpjKSBjYW4g
YmUgdXNlZCB0byBrZXkgT1NDT1JFIChkcmFmdC1pZXRmLWNvcmUtb2JqZWN0LXNlY3VyaXR5KSB0
aGF0IGlzIGxhY2tpbmcgYSBoYXJtb25pemluZyBrZXkgZXhjaGFuZ2UgcHJvdG9jb2wuDQoNClRo
ZXNlIHJlcXVpcmVtZW50cyBhcmUgbW90aXZhdGVkIGJ5IGNvbnN0cmFpbmVkIElvVCBkZXZpY2Ug
ZGVwbG95bWVudHMsIGJ1dCB0aGUgcHJvdG9jb2wgaXMgYXBwbGljYWJsZSB0byBvdGhlciBlbmQt
dG8tZW5kIHNlY3VyaXR5IHNldHRpbmdzIHdoZXJlIHRoZSBvdmVyaGVhZCBkdWUgdG8gc2VjdXJp
dHkgbmVlZHMgdG8gYmUgbG93LiBFREhPQyBhZGRyZXNzZXMgdGhlc2UgcmVxdWlyZW1lbnRzIGFu
ZCBidWlsZHMgb24gdGhlIFNJR01BIGNvbnN0cnVjdGlvbiBmb3IgRGlmZmllLUhlbGxtYW4ga2V5
IGV4Y2hhbmdlcy4gRURIT0MsIGxpa2UgT1NDT1JFLCBpcyBidWlsdCBvbiBDQk9SIChSRkMgNzA0
OSkgYW5kIENPU0UgKFJGQyA4MTUyKSBhbmQgdGhlIHByb3RvY29sIG1lc3NhZ2VzIG1heSBiZSB0
cmFuc3BvcnRlZCB3aXRoIENvQVAgKFJGQyA3MjUyKS4gIA0KDQpUaGVyZSBoYXMgYmVlbiBhIG51
bWJlciBvZiByZXZpZXdzIG9mIGRpZmZlcmVudCB2ZXJzaW9ucyBvZiB0aGUgZHJhZnQ7IGJvdGgg
YnkgcGVvcGxlIHdobyB3YW50IHRvIGRlcGxveSBpdCBhbmQgYnkgcGVvcGxlIGFuYWx5c2luZyB0
aGUgc2VjdXJpdHkuIEEgZm9ybWFsIHZlcmlmaWNhdGlvbiB3YXMgcHJlc2VudGVkIGF0IFNTUiAy
MDE4LiBUaGVyZSBhcmUgYSBmZXcgaW1wbGVtZW50YXRpb25zIG9mIGRpZmZlcmVudCB2ZXJzaW9u
cyBvZiB0aGUgZHJhZnQuIFRoZSBBQ0UgV0cgaGFzIGV4cHJlc3NlZCBpbnRlcmVzdCBpbiB0aGlz
IHdvcmsgaW4gc2V2ZXJhbCBmMmYgbWVldGluZ3MuDQoNClBsZWFzZSBsZXQgdXMga25vdyBpZiBz
b21lIGluZm9ybWF0aW9uIGlzIG1pc3NpbmcgZm9yIHNlY2Rpc3BhdGNoIHRvIGNvbnNpZGVyIHRo
aXMgZHJhZnQsIG9yIGhvdyB3ZSBjYW4gaGVscCBvdXQgaW4gdGhlIHByb2Nlc3MuDQoNCkJlc3Qg
cmVnYXJkcw0KR8O2cmFuLCBKb2huLCBGcmFuY2VzY2ENCg0KDQo=


From nobody Wed Jan  2 15:57:55 2019
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 26D62130E51 for <secdispatch@ietfa.amsl.com>; Wed,  2 Jan 2019 15:57:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xu5bJVm7G9_y for <secdispatch@ietfa.amsl.com>; Wed,  2 Jan 2019 15:57:52 -0800 (PST)
Received: from mail-qt1-x82c.google.com (mail-qt1-x82c.google.com [IPv6:2607:f8b0:4864:20::82c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F321F124BE5 for <secdispatch@ietf.org>; Wed,  2 Jan 2019 15:57:51 -0800 (PST)
Received: by mail-qt1-x82c.google.com with SMTP id n32so35215417qte.11 for <secdispatch@ietf.org>; Wed, 02 Jan 2019 15:57:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;  h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=Nr7IUndilKMQMDhatv8xNjI9hL/sKGmtibZ4JT7Juzg=; b=Hu4lVzhyBF9PRQmDg0YUQEJ4XHH+3+09/q1q+xno3+NLBeH2aCSGXPZ+kG8Yvqic1D MEngKMNTl8lQG+LGTPnLU7kV4DlY7XXr7lY/G5R6tyUWI0hNV9/YRh5UB2QOr099RWlD Eiv66fCbYhL2or0PY5uEA5ZiiKG1D3hNQ1BVC8SXJyP1hJzB9HvS2YcDuPnLvaOqnnx9 axDa0scGA5/vOiSHl1pqjwfQLdU9BBfcvl9G+rX+MIVIofm6P08T8VNyLqUsJlj4P/Y8 /5Bl8tigxxQtAX0BRMNEQaYREy2FOUGx11Fw7qIZ5Ign0DAL+aorg/m/fy8aRCpXg9ax 99EA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=Nr7IUndilKMQMDhatv8xNjI9hL/sKGmtibZ4JT7Juzg=; b=qYJBJ7dJ0AlyxNgv/vkkdBy6B+qpH1W/UILfclOjElZTBYoKKmLdroX37rGwGFo3uN 7Zgce/sYo9Or9+PHMXdI706Yti3YloIfSIBBiGdvosQW6Vo6yKYk/m1tKe3pyQPtPhqB 6WSl9FYzsgs0BnPyHuQ+MxKSSCmMeI3dZwd5oCGdWEpzFwiWbiznJEWTtoKvyMiNuQVS 03ygn04o2jfhEQR9XVqT6wZgamm69NuUOkZoXJwvmzu4IRv49jxZ6Lo2+NWqaGMmJSS3 5wYqJXtdVZ5Ao0dmhKwZE3d7bmSHoO6Dj6vMZE1mJ26hxL3sd+TtLtluBbO9nr5gGXEy 9LKA==
X-Gm-Message-State: AJcUukfho1/Mvim9+xbU1aujmfglBkAnEQztLazZGXPh5oWmtdoKWJQ9 jcdI66GVVTPZ4HDwUrsXf3Q=
X-Google-Smtp-Source: ALg8bN79naeSkid2XY2BsgwgkwrHkzpAeZ5Vq2igBejRYYk0aCmnV2l+6dlGEOTQeM8xdldEHb1b4g==
X-Received: by 2002:aed:2d66:: with SMTP id h93mr40981582qtd.130.1546473470973;  Wed, 02 Jan 2019 15:57:50 -0800 (PST)
Received: from [10.111.222.210] (209-6-124-146.s3472.c3-0.arl-cbr1.sbo-arl.ma.cable.rcncustomer.com. [209.6.124.146]) by smtp.gmail.com with ESMTPSA id 83sm29398796qkz.73.2019.01.02.15.57.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 02 Jan 2019 15:57:50 -0800 (PST)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (1.0)
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
X-Mailer: iPhone Mail (15E216)
In-Reply-To: <D629D980-C059-474F-B259-2700F2EEAE41@ericsson.com>
Date: Wed, 2 Jan 2019 18:57:49 -0500
Cc: "secdispatch@ietf.org" <secdispatch@ietf.org>, Francesca Palombini <francesca.palombini@ericsson.com>, John Mattsson <john.mattsson@ericsson.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <79FD6563-8ADA-4D73-B8D5-C3D70604CD76@gmail.com>
References: <D629D980-C059-474F-B259-2700F2EEAE41@ericsson.com>
To: =?utf-8?Q?G=C3=B6ran_Selander?= <goran.selander@ericsson.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/_qYFxBjQaF8yLIi_Gw6XjXi5TdE>
Subject: Re: [Secdispatch] EDHOC
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Jan 2019 23:57:54 -0000

Hi,

I=E2=80=99ve read earlier versions of this draft and appreciate all the work=
 you have done with the security proof and comparing to existing standardize=
d protocols.  If ACE is interested, why is this going to SECDispatch? It mig=
ht help to understand that better.  Is it that a recharter would be needed?

Thank you & happy new year!
Kathleen=20

Sent from my mobile device

> On Jan 2, 2019, at 5:56 PM, G=C3=B6ran Selander <goran.selander@ericsson.c=
om> wrote:
>=20
> Dear Secdispatch,
>=20
> We have been advised to ask secdispatch to consider EDHOC: https://tools.i=
etf.org/html/draft-selander-ace-cose-ecdhe
>=20
> Those that follow the ACE WG should be familiar with this draft. The probl=
em statement and motivation for EDHOC is described in section 1. In brief, t=
he target is a lightweight key exchange protocol suitable for IoT applicatio=
ns, which:
> a) has small message size and reuses existing IoT primitives to enable low=
 overhead and small code footprint;=20
> b) is not bound to a particular transport, to enable end-to-end security i=
n IoT deployments with varying underlying layers; and
> c) can be used to key OSCORE (draft-ietf-core-object-security) that is lac=
king a harmonizing key exchange protocol.
>=20
> These requirements are motivated by constrained IoT device deployments, bu=
t the protocol is applicable to other end-to-end security settings where the=
 overhead due to security needs to be low. EDHOC addresses these requirement=
s and builds on the SIGMA construction for Diffie-Hellman key exchanges. EDH=
OC, like OSCORE, is built on CBOR (RFC 7049) and COSE (RFC 8152) and the pro=
tocol messages may be transported with CoAP (RFC 7252). =20
>=20
> There has been a number of reviews of different versions of the draft; bot=
h by people who want to deploy it and by people analysing the security. A fo=
rmal verification was presented at SSR 2018. There are a few implementations=
 of different versions of the draft. The ACE WG has expressed interest in th=
is work in several f2f meetings.
>=20
> Please let us know if some information is missing for secdispatch to consi=
der this draft, or how we can help out in the process.
>=20
> Best regards
> G=C3=B6ran, John, Francesca
>=20
>=20
> _______________________________________________
> Secdispatch mailing list
> Secdispatch@ietf.org
> https://www.ietf.org/mailman/listinfo/secdispatch


From nobody Thu Jan  3 22:17:45 2019
Return-Path: <goran.selander@ericsson.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE5AC124D68 for <secdispatch@ietfa.amsl.com>; Thu,  3 Jan 2019 22:17:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.387
X-Spam-Level: 
X-Spam-Status: No, score=-3.387 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.065, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_EXCESS_BASE64=0.979, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com header.b=DyMmi90k; dkim=pass (1024-bit key) header.d=ericsson.com header.b=cBwF1TjZ
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BPv4K5DoK28l for <secdispatch@ietfa.amsl.com>; Thu,  3 Jan 2019 22:17:35 -0800 (PST)
Received: from sesbmg23.ericsson.net (sesbmg23.ericsson.net [193.180.251.37]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BFC68130F65 for <secdispatch@ietf.org>; Thu,  3 Jan 2019 22:17:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/relaxed;  q=dns/txt; i=@ericsson.com; t=1546582651; x=1549174651; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=HA7UZ3cULaJsG1TlCkQhsa7vFCJIk35+Vz5B7OgK+00=; b=DyMmi90k2A2054TFmzE8kDPZqaX0Kia04v+HjFK008YY7oLSDz5PA89ubJNbQ8Mq m3+eSv28ncgRFMnB339qdi3galvysh9Xw5gi6kYrpPaGxrtTmX3Ag5+nyi5Jpl+r ewoF7T8F9fD1sobfMTrgIJIgok/MDIUvSUCWGhdfJZA=;
X-AuditID: c1b4fb25-d89ff70000005ff7-4e-5c2efa7bb588
Received: from ESESSMB505.ericsson.se (Unknown_Domain [153.88.183.123]) by sesbmg23.ericsson.net (Symantec Mail Security) with SMTP id E3.62.24567.B7AFE2C5; Fri,  4 Jan 2019 07:17:31 +0100 (CET)
Received: from ESESSMR505.ericsson.se (153.88.183.127) by ESESSMB505.ericsson.se (153.88.183.166) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Fri, 4 Jan 2019 07:17:31 +0100
Received: from ESESSMB502.ericsson.se (153.88.183.163) by ESESSMR505.ericsson.se (153.88.183.127) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Fri, 4 Jan 2019 07:17:31 +0100
Received: from EUR02-AM5-obe.outbound.protection.outlook.com (153.88.183.157) by ESESSMB502.ericsson.se (153.88.183.163) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3 via Frontend Transport; Fri, 4 Jan 2019 07:17:30 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=HA7UZ3cULaJsG1TlCkQhsa7vFCJIk35+Vz5B7OgK+00=; b=cBwF1TjZQAZ6PIHZJYwbVC9/xs/fdmTUpCgtGiJh/CY0doK6EUDcxqUDQD5yaznP2TG9a4Ea2RQasDcGVxbjxOfV/mgUMz5tNJ/UdEUy5zXxdGE1DULhgF3TpthG3PF1IYE6DsL80mGozsDZDDpOpwMbDqUY7tOs3Wl+lQnamvI=
Received: from HE1PR07MB4172.eurprd07.prod.outlook.com (20.176.166.25) by HE1PR07MB3242.eurprd07.prod.outlook.com (10.170.246.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1495.5; Fri, 4 Jan 2019 06:17:30 +0000
Received: from HE1PR07MB4172.eurprd07.prod.outlook.com ([fe80::a006:7ef8:2fd:30a]) by HE1PR07MB4172.eurprd07.prod.outlook.com ([fe80::a006:7ef8:2fd:30a%4]) with mapi id 15.20.1495.005; Fri, 4 Jan 2019 06:17:28 +0000
From: =?utf-8?B?R8O2cmFuIFNlbGFuZGVy?= <goran.selander@ericsson.com>
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, "ace@ietf.org" <ace@ietf.org>
CC: Francesca Palombini <francesca.palombini@ericsson.com>, John Mattsson <john.mattsson@ericsson.com>, "secdispatch@ietf.org" <secdispatch@ietf.org>
Thread-Topic: [Secdispatch] EDHOC
Thread-Index: AQHUou5Zx1xiDx+jgESY4I5hUyszWqWcqBGAgAINKAA=
Date: Fri, 4 Jan 2019 06:17:27 +0000
Message-ID: <F72354EF-2FB7-41C0-BCA1-6D4511A410B2@ericsson.com>
References: <D629D980-C059-474F-B259-2700F2EEAE41@ericsson.com> <79FD6563-8ADA-4D73-B8D5-C3D70604CD76@gmail.com>
In-Reply-To: <79FD6563-8ADA-4D73-B8D5-C3D70604CD76@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
user-agent: Microsoft-MacOutlook/10.14.0.181208
x-originating-ip: [79.102.183.102]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; HE1PR07MB3242; 6:VHZv340PCjT5wOCNoed3szI9KPVAiOl+sDXRRi9O23qVzlaqAT6mWzJpnGXJ+50DJQVo9k2wo5ZQp/YT+Ex8QVL5THItWyXLmcpQvbPD3UOSmo2XO8y9qUojIn6pNXeZSaOSfkYcvVrlvrfIOZF+jhHgtEstRg4S5zu73UcvzqIvL05je7+w2t8tDcIA+hsNlst45PSih+CK8rmHxgosKgD3ot1U7u9kfYyC0jOWgE2A9XZkk/8KqOwG2J6rNIv/ByxlO+zH+PImR9dIAP0YTHmqMSrppHTnWEQYE+lo4XUwipyPxHoWWlU3Ncwxb1//P/URxsEnaOxCRAjf/OQ2eeANDOIbYovyRYp8TnEEs6wJj4lGwIfWP9gguP27iD3obiH6xzT5w4Rk3+320Qazz0Jb9v5+wYN8hs9Q4l8XcsMB/7EmbJRnbEFEPzvZtEj+/w/hmYPtgkA50Zl6kGnbZQ==; 5:VfElAYD3hCsYh8WQqUVcK4Htj1St5BVZ7xp0JcyJjMO20+VIS0LL0bdAwPzzox2dDOdjrYIPxODOT+lKhj2R19izoBR9H3gnmZRDEDwTsc3UwbyIVxh4QYY30ehydHUgJ7qUt8ssWDvXqJX86mVQhtITwOnarhch/v731ueg1S33DJluhwefyYA3jFMZJlPDnwifQiPLyo1Cq0N2yPp2gw==; 7:/A6gyTJtWCbmvb+gjyDTSiQRjSMiskQEVNM6CSfxLJWh5lEZYvcHSsKU/qv1EBCDECkI3f6P2Ktl9N2qvkVashXASAG1EWdXVIDWinxU4ygXys6x8iw/3q3fnH5ouWWhQt4EW9ZmLGoU4NlTSKJ9Bw==
x-ms-exchange-antispam-srfa-diagnostics: SOS;SOR;
x-forefront-antispam-report: SFV:SKI; SCL:-1; SFV:NSPM; SFS:(10009020)(396003)(376002)(136003)(39860400002)(366004)(346002)(199004)(189003)(53546011)(102836004)(14454004)(476003)(6506007)(36756003)(486006)(7736002)(76176011)(8936002)(6246003)(66066001)(305945005)(81156014)(8676002)(81166006)(53936002)(446003)(25786009)(66574012)(4326008)(6512007)(6306002)(11346002)(2616005)(966005)(86362001)(186003)(2906002)(68736007)(478600001)(26005)(6346003)(39060400002)(97736004)(110136005)(256004)(14444005)(58126008)(54906003)(316002)(2501003)(85182001)(105586002)(85202003)(106356001)(6486002)(6436002)(6116002)(3846002)(5660300001)(229853002)(82746002)(71200400001)(83716004)(33656002)(71190400001)(99286004); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR07MB3242; H:HE1PR07MB4172.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; 
x-ms-office365-filtering-correlation-id: a34f4698-7806-4014-d550-08d6720c4d6f
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600109)(711020)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(7193020); SRVR:HE1PR07MB3242; 
x-ms-traffictypediagnostic: HE1PR07MB3242:
x-microsoft-antispam-prvs: <HE1PR07MB3242CA705FBEA3A79BA68FA8F48E0@HE1PR07MB3242.eurprd07.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(3230021)(908002)(999002)(5005026)(6040522)(8220060)(2401047)(8121501046)(10201501046)(3002001)(3231475)(944501520)(52105112)(93006095)(93001095)(6041310)(20161123560045)(20161123562045)(20161123564045)(20161123558120)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(201708071742011)(7699051)(76991095); SRVR:HE1PR07MB3242; BCL:0; PCL:0; RULEID:; SRVR:HE1PR07MB3242; 
x-forefront-prvs: 0907F58A24
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=goran.selander@ericsson.com; 
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: FcU/jdBfMF6fHEOZS5/SkBY0xnvQ9sQ2NlRqusrfu+p466mSLu6kONFkS6pn+G5frjirsDDXBXcUwW9bDnysEj/xxZuqEbxnQo/+O/5Qvvm6Wua2zwJD5H3MmiFgZH/eeTwCv0RZ6i4PjVMR5Q9dpnPkn2dJhY2ruSiLYo7/1Vk+Qbp3t5yKxZM6UmIDJ2SzgAvD5sZItGOI736vY5PvtgOMaYV4S3FsOaUevF4sC4VwTN1mLu9gO0Ko4SbwsAmMf5OHcSOWTUh1JEEEarUWY0BKy4Wtc3ruVUA7pNcTuGupy781URsozcOFqhyikd63
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <3ABDC45E3FF0054E9290EA55608C66C9@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: a34f4698-7806-4014-d550-08d6720c4d6f
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Jan 2019 06:17:28.2841 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB3242
X-OriginatorOrg: ericsson.com
X-Brightmail-Tracker: H4sIAAAAAAAAA03SbUhTURgHcM7u3e51uDpbvjyogU4NVJyaRiaZGQV+SCiEKBFq5UVF3fTe JS6/rEbFXKQTcymmZX7JJGsJ8y2smZoaWaa9oaY2SckvJrY0sXZ3Lfr2+z/PA885h0MTiipx AJ2n0TGsRl2glEjJ2pP2suiydVVWbPVoVKLrxzUi0dCpTWx99158kEjrrJui0pqb10THRJnS /dlMQV4Jw8YcOCPNHWswUkUfwkur7CkGNBlWjmgacALUXg/iqcDPEZi3lyOpm6sIBpr6yX+h rbuCEMJdEVQuP/AEElcSsHqxRyJ0LCLoXh3eClMIZk0v3WNetAQfhhnDnIi3Dz4FtpoKxA8R 2IpgbKED8Y0dOBhuGOco/iQ+OASm72OBSXBrRsNPkDgM3tjrKd4ynAJ9X00kbwVmock67bEX ToZXjWsS3gj7gWu41bOWwP7wydnoMWAMzT2jhGBfWPyyKebti2Ng5vtTSqgrYbDXJhG8E8Ya zUjwJQpaJrIEx8HgvV7PSwDuk8DAk/GtBekwbq+SCI3XCDr7Jre2RcIjp4sUnA+b3Q5UieLr /jtgnfvOBI6Atq4YoZwGpu4FSnAIVJtnPZZhOQzVOsnbSNyCfDmGO1uYsztexbB55zhOq1Fp GJ0NuX/Ks/Zf4R3o7VKqA2EaKb1lsYuqLIVYXcLpCx0IaELpI8NL7pIsW62/wLDa0+z5AoZz oECaVPrLNhTyLAXOUeuYfIYpYti/XRHtFWBAmoCVO66yhMx2fXGybZ4NJWa9JkbqyYKI0t/x c0fZXYH7oipccoXxm8b14krDZ7s1fePxiDy1eE9IxmDr6Daqf0FrRsHWNuNQuO7qcVOHb6g3 kzGeFDjentxlq4kOswTpY1e6/NDNvZaH5GW83P7xpz7uSKjl0Py6gnSeWFWSXK46LpJgOfUf k9ANmiUDAAA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/GbzU63Ut1EmcVKuaQ-n1btatleU>
Subject: Re: [Secdispatch] EDHOC
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Jan 2019 06:17:38 -0000

SGkgS2F0aGxlZW4sDQoNCkdvb2QgcXVlc3Rpb24uIFRoYW5rcyBmb3IgYnJpbmdpbmcgY29udGlu
dWl0eSB0byB0aGlzIGFsbW9zdCAyIHllYXJzIGxvbmcgb2ZmbGluZSBkaXNjdXNzaW9uLiBJbmRl
ZWQsIGxhY2sgb2YgY29tcGFyaXNvbiB3aXRoIG90aGVyIHByb3RvY29scyBhbmQgZm9ybWFsIHZl
cmlmaWNhdGlvbiB3ZXJlIGF0IHRoZSB0aW1lIHRoZSBhcmd1bWVudHMgZm9yIG5vdCBmb2xsb3dp
bmcgdXAgdGhlIGluLXJvb20gY29uc2Vuc3VzIHdpdGggYW4gZW1haWwgY29uZmlybWF0aW9uLiBB
bmQsIGFzIHlvdSBub3RlZCwgdGhhdCBpcyBub3QgdGhlIGNhc2UgYW55bW9yZS4NCg0KTWVhbndo
aWxlIHRoZSBBQ0UgY2hhaXJzIGFuZCBBRCBoYXZlIGNoYW5nZWQuIE15IHVuZGVyc3RhbmRpbmcg
aXMgdGhhdCB0aGUgYXJndW1lbnQgbm93IGlzIGFib3V0IGF0dHJhY3RpbmcgbW9yZSBwZW9wbGUg
d2l0aCBhIGNlcnRhaW4gc2VjdXJpdHkgY29tcGV0ZW5jZSBmb3Igd2hpY2ggcGVyaGFwcyBhbm90
aGVyIFdHIGNvdWxkIHBvdGVudGlhbGx5IGJlIGJldHRlciwgaGVuY2UgdGhlIHJlcXVlc3QgdG8g
U2VjZGlzcGF0Y2guIEJ1dCBJJ2xsIHBhc3MgdGhlIHF1ZXN0aW9uIG9uIGFuZCBpbmNsdWRlIHRo
ZSBBQ0UgV0cgZm9yIHRyYW5zcGFyZW5jeS4NCg0KRnJvbSB0aGUgYXV0aG9ycycgaHVtYmxlIHBv
aW50IG9mIHZpZXcgd2UgYmVsaWV2ZSB0aGF0IHRoZSBtYWluIG1pc3NpbmcgdGhpbmcgdGhhdCB3
b3VsZCBlbmFibGUgdGhlIHJlcXVpcmVkIGZ1cnRoZXIgZGlzY3Vzc2lvbiBpcyB0aGF0IHRoZSBJ
RVRGIGVuZG9yc2VzIHRoaXMgd29yaywgbm8gbWF0dGVyIGhvdywgc28gdGhhdCBwZW9wbGUgZGFy
ZSBpbnZlc3QgbW9yZSB0aW1lIGluIGltcGxlbWVudGF0aW9uIGFuZCBhbmFseXNpcy4gDQoNCkJl
c3QgcmVnYXJkcywNCkfDtnJhbg0KDQoNCu+7v09uIDIwMTktMDEtMDMsIDAwOjU4LCAiS2F0aGxl
ZW4gTW9yaWFydHkiIDxrYXRobGVlbi5tb3JpYXJ0eS5pZXRmQGdtYWlsLmNvbT4gd3JvdGU6DQoN
CiAgICBIaSwNCiAgICANCiAgICBJ4oCZdmUgcmVhZCBlYXJsaWVyIHZlcnNpb25zIG9mIHRoaXMg
ZHJhZnQgYW5kIGFwcHJlY2lhdGUgYWxsIHRoZSB3b3JrIHlvdSBoYXZlIGRvbmUgd2l0aCB0aGUg
c2VjdXJpdHkgcHJvb2YgYW5kIGNvbXBhcmluZyB0byBleGlzdGluZyBzdGFuZGFyZGl6ZWQgcHJv
dG9jb2xzLiAgSWYgQUNFIGlzIGludGVyZXN0ZWQsIHdoeSBpcyB0aGlzIGdvaW5nIHRvIFNFQ0Rp
c3BhdGNoPyBJdCBtaWdodCBoZWxwIHRvIHVuZGVyc3RhbmQgdGhhdCBiZXR0ZXIuICBJcyBpdCB0
aGF0IGEgcmVjaGFydGVyIHdvdWxkIGJlIG5lZWRlZD8NCiAgICANCiAgICBUaGFuayB5b3UgJiBo
YXBweSBuZXcgeWVhciENCiAgICBLYXRobGVlbiANCiAgICANCiAgICBTZW50IGZyb20gbXkgbW9i
aWxlIGRldmljZQ0KICAgIA0KICAgID4gT24gSmFuIDIsIDIwMTksIGF0IDU6NTYgUE0sIEfDtnJh
biBTZWxhbmRlciA8Z29yYW4uc2VsYW5kZXJAZXJpY3Nzb24uY29tPiB3cm90ZToNCiAgICA+IA0K
ICAgID4gRGVhciBTZWNkaXNwYXRjaCwNCiAgICA+IA0KICAgID4gV2UgaGF2ZSBiZWVuIGFkdmlz
ZWQgdG8gYXNrIHNlY2Rpc3BhdGNoIHRvIGNvbnNpZGVyIEVESE9DOiBodHRwczovL3Rvb2xzLmll
dGYub3JnL2h0bWwvZHJhZnQtc2VsYW5kZXItYWNlLWNvc2UtZWNkaGUNCiAgICA+IA0KICAgID4g
VGhvc2UgdGhhdCBmb2xsb3cgdGhlIEFDRSBXRyBzaG91bGQgYmUgZmFtaWxpYXIgd2l0aCB0aGlz
IGRyYWZ0LiBUaGUgcHJvYmxlbSBzdGF0ZW1lbnQgYW5kIG1vdGl2YXRpb24gZm9yIEVESE9DIGlz
IGRlc2NyaWJlZCBpbiBzZWN0aW9uIDEuIEluIGJyaWVmLCB0aGUgdGFyZ2V0IGlzIGEgbGlnaHR3
ZWlnaHQga2V5IGV4Y2hhbmdlIHByb3RvY29sIHN1aXRhYmxlIGZvciBJb1QgYXBwbGljYXRpb25z
LCB3aGljaDoNCiAgICA+IGEpIGhhcyBzbWFsbCBtZXNzYWdlIHNpemUgYW5kIHJldXNlcyBleGlz
dGluZyBJb1QgcHJpbWl0aXZlcyB0byBlbmFibGUgbG93IG92ZXJoZWFkIGFuZCBzbWFsbCBjb2Rl
IGZvb3RwcmludDsgDQogICAgPiBiKSBpcyBub3QgYm91bmQgdG8gYSBwYXJ0aWN1bGFyIHRyYW5z
cG9ydCwgdG8gZW5hYmxlIGVuZC10by1lbmQgc2VjdXJpdHkgaW4gSW9UIGRlcGxveW1lbnRzIHdp
dGggdmFyeWluZyB1bmRlcmx5aW5nIGxheWVyczsgYW5kDQogICAgPiBjKSBjYW4gYmUgdXNlZCB0
byBrZXkgT1NDT1JFIChkcmFmdC1pZXRmLWNvcmUtb2JqZWN0LXNlY3VyaXR5KSB0aGF0IGlzIGxh
Y2tpbmcgYSBoYXJtb25pemluZyBrZXkgZXhjaGFuZ2UgcHJvdG9jb2wuDQogICAgPiANCiAgICA+
IFRoZXNlIHJlcXVpcmVtZW50cyBhcmUgbW90aXZhdGVkIGJ5IGNvbnN0cmFpbmVkIElvVCBkZXZp
Y2UgZGVwbG95bWVudHMsIGJ1dCB0aGUgcHJvdG9jb2wgaXMgYXBwbGljYWJsZSB0byBvdGhlciBl
bmQtdG8tZW5kIHNlY3VyaXR5IHNldHRpbmdzIHdoZXJlIHRoZSBvdmVyaGVhZCBkdWUgdG8gc2Vj
dXJpdHkgbmVlZHMgdG8gYmUgbG93LiBFREhPQyBhZGRyZXNzZXMgdGhlc2UgcmVxdWlyZW1lbnRz
IGFuZCBidWlsZHMgb24gdGhlIFNJR01BIGNvbnN0cnVjdGlvbiBmb3IgRGlmZmllLUhlbGxtYW4g
a2V5IGV4Y2hhbmdlcy4gRURIT0MsIGxpa2UgT1NDT1JFLCBpcyBidWlsdCBvbiBDQk9SIChSRkMg
NzA0OSkgYW5kIENPU0UgKFJGQyA4MTUyKSBhbmQgdGhlIHByb3RvY29sIG1lc3NhZ2VzIG1heSBi
ZSB0cmFuc3BvcnRlZCB3aXRoIENvQVAgKFJGQyA3MjUyKS4gIA0KICAgID4gDQogICAgPiBUaGVy
ZSBoYXMgYmVlbiBhIG51bWJlciBvZiByZXZpZXdzIG9mIGRpZmZlcmVudCB2ZXJzaW9ucyBvZiB0
aGUgZHJhZnQ7IGJvdGggYnkgcGVvcGxlIHdobyB3YW50IHRvIGRlcGxveSBpdCBhbmQgYnkgcGVv
cGxlIGFuYWx5c2luZyB0aGUgc2VjdXJpdHkuIEEgZm9ybWFsIHZlcmlmaWNhdGlvbiB3YXMgcHJl
c2VudGVkIGF0IFNTUiAyMDE4LiBUaGVyZSBhcmUgYSBmZXcgaW1wbGVtZW50YXRpb25zIG9mIGRp
ZmZlcmVudCB2ZXJzaW9ucyBvZiB0aGUgZHJhZnQuIFRoZSBBQ0UgV0cgaGFzIGV4cHJlc3NlZCBp
bnRlcmVzdCBpbiB0aGlzIHdvcmsgaW4gc2V2ZXJhbCBmMmYgbWVldGluZ3MuDQogICAgPiANCiAg
ICA+IFBsZWFzZSBsZXQgdXMga25vdyBpZiBzb21lIGluZm9ybWF0aW9uIGlzIG1pc3NpbmcgZm9y
IHNlY2Rpc3BhdGNoIHRvIGNvbnNpZGVyIHRoaXMgZHJhZnQsIG9yIGhvdyB3ZSBjYW4gaGVscCBv
dXQgaW4gdGhlIHByb2Nlc3MuDQogICAgPiANCiAgICA+IEJlc3QgcmVnYXJkcw0KICAgID4gR8O2
cmFuLCBKb2huLCBGcmFuY2VzY2ENCiAgICA+IA0KICAgID4gDQogICAgPiBfX19fX19fX19fX19f
X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXw0KICAgID4gU2VjZGlzcGF0Y2ggbWFp
bGluZyBsaXN0DQogICAgPiBTZWNkaXNwYXRjaEBpZXRmLm9yZw0KICAgID4gaHR0cHM6Ly93d3cu
aWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9zZWNkaXNwYXRjaA0KICAgIA0KDQo=


From nobody Fri Jan 18 08:55:15 2019
Return-Path: <rlb@ipv.sx>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B9271311E0 for <secdispatch@ietfa.amsl.com>; Fri, 18 Jan 2019 08:55:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.041
X-Spam-Level: 
X-Spam-Status: No, score=-2.041 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.142, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dLhZNg-E1dtQ for <secdispatch@ietfa.amsl.com>; Fri, 18 Jan 2019 08:55:04 -0800 (PST)
Received: from mail-yw1-xc2d.google.com (mail-yw1-xc2d.google.com [IPv6:2607:f8b0:4864:20::c2d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 13B541311DE for <secdispatch@ietf.org>; Fri, 18 Jan 2019 08:55:04 -0800 (PST)
Received: by mail-yw1-xc2d.google.com with SMTP id g75so5500685ywb.1 for <secdispatch@ietf.org>; Fri, 18 Jan 2019 08:55:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=1vmLfsF22ttV/NLEhxehCDgN29VUeEoEeDZESyQB5GA=; b=DffNEqLkKLbxcrtjDML78Vh7uNOVE9CqRM1QdfJSf+cLpGauSf4xUb5H4ZKEa03hhW Qfco7ga6ymbrAJXe5L0svrT5c7Wv4CDXrvuZIbDkIrvCq4C+njTI9jktgtp+K5FhchLQ FaN0HGSbyS4N0tJd1zq3cn3Bqm3/9W1OAsabHnANOUl752iRp9eXjOr328X6b19MzMtN oxvkeYv+16j41P1T3Z9Dq8N1y7oy46R3BjRLtfuUG889ysQtNgaJQjYga9w7ihiYW3jr LBIPNh+S+A0wdaZP6IeQknXBxO2WAdmL8KgqHTuzk1RxxeoGF9ztBO+paYMe5Ct/WmLm 7yTw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=1vmLfsF22ttV/NLEhxehCDgN29VUeEoEeDZESyQB5GA=; b=A45CgtSkOcOZ6TLOv1F5mDd8UiaqC2sRmgX39rWWBP+V+4+PDKHxZb2mcwLpAZ6Dc7 tQ6xxwT5Vd2QXkHVChGEopLb4YqiFp/LsTuKxS6UZVbKprmvQ6BUE0PmC9vppzb+D5Ug MkeNKG160tzi70RAFzbIcO1k6YlEbxGS/kNcX5tqtlZeNQADJ/mkdf+p+DAEGXk6QfDc vPU+900DsoSkBV9RdYfw30SKu0MHYbl36+y+8VZK/43tzsliAAUgOL4KLfwGeUpJYmLA Om3yUevAdYPZFfXqQ4R8L60fWxMuglt0bNivZX6HbHs3W8nJzcfU9xvWdDMEvFHCn7Pk ECOA==
X-Gm-Message-State: AJcUukcicfqBSvwz4ytljKA0Bz4b4zYXwyUvc9zw1dc6xUvXQrEw0Pp4 0D7uPQSqW6UEuZH20OWEUqM2Ug==
X-Google-Smtp-Source: ALg8bN7pQlzhF8BwF4FEpZIcthWXIONZKCIc5mnafr8mpSddbp0GMz2x7P3iVDTgYS9gmZsm2wuA4Q==
X-Received: by 2002:a81:ec0f:: with SMTP id j15mr18142104ywm.214.1547830503078;  Fri, 18 Jan 2019 08:55:03 -0800 (PST)
Received: from [10.24.79.55] ([128.107.241.168]) by smtp.gmail.com with ESMTPSA id j12sm1943462ywk.43.2019.01.18.08.55.01 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 18 Jan 2019 08:55:02 -0800 (PST)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
From: Richard Barnes <rlb@ipv.sx>
In-Reply-To: <F72354EF-2FB7-41C0-BCA1-6D4511A410B2@ericsson.com>
Date: Fri, 18 Jan 2019 11:54:58 -0500
Cc: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, "ace@ietf.org" <ace@ietf.org>, Francesca Palombini <francesca.palombini@ericsson.com>, John Mattsson <john.mattsson@ericsson.com>, "secdispatch@ietf.org" <secdispatch@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <47F03C99-68C1-4ADB-873D-F01987D66849@ipv.sx>
References: <D629D980-C059-474F-B259-2700F2EEAE41@ericsson.com> <79FD6563-8ADA-4D73-B8D5-C3D70604CD76@gmail.com> <F72354EF-2FB7-41C0-BCA1-6D4511A410B2@ericsson.com>
To: =?utf-8?Q?G=C3=B6ran_Selander?= <goran.selander@ericsson.com>
X-Mailer: Apple Mail (2.3445.102.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/PXQu94E--fz2GkdbC99FBcgco3A>
Subject: Re: [Secdispatch] EDHOC
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Jan 2019 16:55:07 -0000

Let me provide some additional context.  When the chairs and ADs =
discussed this in BKK, it seemed pretty clear that EDHOC is not within =
the current charter of ACE =E2=80=94 after all, ACE is targeted at =
authentication and authorization, not key exchange.  Since ACE would =
need to recharter to accept this work in any case, and because EDHOC =
overlapped with the interests of other working groups, it seemed to make =
sense to have the conversation in a broader venue.

G=C3=B6ran: Your email starting this thread seems like an abbreviated =
summary of the past discussion of this draft.  Since this is a new =
audience, it would be helpful if you could start from the underlying =
requirements (=E2=80=9Cwe need an AKE with certain constraints=E2=80=9D) =
and lay out why new protocol work is needed, vs. profiling existing =
protocols (as has been done, e.g., in DICE).

If it would be helpful to keep this moving, we could certainly arrange a =
virtual interim on this topic.

=E2=80=94Richard


> On Jan 4, 2019, at 1:17 AM, G=C3=B6ran Selander =
<goran.selander@ericsson.com> wrote:
>=20
> Hi Kathleen,
>=20
> Good question. Thanks for bringing continuity to this almost 2 years =
long offline discussion. Indeed, lack of comparison with other protocols =
and formal verification were at the time the arguments for not following =
up the in-room consensus with an email confirmation. And, as you noted, =
that is not the case anymore.
>=20
> Meanwhile the ACE chairs and AD have changed. My understanding is that =
the argument now is about attracting more people with a certain security =
competence for which perhaps another WG could potentially be better, =
hence the request to Secdispatch. But I'll pass the question on and =
include the ACE WG for transparency.
>=20
> =46rom the authors' humble point of view we believe that the main =
missing thing that would enable the required further discussion is that =
the IETF endorses this work, no matter how, so that people dare invest =
more time in implementation and analysis.=20
>=20
> Best regards,
> G=C3=B6ran
>=20
>=20
> =EF=BB=BFOn 2019-01-03, 00:58, "Kathleen Moriarty" =
<kathleen.moriarty.ietf@gmail.com> wrote:
>=20
>    Hi,
>=20
>    I=E2=80=99ve read earlier versions of this draft and appreciate all =
the work you have done with the security proof and comparing to existing =
standardized protocols.  If ACE is interested, why is this going to =
SECDispatch? It might help to understand that better.  Is it that a =
recharter would be needed?
>=20
>    Thank you & happy new year!
>    Kathleen=20
>=20
>    Sent from my mobile device
>=20
>> On Jan 2, 2019, at 5:56 PM, G=C3=B6ran Selander =
<goran.selander@ericsson.com> wrote:
>>=20
>> Dear Secdispatch,
>>=20
>> We have been advised to ask secdispatch to consider EDHOC: =
https://tools.ietf.org/html/draft-selander-ace-cose-ecdhe
>>=20
>> Those that follow the ACE WG should be familiar with this draft. The =
problem statement and motivation for EDHOC is described in section 1. In =
brief, the target is a lightweight key exchange protocol suitable for =
IoT applications, which:
>> a) has small message size and reuses existing IoT primitives to =
enable low overhead and small code footprint;=20
>> b) is not bound to a particular transport, to enable end-to-end =
security in IoT deployments with varying underlying layers; and
>> c) can be used to key OSCORE (draft-ietf-core-object-security) that =
is lacking a harmonizing key exchange protocol.
>>=20
>> These requirements are motivated by constrained IoT device =
deployments, but the protocol is applicable to other end-to-end security =
settings where the overhead due to security needs to be low. EDHOC =
addresses these requirements and builds on the SIGMA construction for =
Diffie-Hellman key exchanges. EDHOC, like OSCORE, is built on CBOR (RFC =
7049) and COSE (RFC 8152) and the protocol messages may be transported =
with CoAP (RFC 7252). =20
>>=20
>> There has been a number of reviews of different versions of the =
draft; both by people who want to deploy it and by people analysing the =
security. A formal verification was presented at SSR 2018. There are a =
few implementations of different versions of the draft. The ACE WG has =
expressed interest in this work in several f2f meetings.
>>=20
>> Please let us know if some information is missing for secdispatch to =
consider this draft, or how we can help out in the process.
>>=20
>> Best regards
>> G=C3=B6ran, John, Francesca
>>=20
>>=20
>> _______________________________________________
>> Secdispatch mailing list
>> Secdispatch@ietf.org
>> https://www.ietf.org/mailman/listinfo/secdispatch
>=20
>=20


From nobody Fri Jan 18 09:06:47 2019
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E4321130E92; Fri, 18 Jan 2019 09:06:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level: 
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Byu5JjOEYNhK; Fri, 18 Jan 2019 09:06:42 -0800 (PST)
Received: from mail-qt1-x82d.google.com (mail-qt1-x82d.google.com [IPv6:2607:f8b0:4864:20::82d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3DD8C130E8E; Fri, 18 Jan 2019 09:06:42 -0800 (PST)
Received: by mail-qt1-x82d.google.com with SMTP id t13so15971964qtn.3; Fri, 18 Jan 2019 09:06:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;  h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=DAdbCXSg6FLCtBM3e8kts9UTb1TNt03mfPSjDoKbY3w=; b=Y0POdS0+YFyEE6fH+xoEFD2p/Z+C5MRwRe0oHks7MHDqQyCttFQp+q72JKYZlkEHKZ 8I64sPINN6CE88yt1c6tnTsydBZtLgi6J5GRAglVKYayvlJJbQ/aieVqY3SUbS9aAzJ0 OOFv/rjMSSJGYp0OxblRk3cI2REH/6zs0VgyTRrcdolvf7e4ORwVL7gmjX2ZspvsCCWK 25VJD+/UZw74tRMplygmlJko5w8OCcWuHjvtroKmkrS7jNHVj3Q3hQjjaPS9Z1bh6bak j3ysUqKSJoqNc5Q9GK/e/oQgB6CWWuykmXuH0t87d+BfgSnQqrAQ0E7yYSV7tzMCkyy+ lBUA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=DAdbCXSg6FLCtBM3e8kts9UTb1TNt03mfPSjDoKbY3w=; b=isqItkwVCgwunHksdbJxMVwetLmCQv1ecSannLK1gR60tZ/NG2fvBwZhQHaz6c8kUb l3GrPc2macAv3/xioX34+MTzGl7vssMti97cW5XPbSEjNCSPXH9XsDOSGa6BNQSuDM5W 5k2jFPt49LLllG8M3MJLNDQnqULqVMqcXOU2aYTlXAXkHIZaPbDa3oEQp/o3OEI85gmJ /hlti9nkPQLpkymKVw74l6S7i+xKOJScqtCQ5RItf+kQZsvWx6fJbYu+KuduxJoV2hxX 6nH9GvE140XP8aRqqYWR1c+qeonaFewbiXGwYGnHMVsNgT5NCgr9lEihW6x3DXcjj0ld vX8Q==
X-Gm-Message-State: AJcUukej3pG5fPNI7EwZTFA6+GsfDO6V48QG7I0RIP818GiO6buSkTpW eJqWNhpV2t7YqrX02kTzMPs=
X-Google-Smtp-Source: ALg8bN65SUHLBhIV3DbxTBP//t3bUufXkiKlUbqTruByIRpPq/71pGaX43qlbWAQDpcdzRYLuBh4QQ==
X-Received: by 2002:a0c:d40f:: with SMTP id t15mr16589997qvh.117.1547831201359;  Fri, 18 Jan 2019 09:06:41 -0800 (PST)
Received: from ?IPv6:2600:380:8d54:8c15:d4de:e39b:794d:169a? ([2600:380:8d54:8c15:d4de:e39b:794d:169a]) by smtp.gmail.com with ESMTPSA id f19sm60297596qtf.1.2019.01.18.09.06.40 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 18 Jan 2019 09:06:40 -0800 (PST)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (1.0)
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
X-Mailer: iPhone Mail (15E216)
In-Reply-To: <47F03C99-68C1-4ADB-873D-F01987D66849@ipv.sx>
Date: Fri, 18 Jan 2019 12:06:40 -0500
Cc: =?utf-8?Q?G=C3=B6ran_Selander?= <goran.selander@ericsson.com>, "ace@ietf.org" <ace@ietf.org>, Francesca Palombini <francesca.palombini@ericsson.com>, John Mattsson <john.mattsson@ericsson.com>, "secdispatch@ietf.org" <secdispatch@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <2E8F9AF0-4A06-49DA-B70D-7CBEF0BFA3AF@gmail.com>
References: <D629D980-C059-474F-B259-2700F2EEAE41@ericsson.com> <79FD6563-8ADA-4D73-B8D5-C3D70604CD76@gmail.com> <F72354EF-2FB7-41C0-BCA1-6D4511A410B2@ericsson.com> <47F03C99-68C1-4ADB-873D-F01987D66849@ipv.sx>
To: Richard Barnes <rlb@ipv.sx>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/SccXcAM_UUumGHX4yERCKjxY2kY>
Subject: Re: [Secdispatch] EDHOC
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Jan 2019 17:06:46 -0000

Can that be a public thread?  It really should be.

Sent from my mobile device

> On Jan 18, 2019, at 11:54 AM, Richard Barnes <rlb@ipv.sx> wrote:
>=20
> Let me provide some additional context.  When the chairs and ADs discussed=
 this in BKK, it seemed pretty clear that EDHOC is not within the current ch=
arter of ACE =E2=80=94 after all, ACE is targeted at authentication and auth=
orization, not key exchange.  Since ACE would need to recharter to accept th=
is work in any case, and because EDHOC overlapped with the interests of othe=
r working groups, it seemed to make sense to have the conversation in a broa=
der venue.
>=20
> G=C3=B6ran: Your email starting this thread seems like an abbreviated summ=
ary of the past discussion of this draft.  Since this is a new audience, it w=
ould be helpful if you could start from the underlying requirements (=E2=80=9C=
we need an AKE with certain constraints=E2=80=9D) and lay out why new protoc=
ol work is needed, vs. profiling existing protocols (as has been done, e.g.,=
 in DICE).
>=20
> If it would be helpful to keep this moving, we could certainly arrange a v=
irtual interim on this topic.
>=20
> =E2=80=94Richard
>=20
>=20
>> On Jan 4, 2019, at 1:17 AM, G=C3=B6ran Selander <goran.selander@ericsson.=
com> wrote:
>>=20
>> Hi Kathleen,
>>=20
>> Good question. Thanks for bringing continuity to this almost 2 years long=
 offline discussion. Indeed, lack of comparison with other protocols and for=
mal verification were at the time the arguments for not following up the in-=
room consensus with an email confirmation. And, as you noted, that is not th=
e case anymore.
>>=20
>> Meanwhile the ACE chairs and AD have changed. My understanding is that th=
e argument now is about attracting more people with a certain security compe=
tence for which perhaps another WG could potentially be better, hence the re=
quest to Secdispatch. But I'll pass the question on and include the ACE WG f=
or transparency.
>>=20
>> =46rom the authors' humble point of view we believe that the main missing=
 thing that would enable the required further discussion is that the IETF en=
dorses this work, no matter how, so that people dare invest more time in imp=
lementation and analysis.=20
>>=20
>> Best regards,
>> G=C3=B6ran
>>=20
>>=20
>> =EF=BB=BFOn 2019-01-03, 00:58, "Kathleen Moriarty" <kathleen.moriarty.iet=
f@gmail.com> wrote:
>>=20
>>   Hi,
>>=20
>>   I=E2=80=99ve read earlier versions of this draft and appreciate all the=
 work you have done with the security proof and comparing to existing standa=
rdized protocols.  If ACE is interested, why is this going to SECDispatch? I=
t might help to understand that better.  Is it that a recharter would be nee=
ded?
>>=20
>>   Thank you & happy new year!
>>   Kathleen=20
>>=20
>>   Sent from my mobile device
>>=20
>>> On Jan 2, 2019, at 5:56 PM, G=C3=B6ran Selander <goran.selander@ericsson=
.com> wrote:
>>>=20
>>> Dear Secdispatch,
>>>=20
>>> We have been advised to ask secdispatch to consider EDHOC: https://tools=
.ietf.org/html/draft-selander-ace-cose-ecdhe
>>>=20
>>> Those that follow the ACE WG should be familiar with this draft. The pro=
blem statement and motivation for EDHOC is described in section 1. In brief,=
 the target is a lightweight key exchange protocol suitable for IoT applicat=
ions, which:
>>> a) has small message size and reuses existing IoT primitives to enable l=
ow overhead and small code footprint;=20
>>> b) is not bound to a particular transport, to enable end-to-end security=
 in IoT deployments with varying underlying layers; and
>>> c) can be used to key OSCORE (draft-ietf-core-object-security) that is l=
acking a harmonizing key exchange protocol.
>>>=20
>>> These requirements are motivated by constrained IoT device deployments, b=
ut the protocol is applicable to other end-to-end security settings where th=
e overhead due to security needs to be low. EDHOC addresses these requiremen=
ts and builds on the SIGMA construction for Diffie-Hellman key exchanges. ED=
HOC, like OSCORE, is built on CBOR (RFC 7049) and COSE (RFC 8152) and the pr=
otocol messages may be transported with CoAP (RFC 7252). =20
>>>=20
>>> There has been a number of reviews of different versions of the draft; b=
oth by people who want to deploy it and by people analysing the security. A f=
ormal verification was presented at SSR 2018. There are a few implementation=
s of different versions of the draft. The ACE WG has expressed interest in t=
his work in several f2f meetings.
>>>=20
>>> Please let us know if some information is missing for secdispatch to con=
sider this draft, or how we can help out in the process.
>>>=20
>>> Best regards
>>> G=C3=B6ran, John, Francesca
>>>=20
>>>=20
>>> _______________________________________________
>>> Secdispatch mailing list
>>> Secdispatch@ietf.org
>>> https://www.ietf.org/mailman/listinfo/secdispatch
>>=20
>>=20
>=20


From nobody Fri Jan 18 09:12:21 2019
Return-Path: <rlb@ipv.sx>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5CDC3130EB8 for <secdispatch@ietfa.amsl.com>; Fri, 18 Jan 2019 09:12:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.04
X-Spam-Level: 
X-Spam-Status: No, score=-2.04 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.142, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6L2XO99jSMGj for <secdispatch@ietfa.amsl.com>; Fri, 18 Jan 2019 09:12:16 -0800 (PST)
Received: from mail-ot1-x32a.google.com (mail-ot1-x32a.google.com [IPv6:2607:f8b0:4864:20::32a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1B122130EAC for <secdispatch@ietf.org>; Fri, 18 Jan 2019 09:12:16 -0800 (PST)
Received: by mail-ot1-x32a.google.com with SMTP id 32so14966515ota.12 for <secdispatch@ietf.org>; Fri, 18 Jan 2019 09:12:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=3KEjCeMlWqTghvBIHUPsmyNJb5RGWuzSxfKVKvnpHvA=; b=NK7CbcavoJ0okf7LhDyxR8+MbF79XCqF1Ui5F8e1keuGkt0jm364SvyYMwXrZgtWFB 0H0X5lrwEQ/WjoyE7kyjUaTYsn4DyJ2AQtPArhw6xFaasMGqS2mD8hFpu91Xlt9pqpqN /JECKL/Xd9xBES/Y6pZEWhtPxN76hqewmfemC8F8biafxqqG9WsE/awv12LcN5XVX9QD EtYXht35U7F5u2iHzXm/DNWoPv8pD20rniNNzel5s20hdrFb0ZtkbcFc1UNa2zmncz4X /+z/y6EzcN0fY10hJwCDw8uXAEw3IN9kTYrvceYBdi5H3cYL+zI8wCi+tdxkv6iqq9bN k2hg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=3KEjCeMlWqTghvBIHUPsmyNJb5RGWuzSxfKVKvnpHvA=; b=YB8l2gDnT+U9QkxoU2vlqjOWXeTOJh1bYHFsMM742ku9/fk6/DkRpIc+HEImqUCjwa 1HwaJydGk3Up5TgJVdpQDA8xQhQz7EZLKO8HQmz/5YYEPv2pN/1H2rjK64wqM+RRz6ul wCmicj9OTr8zor8/BZKlhlyFnpW7b06mcVF/oW19LzeYh5yPGFnvT5eIUc1giJ0AxRjT jdH+K3QayikJT6bYOdNuKmEHO3uwNuAEF7HrLV0mUmBarV7spkFaEyF76bBOK2HEmeE6 CHVs9y3BO31cgPL3gw6dlB7M7xOTPt7phqsq42NjReivyG7Iasx0xUIh+Tw2BIKlZYmm 2BNA==
X-Gm-Message-State: AJcUukeJTlswCmYHExAVpWTJOlCHyU4Yi8hSgMigzxFIWgzvKtxS3bk9 pY62jaaJ5VH5lc2PFd1cqLRUhrBzHeIxMkjNKE49AQ==
X-Google-Smtp-Source: ALg8bN6hzasix7ezN6+qk++9Sln7HfPaB0v7f291FGIt0a3sd9lXIjDh8BbKmALErBPrwO4IoUtxxyXhewaSgClho8w=
X-Received: by 2002:a9d:1b0b:: with SMTP id l11mr12992077otl.162.1547831535257;  Fri, 18 Jan 2019 09:12:15 -0800 (PST)
MIME-Version: 1.0
References: <D629D980-C059-474F-B259-2700F2EEAE41@ericsson.com> <79FD6563-8ADA-4D73-B8D5-C3D70604CD76@gmail.com> <F72354EF-2FB7-41C0-BCA1-6D4511A410B2@ericsson.com> <47F03C99-68C1-4ADB-873D-F01987D66849@ipv.sx> <2E8F9AF0-4A06-49DA-B70D-7CBEF0BFA3AF@gmail.com>
In-Reply-To: <2E8F9AF0-4A06-49DA-B70D-7CBEF0BFA3AF@gmail.com>
From: Richard Barnes <rlb@ipv.sx>
Date: Fri, 18 Jan 2019 12:12:03 -0500
Message-ID: <CAL02cgQvLA3P5pWzFBcK6j97gpcDOO7RRq6cm8OZjoj5soq0qQ@mail.gmail.com>
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Cc: =?UTF-8?Q?G=C3=B6ran_Selander?= <goran.selander@ericsson.com>,  "ace@ietf.org" <ace@ietf.org>, Francesca Palombini <francesca.palombini@ericsson.com>,  John Mattsson <john.mattsson@ericsson.com>, "secdispatch@ietf.org" <secdispatch@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000d4da09057fbe9cf3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/xzgM-7MlbkiLh0gdDeP-Y9-lNqc>
Subject: Re: [Secdispatch] EDHOC
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Jan 2019 17:12:19 -0000

--000000000000d4da09057fbe9cf3
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Not sure what you mean, Kathleen.  This is a public mailing list :)

On Fri, Jan 18, 2019 at 12:06 PM Kathleen Moriarty <
kathleen.moriarty.ietf@gmail.com> wrote:

> Can that be a public thread?  It really should be.
>
> Sent from my mobile device
>
> > On Jan 18, 2019, at 11:54 AM, Richard Barnes <rlb@ipv.sx> wrote:
> >
> > Let me provide some additional context.  When the chairs and ADs
> discussed this in BKK, it seemed pretty clear that EDHOC is not within th=
e
> current charter of ACE =E2=80=94 after all, ACE is targeted at authentica=
tion and
> authorization, not key exchange.  Since ACE would need to recharter to
> accept this work in any case, and because EDHOC overlapped with the
> interests of other working groups, it seemed to make sense to have the
> conversation in a broader venue.
> >
> > G=C3=B6ran: Your email starting this thread seems like an abbreviated s=
ummary
> of the past discussion of this draft.  Since this is a new audience, it
> would be helpful if you could start from the underlying requirements (=E2=
=80=9Cwe
> need an AKE with certain constraints=E2=80=9D) and lay out why new protoc=
ol work is
> needed, vs. profiling existing protocols (as has been done, e.g., in DICE=
).
> >
> > If it would be helpful to keep this moving, we could certainly arrange =
a
> virtual interim on this topic.
> >
> > =E2=80=94Richard
> >
> >
> >> On Jan 4, 2019, at 1:17 AM, G=C3=B6ran Selander <goran.selander@ericss=
on.com>
> wrote:
> >>
> >> Hi Kathleen,
> >>
> >> Good question. Thanks for bringing continuity to this almost 2 years
> long offline discussion. Indeed, lack of comparison with other protocols
> and formal verification were at the time the arguments for not following =
up
> the in-room consensus with an email confirmation. And, as you noted, that
> is not the case anymore.
> >>
> >> Meanwhile the ACE chairs and AD have changed. My understanding is that
> the argument now is about attracting more people with a certain security
> competence for which perhaps another WG could potentially be better, henc=
e
> the request to Secdispatch. But I'll pass the question on and include the
> ACE WG for transparency.
> >>
> >> From the authors' humble point of view we believe that the main missin=
g
> thing that would enable the required further discussion is that the IETF
> endorses this work, no matter how, so that people dare invest more time i=
n
> implementation and analysis.
> >>
> >> Best regards,
> >> G=C3=B6ran
> >>
> >>
> >> =EF=BB=BFOn 2019-01-03, 00:58, "Kathleen Moriarty" <
> kathleen.moriarty.ietf@gmail.com> wrote:
> >>
> >>   Hi,
> >>
> >>   I=E2=80=99ve read earlier versions of this draft and appreciate all =
the work
> you have done with the security proof and comparing to existing
> standardized protocols.  If ACE is interested, why is this going to
> SECDispatch? It might help to understand that better.  Is it that a
> recharter would be needed?
> >>
> >>   Thank you & happy new year!
> >>   Kathleen
> >>
> >>   Sent from my mobile device
> >>
> >>> On Jan 2, 2019, at 5:56 PM, G=C3=B6ran Selander <
> goran.selander@ericsson.com> wrote:
> >>>
> >>> Dear Secdispatch,
> >>>
> >>> We have been advised to ask secdispatch to consider EDHOC:
> https://tools.ietf.org/html/draft-selander-ace-cose-ecdhe
> >>>
> >>> Those that follow the ACE WG should be familiar with this draft. The
> problem statement and motivation for EDHOC is described in section 1. In
> brief, the target is a lightweight key exchange protocol suitable for IoT
> applications, which:
> >>> a) has small message size and reuses existing IoT primitives to enabl=
e
> low overhead and small code footprint;
> >>> b) is not bound to a particular transport, to enable end-to-end
> security in IoT deployments with varying underlying layers; and
> >>> c) can be used to key OSCORE (draft-ietf-core-object-security) that i=
s
> lacking a harmonizing key exchange protocol.
> >>>
> >>> These requirements are motivated by constrained IoT device
> deployments, but the protocol is applicable to other end-to-end security
> settings where the overhead due to security needs to be low. EDHOC
> addresses these requirements and builds on the SIGMA construction for
> Diffie-Hellman key exchanges. EDHOC, like OSCORE, is built on CBOR (RFC
> 7049) and COSE (RFC 8152) and the protocol messages may be transported wi=
th
> CoAP (RFC 7252).
> >>>
> >>> There has been a number of reviews of different versions of the draft=
;
> both by people who want to deploy it and by people analysing the security=
.
> A formal verification was presented at SSR 2018. There are a few
> implementations of different versions of the draft. The ACE WG has
> expressed interest in this work in several f2f meetings.
> >>>
> >>> Please let us know if some information is missing for secdispatch to
> consider this draft, or how we can help out in the process.
> >>>
> >>> Best regards
> >>> G=C3=B6ran, John, Francesca
> >>>
> >>>
> >>> _______________________________________________
> >>> Secdispatch mailing list
> >>> Secdispatch@ietf.org
> >>> https://www.ietf.org/mailman/listinfo/secdispatch
> >>
> >>
> >
>

--000000000000d4da09057fbe9cf3
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Not sure what you mean, Kathleen.=C2=A0 This is a public m=
ailing list :)<br></div><br><div class=3D"gmail_quote"><div dir=3D"ltr" cla=
ss=3D"gmail_attr">On Fri, Jan 18, 2019 at 12:06 PM Kathleen Moriarty &lt;<a=
 href=3D"mailto:kathleen.moriarty.ietf@gmail.com">kathleen.moriarty.ietf@gm=
ail.com</a>&gt; wrote:<br></div><blockquote class=3D"gmail_quote" style=3D"=
margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-lef=
t:1ex">Can that be a public thread?=C2=A0 It really should be.<br>
<br>
Sent from my mobile device<br>
<br>
&gt; On Jan 18, 2019, at 11:54 AM, Richard Barnes &lt;rlb@ipv.sx&gt; wrote:=
<br>
&gt; <br>
&gt; Let me provide some additional context.=C2=A0 When the chairs and ADs =
discussed this in BKK, it seemed pretty clear that EDHOC is not within the =
current charter of ACE =E2=80=94 after all, ACE is targeted at authenticati=
on and authorization, not key exchange.=C2=A0 Since ACE would need to recha=
rter to accept this work in any case, and because EDHOC overlapped with the=
 interests of other working groups, it seemed to make sense to have the con=
versation in a broader venue.<br>
&gt; <br>
&gt; G=C3=B6ran: Your email starting this thread seems like an abbreviated =
summary of the past discussion of this draft.=C2=A0 Since this is a new aud=
ience, it would be helpful if you could start from the underlying requireme=
nts (=E2=80=9Cwe need an AKE with certain constraints=E2=80=9D) and lay out=
 why new protocol work is needed, vs. profiling existing protocols (as has =
been done, e.g., in DICE).<br>
&gt; <br>
&gt; If it would be helpful to keep this moving, we could certainly arrange=
 a virtual interim on this topic.<br>
&gt; <br>
&gt; =E2=80=94Richard<br>
&gt; <br>
&gt; <br>
&gt;&gt; On Jan 4, 2019, at 1:17 AM, G=C3=B6ran Selander &lt;<a href=3D"mai=
lto:goran.selander@ericsson.com" target=3D"_blank">goran.selander@ericsson.=
com</a>&gt; wrote:<br>
&gt;&gt; <br>
&gt;&gt; Hi Kathleen,<br>
&gt;&gt; <br>
&gt;&gt; Good question. Thanks for bringing continuity to this almost 2 yea=
rs long offline discussion. Indeed, lack of comparison with other protocols=
 and formal verification were at the time the arguments for not following u=
p the in-room consensus with an email confirmation. And, as you noted, that=
 is not the case anymore.<br>
&gt;&gt; <br>
&gt;&gt; Meanwhile the ACE chairs and AD have changed. My understanding is =
that the argument now is about attracting more people with a certain securi=
ty competence for which perhaps another WG could potentially be better, hen=
ce the request to Secdispatch. But I&#39;ll pass the question on and includ=
e the ACE WG for transparency.<br>
&gt;&gt; <br>
&gt;&gt; From the authors&#39; humble point of view we believe that the mai=
n missing thing that would enable the required further discussion is that t=
he IETF endorses this work, no matter how, so that people dare invest more =
time in implementation and analysis. <br>
&gt;&gt; <br>
&gt;&gt; Best regards,<br>
&gt;&gt; G=C3=B6ran<br>
&gt;&gt; <br>
&gt;&gt; <br>
&gt;&gt; =EF=BB=BFOn 2019-01-03, 00:58, &quot;Kathleen Moriarty&quot; &lt;<=
a href=3D"mailto:kathleen.moriarty.ietf@gmail.com" target=3D"_blank">kathle=
en.moriarty.ietf@gmail.com</a>&gt; wrote:<br>
&gt;&gt; <br>
&gt;&gt;=C2=A0 =C2=A0Hi,<br>
&gt;&gt; <br>
&gt;&gt;=C2=A0 =C2=A0I=E2=80=99ve read earlier versions of this draft and a=
ppreciate all the work you have done with the security proof and comparing =
to existing standardized protocols.=C2=A0 If ACE is interested, why is this=
 going to SECDispatch? It might help to understand that better.=C2=A0 Is it=
 that a recharter would be needed?<br>
&gt;&gt; <br>
&gt;&gt;=C2=A0 =C2=A0Thank you &amp; happy new year!<br>
&gt;&gt;=C2=A0 =C2=A0Kathleen <br>
&gt;&gt; <br>
&gt;&gt;=C2=A0 =C2=A0Sent from my mobile device<br>
&gt;&gt; <br>
&gt;&gt;&gt; On Jan 2, 2019, at 5:56 PM, G=C3=B6ran Selander &lt;<a href=3D=
"mailto:goran.selander@ericsson.com" target=3D"_blank">goran.selander@erics=
son.com</a>&gt; wrote:<br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; Dear Secdispatch,<br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; We have been advised to ask secdispatch to consider EDHOC: <a =
href=3D"https://tools.ietf.org/html/draft-selander-ace-cose-ecdhe" rel=3D"n=
oreferrer" target=3D"_blank">https://tools.ietf.org/html/draft-selander-ace=
-cose-ecdhe</a><br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; Those that follow the ACE WG should be familiar with this draf=
t. The problem statement and motivation for EDHOC is described in section 1=
. In brief, the target is a lightweight key exchange protocol suitable for =
IoT applications, which:<br>
&gt;&gt;&gt; a) has small message size and reuses existing IoT primitives t=
o enable low overhead and small code footprint; <br>
&gt;&gt;&gt; b) is not bound to a particular transport, to enable end-to-en=
d security in IoT deployments with varying underlying layers; and<br>
&gt;&gt;&gt; c) can be used to key OSCORE (draft-ietf-core-object-security)=
 that is lacking a harmonizing key exchange protocol.<br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; These requirements are motivated by constrained IoT device dep=
loyments, but the protocol is applicable to other end-to-end security setti=
ngs where the overhead due to security needs to be low. EDHOC addresses the=
se requirements and builds on the SIGMA construction for Diffie-Hellman key=
 exchanges. EDHOC, like OSCORE, is built on CBOR (RFC 7049) and COSE (RFC 8=
152) and the protocol messages may be transported with CoAP (RFC 7252).=C2=
=A0 <br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; There has been a number of reviews of different versions of th=
e draft; both by people who want to deploy it and by people analysing the s=
ecurity. A formal verification was presented at SSR 2018. There are a few i=
mplementations of different versions of the draft. The ACE WG has expressed=
 interest in this work in several f2f meetings.<br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; Please let us know if some information is missing for secdispa=
tch to consider this draft, or how we can help out in the process.<br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; Best regards<br>
&gt;&gt;&gt; G=C3=B6ran, John, Francesca<br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; _______________________________________________<br>
&gt;&gt;&gt; Secdispatch mailing list<br>
&gt;&gt;&gt; <a href=3D"mailto:Secdispatch@ietf.org" target=3D"_blank">Secd=
ispatch@ietf.org</a><br>
&gt;&gt;&gt; <a href=3D"https://www.ietf.org/mailman/listinfo/secdispatch" =
rel=3D"noreferrer" target=3D"_blank">https://www.ietf.org/mailman/listinfo/=
secdispatch</a><br>
&gt;&gt; <br>
&gt;&gt; <br>
&gt; <br>
</blockquote></div>

--000000000000d4da09057fbe9cf3--


From nobody Fri Jan 18 09:15:11 2019
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7140F131209; Fri, 18 Jan 2019 09:15:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level: 
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id whtQwVMpn-Fn; Fri, 18 Jan 2019 09:15:05 -0800 (PST)
Received: from mail-qt1-x82a.google.com (mail-qt1-x82a.google.com [IPv6:2607:f8b0:4864:20::82a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 48040130EAC; Fri, 18 Jan 2019 09:15:05 -0800 (PST)
Received: by mail-qt1-x82a.google.com with SMTP id v11so16046067qtc.2; Fri, 18 Jan 2019 09:15:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;  h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=wixZX43TuwB6T/GbzLWwUGBqu3qmEYteW/wQfC/kOtU=; b=FnMtBTARVYBh7lHiYj7QNpOKLPk7grp6CP3uRTm9xW34x7tNIC83Mz2NOGtscT7+r4 LojNraGxu4cSAU9UI6zxO6fcjR4283vw7BhrhWg1qdBKuuoRFrWxQyIWA6gRgRjJ/8yd 7k+kkqSa2DqVnGBXONIUNnTssm6cvX23/4aQSzpjFg+vBpTQR82veEl8kWxBvCkLyoRf AP7XF8kv2JL26bsUdB4fh1C3kkCOpDuyc+Vb9B+/t/X5Ftc+oWBeSN24BYlNxSoDmsoj czY6c4NIGs1hh5IshgVaoBw2qlmB7sM9rZVdq3kCMwosYRipa8hhRBrC6mDCZMLGqwpo E9Hg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=wixZX43TuwB6T/GbzLWwUGBqu3qmEYteW/wQfC/kOtU=; b=Q/WZTQCzHOgxDclEnuQy7ftk7eJYh5DZs2wx5iB6DQRsCJi+sQkbw8lXAgrNCyhBsC zpGje6m7Fuz0YmZYKXX9pM8koYIiyOoHCRRqBCcqO2NITj0/MNJM8qEWMdQaWSOSpdGB pkmnXNey5jVQQ6CoDUWfyrR9q7oK9149O/yBl1WyTBsbpnamum2Kg8Iu0z1POJgTuZWz AqgKcYiCSUSazZpz5zfDzbSlO9yPF94IGFPeEwAD8qqNDMMUa/BRsbNuYdyrOwZE2mnG C7Lgrk+84jELt+vPwz6aq9mKLRqLivvDFB+o+Lt2wlZpi7GckTUWODnWNLBEI5V+sokR 52jQ==
X-Gm-Message-State: AJcUukfa/+UxAgizP16HDbVn9QOwag9XgSvDOnW+QY+wI6IpTKVzRGma 9I2WG+rrv4w/2wIVeaKtIeqb9Ssb
X-Google-Smtp-Source: ALg8bN73QtGwqYqNzP1RoU87Rb4vpqA6FhNkCc9TOKLlO3lg8QtdaZDOdGUqjFyNYPYEYo1d9cGEGw==
X-Received: by 2002:aed:2dc5:: with SMTP id i63mr17175873qtd.173.1547831704458;  Fri, 18 Jan 2019 09:15:04 -0800 (PST)
Received: from ?IPv6:2600:380:8d54:8c15:d4de:e39b:794d:169a? ([2600:380:8d54:8c15:d4de:e39b:794d:169a]) by smtp.gmail.com with ESMTPSA id c71sm22343796qke.84.2019.01.18.09.15.03 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 18 Jan 2019 09:15:03 -0800 (PST)
Content-Type: multipart/alternative; boundary=Apple-Mail-D39A2768-A2D3-4A56-B949-0455BEA817F3
Mime-Version: 1.0 (1.0)
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
X-Mailer: iPhone Mail (15E216)
In-Reply-To: <CAL02cgQvLA3P5pWzFBcK6j97gpcDOO7RRq6cm8OZjoj5soq0qQ@mail.gmail.com>
Date: Fri, 18 Jan 2019 12:15:02 -0500
Cc: =?utf-8?Q?G=C3=B6ran_Selander?= <goran.selander@ericsson.com>, "ace@ietf.org" <ace@ietf.org>, Francesca Palombini <francesca.palombini@ericsson.com>, John Mattsson <john.mattsson@ericsson.com>, "secdispatch@ietf.org" <secdispatch@ietf.org>
Content-Transfer-Encoding: 7bit
Message-Id: <1055DC04-EABF-4C68-907C-1321F94F5227@gmail.com>
References: <D629D980-C059-474F-B259-2700F2EEAE41@ericsson.com> <79FD6563-8ADA-4D73-B8D5-C3D70604CD76@gmail.com> <F72354EF-2FB7-41C0-BCA1-6D4511A410B2@ericsson.com> <47F03C99-68C1-4ADB-873D-F01987D66849@ipv.sx> <2E8F9AF0-4A06-49DA-B70D-7CBEF0BFA3AF@gmail.com> <CAL02cgQvLA3P5pWzFBcK6j97gpcDOO7RRq6cm8OZjoj5soq0qQ@mail.gmail.com>
To: Richard Barnes <rlb@ipv.sx>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/JOSFS53aWb2InnSgYMac1cLUAVc>
Subject: Re: [Secdispatch] EDHOC
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Jan 2019 17:15:09 -0000

--Apple-Mail-D39A2768-A2D3-4A56-B949-0455BEA817F3
Content-Type: text/plain;
	charset=utf-8
Content-Transfer-Encoding: quoted-printable

Sorry, I thought it was a continuation of a private thread that may also ben=
efit from transparency and additional input.

Thank you,
Kathleen=20

Sent from my mobile device

> On Jan 18, 2019, at 12:12 PM, Richard Barnes <rlb@ipv.sx> wrote:
>=20
> Not sure what you mean, Kathleen.  This is a public mailing list :)
>=20
>> On Fri, Jan 18, 2019 at 12:06 PM Kathleen Moriarty <kathleen.moriarty.iet=
f@gmail.com> wrote:
>> Can that be a public thread?  It really should be.
>>=20
>> Sent from my mobile device
>>=20
>> > On Jan 18, 2019, at 11:54 AM, Richard Barnes <rlb@ipv.sx> wrote:
>> >=20
>> > Let me provide some additional context.  When the chairs and ADs discus=
sed this in BKK, it seemed pretty clear that EDHOC is not within the current=
 charter of ACE =E2=80=94 after all, ACE is targeted at authentication and a=
uthorization, not key exchange.  Since ACE would need to recharter to accept=
 this work in any case, and because EDHOC overlapped with the interests of o=
ther working groups, it seemed to make sense to have the conversation in a b=
roader venue.
>> >=20
>> > G=C3=B6ran: Your email starting this thread seems like an abbreviated s=
ummary of the past discussion of this draft.  Since this is a new audience, i=
t would be helpful if you could start from the underlying requirements (=E2=80=
=9Cwe need an AKE with certain constraints=E2=80=9D) and lay out why new pro=
tocol work is needed, vs. profiling existing protocols (as has been done, e.=
g., in DICE).
>> >=20
>> > If it would be helpful to keep this moving, we could certainly arrange a=
 virtual interim on this topic.
>> >=20
>> > =E2=80=94Richard
>> >=20
>> >=20
>> >> On Jan 4, 2019, at 1:17 AM, G=C3=B6ran Selander <goran.selander@ericss=
on.com> wrote:
>> >>=20
>> >> Hi Kathleen,
>> >>=20
>> >> Good question. Thanks for bringing continuity to this almost 2 years l=
ong offline discussion. Indeed, lack of comparison with other protocols and f=
ormal verification were at the time the arguments for not following up the i=
n-room consensus with an email confirmation. And, as you noted, that is not t=
he case anymore.
>> >>=20
>> >> Meanwhile the ACE chairs and AD have changed. My understanding is that=
 the argument now is about attracting more people with a certain security co=
mpetence for which perhaps another WG could potentially be better, hence the=
 request to Secdispatch. But I'll pass the question on and include the ACE W=
G for transparency.
>> >>=20
>> >> =46rom the authors' humble point of view we believe that the main miss=
ing thing that would enable the required further discussion is that the IETF=
 endorses this work, no matter how, so that people dare invest more time in i=
mplementation and analysis.=20
>> >>=20
>> >> Best regards,
>> >> G=C3=B6ran
>> >>=20
>> >>=20
>> >> =EF=BB=BFOn 2019-01-03, 00:58, "Kathleen Moriarty" <kathleen.moriarty.=
ietf@gmail.com> wrote:
>> >>=20
>> >>   Hi,
>> >>=20
>> >>   I=E2=80=99ve read earlier versions of this draft and appreciate all t=
he work you have done with the security proof and comparing to existing stan=
dardized protocols.  If ACE is interested, why is this going to SECDispatch?=
 It might help to understand that better.  Is it that a recharter would be n=
eeded?
>> >>=20
>> >>   Thank you & happy new year!
>> >>   Kathleen=20
>> >>=20
>> >>   Sent from my mobile device
>> >>=20
>> >>> On Jan 2, 2019, at 5:56 PM, G=C3=B6ran Selander <goran.selander@erics=
son.com> wrote:
>> >>>=20
>> >>> Dear Secdispatch,
>> >>>=20
>> >>> We have been advised to ask secdispatch to consider EDHOC: https://to=
ols.ietf.org/html/draft-selander-ace-cose-ecdhe
>> >>>=20
>> >>> Those that follow the ACE WG should be familiar with this draft. The p=
roblem statement and motivation for EDHOC is described in section 1. In brie=
f, the target is a lightweight key exchange protocol suitable for IoT applic=
ations, which:
>> >>> a) has small message size and reuses existing IoT primitives to enabl=
e low overhead and small code footprint;=20
>> >>> b) is not bound to a particular transport, to enable end-to-end secur=
ity in IoT deployments with varying underlying layers; and
>> >>> c) can be used to key OSCORE (draft-ietf-core-object-security) that i=
s lacking a harmonizing key exchange protocol.
>> >>>=20
>> >>> These requirements are motivated by constrained IoT device deployment=
s, but the protocol is applicable to other end-to-end security settings wher=
e the overhead due to security needs to be low. EDHOC addresses these requir=
ements and builds on the SIGMA construction for Diffie-Hellman key exchanges=
. EDHOC, like OSCORE, is built on CBOR (RFC 7049) and COSE (RFC 8152) and th=
e protocol messages may be transported with CoAP (RFC 7252). =20
>> >>>=20
>> >>> There has been a number of reviews of different versions of the draft=
; both by people who want to deploy it and by people analysing the security.=
 A formal verification was presented at SSR 2018. There are a few implementa=
tions of different versions of the draft. The ACE WG has expressed interest i=
n this work in several f2f meetings.
>> >>>=20
>> >>> Please let us know if some information is missing for secdispatch to c=
onsider this draft, or how we can help out in the process.
>> >>>=20
>> >>> Best regards
>> >>> G=C3=B6ran, John, Francesca
>> >>>=20
>> >>>=20
>> >>> _______________________________________________
>> >>> Secdispatch mailing list
>> >>> Secdispatch@ietf.org
>> >>> https://www.ietf.org/mailman/listinfo/secdispatch
>> >>=20
>> >>=20
>> >=20

--Apple-Mail-D39A2768-A2D3-4A56-B949-0455BEA817F3
Content-Type: text/html;
	charset=utf-8
Content-Transfer-Encoding: quoted-printable

<html><head><meta http-equiv=3D"content-type" content=3D"text/html; charset=3D=
utf-8"></head><body dir=3D"auto">Sorry, I thought it was a continuation of a=
 private thread that may also benefit from transparency and additional input=
.<div><br></div><div>Thank you,</div><div>Kathleen&nbsp;<br><br><div id=3D"A=
ppleMailSignature">Sent from my mobile device</div><div><br>On Jan 18, 2019,=
 at 12:12 PM, Richard Barnes &lt;<a href=3D"mailto:rlb@ipv.sx">rlb@ipv.sx</a=
>&gt; wrote:<br><br></div><blockquote type=3D"cite"><div><div dir=3D"ltr">No=
t sure what you mean, Kathleen.&nbsp; This is a public mailing list :)<br></=
div><br><div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On =
Fri, Jan 18, 2019 at 12:06 PM Kathleen Moriarty &lt;<a href=3D"mailto:kathle=
en.moriarty.ietf@gmail.com">kathleen.moriarty.ietf@gmail.com</a>&gt; wrote:<=
br></div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex=
;border-left:1px solid rgb(204,204,204);padding-left:1ex">Can that be a publ=
ic thread?&nbsp; It really should be.<br>
<br>
Sent from my mobile device<br>
<br>
&gt; On Jan 18, 2019, at 11:54 AM, Richard Barnes &lt;<a href=3D"mailto:rlb@=
ipv.sx">rlb@ipv.sx</a>&gt; wrote:<br>
&gt; <br>
&gt; Let me provide some additional context.&nbsp; When the chairs and ADs d=
iscussed this in BKK, it seemed pretty clear that EDHOC is not within the cu=
rrent charter of ACE =E2=80=94 after all, ACE is targeted at authentication a=
nd authorization, not key exchange.&nbsp; Since ACE would need to recharter t=
o accept this work in any case, and because EDHOC overlapped with the intere=
sts of other working groups, it seemed to make sense to have the conversatio=
n in a broader venue.<br>
&gt; <br>
&gt; G=C3=B6ran: Your email starting this thread seems like an abbreviated s=
ummary of the past discussion of this draft.&nbsp; Since this is a new audie=
nce, it would be helpful if you could start from the underlying requirements=
 (=E2=80=9Cwe need an AKE with certain constraints=E2=80=9D) and lay out why=
 new protocol work is needed, vs. profiling existing protocols (as has been d=
one, e.g., in DICE).<br>
&gt; <br>
&gt; If it would be helpful to keep this moving, we could certainly arrange a=
 virtual interim on this topic.<br>
&gt; <br>
&gt; =E2=80=94Richard<br>
&gt; <br>
&gt; <br>
&gt;&gt; On Jan 4, 2019, at 1:17 AM, G=C3=B6ran Selander &lt;<a href=3D"mail=
to:goran.selander@ericsson.com" target=3D"_blank">goran.selander@ericsson.co=
m</a>&gt; wrote:<br>
&gt;&gt; <br>
&gt;&gt; Hi Kathleen,<br>
&gt;&gt; <br>
&gt;&gt; Good question. Thanks for bringing continuity to this almost 2 year=
s long offline discussion. Indeed, lack of comparison with other protocols a=
nd formal verification were at the time the arguments for not following up t=
he in-room consensus with an email confirmation. And, as you noted, that is n=
ot the case anymore.<br>
&gt;&gt; <br>
&gt;&gt; Meanwhile the ACE chairs and AD have changed. My understanding is t=
hat the argument now is about attracting more people with a certain security=
 competence for which perhaps another WG could potentially be better, hence t=
he request to Secdispatch. But I'll pass the question on and include the ACE=
 WG for transparency.<br>
&gt;&gt; <br>
&gt;&gt; =46rom the authors' humble point of view we believe that the main m=
issing thing that would enable the required further discussion is that the I=
ETF endorses this work, no matter how, so that people dare invest more time i=
n implementation and analysis. <br>
&gt;&gt; <br>
&gt;&gt; Best regards,<br>
&gt;&gt; G=C3=B6ran<br>
&gt;&gt; <br>
&gt;&gt; <br>
&gt;&gt; =EF=BB=BFOn 2019-01-03, 00:58, "Kathleen Moriarty" &lt;<a href=3D"m=
ailto:kathleen.moriarty.ietf@gmail.com" target=3D"_blank">kathleen.moriarty.=
ietf@gmail.com</a>&gt; wrote:<br>
&gt;&gt; <br>
&gt;&gt;&nbsp; &nbsp;Hi,<br>
&gt;&gt; <br>
&gt;&gt;&nbsp; &nbsp;I=E2=80=99ve read earlier versions of this draft and ap=
preciate all the work you have done with the security proof and comparing to=
 existing standardized protocols.&nbsp; If ACE is interested, why is this go=
ing to SECDispatch? It might help to understand that better.&nbsp; Is it tha=
t a recharter would be needed?<br>
&gt;&gt; <br>
&gt;&gt;&nbsp; &nbsp;Thank you &amp; happy new year!<br>
&gt;&gt;&nbsp; &nbsp;Kathleen <br>
&gt;&gt; <br>
&gt;&gt;&nbsp; &nbsp;Sent from my mobile device<br>
&gt;&gt; <br>
&gt;&gt;&gt; On Jan 2, 2019, at 5:56 PM, G=C3=B6ran Selander &lt;<a href=3D"=
mailto:goran.selander@ericsson.com" target=3D"_blank">goran.selander@ericsso=
n.com</a>&gt; wrote:<br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; Dear Secdispatch,<br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; We have been advised to ask secdispatch to consider EDHOC: <a h=
ref=3D"https://tools.ietf.org/html/draft-selander-ace-cose-ecdhe" rel=3D"nor=
eferrer" target=3D"_blank">https://tools.ietf.org/html/draft-selander-ace-co=
se-ecdhe</a><br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; Those that follow the ACE WG should be familiar with this draft=
. The problem statement and motivation for EDHOC is described in section 1. I=
n brief, the target is a lightweight key exchange protocol suitable for IoT a=
pplications, which:<br>
&gt;&gt;&gt; a) has small message size and reuses existing IoT primitives to=
 enable low overhead and small code footprint; <br>
&gt;&gt;&gt; b) is not bound to a particular transport, to enable end-to-end=
 security in IoT deployments with varying underlying layers; and<br>
&gt;&gt;&gt; c) can be used to key OSCORE (draft-ietf-core-object-security) t=
hat is lacking a harmonizing key exchange protocol.<br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; These requirements are motivated by constrained IoT device depl=
oyments, but the protocol is applicable to other end-to-end security setting=
s where the overhead due to security needs to be low. EDHOC addresses these r=
equirements and builds on the SIGMA construction for Diffie-Hellman key exch=
anges. EDHOC, like OSCORE, is built on CBOR (RFC 7049) and COSE (RFC 8152) a=
nd the protocol messages may be transported with CoAP (RFC 7252).&nbsp; <br>=

&gt;&gt;&gt; <br>
&gt;&gt;&gt; There has been a number of reviews of different versions of the=
 draft; both by people who want to deploy it and by people analysing the sec=
urity. A formal verification was presented at SSR 2018. There are a few impl=
ementations of different versions of the draft. The ACE WG has expressed int=
erest in this work in several f2f meetings.<br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; Please let us know if some information is missing for secdispat=
ch to consider this draft, or how we can help out in the process.<br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; Best regards<br>
&gt;&gt;&gt; G=C3=B6ran, John, Francesca<br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; _______________________________________________<br>
&gt;&gt;&gt; Secdispatch mailing list<br>
&gt;&gt;&gt; <a href=3D"mailto:Secdispatch@ietf.org" target=3D"_blank">Secdi=
spatch@ietf.org</a><br>
&gt;&gt;&gt; <a href=3D"https://www.ietf.org/mailman/listinfo/secdispatch" r=
el=3D"noreferrer" target=3D"_blank">https://www.ietf.org/mailman/listinfo/se=
cdispatch</a><br>
&gt;&gt; <br>
&gt;&gt; <br>
&gt; <br>
</blockquote></div>
</div></blockquote></div></body></html>=

--Apple-Mail-D39A2768-A2D3-4A56-B949-0455BEA817F3--


From nobody Fri Jan 18 09:27:36 2019
Return-Path: <kaduk@mit.edu>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A206A131250; Fri, 18 Jan 2019 09:27:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mit.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aKxvv009qbPP; Fri, 18 Jan 2019 09:27:23 -0800 (PST)
Received: from NAM04-BN3-obe.outbound.protection.outlook.com (mail-eopbgr680127.outbound.protection.outlook.com [40.107.68.127]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4DC171312A1; Fri, 18 Jan 2019 09:27:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=selector1;  h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YxZaBgy1cBfsEXP6EUvsIVLJOMxBvm1FjAKA/XmdGdg=; b=fTqpdQ5MVHbjQfy8cq/VswYzxq5JBIqF8rGSB2CRTi/72tQfedK+lBGrTUoipGSkbp1O4lYuH7CvyDlC80A94XVB5LLgk+UBbTBVag41ITNKRbYRS4vLjWh0rwE+ZYNItOU7/L6On3C4oubJFLIcdvxYcUb2uR/cacd88Kmp0Vw=
Received: from MWHPR01CA0045.prod.exchangelabs.com (2603:10b6:300:101::31) by BL0PR01MB4804.prod.exchangelabs.com (2603:10b6:208:7c::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1537.24; Fri, 18 Jan 2019 17:27:19 +0000
Received: from BY2NAM03FT053.eop-NAM03.prod.protection.outlook.com (2a01:111:f400:7e4a::209) by MWHPR01CA0045.outlook.office365.com (2603:10b6:300:101::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1537.26 via Frontend Transport; Fri, 18 Jan 2019 17:27:19 +0000
Authentication-Results: spf=pass (sender IP is 18.9.28.11) smtp.mailfrom=mit.edu; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=bestguesspass action=none header.from=mit.edu;
Received-SPF: Pass (protection.outlook.com: domain of mit.edu designates 18.9.28.11 as permitted sender) receiver=protection.outlook.com; client-ip=18.9.28.11; helo=outgoing.mit.edu;
Received: from outgoing.mit.edu (18.9.28.11) by BY2NAM03FT053.mail.protection.outlook.com (10.152.84.186) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1471.13 via Frontend Transport; Fri, 18 Jan 2019 17:27:18 +0000
Received: from kduck.mit.edu (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id x0IHREpB022782 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 18 Jan 2019 12:27:16 -0500
Date: Fri, 18 Jan 2019 11:27:14 -0600
From: Benjamin Kaduk <kaduk@mit.edu>
To: Richard Barnes <rlb@ipv.sx>
CC: =?iso-8859-1?Q?G=F6ran?= Selander <goran.selander@ericsson.com>, "secdispatch@ietf.org" <secdispatch@ietf.org>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, John Mattsson <john.mattsson@ericsson.com>, Francesca Palombini <francesca.palombini@ericsson.com>, "ace@ietf.org" <ace@ietf.org>
Message-ID: <20190118172714.GJ81907@kduck.mit.edu>
References: <D629D980-C059-474F-B259-2700F2EEAE41@ericsson.com> <79FD6563-8ADA-4D73-B8D5-C3D70604CD76@gmail.com> <F72354EF-2FB7-41C0-BCA1-6D4511A410B2@ericsson.com> <47F03C99-68C1-4ADB-873D-F01987D66849@ipv.sx>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <47F03C99-68C1-4ADB-873D-F01987D66849@ipv.sx>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:18.9.28.11; IPV:CAL; SCL:-1; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(346002)(39860400002)(136003)(376002)(396003)(2980300002)(189003)(199004)(104016004)(11346002)(2486003)(956004)(76176011)(229853002)(426003)(4326008)(1076003)(446003)(966005)(478600001)(476003)(66574012)(6916009)(36906005)(7696005)(54906003)(8936002)(23676004)(8676002)(316002)(5660300001)(305945005)(106002)(786003)(486006)(26826003)(58126008)(246002)(93886005)(126002)(14444005)(33656002)(356004)(75432002)(86362001)(106466001)(47776003)(186003)(26005)(6306002)(336012)(6246003)(39060400002)(50466002)(88552002)(2906002)(2870700001)(55016002)(53416004)(18370500001); DIR:OUT; SFP:1102; SCL:1; SRVR:BL0PR01MB4804; H:outgoing.mit.edu; FPR:; SPF:Pass; LANG:en; PTR:outgoing-auth-1.mit.edu; MX:1; A:1; 
X-Microsoft-Exchange-Diagnostics: 1; BY2NAM03FT053; 1:Mkce/fAipa6qrx50A9JxlGeRNBJzXUYEfouhOm9rDufftZ0T55VIVk9HrgZxqOBUDxnij3iipllIJK+uuE0U3nqTYU0QUZ+c4abAMmZcnf5yyr3RyMY6Bggk8e/CM1Ux
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: f6f14c4b-e062-47f6-f042-08d67d6a3298
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600109)(711020)(4608076)(4709027)(2017052603328)(7153060); SRVR:BL0PR01MB4804; 
X-Microsoft-Exchange-Diagnostics: 1; BL0PR01MB4804; 3:evWMfACv0v7TFlUpxZ9td0nDdkapJQrPksMhDMqSjdc4t804dqXKOda2Zls0qNxqJxjqctzA9n7P6jF5EpwliC+NKeixCsAuBWyCM9Z45jjf1pdMN4IPUN2Y3NR8GXlukh8KqYw5HMsOkwMGNqjloiXLONwjclq+lA1RGlel/cj1KmqiOxvMBODpn+33gZNDm1z08FwQD4jyyrYNY7mekRPKTSW4fDF9qMUzh76hYWBoT2BInk39u6hpard6jkBUByevQTm1mzfSLqD8beMIRXSh8z0sjW8d6y+Kme97inuUf3LywkH5KqSqy2tRQRxZlKeDNEDyxYrP8v/W2QldQv5ZvTywCj6ohUy9/DS9xhOAQVufdrToR8VK/UXFEjbP; 25:h7J4dUNk4GZrAQqsc6FQXPIJcFuDZ6mXZNYEesEnO19itPQRV9R0lO/8NbTUqFQWwC+UyzLPGqyhopNi4XAcpjROL0dDWNuWSY7SkKlsF8iUlFBJhW0P/tc2bPbzrbzUDEypWOYtGzb9PD2sApZ16iaRPZoi+mADbMuoEaeepDYuQiZ7JKYkXNM95civNZeWJHE8gt/hAY9qxXWcV4ailzkQobK2YzjYOJJyGkX0sF56vVJa/26k+ZQ2JZ75z0VxtQlWT/DKDtobZhtoXEQgp3GJD3ankXL+pnQEqINuy3cXyolh/w8f2DL1pKjNx2jqvT//rWqkFDLFmOr5igHYXA==
X-MS-TrafficTypeDiagnostic: BL0PR01MB4804:
X-Microsoft-Exchange-Diagnostics: 1; BL0PR01MB4804; 31:CgBSD1jBfsz22k4XnmPmEjdgZPJKuDBH2Eg87qZbb/OmPXDBnF2SfuLFaz5GkZAciYAkxTCqiAoCsi8mLT28H/5YUVzynRwboinNEIO7CZ1KkDW7vzeB6W86pxIClVh1k8mXBwRVn1rFwS/WhYyCbp5rWKEqNAEfAb8zdLvCFxkpuWuR8jtsu4XEX1UGvRSTbSVDDUHe8i/6c3mB/HjTVdUoCqwsT5cFDUefwaGZBxs=; 20:HqkpouJWpJI0fJB2fa2t53QIORl2oVg7NO0M4ALyQmn7rUO7l4+j/SZ0KoCrDeCnp5YVivoEp5wQacDN+vRTqEiIHB1j4wLR0l+OVS5tTH17HCA2kXbQZpZAc1/K99mNizU+giyU3PGxe0/Mg3xiuDq4PE0JLaGkwP2wKrS5oF1yNAk6R79gOGwNgd/nTz6G25LUg4UCuWJtDoWgnGc/vxFHc3UEpZ72HpjKOQwJ67/C/ZmuzxmsvYjwKmWVk3jF+5JVgxrrR4oUhC26jveoWnx6surszmQWtLeE9Qhdh3fYtpQHrS4HIWUMa8TEdTk7L34gkE8aE1nyCnX729vuE0u+fOcKEtYHb04AC3uGa1oEsA/MXV41z3Oh6TV/RjuD+2fmydn8fJ/MH/fwI62iTt+NVjhjzZHl8JMhDNOebY6NvSugwod4qgXoBnlzPCrf4HSu+Kn7wmf0h7YY93ARonECQLD3nEXxIsVWElo8bfYH8mh50kSzpst7kj1AeJtQaysrtP1XQDY5+oQ6aK1NIdV829blKkv0NRAC7AOLBH9Ok4KiaaajK0nmg1mf3PipSDf5+l89A0DfqwWaQn8TvQL93pUyQriuBnaqug9X6JI=
X-Microsoft-Antispam-PRVS: <BL0PR01MB48048177D47C06EAE8543D33A09C0@BL0PR01MB4804.prod.exchangelabs.com>
X-Microsoft-Exchange-Diagnostics: 1; BL0PR01MB4804; 4:+9U5ri9M1Upo1pTaNIpCjiSz5MbiuFPzLhd2gcfTV+SKJzGeRRtQqG33oAnnf2BySvpro3CTfMfaDU1WiuUGjgQZqaFeikQ4kkVwyFVcf431a0RJKom0cFicv4qr7pQHZlk3KU53rJUtsO4wFEjdEVqz6S1eFfg9BjsBZibxpMwWNa/rclVRVf5RnheDSdnTI1DRgmwjy0lRmk2gnyeQPEgs8X12+AtWwEzcqff96FF65NjQI4aX33iTUjKBxMFhsDRryTymoUPdG2WRtmQeaGHqJeqDnuRBltxP9GGJaeqhuBOZ8UOYQIeMw5uyjFq2
X-Forefront-PRVS: 0921D55E4F
X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtCTDBQUjAxTUI0ODA0OzIzOnVlb1dyYUNQL3dhcTB5c0NzSEt0ek5lbnJK?= =?utf-8?B?ekZneTBZK0tMT3hodHR0RFhtdUlYN2w2Y090T3VSQVpJdWxOMFhjVEVCMWVP?= =?utf-8?B?VHVlcUt5bWdBNjdOSUpqSjErMFFqSFV3SndNdlhoWm1RM1N2RVU3NWlvSGFW?= =?utf-8?B?U0ZYMUVrNzZaKzduZ1BwWnh1cjAxV3FjS1I0dEI1Q3VOb0hPOFpSUU9Sd3Rp?= =?utf-8?B?YnBvblNrdm5CT3g1T2pJcXBvWEV2dEZoWWxiYkVXaU9KSHI3emV1dUd5dTM5?= =?utf-8?B?QzNGd1NiNXdINVJpdGYrVzRlYTZhMDFNVGFNL0tBMWxSL2RiaVlERGY4a3dZ?= =?utf-8?B?S3NlWnI2VUZoZWhmM3c5dUpWMGN6WUN2T0xqQUZVRm1lSEhFZnM2WStydVp4?= =?utf-8?B?dXBHaHkvRnlzTnhLb2p5SXNKTzIwM2FrVCtZT3dvU2JaYzdNMFZXTWM2WDNm?= =?utf-8?B?SnRncEJDZ2JSaElsT0xhOTlOUFIrRmljTENna2YyS2pxbzBGZ1hPZmp3YWQr?= =?utf-8?B?LzF3RDI4SUlYT3E5NnBoT1JraUhiRDNjekVMamVkbVJSOFFORC8wUzJ3NW9n?= =?utf-8?B?M3pCUFZnNVI3M3NkRzRxdXQwZEJkNmg5N2JuOWMyY2RCYjM3SUJFNmRGOHh1?= =?utf-8?B?cFlzRkx6R2VKVUhkSUR4VU0yK2lTU25BNXAyTlNFV2NJMWlNa0VJQzNibGJN?= =?utf-8?B?RnBMcXlOZ2FpQ3BkTEh5azQ5a0V6V21HNWxLSkFaejNiVjNYTkFJVi9zOTNE?= =?utf-8?B?M2MxOXZmWnJ6QkhibHVXRGg1a3pHVkNUbXZScTdJb0l3bkVrZVZ3dVEzZlNU?= =?utf-8?B?U2wycURwc3BtTE0rUll5UldPRVM0TkY5clV6MDZWa0JISWdiUzJmTFpLa0tL?= =?utf-8?B?VWU2Nm5KMjJVS05CNy90Z2NLMHRSZkVVZWdwWm5wci9KamM1Wno4NnZXM3Ja?= =?utf-8?B?NHlWNnRsd1cySVY4VkJDRi9MOFJSUXFCaVpQMDZYV21WcFpRYm5uUUgvdytC?= =?utf-8?B?MGdNUFZLT1lKWTdEWmJJRSs3a0llZHMxK3E3SkNLMjNoWEIvK2ZGbjZHdUYv?= =?utf-8?B?d0VrWnYzak1NTE16cHZNbHd1K3lNRlNWK3FqQ3R1YndSVnRXd2ExUFg4eXJa?= =?utf-8?B?M1dJbE0xemdVK1YrMExyYUp4SkFaNHhPZ1haWFJpOGZha3cxaU1Hb1NsM0FV?= =?utf-8?B?ZHdmaUtKNWFwaHF6KzB5Z2Q5WGNONldlYUU1OVpvRWtqSEpWdXh1YzM2QVdG?= =?utf-8?B?WXNOcjQvMG9HT0Z3ekVJZzQyNlJqcU8vWDFmVStwRThPNFZsd2hVcHRHTzVn?= =?utf-8?B?blQvQ214d3VEcjJEd1Mzb3oxREIwYWVTVnVrVE9qTlY1by9HdTVVQWlRYnU5?= =?utf-8?B?aUk4SU55WStSRHAyMklNZUcxOGdvajlFRGVXaDZMOWFsejVxVWpDREVJU2E4?= =?utf-8?B?L1p6Z3JROStTTm5aUkMvU3RldzF4RExSYXBDeGZQNnpzZFA2cFlHc2MrVUd4?= =?utf-8?B?RjQ0dkdDcVllZksvUDV5VVFEZTJDQllnSUVMOThKRmxEWU9udkk0bjk2VGxy?= =?utf-8?B?aUs3ZWRlYUVkK1lOM1g4L1Y3NERBMU5EM0Y2amFybzgxdllJYTFNMlFOc1RY?= =?utf-8?B?VVBzSzlCTTlDalQ1VmNEdGhZa1NOOXVWcHpBVStPVUFMcnJxS3ZpZkhnWk1h?= =?utf-8?B?YWpEMkNHSUlNbWdDajU4YjNJelJodi9vazRFRVZvaFBheExXN0Z6dWV1d1RP?= =?utf-8?Q?quZ4r8r3+6cV6oQXq1qyqBc/x2WCJnHvbbVsA=3D?=
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: +xTwEDD5ZyorEVaUqVtPdJ0gMY7nlLLkHYKwGDc3HBAylW6J9aBn9gT6sEpc9Flkyjdi4I7oUyzSjDOZt31poORDaBQEZoCa2z27dTCFYN6yvNNlHGz0QaxDS0txxuyff0Zr3xUpIb3wwCOnLqX2LZteIBZIiklxtyDrGfU82dH/Y+dJkdQOO2gPPlYW7GUiMU5BCIVjqI+13l6fb5EnkxsvNJ8OLevpb6x9eeMGsRLYnghxrOLF1HBPbcL8peRRmPqAHeyxZ3ED05jJloFDQgz3T5npPqiw6aqtvwnvOz1OuIEgnGhsBHwM3V827Qg0BNpC+m0TkFX0mY60RhmGWt1dUeRtBB4Ek1Mun9kbuJWtQBZo3CbrsdP6N0jsrxsFyLS329iueFEDuX6wguH9nYScTQvH18B2COnCquGO7l4=
X-Microsoft-Exchange-Diagnostics: 1; BL0PR01MB4804; 6:3WyA6ntPUpg+hNUevK3KyZLNYin71JRmXMnIue6pczjxQg05f8sdsj5XvCPZA+8AUqXJJ7IIMhLPO6/fM1XFar1gkFG3EgLFEwFrB7smUr8uCmwWMDQGIJz3kV3NQwhhpapFZMySTZrLvHO90IdpB9/UJH99rH9QkN70x01Img1QlalYqR3TW09byRxl54GEN/iyRfRnHeQt5+QGZRqSnSTP7sZIchquyZofsCk1PZkYzZUoDqw9n/ZNrDVYKVkpffApY2kkn1IEeJTHxjyxqmR7ZDzmS7rBtwD5kyTqvUvTNo7iW3lTbi5BCXYKBxcobM7FvKF/ImgvcSL1S/IaykDlTQNUNprDDLFa3MuuUPyPIv74DaMAy0yBFiOBDA83co5zZmcIGRAOXSUoUU+Tk9gyRa0KgmOFCfdr7tXwmd8FRry8NsfMRpraIomY3Mnz2HdgCTFkikAqNddQen85kw==; 5:NP7XtjkpXfvBpP0PTHos6waB1V+E/xPt0kUmzYoReaB8w/gKielNTQH84OpF/uFwc1vEhGk3cuUSSOqmCxAoRJSmVk8UBByDr3tpwnnPlo4NL9Ujn40rcJpB9JWQfrMzaLCCX2a9NcC/rEEACvaRvB0g2btSc/chrzVmaHdruRgN6aZ7S+gLFdHuytSVSX2zeDG84siC3njvhTye2exYqA==; 7:/0P9tOajLArRzrjPo53rqu7WV8TjS5E6wKeXeXdljff1lx6g7teQ4gVrJhtP4YrZ6WenlNmNZhbuGMwPDlU+jb3FGr94iEnhjEQ9aKgCK8TZnKuLE2lhrKffqUlxl1Aj7Ee/NY1m7PsxpReO+0vcFA==
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-OriginatorOrg: mit.edu
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Jan 2019 17:27:18.4486 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: f6f14c4b-e062-47f6-f042-08d67d6a3298
X-MS-Exchange-CrossTenant-Id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=64afd9ba-0ecf-4acf-bc36-935f6235ba8b; Ip=[18.9.28.11];  Helo=[outgoing.mit.edu]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR01MB4804
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/RsEeDdJua72YjpiANQJCbEzRIXs>
Subject: Re: [Secdispatch] [Ace]  EDHOC
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Jan 2019 17:27:29 -0000

On Fri, Jan 18, 2019 at 11:54:58AM -0500, Richard Barnes wrote:
> Let me provide some additional context.  When the chairs and ADs discussed this in BKK, it seemed pretty clear that EDHOC is not within the current charter of ACE — after all, ACE is targeted at authentication and authorization, not key exchange.  Since ACE would need to recharter to accept this work in any case, and because EDHOC overlapped with the interests of other working groups, it seemed to make sense to have the conversation in a broader venue.

ACE's charter is ... messy.  More below.

> Göran: Your email starting this thread seems like an abbreviated summary of the past discussion of this draft.  Since this is a new audience, it would be helpful if you could start from the underlying requirements (“we need an AKE with certain constraints”) and lay out why new protocol work is needed, vs. profiling existing protocols (as has been done, e.g., in DICE).


There seem to be several interleaved issues at play, here, and I agree that
some clear/consolidated background would be helpful.  I particularly call
out the security proof that has been presented elsewhere, which I think
would be interesting to several readers (but I don't have the link handy).

Some thoughts of my own...

There is clear demand for a lightweight key-exchange protocol for use in
IoT protocols, especially OSCORE.  EDHOC has been around for a while, and
even discussed in ACE with some frequency.  That said, there are several
reasons to prefer asking secdispatch to just calling for adoption in ACE
directly, including but not limited to:

(a) designing secure authenticated key exchange protocols is hard!  It takes
a lot of energy from smart people to design and analyze a protocol to have
confidence that it is secure and fulfils the advertised functions.
Starting from well-known/well-analyzed foundations like SIGMA is a great
start, but hardly a guarantee of success.  Secdispatch gets us some better
visibility, and insight into where work can be done that will have
sufficient expertise (both within and outside the IETF, as well as what has
been done already vs. what remains to be done) to be confident in the
result.

(b) ACE has a pretty complicated charter, that seems to place restrictions
on how it can adopt new protocol work without rechartering.  We find things
in the charter like "existing authentication and authorization protocols
will be evaluated and used where applicable [...].  Some functionality,
however, may not be available in existing protocols, in which case the
solution may involve new protocol work."  This would seem to require a
clear criteria for how to determine whether or not existing technology is
applicable, plus evidence that existing protocols do not meet the bar.  In
particular, "make the key exchange messages as small as possible" is not a
clear criterion, as that would always argue for a new protocol over an
existing one, as we come up with new ways to eke out space.

(c) A clear and substantial difference between key exchange/handshake size
between EDHOC and even minimized DLTS could be compelling enough for
secdispatch to decide that the work is usable, and find an appropriate
home, independently of the question of rechartering ACE and meeting the
additional barrier described in the previous point.


Jim and several others have done some good work looking into tabulating
message overheads in various scenarios (e.g.,
https://www.diva-portal.org/smash/get/diva2:1156483/FULLTEXT01.pdf,
https://jimsch.github.io/randomDrafts/draft-schaad-ace-tls-cbor-handshake.html)
that will be helpful as we consider this topic.

In addition to just comparing the byte count for handshake/key exhchange
messages in various methods, it would probably also be good to think about
things in terms of the constraints in the current ACE charter.  That is,
someone could (1) pick a (class of) device(s), (2) show that it has wide
deployment/potential thereof, (3) give hard numbers about what it's (not)
capable of, and (4) show that DTLS falls on the wrong side of that cutoff,
using the handshake numbers we already have.  In particular, I don't
remember seeing anything touching on (3), previously.  An analysis like
this would not only give some context for interpreting the gap between
EDHOC and DLTS, but could also be compelling in support of the need for the
more lightweight solution.

> If it would be helpful to keep this moving, we could certainly arrange a virtual
> interim on this topic.

That seems likely to be useful, though I suppose we should wait to see more
indication that people would show up and have a productive discussion.

-Ben


From nobody Tue Jan 22 14:32:41 2019
Return-Path: <session-request@ietf.org>
X-Original-To: secdispatch@ietf.org
Delivered-To: secdispatch@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 23238131165; Tue, 22 Jan 2019 14:32:39 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: IETF Meeting Session Request Tool <session-request@ietf.org>
To: <session-request@ietf.org>
Cc: rdd@cert.org, secdispatch@ietf.org, kaduk@mit.edu, secdispatch-chairs@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.90.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <154819635909.13222.15956524914790184649.idtracker@ietfa.amsl.com>
Date: Tue, 22 Jan 2019 14:32:39 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/PD6owCCMbIX-n517YrPYHkciMj0>
Subject: [Secdispatch] secdispatch - New Meeting Session Request for IETF 104
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Jan 2019 22:32:39 -0000

A new meeting session request has just been submitted by Roman Danyliw, a Chair of the secdispatch working group.


---------------------------------------------------------
Working Group Name: Security Dispatch
Area Name: Security Area
Session Requester: Roman Danyliw

Number of Sessions: 1
Length of Session(s):  2 Hours
Number of Attendees: 100
Conflicts to Avoid: 
 First Priority: dispatch ace dots perc acme mls saag
 Second Priority: tls mile



People who must be present:
  Eric Rescorla
  Roman Danyliw
  Richard Barnes
  Benjamin Kaduk

Resources Requested:

Special Requests:
  Ideally this session wouldn&#39;t conflict with any security area meetings; and would be early in the week. Previous Monday or Tuesday slots worked well.
---------------------------------------------------------


From nobody Tue Jan 22 15:03:23 2019
Return-Path: <rdd@cert.org>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CFB74131191; Tue, 22 Jan 2019 15:03:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id peB3hkT44Pam; Tue, 22 Jan 2019 15:03:20 -0800 (PST)
Received: from taper.sei.cmu.edu (taper.sei.cmu.edu [147.72.252.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1295713118E; Tue, 22 Jan 2019 15:03:19 -0800 (PST)
Received: from delp.sei.cmu.edu (delp.sei.cmu.edu [10.64.21.31]) by taper.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id x0MN3FIL030046; Tue, 22 Jan 2019 18:03:15 -0500
DKIM-Filter: OpenDKIM Filter v2.11.0 taper.sei.cmu.edu x0MN3FIL030046
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=yc2bmwvrj62m; t=1548198195; bh=9yHA5+DplmD+8cO7ksYUQwUwdQ+VtSygRZMjdi8vUg8=; h=From:To:CC:Subject:Date:References:In-Reply-To:From; b=rM/WFgnRl2m7nhufJouVGM/0jbJwBz7aqKlcp1b6kuCpRh0TWJx9VW9uTTvVixQvb HgH3bI3Yi6nyNdX3THey514B1daUOj2KogC7nkjZmUb6B4T15hOD9Ch2KPYjveoGpr 0ivMPl8jLXeIMtDvsN62wETEgv38uOJEWFhzZVGA=
Received: from CASSINA.ad.sei.cmu.edu (cassina.ad.sei.cmu.edu [10.64.28.249]) by delp.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id x0MN3D92033665; Tue, 22 Jan 2019 18:03:13 -0500
Received: from MARATHON.ad.sei.cmu.edu ([10.64.28.250]) by CASSINA.ad.sei.cmu.edu ([10.64.28.249]) with mapi id 14.03.0435.000; Tue, 22 Jan 2019 18:03:13 -0500
From: Roman Danyliw <rdd@cert.org>
To: Benjamin Kaduk <kaduk@mit.edu>, Richard Barnes <rlb@ipv.sx>
CC: "secdispatch@ietf.org" <secdispatch@ietf.org>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, "ace@ietf.org" <ace@ietf.org>, =?utf-8?B?R8O2cmFuIFNlbGFuZGVy?= <goran.selander@ericsson.com>, "Francesca Palombini" <francesca.palombini@ericsson.com>, John Mattsson <john.mattsson@ericsson.com>
Thread-Topic: [Ace] [Secdispatch] EDHOC
Thread-Index: AQHUou5Zx1xiDx+jgESY4I5hUyszWqWc++KAgAH8Z4CAFrLCAIAACQQAgAZMFFA=
Date: Tue, 22 Jan 2019 23:03:12 +0000
Message-ID: <359EC4B99E040048A7131E0F4E113AFC0185795C45@marathon>
References: <D629D980-C059-474F-B259-2700F2EEAE41@ericsson.com> <79FD6563-8ADA-4D73-B8D5-C3D70604CD76@gmail.com> <F72354EF-2FB7-41C0-BCA1-6D4511A410B2@ericsson.com> <47F03C99-68C1-4ADB-873D-F01987D66849@ipv.sx> <20190118172714.GJ81907@kduck.mit.edu>
In-Reply-To: <20190118172714.GJ81907@kduck.mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.64.22.6]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/0_ezEEGvIBPdzrX9UMhinOufM8U>
Subject: Re: [Secdispatch] [Ace]  EDHOC
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Jan 2019 23:03:22 -0000

DQo+IC0tLS0tT3JpZ2luYWwgTWVzc2FnZS0tLS0tDQo+IEZyb206IEFjZSBbbWFpbHRvOmFjZS1i
b3VuY2VzQGlldGYub3JnXSBPbiBCZWhhbGYgT2YgQmVuamFtaW4gS2FkdWsNCj4gU2VudDogRnJp
ZGF5LCBKYW51YXJ5IDE4LCAyMDE5IDEyOjI3IFBNDQo+IFRvOiBSaWNoYXJkIEJhcm5lcyA8cmxi
QGlwdi5zeD4NCj4gQ2M6IHNlY2Rpc3BhdGNoQGlldGYub3JnDQo+IFN1YmplY3Q6IFJlOiBbQWNl
XSBbU2VjZGlzcGF0Y2hdIEVESE9DDQo+IA0KPiBPbiBGcmksIEphbiAxOCwgMjAxOSBhdCAxMTo1
NDo1OEFNIC0wNTAwLCBSaWNoYXJkIEJhcm5lcyB3cm90ZToNCj4gPiBJZiBpdCB3b3VsZCBiZSBo
ZWxwZnVsIHRvIGtlZXAgdGhpcyBtb3ZpbmcsIHdlIGNvdWxkIGNlcnRhaW5seSBhcnJhbmdlDQo+
ID4gYSB2aXJ0dWFsIGludGVyaW0gb24gdGhpcyB0b3BpYy4NCj4gDQo+IFRoYXQgc2VlbXMgbGlr
ZWx5IHRvIGJlIHVzZWZ1bCwgdGhvdWdoIEkgc3VwcG9zZSB3ZSBzaG91bGQgd2FpdCB0byBzZWUg
bW9yZQ0KPiBpbmRpY2F0aW9uIHRoYXQgcGVvcGxlIHdvdWxkIHNob3cgdXAgYW5kIGhhdmUgYSBw
cm9kdWN0aXZlIGRpc2N1c3Npb24uDQoNCklNTywgdGhlIGNvbW1vbiB0aHJlYWQgYmV0d2VlbiBi
b3RoIG9mIHRoZXNlIHByYWN0aWNhbCBzdWdnZXN0aW9ucyBpcyB0aGF0IHRoZSBjb21wbGV4aXR5
IG9mIHRoZSB0b3BpYyBjYW4ndCBlbnRpcmVseSBmaXQgaW50byB0aGUgdGltZSB0aGF0IHdvdWxk
IGJlIGFsbG90dGVkIGR1cmluZyBzZWNkaXNwYXRjaCBkdXJpbmcgdGhlIElFVEYgMTA0IG1lZXRp
bmcuICBMZXQncyBzdGFydCB0aGlzIGNvbnZlcnNhdGlvbiBvbiBsaXN0IG5vdy4NCg0KUm9tYW4N
Cg==


From nobody Tue Jan 22 15:09:44 2019
Return-Path: <rdd@cert.org>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4EEB313118E for <secdispatch@ietfa.amsl.com>; Tue, 22 Jan 2019 15:09:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3g1fZb-XaH2J for <secdispatch@ietfa.amsl.com>; Tue, 22 Jan 2019 15:09:40 -0800 (PST)
Received: from taper.sei.cmu.edu (taper.sei.cmu.edu [147.72.252.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 67CE8131175 for <secdispatch@ietf.org>; Tue, 22 Jan 2019 15:09:40 -0800 (PST)
Received: from delp.sei.cmu.edu (delp.sei.cmu.edu [10.64.21.31]) by taper.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id x0MN9aSw030961; Tue, 22 Jan 2019 18:09:37 -0500
DKIM-Filter: OpenDKIM Filter v2.11.0 taper.sei.cmu.edu x0MN9aSw030961
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=yc2bmwvrj62m; t=1548198577; bh=RwT0qsRgra1Sod9IJViE4Ge4pEPvT2HdJRgn2FKMMz8=; h=From:To:CC:Subject:Date:References:In-Reply-To:From; b=KSEtYZ0SPMOfg2h77LyGfANFUkEZSLEo9dxXuF3wu77lX/iFKH3C5zHkwc3yJa2SD A+cH1khg/0vbGPSU8ldg3ZR5QdkAXGopDynVGwBgGA+qU7C9HhybDxzYxIoMgUYjWM t4uH4IUhkC/MVWZAkQ30vrelVfp7YEyUW6q6QvB8=
Received: from CASCADE.ad.sei.cmu.edu (cascade.ad.sei.cmu.edu [10.64.28.248]) by delp.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id x0MN9Y69035271; Tue, 22 Jan 2019 18:09:34 -0500
Received: from MARATHON.ad.sei.cmu.edu ([10.64.28.250]) by CASCADE.ad.sei.cmu.edu ([10.64.28.248]) with mapi id 14.03.0435.000; Tue, 22 Jan 2019 18:09:34 -0500
From: Roman Danyliw <rdd@cert.org>
To: "secdispatch@ietf.org" <secdispatch@ietf.org>
CC: Francesca Palombini <francesca.palombini@ericsson.com>, John Mattsson <john.mattsson@ericsson.com>, =?utf-8?B?R8O2cmFuIFNlbGFuZGVy?= <goran.selander@ericsson.com>
Thread-Topic: EDHOC
Thread-Index: AQHUou5Zx1xiDx+jgESY4I5hUyszWqW8B+hA
Date: Tue, 22 Jan 2019 23:09:33 +0000
Message-ID: <359EC4B99E040048A7131E0F4E113AFC0185795C5D@marathon>
References: <D629D980-C059-474F-B259-2700F2EEAE41@ericsson.com>
In-Reply-To: <D629D980-C059-474F-B259-2700F2EEAE41@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.64.22.6]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/OYxYipvScZtV7ej6D7fwOpkdOTo>
Subject: Re: [Secdispatch] EDHOC
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Jan 2019 23:09:42 -0000

SGkhDQoNCj4gLS0tLS1PcmlnaW5hbCBNZXNzYWdlLS0tLS0NCj4gRnJvbTogU2VjZGlzcGF0Y2gg
W21haWx0bzpzZWNkaXNwYXRjaC1ib3VuY2VzQGlldGYub3JnXSBPbiBCZWhhbGYgT2YNCj4gR8O2
cmFuIFNlbGFuZGVyDQo+IFNlbnQ6IFdlZG5lc2RheSwgSmFudWFyeSAwMiwgMjAxOSA1OjU2IFBN
DQo+IFRvOiBzZWNkaXNwYXRjaEBpZXRmLm9yZw0KPiBDYzogRnJhbmNlc2NhIFBhbG9tYmluaSA8
ZnJhbmNlc2NhLnBhbG9tYmluaUBlcmljc3Nvbi5jb20+OyBKb2huDQo+IE1hdHRzc29uIDxqb2hu
Lm1hdHRzc29uQGVyaWNzc29uLmNvbT4NCj4gU3ViamVjdDogW1NlY2Rpc3BhdGNoXSBFREhPQw0K
PiANCj4gV2UgaGF2ZSBiZWVuIGFkdmlzZWQgdG8gYXNrIHNlY2Rpc3BhdGNoIHRvIGNvbnNpZGVy
IEVESE9DOg0KPiBodHRwczovL3Rvb2xzLmlldGYub3JnL2h0bWwvZHJhZnQtc2VsYW5kZXItYWNl
LWNvc2UtZWNkaGUNCg0KW3NuaXBdDQoNCj4gVGhlcmUgaGFzIGJlZW4gYSBudW1iZXIgb2YgcmV2
aWV3cyBvZiBkaWZmZXJlbnQgdmVyc2lvbnMgb2YgdGhlIGRyYWZ0OyBib3RoDQo+IGJ5IHBlb3Bs
ZSB3aG8gd2FudCB0byBkZXBsb3kgaXQgYW5kIGJ5IHBlb3BsZSBhbmFseXNpbmcgdGhlIHNlY3Vy
aXR5LiBBDQo+IGZvcm1hbCB2ZXJpZmljYXRpb24gd2FzIHByZXNlbnRlZCBhdCBTU1IgMjAxOC4g
DQoNClRvIHNhdmUgb3RoZXJzIHRoZSBzZWFyY2ggdGltZSwgSSBiZWxpZXZlIHRoaXMgaXMgdGhl
IHJlZmVyZW5jZSBvbiBhIGZvcm1hbCB2ZXJpZmljYXRpb24gb2YgRURIT0M6DQoNCkJydW5pIEEu
LCBTYWhsIErDuHJnZW5zZW4gVC4sIEdyw7huYmVjaCBQZXRlcnNlbiBULiwgU2Now7xybWFubiBD
LiAoMjAxOCkgRm9ybWFsIFZlcmlmaWNhdGlvbiBvZiBFcGhlbWVyYWwgRGlmZmllLUhlbGxtYW4g
T3ZlciBDT1NFIChFREhPQykuIEluOiBDcmVtZXJzIEMuLCBMZWhtYW5uIEEuIChlZHMpIFNlY3Vy
aXR5IFN0YW5kYXJkaXNhdGlvbiBSZXNlYXJjaC4gU1NSIDIwMTguIExlY3R1cmUgTm90ZXMgaW4g
Q29tcHV0ZXIgU2NpZW5jZSwgdm9sIDExMzIyLiBTcHJpbmdlciwgQ2hhbQ0KDQpodHRwczovL2xp
bmsuc3ByaW5nZXIuY29tL2NvbnRlbnQvcGRmLzEwLjEwMDclMkY5NzgtMy0wMzAtMDQ3NjItN18y
LnBkZg0KDQpSb21hbg0K


From nobody Wed Jan 23 08:32:09 2019
Return-Path: <rlb@ipv.sx>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 121AB130E9B for <secdispatch@ietfa.amsl.com>; Wed, 23 Jan 2019 08:31:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.041
X-Spam-Level: 
X-Spam-Status: No, score=-2.041 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.142, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kBaKFbmIA9wD for <secdispatch@ietfa.amsl.com>; Wed, 23 Jan 2019 08:31:47 -0800 (PST)
Received: from mail-ot1-x336.google.com (mail-ot1-x336.google.com [IPv6:2607:f8b0:4864:20::336]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 197F2130E97 for <secdispatch@ietf.org>; Wed, 23 Jan 2019 08:31:47 -0800 (PST)
Received: by mail-ot1-x336.google.com with SMTP id v23so2430075otk.9 for <secdispatch@ietf.org>; Wed, 23 Jan 2019 08:31:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=8/iAKQsQUxoFrN28jG7KqInj8y0coEhcS8ItEV9X+4A=; b=0KWoYIHaCOZ6GF/PdPHGOa9RP0fAl0mQnEzI2Ijbf6xvaIOMvFUzxozCVvPab6eypl UBuk1df+4VJ8fd7PmSpGpphHOtYNlT11tIEOmi2u+vHaSUrIVLgwhTu4wH0v2xLqUpG9 BivC161Wxdgemhz/wJXmQLn1GIQKzYhe6c11yc2j5HWKXA9lkeIZwZnccLm4HYqG6OCX POfH+XH4X7C3iFcei4R5hYS/caRDhkHGL4RR5s1zCZEo8j340/3FtkkkL5wrVixWGsA0 wUJA0wID6xAiaIimN6q17IgQOmOYDMWmWZa/2/GC4+HWkU+G2I9/TUiLxIK1cqo3Buf5 89bA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=8/iAKQsQUxoFrN28jG7KqInj8y0coEhcS8ItEV9X+4A=; b=HlBjTnh3f2o/ncGPi7V6cCKiu0uzAiyWQH6gBX4d+ub/h7HrY2kIjVZIi4nKxYvSEF jvsQxwyAgf4SC/T7BoNu8JKtNXkYDfW6sUBNvNQm5F5uhQc3rxjCYCltupnjaAWVFM2A unOqOGYBptzNEjmusAiSrn0oWnzntd8blT1qH+Quk1YBV7S/VBvolfzJhlQCNPdFz+LX o79fRpBeX/wLQjN8kbFISUL62nCp+g97xz4LEbBTZQP/ogxHCyr3w2kl6y4YVjGSOrIz D6YIIIVZVeB/r7FlvclpnxaCjubeDEHXh4J7+S27P0iFgqGlPd/tnE3cYUijzYsQeStE xQ+Q==
X-Gm-Message-State: AJcUukfcODF3xQagCo+jst9H9O9EaV+UOckijf5d+t3eKMuSNtfZ06R8 qWgHwi27c4yJ3HiGvZBy5KPE/jVMXrMlDkAIvSIA9w==
X-Google-Smtp-Source: ALg8bN68bFOs/5qEdzm+AM/hjT4wBrapn2C+EUDaCurkXuSqZy/oQ4GwMeu46FMfN6zBInPhTL4y/jKL0ateS25oB48=
X-Received: by 2002:a05:6830:1584:: with SMTP id i4mr1745244otr.116.1548261106222;  Wed, 23 Jan 2019 08:31:46 -0800 (PST)
MIME-Version: 1.0
References: <D629D980-C059-474F-B259-2700F2EEAE41@ericsson.com> <79FD6563-8ADA-4D73-B8D5-C3D70604CD76@gmail.com> <F72354EF-2FB7-41C0-BCA1-6D4511A410B2@ericsson.com> <47F03C99-68C1-4ADB-873D-F01987D66849@ipv.sx> <20190118172714.GJ81907@kduck.mit.edu> <359EC4B99E040048A7131E0F4E113AFC0185795C45@marathon>
In-Reply-To: <359EC4B99E040048A7131E0F4E113AFC0185795C45@marathon>
From: Richard Barnes <rlb@ipv.sx>
Date: Wed, 23 Jan 2019 11:31:34 -0500
Message-ID: <CAL02cgQgoxrxzBHk9pCvWwg8n91gpfK=4kReGfFfb=Av8=CoCw@mail.gmail.com>
To: Roman Danyliw <rdd@cert.org>
Cc: Benjamin Kaduk <kaduk@mit.edu>, "secdispatch@ietf.org" <secdispatch@ietf.org>,  Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, "ace@ietf.org" <ace@ietf.org>,  =?UTF-8?Q?G=C3=B6ran_Selander?= <goran.selander@ericsson.com>,  Francesca Palombini <francesca.palombini@ericsson.com>,  John Mattsson <john.mattsson@ericsson.com>
Content-Type: multipart/alternative; boundary="00000000000041a7e4058022a1a5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/WRmFfdRBOwdutHpnfOxvF82vH0E>
Subject: Re: [Secdispatch] [Ace]  EDHOC
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Jan 2019 16:31:50 -0000

--00000000000041a7e4058022a1a5
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Summing up where I believe the conversation stands now, it seems like what
folks are asking for is either:

1. An analysis that shows that EDHOC is equivalent to an existing AKE
(e.g., IKE or TLS), or
2. An argument that a new AKE is necessary (vs. a re-encoding of an
existing AKE)

G=C3=B6ran et al: Do you have thoughts on those points?

It seems like it could be a productive use of an hour or two of virtual
interim time to help the group understand one of those lines of argument.

--Richard

On Tue, Jan 22, 2019 at 6:03 PM Roman Danyliw <rdd@cert.org> wrote:

>
> > -----Original Message-----
> > From: Ace [mailto:ace-bounces@ietf.org] On Behalf Of Benjamin Kaduk
> > Sent: Friday, January 18, 2019 12:27 PM
> > To: Richard Barnes <rlb@ipv.sx>
> > Cc: secdispatch@ietf.org
> > Subject: Re: [Ace] [Secdispatch] EDHOC
> >
> > On Fri, Jan 18, 2019 at 11:54:58AM -0500, Richard Barnes wrote:
> > > If it would be helpful to keep this moving, we could certainly arrang=
e
> > > a virtual interim on this topic.
> >
> > That seems likely to be useful, though I suppose we should wait to see
> more
> > indication that people would show up and have a productive discussion.
>
> IMO, the common thread between both of these practical suggestions is tha=
t
> the complexity of the topic can't entirely fit into the time that would b=
e
> allotted during secdispatch during the IETF 104 meeting.  Let's start thi=
s
> conversation on list now.
>
> Roman
>

--00000000000041a7e4058022a1a5
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div>Summing up where I believe the conversation stands no=
w, it seems like what folks are asking for is either:</div><div><br></div><=
div>1. An analysis that shows that EDHOC is equivalent to an existing AKE (=
e.g., IKE or TLS), or<br></div><div>2. An argument that a new AKE is necess=
ary (vs. a re-encoding of an existing AKE)</div><div><br></div><div>G=C3=B6=
ran et al: Do you have thoughts on those points?</div><div><br></div><div>I=
t seems like it could be a productive use of an hour or two of virtual inte=
rim time to help the group understand one of those lines of argument.</div>=
<div><br></div><div>--Richard<br></div></div><br><div class=3D"gmail_quote"=
><div dir=3D"ltr" class=3D"gmail_attr">On Tue, Jan 22, 2019 at 6:03 PM Roma=
n Danyliw &lt;<a href=3D"mailto:rdd@cert.org">rdd@cert.org</a>&gt; wrote:<b=
r></div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex=
;border-left:1px solid rgb(204,204,204);padding-left:1ex"><br>
&gt; -----Original Message-----<br>
&gt; From: Ace [mailto:<a href=3D"mailto:ace-bounces@ietf.org" target=3D"_b=
lank">ace-bounces@ietf.org</a>] On Behalf Of Benjamin Kaduk<br>
&gt; Sent: Friday, January 18, 2019 12:27 PM<br>
&gt; To: Richard Barnes &lt;rlb@ipv.sx&gt;<br>
&gt; Cc: <a href=3D"mailto:secdispatch@ietf.org" target=3D"_blank">secdispa=
tch@ietf.org</a><br>
&gt; Subject: Re: [Ace] [Secdispatch] EDHOC<br>
&gt; <br>
&gt; On Fri, Jan 18, 2019 at 11:54:58AM -0500, Richard Barnes wrote:<br>
&gt; &gt; If it would be helpful to keep this moving, we could certainly ar=
range<br>
&gt; &gt; a virtual interim on this topic.<br>
&gt; <br>
&gt; That seems likely to be useful, though I suppose we should wait to see=
 more<br>
&gt; indication that people would show up and have a productive discussion.=
<br>
<br>
IMO, the common thread between both of these practical suggestions is that =
the complexity of the topic can&#39;t entirely fit into the time that would=
 be allotted during secdispatch during the IETF 104 meeting.=C2=A0 Let&#39;=
s start this conversation on list now.<br>
<br>
Roman<br>
</blockquote></div>

--00000000000041a7e4058022a1a5--


From nobody Thu Jan 24 08:31:46 2019
Return-Path: <goran.selander@ericsson.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A4F113117F for <secdispatch@ietfa.amsl.com>; Thu, 24 Jan 2019 08:31:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.873
X-Spam-Level: 
X-Spam-Status: No, score=-7.873 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-4.553, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_EXCESS_BASE64=0.979, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com header.b=BrVRgUD9; dkim=pass (1024-bit key) header.d=ericsson.com header.b=k2XRH06Q
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DtFpCsVLy3no for <secdispatch@ietfa.amsl.com>; Thu, 24 Jan 2019 08:31:37 -0800 (PST)
Received: from sesbmg22.ericsson.net (sesbmg22.ericsson.net [193.180.251.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3491A131182 for <secdispatch@ietf.org>; Thu, 24 Jan 2019 08:31:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/relaxed;  q=dns/txt; i=@ericsson.com; t=1548347494; x=1550939494; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=6XV7Zg6kvvC21J4Mi82luJ3Rw9/Oln3DCnf3iiK3lwA=; b=BrVRgUD914kgexCzHsQmVizybOdYCS6r4TfIlRwlwPeswTQEAx/oRgkNghhUm4Ts vp2Gk+Qq7DyDx18mId4jAJbRKZQncskFhP/y7YQfoN4esEfso8zlj8l2/OKBsKXh 1YwyTMDqe4tVcFjEuutvN/C48BsOjGq7H6q1shw1zTQ=;
X-AuditID: c1b4fb30-f93ff7000000355c-6c-5c49e8662ba4
Received: from ESESBMB503.ericsson.se (Unknown_Domain [153.88.183.116]) by sesbmg22.ericsson.net (Symantec Mail Security) with SMTP id CE.EC.13660.668E94C5; Thu, 24 Jan 2019 17:31:34 +0100 (CET)
Received: from ESESBMB503.ericsson.se (153.88.183.170) by ESESBMB503.ericsson.se (153.88.183.170) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Thu, 24 Jan 2019 17:31:33 +0100
Received: from EUR01-VE1-obe.outbound.protection.outlook.com (153.88.183.157) by ESESBMB503.ericsson.se (153.88.183.170) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3 via Frontend Transport; Thu, 24 Jan 2019 17:31:33 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6XV7Zg6kvvC21J4Mi82luJ3Rw9/Oln3DCnf3iiK3lwA=; b=k2XRH06QbOXUfLpRhicW0flk+ZNSiLsFr+gNAoCcMxioJHsqgHL0AkKBdVJfLclSwausRGsO+E64/9jdMy7xF+PI18F/iU7Ndbvekxyxp8H/BTZTOo2s+tTG7z402ejfMh4vfUe6O1li4zqdJprS5Ms/4OvLeV2Qmb+SIM1EJ1Q=
Received: from DB6PR07MB4167.eurprd07.prod.outlook.com (10.168.19.153) by DB6PR07MB3110.eurprd07.prod.outlook.com (10.170.223.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1580.7; Thu, 24 Jan 2019 16:31:32 +0000
Received: from DB6PR07MB4167.eurprd07.prod.outlook.com ([fe80::a10c:961e:8639:85f4]) by DB6PR07MB4167.eurprd07.prod.outlook.com ([fe80::a10c:961e:8639:85f4%4]) with mapi id 15.20.1580.004; Thu, 24 Jan 2019 16:31:28 +0000
From: =?utf-8?B?R8O2cmFuIFNlbGFuZGVy?= <goran.selander@ericsson.com>
To: Richard Barnes <rlb@ipv.sx>, Roman Danyliw <rdd@cert.org>
CC: "secdispatch@ietf.org" <secdispatch@ietf.org>, "ace@ietf.org" <ace@ietf.org>, Francesca Palombini <francesca.palombini@ericsson.com>, "John Mattsson" <john.mattsson@ericsson.com>
Thread-Topic: [Ace] [Secdispatch] EDHOC
Thread-Index: AQHUou5Zx1xiDx+jgESY4I5hUyszWqWcqBGAgAINKACAFqIAAIAACQQAgAanMgCAASTpAIABoxCA
Date: Thu, 24 Jan 2019 16:31:28 +0000
Message-ID: <05C8AB73-EFD1-4AC8-A795-D3624153F4D2@ericsson.com>
References: <D629D980-C059-474F-B259-2700F2EEAE41@ericsson.com> <79FD6563-8ADA-4D73-B8D5-C3D70604CD76@gmail.com> <F72354EF-2FB7-41C0-BCA1-6D4511A410B2@ericsson.com> <47F03C99-68C1-4ADB-873D-F01987D66849@ipv.sx> <20190118172714.GJ81907@kduck.mit.edu> <359EC4B99E040048A7131E0F4E113AFC0185795C45@marathon> <CAL02cgQgoxrxzBHk9pCvWwg8n91gpfK=4kReGfFfb=Av8=CoCw@mail.gmail.com>
In-Reply-To: <CAL02cgQgoxrxzBHk9pCvWwg8n91gpfK=4kReGfFfb=Av8=CoCw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
user-agent: Microsoft-MacOutlook/10.15.0.190115
authentication-results: spf=none (sender IP is ) smtp.mailfrom=goran.selander@ericsson.com; 
x-originating-ip: [192.176.1.89]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DB6PR07MB3110; 6:MoYmL+1rJL1Ok5ij6OlexV+V5RQpWTT4a1CTBe60Jz3TFNdnicVa7ikr4PLL0hrB8aQVl+sRTfrYAKdjz7cGMq0z9LZy56x2xZ1KXhfZptDZHn6kppCenVj7oxpGLGE9vDwFYAqF3Fb3oKWgs0zvxS6zZMx3EGWEzbaGf3JVn+4bRyemaANUgbFuHdujSV1ZQjHshKLgM9BESHwCCjpTDBrMp9H5JOQAYx61LzQ+aZt+hRONwVlOyvZS/22cCT1BbiW7T7chnltp1SrLey3Lwt6t7FstO6SgQ3R9z+JCa1yWKxxtSfpbMf7jdBz1sQG/oY/38W/lwvuDh0bqIHJiupq14pkA29Rb5sUJc1QrfZdUqRkMLpMPfYCECGSDXIkOQV0W/i0OFmOnv12FRltAMOLdO1fS2iWHcJQdpew7UFZRznw/V7mmZc95vdPfGCKIe6thLQyVLtrRO1NyGj+aOQ==; 5:y3FuSbH/Uv3Gw0Xe/9b2WQgjJ9/nzUAkvCH871gdm5c+EhuTIHS3OO+VA0ycwV5f7QXuC8tKShnf/R4msfy204LrF1lgzKd7PvxiYgk/+YrTIeE1L/ZnlqVTOLjz89F8FUoUYnQTDZFKnMWf1SM4iwoOm78XnU3608yyLbYuyKIXydUp1p2tPqdDi9UrWb+JrX/0R9HBpJycmmrTbjsR3w==; 7:9kkhmsP+JllkL/iqDXX8u8hXsqCx0kxfvh8Rl5a6Of+qMADOdausHENU4EsipnTMZNWu3JoIIFeUaDtBp/MIDwsFzdIoZZ6+dF1sCplmZ56bVnzdFBktxBWyQqT5U8JvCH8d9Ui7KZccBMFywWg47w==
x-ms-exchange-antispam-srfa-diagnostics: SOS;SOR;
x-forefront-antispam-report: SFV:SKI; SCL:-1; SFV:NSPM; SFS:(10009020)(346002)(376002)(366004)(396003)(39860400002)(136003)(189003)(199004)(4326008)(102836004)(86362001)(71200400001)(6506007)(54906003)(71190400001)(26005)(478600001)(58126008)(110136005)(99286004)(186003)(476003)(81156014)(81166006)(8676002)(486006)(25786009)(11346002)(83716004)(14454004)(2616005)(446003)(256004)(14444005)(107886003)(66574012)(36756003)(6246003)(76176011)(316002)(53936002)(85182001)(2906002)(33656002)(6486002)(7736002)(66066001)(229853002)(85202003)(68736007)(106356001)(105586002)(6306002)(6512007)(54896002)(93886005)(3846002)(6116002)(97736004)(8936002)(82746002)(6436002); DIR:OUT; SFP:1101; SCL:1; SRVR:DB6PR07MB3110; H:DB6PR07MB4167.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; 
x-ms-office365-filtering-correlation-id: fa6046f1-fc21-4072-68e7-08d682196466
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605077)(2017052603328)(7153060)(7193020); SRVR:DB6PR07MB3110; 
x-ms-traffictypediagnostic: DB6PR07MB3110:
x-microsoft-antispam-prvs: <DB6PR07MB311005119BFF0B27241EF069F49A0@DB6PR07MB3110.eurprd07.prod.outlook.com>
x-forefront-prvs: 0927AA37C7
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 9tYvHFDF+eai9d0iaymT3vV8ai3YOwnf1LHlZOz7gcMaoRArHHwuZT/DvjVOYEEMlkWUT1j4PejpOQ7HE4CA2+DB/tfvMdof/zR2xLSALkEsYFae4GjybA8UWiOKRpyhAYhQhMCV0obsKJmc+4a4hlN6csAj7+pmWtSI5pOsXQKOLGizZWu1iBrLyyTRaXYPnCQ93Nl+R8mLEoWjuy12xxhR/Ziab3a4R9B0nNOMfGuKzt743JP8/hqmTfADQa+DT2ArTrG4OuNUSnhkrQW9nz+3ktya+LnkphHA9stQiZCFbW9x6sIuhK2kYNQf1Raf3rfgQlqCKQfqM94ioKjlttW4qCbHHa40L6ApeMQsEI73ZFJNM5DsU56LwYRKrEwZDjckWNdn2ZcOomSkfwQdNEuPOUf3fqsYioopYyT7hDA=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_05C8AB73EFD14AC8A795D3624153F4D2ericssoncom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: fa6046f1-fc21-4072-68e7-08d682196466
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jan 2019 16:31:28.8139 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR07MB3110
X-OriginatorOrg: ericsson.com
X-Brightmail-Tracker: H4sIAAAAAAAAA02Sa0iTURjHOe/7bns3HB2XuodpZQOtpLzRByHtAmVTCiz8ELLKqW9zeN+W lyKamiIqYl5AR6bmKEtNLSExU1NRjMK8lOaNtJmXGQnJtFLJ7V3gt99z/v/n+Z/ncGhS1MeR 0Kp4LaOOV8RKuQKq/Mor7bEbi0Fy797vPL91cz7p9yub61daEOBX/3mMc5qSlTVdkBkMvwlZ cbOeCiHDBP5RTKwqmVF7nQwXRI+3N5GJvflEqslYT+nQ6ywiF/FpwMdh688cykUCWoR7EZjK KnlsYUawNjVoUwwEmGv6KEtB4UIS8rOrSVYpImC1Lt1WzCFIH16iLJO5+Cx81c1ZUxxwANwz LSELk7gNwUvdZQvvxe6QMfqeYj2H4PFKDZflMCjQP7Iyhd2gYcVIWliIT8FUYweHDdOR0Dpf Zw3g40tgvv/JOghhJ1h/V0+wYWKYMFbaVsVgaB8kWXaEpW/bHAs7Yi/IWt/gsL3XIOO5jst6 XKG/9oeN98FwZZ71MQBn8GC4ZZvHCj7Q/7STZAU9F7qaxziscBFWJmoJVviCYKaoziZ4wOCq 3tYdA+mjnagQeet33ZblSCiZKebprWvbw0C5kdIjeuf8CDS2ebGWg1CSN8tj+TBkPaiwsQwW NjqI3Z4qRD9DjhpGExGn9PX1ZNSqSI0mId4zntG+QDu/623LX+9WtLRwphthGknthBWzQXIR R5GsSYvrRkCTUgfhuaFAuUgYpUi7xagTrqtvxjKabuRMU1KxcFNkLxdhpULLxDBMIqP+rxI0 X6JDYmnP4uZyEGWKrpKIzKZccYiz0+ik3bRvQsqTHBwefLU/UNv8UXICzfg0jIxV7gnLpENv 33no0+EkOzrg/ka1vNYuKBCfbwoolfMpZVmK0jV1LSknJLM6yT+4xqXhbtdkj5v3xHTeB+74 T5ekWvGBjtChoeQeZsS4NR/RuH9ESmmiFT4epFqj+AcnNIg8WQMAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/lqsjCQdIKPr0SgSM2GVTlEVH1xs>
Subject: Re: [Secdispatch] [Ace]  EDHOC
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jan 2019 16:31:40 -0000

--_000_05C8AB73EFD14AC8A795D3624153F4D2ericssoncom_
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

SGkgUmljaGFyZCwgUm9tYW4sIGFsbA0KDQoNClRoYW5rcyBmb3Iga2luZCB3ZWxjb21lIGFuZCBm
b3IgcHJvZ3Jlc3NpbmcgdGhlIGRpc2N1c3Npb24uIEFwb2xvZ2llcyBmb3IgYSBsb25nIGVtYWls
Lg0KDQpGcm9tOiBSaWNoYXJkIEJhcm5lcyA8cmxiQGlwdi5zeD4NCg0KDQpTdW1taW5nIHVwIHdo
ZXJlIEkgYmVsaWV2ZSB0aGUgY29udmVyc2F0aW9uIHN0YW5kcyBub3csIGl0IHNlZW1zIGxpa2Ug
d2hhdCBmb2xrcyBhcmUgYXNraW5nIGZvciBpcyBlaXRoZXI6DQoNCg0KICAxLiAgQW4gYW5hbHlz
aXMgdGhhdCBzaG93cyB0aGF0IEVESE9DIGlzIGVxdWl2YWxlbnQgdG8gYW4gZXhpc3RpbmcgQUtF
IChlLmcuLCBJS0Ugb3IgVExTKSwgb3INCg0KMi4gQW4gYXJndW1lbnQgdGhhdCBhIG5ldyBBS0Ug
aXMgbmVjZXNzYXJ5ICh2cy4gYSByZS1lbmNvZGluZyBvZiBhbiBleGlzdGluZyBBS0UpDQoNCkfD
tnJhbiBldCBhbDogRG8geW91IGhhdmUgdGhvdWdodHMgb24gdGhvc2UgcG9pbnRzPw0KDQpZZXMu
IEnigJlsbCBnZXQgYmFjayB0byB0aGlzIGxhdGVyIGluIHRoaXMgZW1haWwuDQoNCkl0IHNlZW1z
IGxpa2UgaXQgY291bGQgYmUgYSBwcm9kdWN0aXZlIHVzZSBvZiBhbiBob3VyIG9yIHR3byBvZiB2
aXJ0dWFsIGludGVyaW0gdGltZSB0byBoZWxwIHRoZSBncm91cCB1bmRlcnN0YW5kIG9uZSBvZiB0
aG9zZSBsaW5lcyBvZiBhcmd1bWVudC4NCg0KQWdyZWUuDQoNCi0tUmljaGFyZA0KDQoNCkFzIHJl
cXVlc3RlZCBpbiBhIHByZXZpb3VzIGVtYWlsLCBoZXJlIGlzIGEgYmFja2dyb3VuZC4NCg0KDQoN
ClRoZSB3b3JrIG9uIEVESE9DIGlzIG1vdGl2YXRlZCBieSB0aGUgbmVlZCBmb3IgYW4gYXV0aGVu
dGljYXRpb24gYW5kIGtleSBleGNoYW5nZSBwcm90b2NvbCBmb3IgT1NDT1JFIChkcmFmdC1pZXRm
LWNvcmUtb2JqZWN0LXNlY3VyaXR5KSBvcHRpbWl6ZWQgZm9yIGNvbnN0cmFpbmVkLW5vZGUgbmV0
d29ya3MgKFJGQyA3MjI4KS4gT1NDT1JFIGlzIGFwcGxpZWQgd2l0aGluIHRoZSBJRVRGLCBlLmcu
IGluIDZUaVNDSCBtaW5pbWFsIHNlY3VyaXR5IChkcmFmdC1pZXRmLTZ0aXNjaC1taW5pbWFsLXNl
Y3VyaXR5KSwgYnV0IGFsc28gcmVxdWVzdGVkIGJ5IG90aGVyIFNET3MgYW5kIGluZHVzdHJ5IGZv
cmEgc3VjaCBhcyBPTUEgU3BlY3dvcmtzLCBPcGVuIENvbm5lY3Rpdml0eSBGb3VuZGF0aW9uIGFu
ZCBGYWlyaGFpciBBbGxpYW5jZS4gVGhlIHByb3BlcnRpZXMgb2YgT1NDT1JFIG1vdGl2YXRpbmcg
aXRzIHVzZSBpbmNsdWRlOiBzdXBwb3J0IGZvciBDb0FQIGZvcndhcmQgcHJveGllcywgc3VwcG9y
dCBmb3IgY2hhbmdlIG9mIHVuZGVybHlpbmcgdHJhbnNwb3J0cyBpbmNsdWRpbmcgbm9uLUlQLCBs
b3cgb3ZlcmhlYWQsIGxvdyBhZGRpdGlvbmFsIGZvb3RwcmludCBhbmQgbWVtb3J5IHRvIGV4aXN0
aW5nIENvQVAgaW1wbGVtZW50YXRpb25zLCBzdXBwb3J0IGZvciBtdWx0aWNhc3Qgc2VjdXJpdHks
IHNlY3VyaXR5IGZvciBlbmQtdG8tZW5kIFJFU1QuDQoNCg0KDQpHaXZlbiB0aGUgbGFyZ2UgaW50
ZXJlc3QgaW4gT1NDT1JFIGFscmVhZHkgYmVmb3JlIGl0IGhhcyBiZWNvbWUgYW4gUkZDIHdlIGFu
dGljaXBhdGUgYSB3aWRlIHJhbmdlIG9mIGRlcGxveW1lbnRzLiBGb3IgZXhhbXBsZSwgd2Ugc2Vl
IGFuIGludGVyZXN0IGZvciBPU0NPUkUgaW4gQ2VsbHVsYXIgSW9UIHdpdGggdHJhZmZpYyBydW5u
aW5nIG92ZXIgdGhlIGNlbGx1bGFyIGFpciBpbnRlcmZhY2UgY29udHJvbCBjaGFubmVsLCB3aGVy
ZSB3ZSBjYW4gaGF2ZSBlbmQtdG8tZW5kIENvQVAsIGJ1dCBub3QgbmVjZXNzYXJpbHkgZW5kLXRv
LWVuZCBJUCBiZXR3ZWVuIGFuIGFwcGxpY2F0aW9uIHNlcnZlciBhbmQgYSBjZWxsdWxhciBkZXZp
Y2UuIE9yIGJldHdlZW4gYW4gYXBwbGljYXRpb24gc2VydmVyIGFuZCBhIGRldmljZSBiZWhpbmQg
YSBjZWxsdWxhciBnYXRld2F5LiBDb21wYXJpbmcganVzdCB0aGVzZSB0d28gY2FzZXMsIHRoZSBk
aWZmZXJlbmNlIGluIGNhcGFiaWxpdGllcyBvZiB0aGUgZGV2aWNlcyBjYW4gYmUgc2lnbmlmaWNh
bnQgd2hpY2ggbWFrZXMgaXQgZGlmZmljdWx0IHRvIHBvaW50IGF0IHNvbWUgc29ydCBvZiDigJxy
ZWZlcmVuY2UgZGV2aWNlc+KAnSBmb3IgYmVuY2htYXJraW5nLg0KDQoNCg0KSW4gb3JkZXIgdG8g
c3VwcG9ydCB0aGUgbG93IGVuZCB1c2UgY2FzZXMgdGhlIEFLRSBtdXN0IGJlIHBlcmZvcm1hbnQg
aW4gbG93IGJhbmR3aWR0aCBkZXBsb3ltZW50cyB3aXRoIGJhdHRlcnkgcG93ZXJlZCBkZXZpY2Vz
IHJlc3RyaWN0ZWQgaW4gUkFNIGFuZCBST00uIE1lc3NhZ2Ugc2l6ZXMgYW5kIHJvdW5kIHRyaXBz
IGhhdmUgYSBkaXJlY3QgaW1wYWN0IG9uIGxhdGVuY3ksIHBvd2VyIGNvbnN1bXB0aW9uIGFuZCBi
YXR0ZXJ5IGxpZmV0aW1lLCBhbmQgY2FuIGJlIGNhbGN1bGF0ZWQgd2hpY2ggaXMgdGhlIHJlYXNv
biBmb3IgdGhpcyBiZWluZyBhIGNvbW1vbmx5IHVzZWQgbWV0cmljLiBXaGlsZSBpdCBtYXkgYmUg
bW9yZSBkaWZmaWN1bHQgdG8gY29tcGFyZSBtZW1vcnkgYW5kIHN0b3JhZ2UgcmVxdWlyZW1lbnRz
LCB0aGUgYWJpbGl0eSB0byByZXVzZSBleGlzdGluZyBjb2RlIGlzIGFuIGltcG9ydGFudCBpbmRp
Y2F0aW9uLiBJZiBhIGRldmljZSBjYW4gc3VwcG9ydCBhIENvQVAgc3RhY2sgKGluIHRoZSBzZW5z
ZSBvZiBtZW1vcnkgYW5kIGZsYXNoLCBldGMpIGl0IGlzIGV4cGVjdGVkIHRvIGFsc28gYmUgYWJs
ZSB0byBzdXBwb3J0IE9TQ09SRS4gU2ltaWxhcmx5LCBpdCBpcyBkZXNpcmFibGUgdGhhdCBhIGRl
dmljZSB3aXRoIENvQVAgYW5kIE9TQ09SRSBpbXBsZW1lbnRlZCBzaG91bGQgYmUgYWJsZSB0byBz
dXBwb3J0IGFuIGFkZGl0aW9uYWwgQUtFLiBDb25zaWRlcmluZyB0aGF0IEVESE9DIHJldXNlcyBD
Qk9SIGFuZCBDT1NFIHByaW1pdGl2ZXMgZnJvbSBPU0NPUkUgdGhlIGFkZGl0aW9uYWwgY29kZSBm
b3IgRURIT0MgY2FuIGJlIHZlcnkgbGltaXRlZC4NCg0KDQoNCkZyb20gYSBzZWN1cml0eSBwb2lu
dCBvZiB2aWV3IE9TQ09SRSByZXF1aXJlcyB0aGF0IHRoZSBlbmRwb2ludHMgaGF2ZSBhZ3JlZWQg
b24gYSBNYXN0ZXIgU2VjcmV0IHdpdGggYSBnb29kIGFtb3VudCBvZiByYW5kb21uZXNzLCBhbmQg
ZWFjaCBvdGhlcuKAmXMgU2VuZGVyIElEcywgYW5kIHRob3NlIG11c3QgYmUgZGlmZmVyZW50IGZv
ciBhIGdpdmVuIE1hc3RlciBTZWNyZXQuDQoNCg0KDQpOb3cgcmV0dXJuaW5nIHRvIHRoZSBxdWVz
dGlvbnMuDQoNCg0KICAxLiAgQW4gYW5hbHlzaXMgdGhhdCBzaG93cyB0aGF0IEVESE9DIGlzIGVx
dWl2YWxlbnQgdG8gYW4gZXhpc3RpbmcgQUtFIChlLmcuLCBJS0Ugb3IgVExTKQ0KDQoNCkNvbnNp
ZGVyaW5nIEVESE9DIGlzIGEgbmV3IHByb3RvY29sIGl0IHNob3VsZCBiZSB0aG9yb3VnaGx5IGFu
YWx5c2VkIGFuZCB2ZXJpZmllZCBhZ2FpbnN0IGFsbCBjdXJyZW50bHkga25vd24gaXNzdWVzIG9m
IEFLRXMuIFJvbWFuIHNlbnQgYSBtYWlsIHRvIHRoZSBzZWNkaXNwYXRjaCBsaXN0IHJlZmVyZW5j
aW5nIGEgcGFwZXIgcHJlc2VudGVkIGF0IFNTUiAyMDE4IHdoaWNoIGNvdWxkIGJlIHVzZWQgYXMg
YSBzdGFydGluZyBwb2ludC4gSG93IGRvIGZvbGtzIHdhbnQgdG8gZGlnZXN0IHRoaXM6IERvIHRo
ZXkgd2FudCB0byBzdHVkeSB0aGUgbW9kZWwgdGhlbXNlbHZlcyBvciBzaG91bGQgd2UgYXNrIHRo
ZSBhdXRob3JzIGlmIHRoZXkgY291bGQgcHJlc2VudCB0aGVpciB3b3JrIGF0IHRoZSBpbnRlcmlt
Pw0KDQoyLiBBbiBhcmd1bWVudCB0aGF0IGEgbmV3IEFLRSBpcyBuZWNlc3NhcnkgKHZzLiBhIHJl
LWVuY29kaW5nIG9mIGFuIGV4aXN0aW5nIEFLRSkNCg0KDQoNCldlIGhhdmUgZG9uZSB0aGlzIGNv
bXBhcmlzb24gd2l0aCBUTFMvRFRMUyBmb3Igc29tZSB0aW1lIG5vdywgYW5kIHdoYXQgb25jZSBz
ZWVtZWQgbGlrZSBhIHJlYXNvbmFibGUgcXVlc3Rpb24gaGFzIHR1cm5lZCBvdXQgdG8gYmUgbmV2
ZXIgZW5kaW5nIGV4ZXJjaXNlLiBJIGRvIG5vdCB3YW50IHRvIGdldCBpbnRvIElFVEYgYXJjaGVv
bG9neSBidXQgZm9yIHRob3NlIHdobyBoYXZlIG5vdCBmb2xsb3dlZCB0aGUgZGlzY3Vzc2lvbiBz
b21lIGRhdGEgcG9pbnRzIGNvdWxkIGJlIHJlbGV2YW50Lg0KDQoNCg0KTm90IGxvbmcgYWdvLCB0
aGUgZGVzaWduIG9mIHNlY3VyaXR5IHByb3RvY29scyBkaWQgbm90IHRha2UgaW50byBhY2NvdW50
IGNvbnN0cmFpbmVkIElvVCBkZXZpY2VzLiBXaXRoIE9TQ09SRSB3ZSBzaG93ZWQgdGhhdCB0aGUg
bWVzc2FnZSBvdmVyaGVhZCBjb3VsZCBiZSByZWR1Y2VkIGJ5IGEgZmFjdG9yIDMgY29tcGFyZWQg
dG8gRFRMUyAxLjIgcmVjb3Jkcy4gQmVmb3JlIHRoaXMgY29tcGFyaXNvbiBpdCB3YXMgYmVsaWV2
ZWQgdGhhdCB0aGUgcmVjb3JkIGxheWVyIHdhcyBwZXJmb3JtaW5nIHdlbGwsIHRoZW4gdGhlIGRp
ZmZlcmVuY2UgaW4gb3ZlcmhlYWQgd2FzIGNoYXJhY3Rlcml6ZWQgYXMgaW5zaWduaWZpY2FudCwg
YW5kIHRoZW4gZmluYWxseSBhIGNvbXBhY3QgZm9ybWF0IHdhcyBkZXNpZ25lZCBmb3IgRFRMUyAx
LjMuDQoNCg0KDQpXaXRoIEVESE9DIHdlIHNob3dlZCB0aGF0IHRoZSBtZXNzYWdlIG92ZXJoZWFk
IG9mIHRoZSBrZXkgZXhjaGFuZ2UgY2FuIGJlIHJlZHVjZWQgd2l0aCB1cCB0byBhIGZhY3RvciA0
IGNvbXBhcmVkIHRvIHRoZSBjdXJyZW50IHZlcnNpb24gb2YgRFRMUyAxLjMgKHNlZSBBcHBlbmRp
eCBFIGluIEVESE9DKS4gQmVmb3JlIHRoaXMgZXhlcmNpc2UgaXQgd2FzIGJlbGlldmVkIHRoYXQg
dGhlIFRMUy9EVExTIGhhbmRzaGFrZSB3YXMgcGVyZm9ybWluZyB3ZWxsLCB0aGVuIHRoZSBkaWZm
ZXJlbmNlIGluIG92ZXJoZWFkIHdhcyBjaGFyYWN0ZXJpemVkIGFzIGluc2lnbmlmaWNhbnQsIGFu
ZCBub3cgdGhlIGRpc2N1c3Npb24gaGFzIHNoaWZ0ZWQgdG8gZG93bnNpemluZyB0aGUgVExTIGhh
bmRzaGFrZSBvciBvdGhlciBwcm90b2NvbC4NCg0KDQoNCldlIGFyZSBub3QgYWdhaW5zdCBvcHRp
bWl6YXRpb25zIHRvIHRoZSBUTFMgaGFuZHNoYWtlLCBqdXN0IGFzIHdlIHdlbGNvbWUgdGhlIG1v
cmUgb3B0aW1hbCBEVExTIDEuMyByZWNvcmRzLiBCdXQgVExTIHdhcyBub3QgZGVzaWduZWQgdG8g
YmUgYW4gQUtFIGZvciBPU0NPUkUgb3B0aW1pemVkIGZvciBjb25zdHJhaW5lZCBlbnZpcm9ubWVu
dHMuIEFzIEkgcmVtZW1iZXIsIG9wdGltaXppbmcgZm9yIG1lc3NhZ2Ugb3ZlcmhlYWQgd2FzIGFu
IGV4cGxpY2l0IG5vbi1yZXF1aXJlbWVudCBvZiBUTFMgMS4zLiBSZXZlcnRpbmcgdGhvc2UgZGVz
aWduIGRlY2lzaW9ucyBzZWVtcyBsaWtlIHRoZSB3cm9uZyB3YXkgdG8gZ286IE9uZSByZWFzb24g
dG8gdXNlIFRMUyB3b3VsZCBiZSB0byByZXVzZSBhbiBleGlzdGluZyBpbXBsZW1lbnRhdGlvbi4g
QnV0IGV4aXN0aW5nIFRMUyBpbXBsZW1lbnRhdGlvbiB3b3VsZCBtb3N0IGxpa2VseSBub3QgY29t
cGFyZSBmYXZvcmFibHkgaW4gdGVybXMgb2YgY29kZSBzaXplIGFuZCBSQU0uIEFkZGluZyBjb2Rl
IGZvciBjb21wcmVzc2lvbiBvciByZS1lbmNvZGluZyBvZiB0aGUgbWVzc2FnZXMgd291bGQgYWRk
IHRvIHRoYXQuIFJlLXNwZWNpZnlpbmcgdGhlIHByb3RvY29sIHdpdGggdGhlIG5ldyBlbmNvZGlu
ZyBtYXkgcmVxdWlyZSBhIG5ldyBmb3JtYWwgdmVyaWZpY2F0aW9uLiBUbyBtYWtlIGEgbW9yZSBj
b21wYWN0IGNvZGUgYW5kIHByb2Nlc3NpbmcgbWF5IGludm9sdmUgdHdvIGluY29tcGF0aWJsZSBt
ZXNzYWdlIGZvcm1hdHMgb2YgVExTIGRlcGVuZGluZyBvbiB3aGF0IGlzIGJlaW5nIHNpZ25lZC4g
TmV3IGltcGxlbWVudGF0aW9ucyB3b3VsZCBiZSBuZWVkZWQuDQoNCg0KV2UgdGhpbmsgd2UgaGF2
ZSBkb25lIG91ciBwYXJ0IG9mIHRoZSBjb21wYXJpc29uIGV4ZXJjaXNlIGFuZCB0aGF0IHRoZSBi
dXJkZW4gb2YgcHJvb2Ygc2hvdWxkIG5vdyBiZSByZXZlcnNlZC4gQ291bGQgd2UgYXNrIHRob3Nl
IHRoYXQgY2xhaW0gdG8gaGF2ZSBhIG1vcmUgcGVyZm9ybWFudCBrZXkgZXhjaGFuZ2UgcHJvdG9j
b2wgZm9yIE9TQ09SRSBhbmQgYXJlIHByZXBhcmVkIHRvIGRvIHRoZSB3b3JrIHRvIG1ha2UgdGhh
dCBwbGF1c2libGUgYW5kIHByb3ZpZGUgdGhlIG51bWJlcnM/IFRvIGJlIGNsZWFyOiBpZiB0aGVy
ZSBpcyBhbm90aGVyIGtleSBleGNoYW5nZSBwcm90b2NvbCBzdWl0YWJsZSBmb3IgT1NDT1JFIHdo
aWNoIG91dHBlcmZvcm1zIEVESE9DIGluIGNvbnN0cmFpbmVkIGNoYXJhY3RlcmlzdGljcyBhbmQg
dGhlbiB3ZSBhcmUgdmVyeSBpbnRlcmVzdGVkLg0KDQpBbmQgYWdhaW4sIHdpdGggdGhlIHN0YXRl
bWVudHMgaW4gdGhpcyBtYWlsIHdlIG5laXRoZXIgd2FudCB0byBiZWxpdHRsZSB0aGUgY29uc2lk
ZXJhYmxlIGVmZm9ydCBtYWRlIG9uIGZvcm1hbCB2ZXJpZmljYXRpb24sIG5vciBjbGFpbSB0aGF0
IERUTFMgaXMgbm90IGZpdCBmb3IgSW9UIGRlcGxveW1lbnRzLiBJdCBpcyBhbiBpbXBvcnRhbnQg
aGFtbWVyIGluIG91ciBJb1Qgc2VjdXJpdHkgdG9vbGJveCwgYnV0IGF0IHRoZSBtb21lbnQgd2Ug
ZG9u4oCZdCBuZWVkIGEgaGFtbWVyLg0KDQoNCg0KDQpHw7ZyYW4NCg0KDQoNCg0KDQoNCg0KDQoN
Cg0KDQoNCg0KDQoNCg0KDQoNCg0KDQo=

--_000_05C8AB73EFD14AC8A795D3624153F4D2ericssoncom_
Content-Type: text/html; charset="utf-8"
Content-ID: <68BC4D2A22B63E41AF9AE8D3E8CC1797@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64

PGh0bWwgeG1sbnM6bz0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6b2ZmaWNlIiB4
bWxuczp3PSJ1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOm9mZmljZTp3b3JkIiB4bWxuczptPSJo
dHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA0LzEyL29tbWwiIHhtbG5zPSJo
dHRwOi8vd3d3LnczLm9yZy9UUi9SRUMtaHRtbDQwIj4NCjxoZWFkPg0KPG1ldGEgaHR0cC1lcXVp
dj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiPg0KPG1l
dGEgbmFtZT0iR2VuZXJhdG9yIiBjb250ZW50PSJNaWNyb3NvZnQgV29yZCAxNSAoZmlsdGVyZWQg
bWVkaXVtKSI+DQo8c3R5bGU+PCEtLQ0KLyogRm9udCBEZWZpbml0aW9ucyAqLw0KQGZvbnQtZmFj
ZQ0KCXtmb250LWZhbWlseToiQ2FtYnJpYSBNYXRoIjsNCglwYW5vc2UtMToyIDQgNSAzIDUgNCA2
IDMgMiA0O30NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6Q2FsaWJyaTsNCglwYW5vc2UtMToy
IDE1IDUgMiAyIDIgNCAzIDIgNDt9DQovKiBTdHlsZSBEZWZpbml0aW9ucyAqLw0KcC5Nc29Ob3Jt
YWwsIGxpLk1zb05vcm1hbCwgZGl2Lk1zb05vcm1hbA0KCXttYXJnaW46MGNtOw0KCW1hcmdpbi1i
b3R0b206LjAwMDFwdDsNCglmb250LXNpemU6MTEuMHB0Ow0KCWZvbnQtZmFtaWx5OiJDYWxpYnJp
IixzYW5zLXNlcmlmO30NCmE6bGluaywgc3Bhbi5Nc29IeXBlcmxpbmsNCgl7bXNvLXN0eWxlLXBy
aW9yaXR5Ojk5Ow0KCWNvbG9yOmJsdWU7DQoJdGV4dC1kZWNvcmF0aW9uOnVuZGVybGluZTt9DQph
OnZpc2l0ZWQsIHNwYW4uTXNvSHlwZXJsaW5rRm9sbG93ZWQNCgl7bXNvLXN0eWxlLXByaW9yaXR5
Ojk5Ow0KCWNvbG9yOnB1cnBsZTsNCgl0ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lO30NCnAuTXNv
TGlzdFBhcmFncmFwaCwgbGkuTXNvTGlzdFBhcmFncmFwaCwgZGl2Lk1zb0xpc3RQYXJhZ3JhcGgN
Cgl7bXNvLXN0eWxlLXByaW9yaXR5OjM0Ow0KCW1hcmdpbi10b3A6MGNtOw0KCW1hcmdpbi1yaWdo
dDowY207DQoJbWFyZ2luLWJvdHRvbTowY207DQoJbWFyZ2luLWxlZnQ6MzYuMHB0Ow0KCW1hcmdp
bi1ib3R0b206LjAwMDFwdDsNCglmb250LXNpemU6MTEuMHB0Ow0KCWZvbnQtZmFtaWx5OiJDYWxp
YnJpIixzYW5zLXNlcmlmO30NCnAubXNvbm9ybWFsMCwgbGkubXNvbm9ybWFsMCwgZGl2Lm1zb25v
cm1hbDANCgl7bXNvLXN0eWxlLW5hbWU6bXNvbm9ybWFsOw0KCW1zby1tYXJnaW4tdG9wLWFsdDph
dXRvOw0KCW1hcmdpbi1yaWdodDowY207DQoJbXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87DQoJ
bWFyZ2luLWxlZnQ6MGNtOw0KCWZvbnQtc2l6ZToxMS4wcHQ7DQoJZm9udC1mYW1pbHk6IkNhbGli
cmkiLHNhbnMtc2VyaWY7fQ0KcC5wMSwgbGkucDEsIGRpdi5wMQ0KCXttc28tc3R5bGUtbmFtZTpw
MTsNCgltYXJnaW46MGNtOw0KCW1hcmdpbi1ib3R0b206LjAwMDFwdDsNCglsaW5lLWhlaWdodDox
My41cHQ7DQoJZm9udC1zaXplOjExLjBwdDsNCglmb250LWZhbWlseToiQ2FsaWJyaSIsc2Fucy1z
ZXJpZjsNCgljb2xvcjpibGFjazt9DQpwLnAyLCBsaS5wMiwgZGl2LnAyDQoJe21zby1zdHlsZS1u
YW1lOnAyOw0KCW1hcmdpbjowY207DQoJbWFyZ2luLWJvdHRvbTouMDAwMXB0Ow0KCWxpbmUtaGVp
Z2h0OjEzLjVwdDsNCglmb250LXNpemU6MTEuMHB0Ow0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIixz
YW5zLXNlcmlmOw0KCWNvbG9yOmJsYWNrO30NCnNwYW4uRW1haWxTdHlsZTIxDQoJe21zby1zdHls
ZS10eXBlOnBlcnNvbmFsOw0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIixzYW5zLXNlcmlmOw0KCWNv
bG9yOndpbmRvd3RleHQ7fQ0Kc3Bhbi5zMQ0KCXttc28tc3R5bGUtbmFtZTpzMTt9DQpzcGFuLmFw
cGxlLWNvbnZlcnRlZC1zcGFjZQ0KCXttc28tc3R5bGUtbmFtZTphcHBsZS1jb252ZXJ0ZWQtc3Bh
Y2U7fQ0KLk1zb0NocERlZmF1bHQNCgl7bXNvLXN0eWxlLXR5cGU6ZXhwb3J0LW9ubHk7DQoJZm9u
dC1zaXplOjEwLjBwdDt9DQpAcGFnZSBXb3JkU2VjdGlvbjENCgl7c2l6ZTo2MTIuMHB0IDc5Mi4w
cHQ7DQoJbWFyZ2luOjcwLjg1cHQgNzAuODVwdCA3MC44NXB0IDcwLjg1cHQ7fQ0KZGl2LldvcmRT
ZWN0aW9uMQ0KCXtwYWdlOldvcmRTZWN0aW9uMTt9DQovKiBMaXN0IERlZmluaXRpb25zICovDQpA
bGlzdCBsMA0KCXttc28tbGlzdC1pZDozMjYzNjk3NDQ7DQoJbXNvLWxpc3QtdGVtcGxhdGUtaWRz
OjEyNjczNTQ4NTg7fQ0KQGxpc3QgbDENCgl7bXNvLWxpc3QtaWQ6NTI5Mjk4NDU4Ow0KCW1zby1s
aXN0LXRlbXBsYXRlLWlkczotMTc0Mjg1NTkwNDt9DQpAbGlzdCBsMg0KCXttc28tbGlzdC1pZDo2
ODM0MzI5Njc7DQoJbXNvLWxpc3QtdHlwZTpoeWJyaWQ7DQoJbXNvLWxpc3QtdGVtcGxhdGUtaWRz
OjExMTIxODM4NTggNDQxMzQ2MjQ4IDY3Njk4NzEzIDY3Njk4NzE1IDY3Njk4NzAzIDY3Njk4NzEz
IDY3Njk4NzE1IDY3Njk4NzAzIDY3Njk4NzEzIDY3Njk4NzE1O30NCkBsaXN0IGwyOmxldmVsMQ0K
CXttc28tbGV2ZWwtdGFiLXN0b3A6bm9uZTsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxl
ZnQ7DQoJbWFyZ2luLWxlZnQ6NTQuMHB0Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7fQ0KQGxpc3Qg
bDI6bGV2ZWwyDQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmFscGhhLWxvd2VyOw0KCW1zby1s
ZXZlbC10YWItc3RvcDpub25lOw0KCW1zby1sZXZlbC1udW1iZXItcG9zaXRpb246bGVmdDsNCglt
YXJnaW4tbGVmdDo5MC4wcHQ7DQoJdGV4dC1pbmRlbnQ6LTE4LjBwdDt9DQpAbGlzdCBsMjpsZXZl
bDMNCgl7bXNvLWxldmVsLW51bWJlci1mb3JtYXQ6cm9tYW4tbG93ZXI7DQoJbXNvLWxldmVsLXRh
Yi1zdG9wOm5vbmU7DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpyaWdodDsNCgltYXJnaW4t
bGVmdDoxMjYuMHB0Ow0KCXRleHQtaW5kZW50Oi05LjBwdDt9DQpAbGlzdCBsMjpsZXZlbDQNCgl7
bXNvLWxldmVsLXRhYi1zdG9wOm5vbmU7DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0
Ow0KCW1hcmdpbi1sZWZ0OjE2Mi4wcHQ7DQoJdGV4dC1pbmRlbnQ6LTE4LjBwdDt9DQpAbGlzdCBs
MjpsZXZlbDUNCgl7bXNvLWxldmVsLW51bWJlci1mb3JtYXQ6YWxwaGEtbG93ZXI7DQoJbXNvLWxl
dmVsLXRhYi1zdG9wOm5vbmU7DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCW1h
cmdpbi1sZWZ0OjE5OC4wcHQ7DQoJdGV4dC1pbmRlbnQ6LTE4LjBwdDt9DQpAbGlzdCBsMjpsZXZl
bDYNCgl7bXNvLWxldmVsLW51bWJlci1mb3JtYXQ6cm9tYW4tbG93ZXI7DQoJbXNvLWxldmVsLXRh
Yi1zdG9wOm5vbmU7DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpyaWdodDsNCgltYXJnaW4t
bGVmdDoyMzQuMHB0Ow0KCXRleHQtaW5kZW50Oi05LjBwdDt9DQpAbGlzdCBsMjpsZXZlbDcNCgl7
bXNvLWxldmVsLXRhYi1zdG9wOm5vbmU7DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0
Ow0KCW1hcmdpbi1sZWZ0OjI3MC4wcHQ7DQoJdGV4dC1pbmRlbnQ6LTE4LjBwdDt9DQpAbGlzdCBs
MjpsZXZlbDgNCgl7bXNvLWxldmVsLW51bWJlci1mb3JtYXQ6YWxwaGEtbG93ZXI7DQoJbXNvLWxl
dmVsLXRhYi1zdG9wOm5vbmU7DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCW1h
cmdpbi1sZWZ0OjMwNi4wcHQ7DQoJdGV4dC1pbmRlbnQ6LTE4LjBwdDt9DQpAbGlzdCBsMjpsZXZl
bDkNCgl7bXNvLWxldmVsLW51bWJlci1mb3JtYXQ6cm9tYW4tbG93ZXI7DQoJbXNvLWxldmVsLXRh
Yi1zdG9wOm5vbmU7DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpyaWdodDsNCgltYXJnaW4t
bGVmdDozNDIuMHB0Ow0KCXRleHQtaW5kZW50Oi05LjBwdDt9DQpAbGlzdCBsMw0KCXttc28tbGlz
dC1pZDoxODMzMDU4OTg2Ow0KCW1zby1saXN0LXR5cGU6aHlicmlkOw0KCW1zby1saXN0LXRlbXBs
YXRlLWlkczoxMTEyMTgzODU4IDQ0MTM0NjI0OCA2NzY5ODcxMyA2NzY5ODcxNSA2NzY5ODcwMyA2
NzY5ODcxMyA2NzY5ODcxNSA2NzY5ODcwMyA2NzY5ODcxMyA2NzY5ODcxNTt9DQpAbGlzdCBsMzps
ZXZlbDENCgl7bXNvLWxldmVsLXRhYi1zdG9wOm5vbmU7DQoJbXNvLWxldmVsLW51bWJlci1wb3Np
dGlvbjpsZWZ0Ow0KCW1hcmdpbi1sZWZ0OjU0LjBwdDsNCgl0ZXh0LWluZGVudDotMTguMHB0O30N
CkBsaXN0IGwzOmxldmVsMg0KCXttc28tbGV2ZWwtbnVtYmVyLWZvcm1hdDphbHBoYS1sb3dlcjsN
Cgltc28tbGV2ZWwtdGFiLXN0b3A6bm9uZTsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxl
ZnQ7DQoJbWFyZ2luLWxlZnQ6OTAuMHB0Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7fQ0KQGxpc3Qg
bDM6bGV2ZWwzDQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OnJvbWFuLWxvd2VyOw0KCW1zby1s
ZXZlbC10YWItc3RvcDpub25lOw0KCW1zby1sZXZlbC1udW1iZXItcG9zaXRpb246cmlnaHQ7DQoJ
bWFyZ2luLWxlZnQ6MTI2LjBwdDsNCgl0ZXh0LWluZGVudDotOS4wcHQ7fQ0KQGxpc3QgbDM6bGV2
ZWw0DQoJe21zby1sZXZlbC10YWItc3RvcDpub25lOw0KCW1zby1sZXZlbC1udW1iZXItcG9zaXRp
b246bGVmdDsNCgltYXJnaW4tbGVmdDoxNjIuMHB0Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7fQ0K
QGxpc3QgbDM6bGV2ZWw1DQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmFscGhhLWxvd2VyOw0K
CW1zby1sZXZlbC10YWItc3RvcDpub25lOw0KCW1zby1sZXZlbC1udW1iZXItcG9zaXRpb246bGVm
dDsNCgltYXJnaW4tbGVmdDoxOTguMHB0Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7fQ0KQGxpc3Qg
bDM6bGV2ZWw2DQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OnJvbWFuLWxvd2VyOw0KCW1zby1s
ZXZlbC10YWItc3RvcDpub25lOw0KCW1zby1sZXZlbC1udW1iZXItcG9zaXRpb246cmlnaHQ7DQoJ
bWFyZ2luLWxlZnQ6MjM0LjBwdDsNCgl0ZXh0LWluZGVudDotOS4wcHQ7fQ0KQGxpc3QgbDM6bGV2
ZWw3DQoJe21zby1sZXZlbC10YWItc3RvcDpub25lOw0KCW1zby1sZXZlbC1udW1iZXItcG9zaXRp
b246bGVmdDsNCgltYXJnaW4tbGVmdDoyNzAuMHB0Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7fQ0K
QGxpc3QgbDM6bGV2ZWw4DQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmFscGhhLWxvd2VyOw0K
CW1zby1sZXZlbC10YWItc3RvcDpub25lOw0KCW1zby1sZXZlbC1udW1iZXItcG9zaXRpb246bGVm
dDsNCgltYXJnaW4tbGVmdDozMDYuMHB0Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7fQ0KQGxpc3Qg
bDM6bGV2ZWw5DQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OnJvbWFuLWxvd2VyOw0KCW1zby1s
ZXZlbC10YWItc3RvcDpub25lOw0KCW1zby1sZXZlbC1udW1iZXItcG9zaXRpb246cmlnaHQ7DQoJ
bWFyZ2luLWxlZnQ6MzQyLjBwdDsNCgl0ZXh0LWluZGVudDotOS4wcHQ7fQ0Kb2wNCgl7bWFyZ2lu
LWJvdHRvbTowY207fQ0KdWwNCgl7bWFyZ2luLWJvdHRvbTowY207fQ0KLS0+PC9zdHlsZT4NCjwv
aGVhZD4NCjxib2R5IGxhbmc9IlNWIiBsaW5rPSJibHVlIiB2bGluaz0icHVycGxlIj4NCjxkaXYg
Y2xhc3M9IldvcmRTZWN0aW9uMSI+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJF
Ti1VUyI+SGkgUmljaGFyZCwgUm9tYW4sIGFsbDxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNs
YXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bh
bj48L3A+DQo8cCBjbGFzcz0icDEiPjxzcGFuIGNsYXNzPSJzMSI+PHNwYW4gbGFuZz0iRU4tVVMi
PlRoYW5rcyBmb3Iga2luZCB3ZWxjb21lIGFuZCBmb3IgcHJvZ3Jlc3NpbmcgdGhlIGRpc2N1c3Np
b24uIEFwb2xvZ2llcyBmb3IgYSBsb25nIGVtYWlsLjwvc3Bhbj48L3NwYW4+PHNwYW4gbGFuZz0i
RU4tVVMiPjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFu
IGxhbmc9IkVOLVVTIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8ZGl2IHN0eWxlPSJi
b3JkZXI6bm9uZTtib3JkZXItdG9wOnNvbGlkICNCNUM0REYgMS4wcHQ7cGFkZGluZzozLjBwdCAw
Y20gMGNtIDBjbSI+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibWFyZ2luLWxlZnQ6MzYu
MHB0Ij48Yj48c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMi4wcHQ7Y29sb3I6
YmxhY2siPkZyb206DQo8L3NwYW4+PC9iPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iZm9udC1z
aXplOjEyLjBwdDtjb2xvcjpibGFjayI+UmljaGFyZCBCYXJuZXMgJmx0O3JsYkBpcHYuc3gmZ3Q7
PGJyPg0KPGJyPg0KPG86cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xh
c3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1hcmdpbi1sZWZ0OjM2LjBwdCI+PHNwYW4gbGFuZz0iRU4t
VVMiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxkaXY+DQo8
cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibWFyZ2luLWxlZnQ6MzYuMHB0Ij48c3BhbiBsYW5n
PSJFTi1VUyI+U3VtbWluZyB1cCB3aGVyZSBJIGJlbGlldmUgdGhlIGNvbnZlcnNhdGlvbiBzdGFu
ZHMgbm93LCBpdCBzZWVtcyBsaWtlIHdoYXQgZm9sa3MgYXJlIGFza2luZyBmb3IgaXMgZWl0aGVy
OjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3Jt
YWwiIHN0eWxlPSJtYXJnaW4tbGVmdDozNi4wcHQiPjxzcGFuIGxhbmc9IkVOLVVTIj48bzpwPiZu
YnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8b2wgc3R5bGU9Im1hcmdpbi10
b3A6MGNtIiBzdGFydD0iMSIgdHlwZT0iMSI+DQo8bGkgY2xhc3M9Ik1zb0xpc3RQYXJhZ3JhcGgi
IHN0eWxlPSJtYXJnaW4tbGVmdDoxOC4wcHQ7bXNvLWxpc3Q6bDMgbGV2ZWwxIGxmbzMiPjxzcGFu
IGxhbmc9IkVOLVVTIj5BbiBhbmFseXNpcyB0aGF0IHNob3dzIHRoYXQgRURIT0MgaXMgZXF1aXZh
bGVudCB0byBhbiBleGlzdGluZyBBS0UgKGUuZy4sIElLRSBvciBUTFMpLCBvcjxvOnA+PC9vOnA+
PC9zcGFuPjwvbGk+PC9vbD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVT
Ij48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0i
TXNvTm9ybWFsIiBzdHlsZT0ibWFyZ2luLWxlZnQ6MzYuMHB0Ij48c3BhbiBsYW5nPSJFTi1VUyI+
Mi4gQW4gYXJndW1lbnQgdGhhdCBhIG5ldyBBS0UgaXMgbmVjZXNzYXJ5ICh2cy4gYSByZS1lbmNv
ZGluZyBvZiBhbiBleGlzdGluZyBBS0UpPG86cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8
ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMiPjxvOnA+Jm5ic3A7
PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0
eWxlPSJtYXJnaW4tbGVmdDozNi4wcHQiPjxzcGFuIGxhbmc9IkVOLVVTIj5Hw7ZyYW4gZXQgYWw6
IERvIHlvdSBoYXZlIHRob3VnaHRzIG9uIHRob3NlIHBvaW50cz88bzpwPjwvbzpwPjwvc3Bhbj48
L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyI+PG86cD4mbmJzcDs8
L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMi
Plllcy4gSeKAmWxsIGdldCBiYWNrIHRvIHRoaXMgbGF0ZXIgaW4gdGhpcyBlbWFpbC48bzpwPjwv
bzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHls
ZT0ibWFyZ2luLWxlZnQ6MzYuMHB0Ij48c3BhbiBsYW5nPSJFTi1VUyI+PG86cD4mbmJzcDs8L286
cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9
Im1hcmdpbi1sZWZ0OjM2LjBwdCI+PHNwYW4gbGFuZz0iRU4tVVMiPkl0IHNlZW1zIGxpa2UgaXQg
Y291bGQgYmUgYSBwcm9kdWN0aXZlIHVzZSBvZiBhbiBob3VyIG9yIHR3byBvZiB2aXJ0dWFsIGlu
dGVyaW0gdGltZSB0byBoZWxwIHRoZSBncm91cCB1bmRlcnN0YW5kIG9uZSBvZiB0aG9zZSBsaW5l
cyBvZiBhcmd1bWVudC48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBj
bGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibWFyZ2luLWxlZnQ6MzYuMHB0Ij48c3BhbiBsYW5nPSJF
Ti1VUyI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+
PHNwYW4gbGFuZz0iRU4tVVMiPkFncmVlLjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNz
PSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48
L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibWFyZ2luLWxl
ZnQ6MzYuMHB0Ij48c3BhbiBsYW5nPSJFTi1VUyI+LS1SaWNoYXJkPG86cD48L286cD48L3NwYW4+
PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMiPjxvOnA+Jm5ic3A7
PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJwMSI+PHNwYW4gY2xhc3M9InMxIj48c3BhbiBs
YW5nPSJFTi1VUyI+QXMgcmVxdWVzdGVkIGluIGEgcHJldmlvdXMgZW1haWwsIGhlcmUgaXMgYSBi
YWNrZ3JvdW5kLjwvc3Bhbj48L3NwYW4+PHNwYW4gbGFuZz0iRU4tVVMiPjxvOnA+PC9vOnA+PC9z
cGFuPjwvcD4NCjxwIGNsYXNzPSJwMSI+PHNwYW4gbGFuZz0iRU4tVVMiPjxvOnA+Jm5ic3A7PC9v
OnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJwMiI+PHNwYW4gY2xhc3M9InMxIj48c3BhbiBsYW5n
PSJFTi1VUyI+VGhlIHdvcmsgb24gRURIT0MgaXMgbW90aXZhdGVkIGJ5IHRoZSBuZWVkIGZvciBh
biBhdXRoZW50aWNhdGlvbiBhbmQga2V5IGV4Y2hhbmdlIHByb3RvY29sIGZvciBPU0NPUkUgKGRy
YWZ0LWlldGYtY29yZS1vYmplY3Qtc2VjdXJpdHkpIG9wdGltaXplZCBmb3IgY29uc3RyYWluZWQt
bm9kZSBuZXR3b3JrcyAoUkZDIDcyMjgpLiBPU0NPUkUgaXMgYXBwbGllZCB3aXRoaW4NCiB0aGUg
SUVURiwgZS5nLiBpbiA2VGlTQ0ggbWluaW1hbCBzZWN1cml0eSAoZHJhZnQtaWV0Zi02dGlzY2gt
bWluaW1hbC1zZWN1cml0eSksIGJ1dCBhbHNvIHJlcXVlc3RlZCBieSBvdGhlciBTRE9zIGFuZCBp
bmR1c3RyeSBmb3JhIHN1Y2ggYXMgT01BIFNwZWN3b3JrcywgT3BlbiBDb25uZWN0aXZpdHkgRm91
bmRhdGlvbiBhbmQgRmFpcmhhaXIgQWxsaWFuY2UuIFRoZSBwcm9wZXJ0aWVzIG9mIE9TQ09SRSBt
b3RpdmF0aW5nIGl0cyB1c2UgaW5jbHVkZToNCiBzdXBwb3J0IGZvciBDb0FQIGZvcndhcmQgcHJv
eGllcywgc3VwcG9ydCBmb3IgY2hhbmdlIG9mIHVuZGVybHlpbmcgdHJhbnNwb3J0cyBpbmNsdWRp
bmcgbm9uLUlQLCBsb3cgb3ZlcmhlYWQsIGxvdyBhZGRpdGlvbmFsIGZvb3RwcmludCBhbmQgbWVt
b3J5IHRvIGV4aXN0aW5nIENvQVAgaW1wbGVtZW50YXRpb25zLCBzdXBwb3J0IGZvciBtdWx0aWNh
c3Qgc2VjdXJpdHksIHNlY3VyaXR5IGZvciBlbmQtdG8tZW5kIFJFU1QuPC9zcGFuPjwvc3Bhbj48
c3BhbiBjbGFzcz0iYXBwbGUtY29udmVydGVkLXNwYWNlIj48c3BhbiBsYW5nPSJFTi1VUyI+Jm5i
c3A7PC9zcGFuPjwvc3Bhbj48c3BhbiBsYW5nPSJFTi1VUyI+PG86cD48L286cD48L3NwYW4+PC9w
Pg0KPHAgY2xhc3M9InAxIj48c3BhbiBjbGFzcz0iczEiPjxzcGFuIGxhbmc9IkVOLVVTIj48bzpw
PiZuYnNwOzwvbzpwPjwvc3Bhbj48L3NwYW4+PC9wPg0KPHAgY2xhc3M9InAxIj48c3BhbiBjbGFz
cz0iczEiPjxzcGFuIGxhbmc9IkVOLVVTIj5HaXZlbiB0aGUgbGFyZ2UgaW50ZXJlc3QgaW4gT1ND
T1JFIGFscmVhZHkgYmVmb3JlIGl0IGhhcyBiZWNvbWUgYW4gUkZDIHdlIGFudGljaXBhdGUgYSB3
aWRlIHJhbmdlIG9mIGRlcGxveW1lbnRzLiBGb3IgZXhhbXBsZSwgd2Ugc2VlIGFuIGludGVyZXN0
IGZvciBPU0NPUkUgaW4gQ2VsbHVsYXIgSW9UIHdpdGggdHJhZmZpYyBydW5uaW5nIG92ZXIgdGhl
IGNlbGx1bGFyDQogYWlyIGludGVyZmFjZSBjb250cm9sIGNoYW5uZWwsIHdoZXJlIHdlIGNhbiBo
YXZlIGVuZC10by1lbmQgQ29BUCwgYnV0IG5vdCBuZWNlc3NhcmlseSBlbmQtdG8tZW5kIElQIGJl
dHdlZW4gYW4gYXBwbGljYXRpb24gc2VydmVyIGFuZCBhIGNlbGx1bGFyIGRldmljZS4gT3IgYmV0
d2VlbiBhbiBhcHBsaWNhdGlvbiBzZXJ2ZXIgYW5kIGEgZGV2aWNlIGJlaGluZCBhIGNlbGx1bGFy
IGdhdGV3YXkuIENvbXBhcmluZyBqdXN0IHRoZXNlIHR3byBjYXNlcywNCiB0aGUgZGlmZmVyZW5j
ZSBpbiBjYXBhYmlsaXRpZXMgb2YgdGhlIGRldmljZXMgY2FuIGJlIHNpZ25pZmljYW50IHdoaWNo
IG1ha2VzIGl0IGRpZmZpY3VsdCB0byBwb2ludCBhdCBzb21lIHNvcnQgb2Yg4oCccmVmZXJlbmNl
IGRldmljZXPigJ0gZm9yIGJlbmNobWFya2luZy4NCjwvc3Bhbj48L3NwYW4+PHNwYW4gbGFuZz0i
RU4tVVMiPjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJwMSI+PHNwYW4gbGFuZz0i
RU4tVVMiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJwMiI+PHNwYW4g
Y2xhc3M9InMxIj48c3BhbiBsYW5nPSJFTi1VUyI+SW4gb3JkZXIgdG8gc3VwcG9ydCB0aGUgbG93
IGVuZCB1c2UgY2FzZXMgdGhlIEFLRSBtdXN0IGJlIHBlcmZvcm1hbnQgaW4gbG93IGJhbmR3aWR0
aCBkZXBsb3ltZW50cyB3aXRoIGJhdHRlcnkgcG93ZXJlZCBkZXZpY2VzIHJlc3RyaWN0ZWQgaW4g
UkFNIGFuZCBST00uPC9zcGFuPjwvc3Bhbj48c3BhbiBjbGFzcz0iYXBwbGUtY29udmVydGVkLXNw
YWNlIj48c3BhbiBsYW5nPSJFTi1VUyI+Jm5ic3A7PC9zcGFuPjwvc3Bhbj48c3BhbiBjbGFzcz0i
czEiPjxzcGFuIGxhbmc9IkVOLVVTIj5NZXNzYWdlDQogc2l6ZXMgYW5kIHJvdW5kIHRyaXBzIGhh
dmUgYSBkaXJlY3QgaW1wYWN0IG9uIGxhdGVuY3ksIHBvd2VyIGNvbnN1bXB0aW9uIGFuZCBiYXR0
ZXJ5IGxpZmV0aW1lLCBhbmQgY2FuIGJlIGNhbGN1bGF0ZWQgd2hpY2ggaXMgdGhlIHJlYXNvbiBm
b3IgdGhpcyBiZWluZyBhIGNvbW1vbmx5IHVzZWQgbWV0cmljLiBXaGlsZSBpdCBtYXkgYmUgbW9y
ZSBkaWZmaWN1bHQgdG8gY29tcGFyZSBtZW1vcnkgYW5kIHN0b3JhZ2UgcmVxdWlyZW1lbnRzLCB0
aGUgYWJpbGl0eQ0KIHRvIHJldXNlIGV4aXN0aW5nIGNvZGUgaXMgYW4gaW1wb3J0YW50IGluZGlj
YXRpb24uIElmIGEgZGV2aWNlIGNhbiBzdXBwb3J0IGEgQ29BUCBzdGFjayAoaW4gdGhlIHNlbnNl
IG9mIG1lbW9yeSBhbmQgZmxhc2gsIGV0YykgaXQgaXMgZXhwZWN0ZWQgdG8gYWxzbyBiZSBhYmxl
IHRvIHN1cHBvcnQgT1NDT1JFLiBTaW1pbGFybHksIGl0IGlzIGRlc2lyYWJsZSB0aGF0IGEgZGV2
aWNlIHdpdGggQ29BUCBhbmQgT1NDT1JFIGltcGxlbWVudGVkIHNob3VsZA0KIGJlIGFibGUgdG8g
c3VwcG9ydCBhbiBhZGRpdGlvbmFsIEFLRS4gQ29uc2lkZXJpbmcgdGhhdCBFREhPQyByZXVzZXMg
Q0JPUiBhbmQgQ09TRSBwcmltaXRpdmVzIGZyb20gT1NDT1JFIHRoZSBhZGRpdGlvbmFsIGNvZGUg
Zm9yIEVESE9DIGNhbiBiZSB2ZXJ5IGxpbWl0ZWQuPC9zcGFuPjwvc3Bhbj48c3BhbiBsYW5nPSJF
Ti1VUyI+PG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9InAxIj48c3BhbiBsYW5nPSJF
Ti1VUyI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9InAxIj48c3BhbiBs
YW5nPSJFTi1VUyI+RnJvbSBhIHNlY3VyaXR5IHBvaW50IG9mIHZpZXcgT1NDT1JFIHJlcXVpcmVz
IHRoYXQgdGhlIGVuZHBvaW50cyBoYXZlIGFncmVlZCBvbiBhIE1hc3RlciBTZWNyZXQgd2l0aCBh
IGdvb2QgYW1vdW50IG9mIHJhbmRvbW5lc3MsIGFuZCBlYWNoIG90aGVy4oCZcyBTZW5kZXIgSURz
LCBhbmQgdGhvc2UgbXVzdCBiZSBkaWZmZXJlbnQgZm9yIGEgZ2l2ZW4gTWFzdGVyIFNlY3JldC48
bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0icDEiPjxzcGFuIGxhbmc9IkVOLVVTIj48
bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0icDEiPjxzcGFuIGxhbmc9IkVO
LVVTIj5Ob3cgcmV0dXJuaW5nIHRvIHRoZSBxdWVzdGlvbnMuPG86cD48L286cD48L3NwYW4+PC9w
Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1hcmdpbi1sZWZ0OjM2LjBwdCI+PHNwYW4g
bGFuZz0iRU4tVVMiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxvbCBzdHlsZT0ibWFy
Z2luLXRvcDowY20iIHN0YXJ0PSIxIiB0eXBlPSIxIj4NCjxsaSBjbGFzcz0iTXNvTGlzdFBhcmFn
cmFwaCIgc3R5bGU9Im1hcmdpbi1sZWZ0OjE4LjBwdDttc28tbGlzdDpsMiBsZXZlbDEgbGZvNiI+
PHNwYW4gbGFuZz0iRU4tVVMiPkFuIGFuYWx5c2lzIHRoYXQgc2hvd3MgdGhhdCBFREhPQyBpcyBl
cXVpdmFsZW50IHRvIGFuIGV4aXN0aW5nIEFLRSAoZS5nLiwgSUtFIG9yIFRMUyk8bzpwPjwvbzpw
Pjwvc3Bhbj48L2xpPjwvb2w+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1V
UyI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9InAyIj48c3BhbiBjbGFz
cz0iczEiPjxzcGFuIGxhbmc9IkVOLVVTIj5Db25zaWRlcmluZyBFREhPQyBpcyBhIG5ldyBwcm90
b2NvbCBpdCBzaG91bGQgYmUgdGhvcm91Z2hseSBhbmFseXNlZCBhbmQgdmVyaWZpZWQgYWdhaW5z
dCBhbGwgY3VycmVudGx5IGtub3duIGlzc3VlcyBvZiBBS0VzLiBSb21hbiBzZW50IGEgbWFpbCB0
byB0aGUgc2VjZGlzcGF0Y2ggbGlzdCByZWZlcmVuY2luZyBhIHBhcGVyIHByZXNlbnRlZCBhdCBT
U1IgMjAxOA0KIHdoaWNoIGNvdWxkIGJlIHVzZWQgYXMgYSBzdGFydGluZyBwb2ludC4gSG93IGRv
IGZvbGtzIHdhbnQgdG8gZGlnZXN0IHRoaXM6IERvIHRoZXkgd2FudCB0byBzdHVkeSB0aGUgbW9k
ZWwgdGhlbXNlbHZlcyBvciBzaG91bGQgd2UgYXNrIHRoZSBhdXRob3JzIGlmIHRoZXkgY291bGQg
cHJlc2VudCB0aGVpciB3b3JrIGF0IHRoZSBpbnRlcmltPw0KPC9zcGFuPjwvc3Bhbj48c3BhbiBs
YW5nPSJFTi1VUyI+PG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+
PHNwYW4gbGFuZz0iRU4tVVMiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNz
PSJNc29Ob3JtYWwiIHN0eWxlPSJtYXJnaW4tbGVmdDozNi4wcHQiPjxzcGFuIGxhbmc9IkVOLVVT
Ij4yLiBBbiBhcmd1bWVudCB0aGF0IGEgbmV3IEFLRSBpcyBuZWNlc3NhcnkgKHZzLiBhIHJlLWVu
Y29kaW5nIG9mIGFuIGV4aXN0aW5nIEFLRSk8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFz
cz0icDEiPjxzcGFuIGxhbmc9IkVOLVVTIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8
cCBjbGFzcz0icDEiPjxzcGFuIGxhbmc9IkVOLVVTIj5XZSBoYXZlIGRvbmUgdGhpcyBjb21wYXJp
c29uIHdpdGggVExTL0RUTFMgZm9yIHNvbWUgdGltZSBub3csIGFuZCB3aGF0IG9uY2U8c3BhbiBj
bGFzcz0iczEiPiBzZWVtZWQgbGlrZSBhIHJlYXNvbmFibGUgcXVlc3Rpb24gaGFzIHR1cm5lZCBv
dXQgdG8gYmUgbmV2ZXIgZW5kaW5nIGV4ZXJjaXNlLiBJIGRvIG5vdCB3YW50IHRvIGdldCBpbnRv
IElFVEYgYXJjaGVvbG9neSBidXQgZm9yIHRob3NlDQogd2hvIGhhdmUgbm90IGZvbGxvd2VkIHRo
ZSBkaXNjdXNzaW9uIHNvbWUgZGF0YSBwb2ludHMgY291bGQgYmUgcmVsZXZhbnQuPG86cD48L286
cD48L3NwYW4+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJwMSI+PHNwYW4gY2xhc3M9InMxIj48c3Bh
biBsYW5nPSJFTi1VUyI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9zcGFuPjwvcD4NCjxwIGNs
YXNzPSJwMSI+PHNwYW4gY2xhc3M9InMxIj48c3BhbiBsYW5nPSJFTi1VUyI+Tm90IGxvbmcgYWdv
LCB0aGUgZGVzaWduIG9mIHNlY3VyaXR5IHByb3RvY29scyBkaWQgbm90IHRha2UgaW50byBhY2Nv
dW50IGNvbnN0cmFpbmVkIElvVCBkZXZpY2VzLiBXaXRoIE9TQ09SRSB3ZSBzaG93ZWQgdGhhdCB0
aGUgbWVzc2FnZSBvdmVyaGVhZCBjb3VsZCBiZSByZWR1Y2VkIGJ5IGEgZmFjdG9yIDMgY29tcGFy
ZWQgdG8gRFRMUyAxLjIgcmVjb3Jkcy4NCiBCZWZvcmUgdGhpcyBjb21wYXJpc29uIGl0IHdhcyBi
ZWxpZXZlZCB0aGF0IHRoZSByZWNvcmQgbGF5ZXIgd2FzIHBlcmZvcm1pbmcgd2VsbCwgdGhlbiB0
aGUgZGlmZmVyZW5jZSBpbiBvdmVyaGVhZCB3YXMgY2hhcmFjdGVyaXplZCBhcyBpbnNpZ25pZmlj
YW50LCBhbmQgdGhlbiBmaW5hbGx5IGEgY29tcGFjdCBmb3JtYXQgd2FzIGRlc2lnbmVkIGZvciBE
VExTIDEuMy48bzpwPjwvbzpwPjwvc3Bhbj48L3NwYW4+PC9wPg0KPHAgY2xhc3M9InAxIj48c3Bh
biBjbGFzcz0iczEiPjxzcGFuIGxhbmc9IkVOLVVTIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48
L3NwYW4+PC9wPg0KPHAgY2xhc3M9InAxIj48c3BhbiBjbGFzcz0iczEiPjxzcGFuIGxhbmc9IkVO
LVVTIj5XaXRoIEVESE9DIHdlIHNob3dlZCB0aGF0IHRoZSBtZXNzYWdlIG92ZXJoZWFkIG9mIHRo
ZSBrZXkgZXhjaGFuZ2UgY2FuIGJlIHJlZHVjZWQgd2l0aCB1cCB0byBhIGZhY3RvciA0IGNvbXBh
cmVkIHRvIHRoZSBjdXJyZW50IHZlcnNpb24gb2YgRFRMUyAxLjMgKHNlZSBBcHBlbmRpeCBFIGlu
IEVESE9DKS4gQmVmb3JlIHRoaXMgZXhlcmNpc2UgaXQgd2FzIGJlbGlldmVkDQogdGhhdCB0aGUg
VExTL0RUTFMgaGFuZHNoYWtlIHdhcyBwZXJmb3JtaW5nIHdlbGwsIHRoZW4gdGhlIGRpZmZlcmVu
Y2UgaW4gb3ZlcmhlYWQgd2FzIGNoYXJhY3Rlcml6ZWQgYXMgaW5zaWduaWZpY2FudCwgYW5kIG5v
dyB0aGUgZGlzY3Vzc2lvbiBoYXMgc2hpZnRlZCB0byBkb3duc2l6aW5nIHRoZSBUTFMgaGFuZHNo
YWtlIG9yIG90aGVyIHByb3RvY29sLjxvOnA+PC9vOnA+PC9zcGFuPjwvc3Bhbj48L3A+DQo8cCBj
bGFzcz0icDEiPjxzcGFuIGNsYXNzPSJzMSI+PHNwYW4gbGFuZz0iRU4tVVMiPjxvOnA+Jm5ic3A7
PC9vOnA+PC9zcGFuPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0icDEiPjxzcGFuIGNsYXNzPSJzMSI+
PHNwYW4gbGFuZz0iRU4tVVMiPldlIGFyZSBub3QgYWdhaW5zdCBvcHRpbWl6YXRpb25zIHRvIHRo
ZSBUTFMgaGFuZHNoYWtlLCBqdXN0IGFzIHdlIHdlbGNvbWUgdGhlIG1vcmUgb3B0aW1hbCBEVExT
IDEuMyByZWNvcmRzLiBCdXQgVExTIHdhcyBub3QgZGVzaWduZWQgdG8gYmUgYW4gQUtFIGZvciBP
U0NPUkUgb3B0aW1pemVkIGZvciBjb25zdHJhaW5lZCBlbnZpcm9ubWVudHMuIEFzIEkgcmVtZW1i
ZXIsDQogb3B0aW1pemluZyBmb3IgbWVzc2FnZSBvdmVyaGVhZCB3YXMgYW4gZXhwbGljaXQgbm9u
LXJlcXVpcmVtZW50IG9mIFRMUyAxLjMuIFJldmVydGluZyB0aG9zZSBkZXNpZ24gZGVjaXNpb25z
IHNlZW1zIGxpa2UgdGhlIHdyb25nIHdheSB0byBnbzogT25lIHJlYXNvbiB0byB1c2UgVExTIHdv
dWxkIGJlIHRvIHJldXNlIGFuIGV4aXN0aW5nIGltcGxlbWVudGF0aW9uLiBCdXQgZXhpc3Rpbmcg
VExTIGltcGxlbWVudGF0aW9uIHdvdWxkIG1vc3QgbGlrZWx5DQogbm90IGNvbXBhcmUgZmF2b3Jh
Ymx5IGluIHRlcm1zIG9mIGNvZGUgc2l6ZSBhbmQgUkFNLiBBZGRpbmcgY29kZSBmb3IgY29tcHJl
c3Npb24gb3IgcmUtZW5jb2Rpbmcgb2YgdGhlIG1lc3NhZ2VzIHdvdWxkIGFkZCB0byB0aGF0LiBS
ZS1zcGVjaWZ5aW5nIHRoZSBwcm90b2NvbCB3aXRoIHRoZSBuZXcgZW5jb2RpbmcgbWF5IHJlcXVp
cmUgYSBuZXcgZm9ybWFsIHZlcmlmaWNhdGlvbi4gVG8gbWFrZSBhIG1vcmUgY29tcGFjdCBjb2Rl
IGFuZCBwcm9jZXNzaW5nDQogbWF5IGludm9sdmUgdHdvIGluY29tcGF0aWJsZSBtZXNzYWdlIGZv
cm1hdHMgb2YgVExTIGRlcGVuZGluZyBvbiB3aGF0IGlzIGJlaW5nIHNpZ25lZC4gTmV3IGltcGxl
bWVudGF0aW9ucyB3b3VsZCBiZSBuZWVkZWQuDQo8bzpwPjwvbzpwPjwvc3Bhbj48L3NwYW4+PC9w
Pg0KPHAgY2xhc3M9InAxIj48c3BhbiBjbGFzcz0iczEiPjxzcGFuIGxhbmc9IkVOLVVTIj48bzpw
PiZuYnNwOzwvbzpwPjwvc3Bhbj48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNw
YW4gY2xhc3M9InMxIj48c3BhbiBsYW5nPSJFTi1VUyI+V2UgdGhpbmsgd2UgaGF2ZSBkb25lIG91
ciBwYXJ0IG9mIHRoZSBjb21wYXJpc29uIGV4ZXJjaXNlIGFuZCB0aGF0IHRoZSBidXJkZW4gb2Yg
cHJvb2Ygc2hvdWxkIG5vdyBiZSByZXZlcnNlZC4gQ291bGQgd2UgYXNrIHRob3NlIHRoYXQgY2xh
aW0gdG8gaGF2ZSBhIG1vcmUgcGVyZm9ybWFudCBrZXkgZXhjaGFuZ2UgcHJvdG9jb2wgZm9yIE9T
Q09SRQ0KIGFuZCBhcmUgcHJlcGFyZWQgdG8gZG8gdGhlIHdvcmsgdG8gbWFrZSB0aGF0IHBsYXVz
aWJsZSBhbmQgcHJvdmlkZSB0aGUgbnVtYmVycz8gVG8gYmUgY2xlYXI6DQo8L3NwYW4+PC9zcGFu
PjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iY29sb3I6YmxhY2siPmlmIHRoZXJlIGlzIGFub3Ro
ZXIga2V5IGV4Y2hhbmdlIHByb3RvY29sIHN1aXRhYmxlIGZvciBPU0NPUkUgd2hpY2ggb3V0cGVy
Zm9ybXMgRURIT0MgaW4gY29uc3RyYWluZWQgY2hhcmFjdGVyaXN0aWNzIGFuZCB0aGVuIHdlIGFy
ZSB2ZXJ5IGludGVyZXN0ZWQuDQo8L3NwYW4+PHNwYW4gbGFuZz0iRU4tVVMiPjxvOnA+PC9vOnA+
PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHls
ZT0iY29sb3I6YmxhY2siPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJN
c29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iY29sb3I6YmxhY2siPkFuZCBhZ2Fp
biwgd2l0aCB0aGUgc3RhdGVtZW50cyBpbiB0aGlzIG1haWwgd2UgbmVpdGhlciB3YW50IHRvIGJl
bGl0dGxlIHRoZSBjb25zaWRlcmFibGUgZWZmb3J0IG1hZGUgb24gZm9ybWFsIHZlcmlmaWNhdGlv
biwgbm9yIGNsYWltIHRoYXQgRFRMUyBpcyBub3QgZml0IGZvciBJb1QgZGVwbG95bWVudHMuIEl0
IGlzIGFuIGltcG9ydGFudCBoYW1tZXINCiBpbiBvdXIgSW9UIHNlY3VyaXR5IHRvb2xib3gsIGJ1
dCBhdCB0aGUgbW9tZW50IHdlIGRvbuKAmXQgbmVlZCBhIGhhbW1lci48bzpwPjwvbzpwPjwvc3Bh
bj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyI+PG86cD4mbmJz
cDs8L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9InAxIj48c3BhbiBjbGFzcz0iczEiPjxzcGFu
IGxhbmc9IkVOLVVTIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3NwYW4+PC9wPg0KPHAgY2xh
c3M9InAxIj48c3BhbiBjbGFzcz0iczEiPjxzcGFuIGxhbmc9IkVOLVVTIj5Hw7ZyYW48bzpwPjwv
bzpwPjwvc3Bhbj48L3NwYW4+PC9wPg0KPHAgY2xhc3M9InAxIj48c3BhbiBjbGFzcz0iczEiPjxz
cGFuIGxhbmc9IkVOLVVTIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3NwYW4+PC9wPg0KPHAg
Y2xhc3M9InAxIj48c3BhbiBjbGFzcz0iczEiPjxzcGFuIGxhbmc9IkVOLVVTIj48bzpwPiZuYnNw
OzwvbzpwPjwvc3Bhbj48L3NwYW4+PC9wPg0KPHAgY2xhc3M9InAxIj48c3BhbiBjbGFzcz0iczEi
PjxzcGFuIGxhbmc9IkVOLVVTIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3NwYW4+PC9wPg0K
PHAgY2xhc3M9InAxIj48c3BhbiBjbGFzcz0iczEiPjxzcGFuIGxhbmc9IkVOLVVTIj48bzpwPiZu
YnNwOzwvbzpwPjwvc3Bhbj48L3NwYW4+PC9wPg0KPHAgY2xhc3M9InAxIj48c3BhbiBjbGFzcz0i
czEiPjxzcGFuIGxhbmc9IkVOLVVTIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3NwYW4+PC9w
Pg0KPHAgY2xhc3M9InAxIj48c3BhbiBjbGFzcz0iczEiPjxzcGFuIGxhbmc9IkVOLVVTIj48bzpw
PiZuYnNwOzwvbzpwPjwvc3Bhbj48L3NwYW4+PC9wPg0KPHAgY2xhc3M9InAxIj48c3BhbiBsYW5n
PSJFTi1VUyI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9InAxIj48c3Bh
biBsYW5nPSJFTi1VUyI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9InAx
Ij48c3BhbiBsYW5nPSJFTi1VUyI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0KPHAgY2xh
c3M9Ik1zb05vcm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFu
PjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIj48bzpwPiZuYnNw
OzwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8L2JvZHk+DQo8L2h0
bWw+DQo=

--_000_05C8AB73EFD14AC8A795D3624153F4D2ericssoncom_--


From nobody Thu Jan 24 10:28:42 2019
Return-Path: <goran.selander@ericsson.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C17A4131331 for <secdispatch@ietfa.amsl.com>; Thu, 24 Jan 2019 10:28:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.874
X-Spam-Level: 
X-Spam-Status: No, score=-7.874 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-4.553, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_EXCESS_BASE64=0.979, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com header.b=cLzlWEpq; dkim=pass (1024-bit key) header.d=ericsson.com header.b=N6nomDtv
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Vj10qx-41zBF for <secdispatch@ietfa.amsl.com>; Thu, 24 Jan 2019 10:28:31 -0800 (PST)
Received: from sessmg22.ericsson.net (sessmg22.ericsson.net [193.180.251.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 022B0131334 for <secdispatch@ietf.org>; Thu, 24 Jan 2019 10:28:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/relaxed;  q=dns/txt; i=@ericsson.com; t=1548354508; x=1550946508; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=gh8jsP56XY7BSESAuPuRaqxAri8bXFhPubRuilSIgNI=; b=cLzlWEpq3OZ+4U3hz3nuNUjem/it6hqdwdntq3bROJZduRTWRN97JKLFKZMOi6Fo /8mGs/gsqsT4jP+YmL85GPpZh3BcI0DSXX76iEePUZJXYEyI6N5CYR0ZKTDYG1cW E8KMDpjO25cO5IVDHq9Pfj39pihcFAUaIWixkszzYGU=;
X-AuditID: c1b4fb3a-5c9c29e00000672c-cd-5c4a03cc442c
Received: from ESESSMB501.ericsson.se (Unknown_Domain [153.88.183.119]) by sessmg22.ericsson.net (Symantec Mail Security) with SMTP id E0.CC.26412.CC30A4C5; Thu, 24 Jan 2019 19:28:28 +0100 (CET)
Received: from ESESBMB501.ericsson.se (153.88.183.168) by ESESSMB501.ericsson.se (153.88.183.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Thu, 24 Jan 2019 19:28:28 +0100
Received: from EUR02-HE1-obe.outbound.protection.outlook.com (153.88.183.157) by ESESBMB501.ericsson.se (153.88.183.168) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3 via Frontend Transport; Thu, 24 Jan 2019 19:28:27 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gh8jsP56XY7BSESAuPuRaqxAri8bXFhPubRuilSIgNI=; b=N6nomDtvPbAwOC32MGOPkt6GhBOHQfGGOOK9pgtUoM2ZROQUOv/kp8lBOdkwGbgVi5VfD93I4bEbAK8Msdn3Mpp6s97lnyjpy5YtMJ1NgSY2scnRKXC50TdKB/FoCSTa0mA4x8qk4gvKMF8QzJ25Cyper8+ed8xipKvAfrDg5Xs=
Received: from DB6PR07MB4167.eurprd07.prod.outlook.com (10.168.19.153) by DB6PR07MB3061.eurprd07.prod.outlook.com (10.170.222.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1558.10; Thu, 24 Jan 2019 18:28:27 +0000
Received: from DB6PR07MB4167.eurprd07.prod.outlook.com ([fe80::a10c:961e:8639:85f4]) by DB6PR07MB4167.eurprd07.prod.outlook.com ([fe80::a10c:961e:8639:85f4%4]) with mapi id 15.20.1580.004; Thu, 24 Jan 2019 18:28:12 +0000
From: =?utf-8?B?R8O2cmFuIFNlbGFuZGVy?= <goran.selander@ericsson.com>
To: Benjamin Kaduk <kaduk@mit.edu>
CC: "secdispatch@ietf.org" <secdispatch@ietf.org>, John Mattsson <john.mattsson@ericsson.com>, Francesca Palombini <francesca.palombini@ericsson.com>, "ace@ietf.org" <ace@ietf.org>
Thread-Topic: [Ace] [Secdispatch] EDHOC
Thread-Index: AQHUou5Zx1xiDx+jgESY4I5hUyszWqWcqBGAgAINKACAFqIAAIAACQQAgAmPyIA=
Date: Thu, 24 Jan 2019 18:28:12 +0000
Message-ID: <D06F172B-84EC-44AD-8E92-9E5EA98A806A@ericsson.com>
References: <D629D980-C059-474F-B259-2700F2EEAE41@ericsson.com> <79FD6563-8ADA-4D73-B8D5-C3D70604CD76@gmail.com> <F72354EF-2FB7-41C0-BCA1-6D4511A410B2@ericsson.com> <47F03C99-68C1-4ADB-873D-F01987D66849@ipv.sx> <20190118172714.GJ81907@kduck.mit.edu>
In-Reply-To: <20190118172714.GJ81907@kduck.mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
user-agent: Microsoft-MacOutlook/10.15.0.190115
x-originating-ip: [213.89.213.86]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DB6PR07MB3061; 6:A/Z8INUXdubj2kIG6Wgh+/CT+a2Hduf50cuCeF29ygn2avct99j8tjZDYI0pFzkvgPF73Zo4zR/q+SCrB/lCCHf7biQy38hbfzkcMRk78v1ycybahKFwOA6fyJ5LrXnGITPYhWukiTKxrdjrW97swTCDZDKAgqDo+b+Z+O3QwZHyg/t4iEGq25f9/4Czstk1+4v1Bf282pUPCkjSH2d+NuB4VaIiwWcGoyrjTOrCXM+YwzNWQYafmhj1aG1Zd5q1RXR4omI+4/gBMhIRhkr9sjA1/YN4Ilj9HuEJCsaBeeRS1sYHc665WRL0wPVuQPU8atEzQhgN58XtMPFGLbwFJp0XBxc/RTnGKuXg47fr8WbaKx9nL769Uiw62zyCgwnoCYqVY0mK7SdMsG5CeS6Vmw/ia//sRA0Gk787caPKmnBTBssljlFZLJ9JxRLpavoFKdFN2GD2mTS7+4gDLQai0w==; 5:jJUDBUp/zwdGVEcU10x6gJOBEPL71BskKW/PXTXYqoWLX99pZ4FlanS0u7ciw4KDXrQY0DjFCbSqK8d3T+EZY9wg9DKkMUDnRZa73sSF6g494v3X8hrudBbaNPq4mPd3zZcXM9kkdo62oRxPQV1SiGMm1ORaZhwsMDTfbM1GJsZJY8jA23WSA2/FN1aw3yzIAfzeHtJ9LJEw+kh7wMPSMw==; 7:2gY7xKQu1oacRx2oxP9h/0jeKZ/2Dv9hVOOleudOOXSSydfROFGm9Yrpw7YBsmUQlHFUSEzs3mYdS6CzMw7IQB0vofsBloz98HuDXCUBVxlWQbrCojRHQfBy+/LjCpHYgTaXvABg9+FYYTFzK4JgwA==
x-ms-exchange-antispam-srfa-diagnostics: SOS;SOR;
x-forefront-antispam-report: SFV:SKI; SCL:-1; SFV:NSPM; SFS:(10009020)(376002)(39860400002)(136003)(366004)(396003)(346002)(189003)(199004)(68736007)(446003)(71190400001)(2616005)(476003)(11346002)(83716004)(105586002)(2906002)(26005)(6436002)(6246003)(102836004)(106356001)(85202003)(3846002)(6486002)(6116002)(76176011)(6506007)(82746002)(2171002)(33656002)(97736004)(66574012)(186003)(4326008)(36756003)(229853002)(478600001)(486006)(305945005)(8676002)(14454004)(256004)(99286004)(8936002)(53936002)(6512007)(14444005)(85182001)(25786009)(58126008)(316002)(66066001)(81166006)(7736002)(81156014)(93886005)(54906003)(71200400001)(86362001)(6306002)(966005)(6916009); DIR:OUT; SFP:1101; SCL:1; SRVR:DB6PR07MB3061; H:DB6PR07MB4167.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; 
x-ms-office365-filtering-correlation-id: 99dff6e8-ea6e-4b26-fec3-08d68229b2ca
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605077)(2017052603328)(7153060)(7193020); SRVR:DB6PR07MB3061; 
x-ms-traffictypediagnostic: DB6PR07MB3061:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=goran.selander@ericsson.com; 
x-microsoft-antispam-prvs: <DB6PR07MB3061CB5366C3000DE661231DF49A0@DB6PR07MB3061.eurprd07.prod.outlook.com>
x-forefront-prvs: 0927AA37C7
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: oxFk5wOgg2+Pyiou9Yo7O6SXeEO6IM96CyjaMIWMks8rm9FRWssp3i8IUMw8LoBe56VAuRj2XfMyZlNf6dYu9tPk57/W9oxFZjzDDc60zkLpeMZiGQdcheWwzElKH+RaA+Tjcbv94xT9LDJqzCLazIysGU1zbkC+cmA27DaPR9W1Oijqo+9lVu3XpkmnVrh/+UBfczNzT4hlQGtyui6qSDpkgpBUzUS2NciU+3miK/Hx/cmk0aZFTOl9AYHTxZjC051ztjCmgctbbeCC/3iGvtCWi0JHRIPEvlOFGwIsaYqtwjOk9TlGR56UugZfwx5uJ3KI5UpHKDjpAOyZr5LytKy6/pEhYJva80MvxWf6KV+8cXls79hWNWsovNTSegQtoLOYNlSdZc2tESPEd8Dt5JkKAfsK0nv+Nkbb3DyaSdw=
Content-Type: text/plain; charset="utf-8"
Content-ID: <A8E1BA2DCC688E47B487353D8E0E1F39@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 99dff6e8-ea6e-4b26-fec3-08d68229b2ca
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jan 2019 18:28:12.3210 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR07MB3061
X-OriginatorOrg: ericsson.com
X-Brightmail-Tracker: H4sIAAAAAAAAA02SaUhUURSAue+9eT6HJq4vxzlugZMpGmqO/ZBQW8zQzJCk0BjTQR8qrrxn LkE6TZsbamiWIhipWSktKioVqJMiheaSmfnDcqG0lKjMHcmZN0H/vnO+c+8553IZkq2Q2DAJ Kekcn6JJUtJSqjK8PdOtnzyh3l88ae29slxEejc8qyS8m8Y+SA6TgXV1a0Sgrr+XDCXOSX1i uaSEDI738IuWxnct7U7b9M0qXsmnteipTwEyZwAfgPX2SlSApAyLexB8WWglxGAZQYNumBSD OgImrw4aDYVLSZhtr6dFU0bAvaUh2nAZi6cRlMxFG5jGx+CzdpowsCVWQu3AVeMBEncgmHw3 RhnELuwEutF+SixyhvsLtbTIp0Db8N7MwBTeC21b+dtzMIwMH4LbQyFi48sEDDxYQ4Yac+wF 478mjYywFay8aTI2JrECJmZrCHFTDHUvB0mR5TA/syUxsBx7wLWVVYmYd4BpfYmJ7WGkptD4 MoB1ZvCpoosShSf0PewkRVFDw5+en2aiCIGZ3iLT6Y8I1ovOiOwK+vEu03TnQfdYS4v5RNA1 T9ClyKPqv2GrthclsQs8eW5KB8KtlmoksgOUF06ZGViGLeB15Sx1F0keIbnACUJynErlzvEJ MYKQmuKewqU3o+3f0t26cbADdX89okeYQcodst7lIDUr0WQI2cl6BAyptJQFDB9Xs7JYTfZF jk+N4i8kcYIe2TKUUiHbZC3ULI7TpHOJHJfG8f8swZjbaFGkf+Cio7XL77BLzSOrmjxFpxfh 1VIeMevUNlHbo/XjN+behm+GnXTGoTnB1+cDggUXtz3tvFVPdKO2mrCWhgmKGzFHX+yMstxn nzs+5au5aVdUtpA3GjRe3/k901OmdHCMtMtRsGdVS2SNf0TOads7P2YW+7LkqisdufOvvjUq KSFe4+lK8oLmL43yhvEpAwAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/1Lzyj2WyGmtJGaalVHeAde6GZIE>
Subject: Re: [Secdispatch] [Ace]  EDHOC
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jan 2019 18:28:33 -0000

SGkgQmVuLA0KDQpJIHJlcGxpZWQgdG8gc29tZSBvZiB5b3VyIGNvbW1lbnRzIGluIG15IHByZXZp
b3VzIG1haWwgdG8gdGhlIGxpc3QuIEFkZGl0aW9uYWwgY29tbWVudHMgaW5saW5lLg0KDQrvu79P
biAyMDE5LTAxLTE4LCAxODoyNywgIkJlbmphbWluIEthZHVrIiA8a2FkdWtAbWl0LmVkdT4gd3Jv
dGU6DQoNCiAgICBPbiBGcmksIEphbiAxOCwgMjAxOSBhdCAxMTo1NDo1OEFNIC0wNTAwLCBSaWNo
YXJkIEJhcm5lcyB3cm90ZToNCiAgICA+IExldCBtZSBwcm92aWRlIHNvbWUgYWRkaXRpb25hbCBj
b250ZXh0LiAgV2hlbiB0aGUgY2hhaXJzIGFuZCBBRHMgZGlzY3Vzc2VkIHRoaXMgaW4gQktLLCBp
dCBzZWVtZWQgcHJldHR5IGNsZWFyIHRoYXQgRURIT0MgaXMgbm90IHdpdGhpbiB0aGUgY3VycmVu
dCBjaGFydGVyIG9mIEFDRSDigJQgYWZ0ZXIgYWxsLCBBQ0UgaXMgdGFyZ2V0ZWQgYXQgYXV0aGVu
dGljYXRpb24gYW5kIGF1dGhvcml6YXRpb24sIG5vdCBrZXkgZXhjaGFuZ2UuICBTaW5jZSBBQ0Ug
d291bGQgbmVlZCB0byByZWNoYXJ0ZXIgdG8gYWNjZXB0IHRoaXMgd29yayBpbiBhbnkgY2FzZSwg
YW5kIGJlY2F1c2UgRURIT0Mgb3ZlcmxhcHBlZCB3aXRoIHRoZSBpbnRlcmVzdHMgb2Ygb3RoZXIg
d29ya2luZyBncm91cHMsIGl0IHNlZW1lZCB0byBtYWtlIHNlbnNlIHRvIGhhdmUgdGhlIGNvbnZl
cnNhdGlvbiBpbiBhIGJyb2FkZXIgdmVudWUuDQogICAgDQogICAgQUNFJ3MgY2hhcnRlciBpcyAu
Li4gbWVzc3kuICBNb3JlIGJlbG93Lg0KICAgIA0KICAgID4gR8O2cmFuOiBZb3VyIGVtYWlsIHN0
YXJ0aW5nIHRoaXMgdGhyZWFkIHNlZW1zIGxpa2UgYW4gYWJicmV2aWF0ZWQgc3VtbWFyeSBvZiB0
aGUgcGFzdCBkaXNjdXNzaW9uIG9mIHRoaXMgZHJhZnQuICBTaW5jZSB0aGlzIGlzIGEgbmV3IGF1
ZGllbmNlLCBpdCB3b3VsZCBiZSBoZWxwZnVsIGlmIHlvdSBjb3VsZCBzdGFydCBmcm9tIHRoZSB1
bmRlcmx5aW5nIHJlcXVpcmVtZW50cyAo4oCcd2UgbmVlZCBhbiBBS0Ugd2l0aCBjZXJ0YWluIGNv
bnN0cmFpbnRz4oCdKSBhbmQgbGF5IG91dCB3aHkgbmV3IHByb3RvY29sIHdvcmsgaXMgbmVlZGVk
LCB2cy4gcHJvZmlsaW5nIGV4aXN0aW5nIHByb3RvY29scyAoYXMgaGFzIGJlZW4gZG9uZSwgZS5n
LiwgaW4gRElDRSkuDQogICAgDQogICAgDQogICAgVGhlcmUgc2VlbSB0byBiZSBzZXZlcmFsIGlu
dGVybGVhdmVkIGlzc3VlcyBhdCBwbGF5LCBoZXJlLCBhbmQgSSBhZ3JlZSB0aGF0DQogICAgc29t
ZSBjbGVhci9jb25zb2xpZGF0ZWQgYmFja2dyb3VuZCB3b3VsZCBiZSBoZWxwZnVsLiAgSSBwYXJ0
aWN1bGFybHkgY2FsbA0KICAgIG91dCB0aGUgc2VjdXJpdHkgcHJvb2YgdGhhdCBoYXMgYmVlbiBw
cmVzZW50ZWQgZWxzZXdoZXJlLCB3aGljaCBJIHRoaW5rDQogICAgd291bGQgYmUgaW50ZXJlc3Rp
bmcgdG8gc2V2ZXJhbCByZWFkZXJzIChidXQgSSBkb24ndCBoYXZlIHRoZSBsaW5rIGhhbmR5KS4N
CiAgICANClJlZmVyZW5jZWQgaW4gUm9tYW4ncyBwcmV2aW91cyBtYWlsIHRvIHNlY2Rpc3BhdGNo
LiBJIGFncmVlIHRoYXQgYXNzZXJ0aW5nIHRoZSBmb3JtYWwgc2VjdXJpdHkgcHJvcGVydGllcyBp
cyBrZXkuDQoNCiAgICBTb21lIHRob3VnaHRzIG9mIG15IG93bi4uLg0KICAgIA0KICAgIFRoZXJl
IGlzIGNsZWFyIGRlbWFuZCBmb3IgYSBsaWdodHdlaWdodCBrZXktZXhjaGFuZ2UgcHJvdG9jb2wg
Zm9yIHVzZSBpbg0KICAgIElvVCBwcm90b2NvbHMsIGVzcGVjaWFsbHkgT1NDT1JFLiAgRURIT0Mg
aGFzIGJlZW4gYXJvdW5kIGZvciBhIHdoaWxlLCBhbmQNCiAgICBldmVuIGRpc2N1c3NlZCBpbiBB
Q0Ugd2l0aCBzb21lIGZyZXF1ZW5jeS4gIFRoYXQgc2FpZCwgdGhlcmUgYXJlIHNldmVyYWwNCiAg
ICByZWFzb25zIHRvIHByZWZlciBhc2tpbmcgc2VjZGlzcGF0Y2ggdG8ganVzdCBjYWxsaW5nIGZv
ciBhZG9wdGlvbiBpbiBBQ0UNCiAgICBkaXJlY3RseSwgaW5jbHVkaW5nIGJ1dCBub3QgbGltaXRl
ZCB0bzoNCiAgICANCiAgICAoYSkgZGVzaWduaW5nIHNlY3VyZSBhdXRoZW50aWNhdGVkIGtleSBl
eGNoYW5nZSBwcm90b2NvbHMgaXMgaGFyZCEgIEl0IHRha2VzDQogICAgYSBsb3Qgb2YgZW5lcmd5
IGZyb20gc21hcnQgcGVvcGxlIHRvIGRlc2lnbiBhbmQgYW5hbHl6ZSBhIHByb3RvY29sIHRvIGhh
dmUNCiAgICBjb25maWRlbmNlIHRoYXQgaXQgaXMgc2VjdXJlIGFuZCBmdWxmaWxzIHRoZSBhZHZl
cnRpc2VkIGZ1bmN0aW9ucy4NCiAgICBTdGFydGluZyBmcm9tIHdlbGwta25vd24vd2VsbC1hbmFs
eXplZCBmb3VuZGF0aW9ucyBsaWtlIFNJR01BIGlzIGEgZ3JlYXQNCiAgICBzdGFydCwgYnV0IGhh
cmRseSBhIGd1YXJhbnRlZSBvZiBzdWNjZXNzLiAgU2VjZGlzcGF0Y2ggZ2V0cyB1cyBzb21lIGJl
dHRlcg0KICAgIHZpc2liaWxpdHksIGFuZCBpbnNpZ2h0IGludG8gd2hlcmUgd29yayBjYW4gYmUg
ZG9uZSB0aGF0IHdpbGwgaGF2ZQ0KICAgIHN1ZmZpY2llbnQgZXhwZXJ0aXNlIChib3RoIHdpdGhp
biBhbmQgb3V0c2lkZSB0aGUgSUVURiwgYXMgd2VsbCBhcyB3aGF0IGhhcw0KICAgIGJlZW4gZG9u
ZSBhbHJlYWR5IHZzLiB3aGF0IHJlbWFpbnMgdG8gYmUgZG9uZSkgdG8gYmUgY29uZmlkZW50IGlu
IHRoZQ0KICAgIHJlc3VsdC4NCiAgICANClRoaXMgc291bmRzIGxpa2UgYW4gZXhjZWxsZW50IHN1
cHBvcnQgZnVuY3Rpb24uIFRoYW5rcy4NCg0KICAgIChiKSBBQ0UgaGFzIGEgcHJldHR5IGNvbXBs
aWNhdGVkIGNoYXJ0ZXIsIHRoYXQgc2VlbXMgdG8gcGxhY2UgcmVzdHJpY3Rpb25zDQogICAgb24g
aG93IGl0IGNhbiBhZG9wdCBuZXcgcHJvdG9jb2wgd29yayB3aXRob3V0IHJlY2hhcnRlcmluZy4g
IFdlIGZpbmQgdGhpbmdzDQogICAgaW4gdGhlIGNoYXJ0ZXIgbGlrZSAiZXhpc3RpbmcgYXV0aGVu
dGljYXRpb24gYW5kIGF1dGhvcml6YXRpb24gcHJvdG9jb2xzDQogICAgd2lsbCBiZSBldmFsdWF0
ZWQgYW5kIHVzZWQgd2hlcmUgYXBwbGljYWJsZSBbLi4uXS4gIFNvbWUgZnVuY3Rpb25hbGl0eSwN
CiAgICBob3dldmVyLCBtYXkgbm90IGJlIGF2YWlsYWJsZSBpbiBleGlzdGluZyBwcm90b2NvbHMs
IGluIHdoaWNoIGNhc2UgdGhlDQogICAgc29sdXRpb24gbWF5IGludm9sdmUgbmV3IHByb3RvY29s
IHdvcmsuIiAgVGhpcyB3b3VsZCBzZWVtIHRvIHJlcXVpcmUgYQ0KICAgIGNsZWFyIGNyaXRlcmlh
IGZvciBob3cgdG8gZGV0ZXJtaW5lIHdoZXRoZXIgb3Igbm90IGV4aXN0aW5nIHRlY2hub2xvZ3kg
aXMNCiAgICBhcHBsaWNhYmxlLCBwbHVzIGV2aWRlbmNlIHRoYXQgZXhpc3RpbmcgcHJvdG9jb2xz
IGRvIG5vdCBtZWV0IHRoZSBiYXIuICBJbg0KICAgIHBhcnRpY3VsYXIsICJtYWtlIHRoZSBrZXkg
ZXhjaGFuZ2UgbWVzc2FnZXMgYXMgc21hbGwgYXMgcG9zc2libGUiIGlzIG5vdCBhDQogICAgY2xl
YXIgY3JpdGVyaW9uLCBhcyB0aGF0IHdvdWxkIGFsd2F5cyBhcmd1ZSBmb3IgYSBuZXcgcHJvdG9j
b2wgb3ZlciBhbg0KICAgIGV4aXN0aW5nIG9uZSwgYXMgd2UgY29tZSB1cCB3aXRoIG5ldyB3YXlz
IHRvIGVrZSBvdXQgc3BhY2UuDQoNCkkgZG9uJ3Qga25vdyBob3cgaW1wb3J0YW50IGl0IGlzIHRv
IGZpdCBpbnRvIHRoZSBleGlzdGluZyBBQ0UgY2hhcnRlciBidXQgdGhlIGNvbXBhcmlzb24gYmV0
d2VlbiBFREhPQyBhbmQgVExTL0RUTFMgaGFuZHNoYWtlIHNob3dlZCBhIHJlZHVjdGlvbiBpbiBt
ZXNzYWdlIG92ZXJoZWFkIHdpdGggdXAgdG8gNzUlLCB3aGljaCBjYW4gYmUgdHJhbnNsYXRlZCBp
bnRvIHBvd2VyIGNvbnN1bXB0aW9uLiBJIHdvdWxkIHNheSB0aGF0ICJwb3dlciBlZmZpY2llbnQg
a2V5IGV4Y2hhbmdlIiBpcyBmdW5jdGlvbmFsaXR5IG5vdCBhdmFpbGFibGUgaW4gdGhlIGV4aXN0
aW5nIHByb3RvY29scyB3ZSBsb29rZWQgYXQuDQoNCiAgICAoYykgQSBjbGVhciBhbmQgc3Vic3Rh
bnRpYWwgZGlmZmVyZW5jZSBiZXR3ZWVuIGtleSBleGNoYW5nZS9oYW5kc2hha2Ugc2l6ZQ0KICAg
IGJldHdlZW4gRURIT0MgYW5kIGV2ZW4gbWluaW1pemVkIERMVFMgY291bGQgYmUgY29tcGVsbGlu
ZyBlbm91Z2ggZm9yDQogICAgc2VjZGlzcGF0Y2ggdG8gZGVjaWRlIHRoYXQgdGhlIHdvcmsgaXMg
dXNhYmxlLCBhbmQgZmluZCBhbiBhcHByb3ByaWF0ZQ0KICAgIGhvbWUsIGluZGVwZW5kZW50bHkg
b2YgdGhlIHF1ZXN0aW9uIG9mIHJlY2hhcnRlcmluZyBBQ0UgYW5kIG1lZXRpbmcgdGhlDQogICAg
YWRkaXRpb25hbCBiYXJyaWVyIGRlc2NyaWJlZCBpbiB0aGUgcHJldmlvdXMgcG9pbnQuDQogICAg
DQpUaGUgV0cgaXMgbm90IGNydWNpYWwsIGJ1dCBpbnZvbHZlbWVudCBmcm9tIHRoZSB1c2VyIGNv
bW11bml0eSBpcyB2YWx1YWJsZSBhcyB3ZWxsIGFzIHRoZSBzZWN1cml0eSBleHBlcnRpc2UuIA0K
ICAgIA0KICAgIEppbSBhbmQgc2V2ZXJhbCBvdGhlcnMgaGF2ZSBkb25lIHNvbWUgZ29vZCB3b3Jr
IGxvb2tpbmcgaW50byB0YWJ1bGF0aW5nDQogICAgbWVzc2FnZSBvdmVyaGVhZHMgaW4gdmFyaW91
cyBzY2VuYXJpb3MgKGUuZy4sDQogICAgaHR0cHM6Ly93d3cuZGl2YS1wb3J0YWwub3JnL3NtYXNo
L2dldC9kaXZhMjoxMTU2NDgzL0ZVTExURVhUMDEucGRmLA0KICAgIGh0dHBzOi8vamltc2NoLmdp
dGh1Yi5pby9yYW5kb21EcmFmdHMvZHJhZnQtc2NoYWFkLWFjZS10bHMtY2Jvci1oYW5kc2hha2Uu
aHRtbCkNCiAgICB0aGF0IHdpbGwgYmUgaGVscGZ1bCBhcyB3ZSBjb25zaWRlciB0aGlzIHRvcGlj
Lg0KICAgIA0KICAgIEluIGFkZGl0aW9uIHRvIGp1c3QgY29tcGFyaW5nIHRoZSBieXRlIGNvdW50
IGZvciBoYW5kc2hha2Uva2V5IGV4aGNoYW5nZQ0KICAgIG1lc3NhZ2VzIGluIHZhcmlvdXMgbWV0
aG9kcywgaXQgd291bGQgcHJvYmFibHkgYWxzbyBiZSBnb29kIHRvIHRoaW5rIGFib3V0DQogICAg
dGhpbmdzIGluIHRlcm1zIG9mIHRoZSBjb25zdHJhaW50cyBpbiB0aGUgY3VycmVudCBBQ0UgY2hh
cnRlci4gIFRoYXQgaXMsDQogICAgc29tZW9uZSBjb3VsZCAoMSkgcGljayBhIChjbGFzcyBvZikg
ZGV2aWNlKHMpLCAoMikgc2hvdyB0aGF0IGl0IGhhcyB3aWRlDQogICAgZGVwbG95bWVudC9wb3Rl
bnRpYWwgdGhlcmVvZiwgKDMpIGdpdmUgaGFyZCBudW1iZXJzIGFib3V0IHdoYXQgaXQncyAobm90
KQ0KICAgIGNhcGFibGUgb2YsIGFuZCAoNCkgc2hvdyB0aGF0IERUTFMgZmFsbHMgb24gdGhlIHdy
b25nIHNpZGUgb2YgdGhhdCBjdXRvZmYsDQogICAgdXNpbmcgdGhlIGhhbmRzaGFrZSBudW1iZXJz
IHdlIGFscmVhZHkgaGF2ZS4gIEluIHBhcnRpY3VsYXIsIEkgZG9uJ3QNCiAgICByZW1lbWJlciBz
ZWVpbmcgYW55dGhpbmcgdG91Y2hpbmcgb24gKDMpLCBwcmV2aW91c2x5LiAgQW4gYW5hbHlzaXMg
bGlrZQ0KICAgIHRoaXMgd291bGQgbm90IG9ubHkgZ2l2ZSBzb21lIGNvbnRleHQgZm9yIGludGVy
cHJldGluZyB0aGUgZ2FwIGJldHdlZW4NCiAgICBFREhPQyBhbmQgRExUUywgYnV0IGNvdWxkIGFs
c28gYmUgY29tcGVsbGluZyBpbiBzdXBwb3J0IG9mIHRoZSBuZWVkIGZvciB0aGUNCiAgICBtb3Jl
IGxpZ2h0d2VpZ2h0IHNvbHV0aW9uLg0KDQpBcyBtZW50aW9uZWQsIG1lc3NhZ2Ugb3ZlcmhlYWQg
ZGlmZmVyZW5jZXMgdHJhbnNsYXRlIGludG8gbWVhc3VyYWJsZSBxdWFudGl0aWVzLiBXaGlsZSBp
dCBtYXkgYmUgcG9zc2libGUgdG8gZmluZCBhbiBleGFtcGxlIHdoZXJlIHRoZXJlIGlzIGEgY2xl
YXIgY3V0LCBJIHRoaW5rIGZvciBtYW55IHNjZW5hcmlvcyB0aGVyZSB3b3VsZCBiZSBxdWFsaXRh
dGl2ZSBkaWZmZXJlbmNlcy4NCg0KR8O2cmFuDQoNCg0KDQoNCg0K


From nobody Thu Jan 24 11:16:15 2019
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 523371313B9; Thu, 24 Jan 2019 11:16:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level: 
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eCeyBDcwEuzt; Thu, 24 Jan 2019 11:16:11 -0800 (PST)
Received: from mail-ot1-x333.google.com (mail-ot1-x333.google.com [IPv6:2607:f8b0:4864:20::333]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CFC2012894E; Thu, 24 Jan 2019 11:16:10 -0800 (PST)
Received: by mail-ot1-x333.google.com with SMTP id i20so6304622otl.0; Thu, 24 Jan 2019 11:16:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;  h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=cXFtMw57pTxpUjtYQiz6/E6e4It0hZD0pJ/xcVK8w6E=; b=sZtCoBwx23Am1RCGMBaIP9EH0GNU1E6SpKlirORpBNwKSSORK+AOngt5Wts7zORuv4 lIeb3zeWpEGF+poBJqjj6aTLwEYOxWASznUjZZkewhJqlUXSBIVZutOTe4oIcVNpGHAO tXCYX4HUvHmI3o+IpraEpQq32WiwNN7Fkkwz/bjq3Ku0Lg/4+gQ9SPu78O2c4M2VKGoX iaIIo09L1niilxqgH5AAv57XvaexhLBd5nIabuLtDye+HOvRnaw1bfrPPweoCUy0B/CT vNxZ/9Xb4m9cUYw3bGKYRyXpRoq7UZ+W/z77lOhf1pNYUDUpOLL5106kVUw20vfDsCe5 e6yQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=cXFtMw57pTxpUjtYQiz6/E6e4It0hZD0pJ/xcVK8w6E=; b=tcL8q0pCIRrCIqmhKIWX2lYsnHwprq8LgH2wpf0DqIPlitduxZM5yj9xNu6OIsZ0eJ C5pxFHrEMUMHhUc5UjbwHJTI9/5zeVErEm7NlDefmC89s4HJyQt9uX07au4oUxieUPQp aMgQATzJptlD9kDOjJsasHvZNeUUgzrhBDwe/V0ahDn09py7K2GQzvaFgzKOcIlzoIHs Ci57U6B8e1AuPHyhmrkFJZ+L3Nflnq4utCUKe8rZl4ncgDEIITq3Uk+V7qIFMS+jjDrV zBR/0hQ2BMijqddZwkAjiHZB3kVOsL6SyBA/90/gkENIUGDTImYOky70DNsiBnYklRa9 rLKA==
X-Gm-Message-State: AJcUukcXNSt+LcVeZUbFQyoOih6cdeaXurtgCmgwyNqPirHNMoaYsE9B QA7h0HHwh8Ix6oeBx8M2zizQL/3Id0x6SFkBIBYbtg==
X-Google-Smtp-Source: ALg8bN7tDHO1mslY1okcpvgHpi95V1Qh9dyrGVsDdNIlJCEs0tlRIz6B+pMpmEvH9kg3pCCHPuJ/aJhGufGQIFdibS8=
X-Received: by 2002:a9d:1715:: with SMTP id i21mr5201242ota.149.1548357369966;  Thu, 24 Jan 2019 11:16:09 -0800 (PST)
MIME-Version: 1.0
References: <D629D980-C059-474F-B259-2700F2EEAE41@ericsson.com> <79FD6563-8ADA-4D73-B8D5-C3D70604CD76@gmail.com> <F72354EF-2FB7-41C0-BCA1-6D4511A410B2@ericsson.com> <47F03C99-68C1-4ADB-873D-F01987D66849@ipv.sx> <20190118172714.GJ81907@kduck.mit.edu> <359EC4B99E040048A7131E0F4E113AFC0185795C45@marathon> <CAL02cgQgoxrxzBHk9pCvWwg8n91gpfK=4kReGfFfb=Av8=CoCw@mail.gmail.com> <05C8AB73-EFD1-4AC8-A795-D3624153F4D2@ericsson.com>
In-Reply-To: <05C8AB73-EFD1-4AC8-A795-D3624153F4D2@ericsson.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Thu, 24 Jan 2019 14:15:33 -0500
Message-ID: <CAHbuEH4JpZV9TeCFjv89oCeQLD21rPdkbjKeLnRPG1V07VCRBQ@mail.gmail.com>
To: =?UTF-8?Q?G=C3=B6ran_Selander?= <goran.selander@ericsson.com>
Cc: Richard Barnes <rlb@ipv.sx>, Roman Danyliw <rdd@cert.org>, John Mattsson <john.mattsson@ericsson.com>,  "secdispatch@ietf.org" <secdispatch@ietf.org>,  Francesca Palombini <francesca.palombini@ericsson.com>, "ace@ietf.org" <ace@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000005b4580580390b25"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/noD23qq8PwzPzfbw_0vkk-FwWiA>
Subject: Re: [Secdispatch] [Ace]  EDHOC
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jan 2019 19:16:13 -0000

--00000000000005b4580580390b25
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Thanks for the very helpful message, Goran.  A couple of comments inline.

On Thu, Jan 24, 2019 at 11:31 AM G=C3=B6ran Selander <goran.selander@ericss=
on.com>
wrote:

> Hi Richard, Roman, all
>
>
>
> Thanks for kind welcome and for progressing the discussion. Apologies for
> a long email.
>
>
>
> *From: *Richard Barnes <rlb@ipv.sx>
>
>
>
> Summing up where I believe the conversation stands now, it seems like wha=
t
> folks are asking for is either:
>
>
>
>    1. An analysis that shows that EDHOC is equivalent to an existing AKE
>    (e.g., IKE or TLS), or
>
>
>
> 2. An argument that a new AKE is necessary (vs. a re-encoding of an
> existing AKE)
>
>
>
> G=C3=B6ran et al: Do you have thoughts on those points?
>
>
>
> Yes. I=E2=80=99ll get back to this later in this email.
>
>
>
> It seems like it could be a productive use of an hour or two of virtual
> interim time to help the group understand one of those lines of argument.
>
>
>
> Agree.
>

Anything to prevent further hold ups on this work would be appreciated.


>
>
> --Richard
>
>
>
> As requested in a previous email, here is a background.
>
>
>
> The work on EDHOC is motivated by the need for an authentication and key
> exchange protocol for OSCORE (draft-ietf-core-object-security) optimized
> for constrained-node networks (RFC 7228). OSCORE is applied within the
> IETF, e.g. in 6TiSCH minimal security (draft-ietf-6tisch-minimal-security=
),
> but also requested by other SDOs and industry fora such as OMA Specworks,
> Open Connectivity Foundation and Fairhair Alliance. The properties of
> OSCORE motivating its use include: support for CoAP forward proxies,
> support for change of underlying transports including non-IP, low overhea=
d,
> low additional footprint and memory to existing CoAP implementations,
> support for multicast security, security for end-to-end REST.
>
>
>
> Given the large interest in OSCORE already before it has become an RFC we
> anticipate a wide range of deployments. For example, we see an interest f=
or
> OSCORE in Cellular IoT with traffic running over the cellular air interfa=
ce
> control channel, where we can have end-to-end CoAP, but not necessarily
> end-to-end IP between an application server and a cellular device. Or
> between an application server and a device behind a cellular gateway.
> Comparing just these two cases, the difference in capabilities of the
> devices can be significant which makes it difficult to point at some sort
> of =E2=80=9Creference devices=E2=80=9D for benchmarking.
>
>
>
> In order to support the low end use cases the AKE must be performant in
> low bandwidth deployments with battery powered devices restricted in RAM
> and ROM. Message sizes and round trips have a direct impact on latency,
> power consumption and battery lifetime, and can be calculated which is th=
e
> reason for this being a commonly used metric. While it may be more
> difficult to compare memory and storage requirements, the ability to reus=
e
> existing code is an important indication. If a device can support a CoAP
> stack (in the sense of memory and flash, etc) it is expected to also be
> able to support OSCORE. Similarly, it is desirable that a device with CoA=
P
> and OSCORE implemented should be able to support an additional AKE.
> Considering that EDHOC reuses CBOR and COSE primitives from OSCORE the
> additional code for EDHOC can be very limited.
>
>
>
> From a security point of view OSCORE requires that the endpoints have
> agreed on a Master Secret with a good amount of randomness, and each
> other=E2=80=99s Sender IDs, and those must be different for a given Maste=
r Secret.
>
>
>
> Now returning to the questions.
>
>
>
>    1. An analysis that shows that EDHOC is equivalent to an existing AKE
>    (e.g., IKE or TLS)
>
>
>
> Considering EDHOC is a new protocol it should be thoroughly analysed and
> verified against all currently known issues of AKEs. Roman sent a mail to
> the secdispatch list referencing a paper presented at SSR 2018 which coul=
d
> be used as a starting point. How do folks want to digest this: Do they wa=
nt
> to study the model themselves or should we ask the authors if they could
> present their work at the interim?
>
>
>
> 2. An argument that a new AKE is necessary (vs. a re-encoding of an
> existing AKE)
>
>
>
> We have done this comparison with TLS/DTLS for some time now, and what on=
ce
> seemed like a reasonable question has turned out to be never ending
> exercise. I do not want to get into IETF archeology but for those who hav=
e
> not followed the discussion some data points could be relevant.
>
>
>
> Not long ago, the design of security protocols did not take into account
> constrained IoT devices. With OSCORE we showed that the message overhead
> could be reduced by a factor 3 compared to DTLS 1.2 records. Before this
> comparison it was believed that the record layer was performing well, the=
n
> the difference in overhead was characterized as insignificant, and then
> finally a compact format was designed for DTLS 1.3.
>
>
>
> With EDHOC we showed that the message overhead of the key exchange can be
> reduced with up to a factor 4 compared to the current version of DTLS 1.3
> (see Appendix E in EDHOC). Before this exercise it was believed that the
> TLS/DTLS handshake was performing well, then the difference in overhead w=
as
> characterized as insignificant, and now the discussion has shifted to
> downsizing the TLS handshake or other protocol.
>
>
>
> We are not against optimizations to the TLS handshake, just as we welcome
> the more optimal DTLS 1.3 records. But TLS was not designed to be an AKE
> for OSCORE optimized for constrained environments. As I remember,
> optimizing for message overhead was an explicit non-requirement of TLS 1.=
3.
> Reverting those design decisions seems like the wrong way to go: One reas=
on
> to use TLS would be to reuse an existing implementation. But existing TLS
> implementation would most likely not compare favorably in terms of code
> size and RAM. Adding code for compression or re-encoding of the messages
> would add to that. Re-specifying the protocol with the new encoding may
> require a new formal verification. To make a more compact code and
> processing may involve two incompatible message formats of TLS depending =
on
> what is being signed. New implementations would be needed.
>
>
>
> We think we have done our part of the comparison exercise and that the
> burden of proof should now be reversed. Could we ask those that claim to
> have a more performant key exchange protocol for OSCORE and are prepared =
to
> do the work to make that plausible and provide the numbers? To be clear: =
if
> there is another key exchange protocol suitable for OSCORE which
> outperforms EDHOC in constrained characteristics and then we are very
> interested.
>

I agree with Goran that they have jumped through enough hoops at this
point.  However, if alternatives come forward, understanding their
timelines is also critical as not to hold up this work for any substantial
amount of time.


>
> And again, with the statements in this mail we neither want to belittle
> the considerable effort made on formal verification, nor claim that DTLS =
is
> not fit for IoT deployments. It is an important hammer in our IoT securit=
y
> toolbox, but at the moment we don=E2=80=99t need a hammer.
>

The class of IoT device seems to be the critical point here and having one
protocol that can meet all needs is a nice goal, but not realistic from the
comparison numbers provided and the varying requirements in the IoT space.

Best regards,
Kathleen


>
>
>
> G=C3=B6ran
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> _______________________________________________
> Ace mailing list
> Ace@ietf.org
> https://www.ietf.org/mailman/listinfo/ace
>


--=20

Best regards,
Kathleen

--00000000000005b4580580390b25
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div dir=3D"ltr">Thanks for the very helpful message, Gora=
n.=C2=A0 A couple of comments inline.</div><br><div class=3D"gmail_quote"><=
div dir=3D"ltr">On Thu, Jan 24, 2019 at 11:31 AM G=C3=B6ran Selander &lt;<a=
 href=3D"mailto:goran.selander@ericsson.com">goran.selander@ericsson.com</a=
>&gt; wrote:<br></div><blockquote class=3D"gmail_quote" style=3D"margin:0px=
 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">





<div lang=3D"SV">
<div class=3D"gmail-m_5737329548987692131WordSection1">
<p class=3D"MsoNormal"><span lang=3D"EN-US">Hi Richard, Roman, all<u></u><u=
></u></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US">Thanks for kind welcome and for progress=
ing the discussion. Apologies for a long email.</span></span><span lang=3D"=
EN-US"><u></u><u></u></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></p>
<div style=3D"border-right:none;border-bottom:none;border-left:none;border-=
top:1pt solid rgb(181,196,223);padding:3pt 0cm 0cm">
<p class=3D"MsoNormal" style=3D"margin-left:36pt"><b><span lang=3D"EN-US" s=
tyle=3D"font-size:12pt;color:black">From:
</span></b><span lang=3D"EN-US" style=3D"font-size:12pt;color:black">Richar=
d Barnes &lt;rlb@ipv.sx&gt;<br>
<br>
<u></u><u></u></span></p>
</div>
<div>
<p class=3D"MsoNormal" style=3D"margin-left:36pt"><span lang=3D"EN-US"><u><=
/u>=C2=A0<u></u></span></p>
</div>
<div>
<div>
<p class=3D"MsoNormal" style=3D"margin-left:36pt"><span lang=3D"EN-US">Summ=
ing up where I believe the conversation stands now, it seems like what folk=
s are asking for is either:<u></u><u></u></span></p>
</div>
<div>
<p class=3D"MsoNormal" style=3D"margin-left:36pt"><span lang=3D"EN-US"><u><=
/u>=C2=A0<u></u></span></p>
</div>
<div>
<ol style=3D"margin-top:0cm" start=3D"1" type=3D"1">
<li class=3D"gmail-m_5737329548987692131MsoListParagraph" style=3D"margin-l=
eft:18pt"><span lang=3D"EN-US">An analysis that shows that EDHOC is equival=
ent to an existing AKE (e.g., IKE or TLS), or<u></u><u></u></span></li></ol=
>
<p class=3D"MsoNormal"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></p>
</div>
<div>
<p class=3D"MsoNormal" style=3D"margin-left:36pt"><span lang=3D"EN-US">2. A=
n argument that a new AKE is necessary (vs. a re-encoding of an existing AK=
E)<u></u><u></u></span></p>
</div>
<div>
<p class=3D"MsoNormal"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></p>
</div>
<div>
<p class=3D"MsoNormal" style=3D"margin-left:36pt"><span lang=3D"EN-US">G=C3=
=B6ran et al: Do you have thoughts on those points?<u></u><u></u></span></p=
>
<p class=3D"MsoNormal"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US">Yes. I=E2=80=99ll get back to t=
his later in this email.<u></u><u></u></span></p>
</div>
<div>
<p class=3D"MsoNormal" style=3D"margin-left:36pt"><span lang=3D"EN-US"><u><=
/u>=C2=A0<u></u></span></p>
</div>
<div>
<p class=3D"MsoNormal" style=3D"margin-left:36pt"><span lang=3D"EN-US">It s=
eems like it could be a productive use of an hour or two of virtual interim=
 time to help the group understand one of those lines of argument.<u></u><u=
></u></span></p>
</div>
<div>
<p class=3D"MsoNormal" style=3D"margin-left:36pt"><span lang=3D"EN-US"><u><=
/u>=C2=A0<u></u></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US">Agree.</span></p></div></div></=
div></div></blockquote><div><br></div><div>Anything to prevent further hold=
 ups on this work would be appreciated.</div><div>=C2=A0</div><blockquote c=
lass=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px soli=
d rgb(204,204,204);padding-left:1ex"><div lang=3D"SV"><div class=3D"gmail-m=
_5737329548987692131WordSection1"><div><div><p class=3D"MsoNormal"><span la=
ng=3D"EN-US"><u></u><u></u></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></p>
</div>
<div>
<p class=3D"MsoNormal" style=3D"margin-left:36pt"><span lang=3D"EN-US">--Ri=
chard<u></u><u></u></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US">As requested in a previous email, here i=
s a background.</span></span><span lang=3D"EN-US"><u></u><u></u></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span lang=3D"EN-US"><u></u>=C2=
=A0<u></u></span></p>
<p class=3D"gmail-m_5737329548987692131p2"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US">The work on EDHOC is motivated by the ne=
ed for an authentication and key exchange protocol for OSCORE (draft-ietf-c=
ore-object-security) optimized for constrained-node networks (RFC 7228). OS=
CORE is applied within
 the IETF, e.g. in 6TiSCH minimal security (draft-ietf-6tisch-minimal-secur=
ity), but also requested by other SDOs and industry fora such as OMA Specwo=
rks, Open Connectivity Foundation and Fairhair Alliance. The properties of =
OSCORE motivating its use include:
 support for CoAP forward proxies, support for change of underlying transpo=
rts including non-IP, low overhead, low additional footprint and memory to =
existing CoAP implementations, support for multicast security, security for=
 end-to-end REST.</span></span><span class=3D"gmail-m_5737329548987692131ap=
ple-converted-space"><span lang=3D"EN-US">=C2=A0</span></span><span lang=3D=
"EN-US"><u></u><u></u></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US">Given the large interest in OSCORE alrea=
dy before it has become an RFC we anticipate a wide range of deployments. F=
or example, we see an interest for OSCORE in Cellular IoT with traffic runn=
ing over the cellular
 air interface control channel, where we can have end-to-end CoAP, but not =
necessarily end-to-end IP between an application server and a cellular devi=
ce. Or between an application server and a device behind a cellular gateway=
. Comparing just these two cases,
 the difference in capabilities of the devices can be significant which mak=
es it difficult to point at some sort of =E2=80=9Creference devices=E2=80=
=9D for benchmarking.
</span></span><span lang=3D"EN-US"><u></u><u></u></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span lang=3D"EN-US"><u></u>=C2=
=A0<u></u></span></p>
<p class=3D"gmail-m_5737329548987692131p2"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US">In order to support the low end use case=
s the AKE must be performant in low bandwidth deployments with battery powe=
red devices restricted in RAM and ROM.</span></span><span class=3D"gmail-m_=
5737329548987692131apple-converted-space"><span lang=3D"EN-US">=C2=A0</span=
></span><span class=3D"gmail-m_5737329548987692131s1"><span lang=3D"EN-US">=
Message
 sizes and round trips have a direct impact on latency, power consumption a=
nd battery lifetime, and can be calculated which is the reason for this bei=
ng a commonly used metric. While it may be more difficult to compare memory=
 and storage requirements, the ability
 to reuse existing code is an important indication. If a device can support=
 a CoAP stack (in the sense of memory and flash, etc) it is expected to als=
o be able to support OSCORE. Similarly, it is desirable that a device with =
CoAP and OSCORE implemented should
 be able to support an additional AKE. Considering that EDHOC reuses CBOR a=
nd COSE primitives from OSCORE the additional code for EDHOC can be very li=
mited.</span></span><span lang=3D"EN-US"><u></u><u></u></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span lang=3D"EN-US"><u></u>=C2=
=A0<u></u></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span lang=3D"EN-US">From a secu=
rity point of view OSCORE requires that the endpoints have agreed on a Mast=
er Secret with a good amount of randomness, and each other=E2=80=99s Sender=
 IDs, and those must be different for a given Master Secret.<u></u><u></u><=
/span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span lang=3D"EN-US"><u></u>=C2=
=A0<u></u></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span lang=3D"EN-US">Now returni=
ng to the questions.<u></u><u></u></span></p>
<p class=3D"MsoNormal" style=3D"margin-left:36pt"><span lang=3D"EN-US"><u><=
/u>=C2=A0<u></u></span></p>
<ol style=3D"margin-top:0cm" start=3D"1" type=3D"1">
<li class=3D"gmail-m_5737329548987692131MsoListParagraph" style=3D"margin-l=
eft:18pt"><span lang=3D"EN-US">An analysis that shows that EDHOC is equival=
ent to an existing AKE (e.g., IKE or TLS)<u></u><u></u></span></li></ol>
<p class=3D"MsoNormal"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></p>
<p class=3D"gmail-m_5737329548987692131p2"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US">Considering EDHOC is a new protocol it s=
hould be thoroughly analysed and verified against all currently known issue=
s of AKEs. Roman sent a mail to the secdispatch list referencing a paper pr=
esented at SSR 2018
 which could be used as a starting point. How do folks want to digest this:=
 Do they want to study the model themselves or should we ask the authors if=
 they could present their work at the interim?
</span></span><span lang=3D"EN-US"><u></u><u></u></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></p>
<p class=3D"MsoNormal" style=3D"margin-left:36pt"><span lang=3D"EN-US">2. A=
n argument that a new AKE is necessary (vs. a re-encoding of an existing AK=
E)<u></u><u></u></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span lang=3D"EN-US"><u></u>=C2=
=A0<u></u></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span lang=3D"EN-US">We have don=
e this comparison with TLS/DTLS for some time now, and what once<span class=
=3D"gmail-m_5737329548987692131s1"> seemed like a reasonable question has t=
urned out to be never ending exercise. I do not want to get into IETF arche=
ology but for those
 who have not followed the discussion some data points could be relevant.<u=
></u><u></u></span></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US">Not long ago, the design of security pro=
tocols did not take into account constrained IoT devices. With OSCORE we sh=
owed that the message overhead could be reduced by a factor 3 compared to D=
TLS 1.2 records.
 Before this comparison it was believed that the record layer was performin=
g well, then the difference in overhead was characterized as insignificant,=
 and then finally a compact format was designed for DTLS 1.3.<u></u><u></u>=
</span></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US">With EDHOC we showed that the message ov=
erhead of the key exchange can be reduced with up to a factor 4 compared to=
 the current version of DTLS 1.3 (see Appendix E in EDHOC). Before this exe=
rcise it was believed
 that the TLS/DTLS handshake was performing well, then the difference in ov=
erhead was characterized as insignificant, and now the discussion has shift=
ed to downsizing the TLS handshake or other protocol.<u></u><u></u></span><=
/span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US">We are not against optimizations to the =
TLS handshake, just as we welcome the more optimal DTLS 1.3 records. But TL=
S was not designed to be an AKE for OSCORE optimized for constrained enviro=
nments. As I remember,
 optimizing for message overhead was an explicit non-requirement of TLS 1.3=
. Reverting those design decisions seems like the wrong way to go: One reas=
on to use TLS would be to reuse an existing implementation. But existing TL=
S implementation would most likely
 not compare favorably in terms of code size and RAM. Adding code for compr=
ession or re-encoding of the messages would add to that. Re-specifying the =
protocol with the new encoding may require a new formal verification. To ma=
ke a more compact code and processing
 may involve two incompatible message formats of TLS depending on what is b=
eing signed. New implementations would be needed.
<u></u><u></u></span></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></span></p>
<p class=3D"MsoNormal"><span class=3D"gmail-m_5737329548987692131s1"><span =
lang=3D"EN-US">We think we have done our part of the comparison exercise an=
d that the burden of proof should now be reversed. Could we ask those that =
claim to have a more performant key exchange protocol for OSCORE
 and are prepared to do the work to make that plausible and provide the num=
bers? To be clear:
</span></span><span lang=3D"EN-US" style=3D"color:black">if there is anothe=
r key exchange protocol suitable for OSCORE which outperforms EDHOC in cons=
trained characteristics and then we are very interested.</span></p></div></=
div></div></div></blockquote><div><br></div><div>I agree with Goran that th=
ey have jumped through enough hoops at this point.=C2=A0 However, if altern=
atives come forward, understanding their timelines is also critical as not =
to hold up this work for any substantial amount of time.=C2=A0</div><div><b=
r></div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex=
;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div lang=3D"SV">=
<div class=3D"gmail-m_5737329548987692131WordSection1"><div><div><p class=
=3D"MsoNormal"><span lang=3D"EN-US" style=3D"color:black">
</span><span lang=3D"EN-US"><u></u><u></u></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US" style=3D"color:black"><u></u>=
=C2=A0<u></u></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US" style=3D"color:black">And again=
, with the statements in this mail we neither want to belittle the consider=
able effort made on formal verification, nor claim that DTLS is not fit for=
 IoT deployments. It is an important hammer
 in our IoT security toolbox, but at the moment we don=E2=80=99t need a ham=
mer.</span></p></div></div></div></div></blockquote><div><br></div><div>The=
 class of IoT device seems to be the critical point here and having one pro=
tocol that can meet all needs is a nice goal, but not realistic from the co=
mparison numbers provided and the varying requirements in the IoT space.</d=
iv><div><br></div><div>Best regards,</div><div>Kathleen</div><div><br></div=
><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border=
-left:1px solid rgb(204,204,204);padding-left:1ex"><div lang=3D"SV"><div cl=
ass=3D"gmail-m_5737329548987692131WordSection1"><div><div><p class=3D"MsoNo=
rmal"><span lang=3D"EN-US" style=3D"color:black"><u></u><u></u></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US">G=C3=B6ran<u></u><u></u></span></span></=
p>
<p class=3D"gmail-m_5737329548987692131p1"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span class=3D"gmail-m_573732954=
8987692131s1"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span lang=3D"EN-US"><u></u>=C2=
=A0<u></u></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span lang=3D"EN-US"><u></u>=C2=
=A0<u></u></span></p>
<p class=3D"gmail-m_5737329548987692131p1"><span lang=3D"EN-US"><u></u>=C2=
=A0<u></u></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US"><u></u>=C2=A0<u></u></span></p>
</div>
</div>
</div>
</div>

_______________________________________________<br>
Ace mailing list<br>
<a href=3D"mailto:Ace@ietf.org" target=3D"_blank">Ace@ietf.org</a><br>
<a href=3D"https://www.ietf.org/mailman/listinfo/ace" rel=3D"noreferrer" ta=
rget=3D"_blank">https://www.ietf.org/mailman/listinfo/ace</a><br>
</blockquote></div><br clear=3D"all"><div><br></div>-- <br><div dir=3D"ltr"=
 class=3D"gmail_signature"><div dir=3D"ltr"><br><div>Best regards,</div><di=
v>Kathleen</div></div></div></div>

--00000000000005b4580580390b25--


From nobody Thu Jan 24 22:38:35 2019
Return-Path: <ietf@augustcellars.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C646412D4EC for <secdispatch@ietfa.amsl.com>; Thu, 24 Jan 2019 22:38:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level: 
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l98HPde-Kkuk for <secdispatch@ietfa.amsl.com>; Thu, 24 Jan 2019 22:38:32 -0800 (PST)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C525129508 for <secdispatch@ietf.org>; Thu, 24 Jan 2019 22:38:31 -0800 (PST)
Received: from Jude (73.180.8.170) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Thu, 24 Jan 2019 22:38:25 -0800
From: Jim Schaad <ietf@augustcellars.com>
To: <secdispatch@ietf.org>
References: 
In-Reply-To: 
Date: Thu, 24 Jan 2019 22:38:22 -0800
Message-ID: <00ae01d4b478$92fa9d40$b8efd7c0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AdS0aYd+IIiEJdHOSfGMDJ3y6un6LAADvM8A
Content-Language: en-us
X-Originating-IP: [73.180.8.170]
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/f47TKbrApBq8Z2256GUe4rL6pnU>
Subject: [Secdispatch] FW: EDHOC and Transports
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Jan 2019 06:38:34 -0000

Send it to the right mailing list.

-----Original Message-----
From: Jim Schaad <ietf@augustcellars.com> 
Sent: Thursday, January 24, 2019 9:08 PM
To: 'secdir@ietf.org' <secdir@ietf.org>
Subject: EDHOC and Transports

Someplace over the set of messages which I recently scanned one of the
questions was what were the constrained restrictions that we were looking at
as part of the evaluation process.

There are three that I will highlight even though I am only able to provide
any type of quantification for two of them:

1.  Low-power devices that either are battery based or scavenge power, these
devices pay a power penalty for every byte of data sent and thus have a
desire for the smallest messages possible.

2. CoAP over SMS:  SMS has a 140 byte packet size.  There are two approaches
for dealing with packets of larger than 140 bytes:  1) There is a method of
appending multiple packets together to form a single larger packet.  2) You
can use CoAP blockwise transfer.  Using CoAP blockwise would result in 128
byte packets for the underlying transfer assuming that only 12 bytes are
needed for the CoAP header itself.

3. 6LoPan over IEEE 802.15.4:  This has a packet size of 127 bytes.  The
maximum frame overhead size is 25 bytes allowing for 102 bytes of message
space.   If one assumes 20 bytes of overhead for CoAP then this means a
protocol packet size of 82 bytes.  If one needs to break the message across
multiple packets then the maximum data size is going to be 64 bytes using
CoAP blockwise options.

There are of course two additional transports which are to be considered
IPV4 UDP and IPV6 UDP.  Both of these transports have a packet size which is
sufficiently large to hold a any given message using TLS or EDHOC.

Jim



From nobody Fri Jan 25 06:14:40 2019
Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EFA2B129A87 for <secdispatch@ietfa.amsl.com>; Fri, 25 Jan 2019 06:14:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.043
X-Spam-Level: 
X-Spam-Status: No, score=-2.043 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.142, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2ZUeJibac2OW for <secdispatch@ietfa.amsl.com>; Fri, 25 Jan 2019 06:14:34 -0800 (PST)
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-eopbgr150070.outbound.protection.outlook.com [40.107.15.70]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 41D92128BCC for <secdispatch@ietf.org>; Fri, 25 Jan 2019 06:14:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com;  s=selector1-arm-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=aYMGO4Sd4pCmtBmk0vBHw3rxnfLYykt/oRdjn0SbdDc=; b=JarttnozM4p5z0jZzhUzzmQMTZwjhA2l2qsfG5ks289IQeHRz8J+zZkAT6Cn9+5Ig5B86yTGyWvvSQgsva8TOXzb7jwXrukbZU5MGZNl8/84+tkwv/SboVUKKWHjk+8WrKD9ZvvknMcRY1C5kef20P3Cz1sWyl1OnwmHvR10KLI=
Received: from VI1PR0801MB2112.eurprd08.prod.outlook.com (10.173.75.16) by VI1PR0801MB1437.eurprd08.prod.outlook.com (10.167.210.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1558.16; Fri, 25 Jan 2019 14:14:30 +0000
Received: from VI1PR0801MB2112.eurprd08.prod.outlook.com ([fe80::3ce6:d8fa:3271:6019]) by VI1PR0801MB2112.eurprd08.prod.outlook.com ([fe80::3ce6:d8fa:3271:6019%7]) with mapi id 15.20.1558.016; Fri, 25 Jan 2019 14:14:30 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: "secdispatch@ietf.org" <secdispatch@ietf.org>
Thread-Topic: [secdir] EDHOC and Transports
Thread-Index: AdS0aYd+IIiEJdHOSfGMDJ3y6un6LAAOu51gAASLwYAAAGMVYA==
Date: Fri, 25 Jan 2019 14:14:30 +0000
Message-ID: <VI1PR0801MB211285DF5F1BCEBBA51AB520FA9B0@VI1PR0801MB2112.eurprd08.prod.outlook.com>
References: <00ac01d4b46c$00f9de30$02ed9a90$@augustcellars.com> <VI1PR0801MB211299581EE3F9977A2DB982FA9B0@VI1PR0801MB2112.eurprd08.prod.outlook.com> <VI1PR0801MB2112587120B3C980F5D6549DFA9B0@VI1PR0801MB2112.eurprd08.prod.outlook.com>
In-Reply-To: <VI1PR0801MB2112587120B3C980F5D6549DFA9B0@VI1PR0801MB2112.eurprd08.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com; 
x-originating-ip: [80.92.119.167]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; VI1PR0801MB1437; 6:fmrB8LitdPnKk7nN/1NEZBdKLRFbcbHEGYqit4U+muHKzN9vCHgN62SMlMRAhuMIIKDZcjPdTHmYSzHFJNmaDh2RH+8m8yDgMCWjzj9/Hycz6K1I7uonrXDe3TY3DKIthPCxl2kU5EtLAdLbzM7sUrl89OGoO7lUXRSd3DT5DhrLjlE6gGqXesJmxOu/Z7iGyDiNxamWHt5NEVvGUYM0Ry6VEDW6omFTjlNBhAxOT/W2GGW/Pamj2OnhZe3aCQllCw3QXI2AQgtdg5vza8zOlM7kY7sHnYpou6jnnoxde6Q6epDy1Beyud4fkIXgEFOldjBQkVcgIcZarM/Sj9dCVGHTheKJd+UvOisS5FSYBGbn4VDIBXzffx+IYTHtWMmqmwJTj7w01WZ6QswPug9saPScWsG3enqg9BdF9YeOWdDnxBoFQMNDW5KDEXpHIrJx10PvT5MaVSsF7FyxWazqiA==; 5:shZmSrN3foy8H11zdMrOiSAoTTZfVginPRf9mcCcZHNjrJwwHnueF4YYRRHAuQOy4HeqPku7hGRsnYLaKYuHbf/ITIhlTzUY4Qu+5Yu+2yOo9TXNNkGnWtAoa70xas1DjXl5+zaapODupWKw//FQYr+djoqRGKrsBlr8AOu8QaMQFkaRq1JfTRnYQDb9SggO2pGwcrIGkU5p1bAqQ0mjqA==; 7:T7S/COOliqv5GMRzUlt9xmlzt74sW17MbnpXYBNI6k+tf+TR/+9MEzLeAQ1RpSzpBO6wsueSJbXJ964pzbk47qVK02/Es6kW9jZXzskzaImjZIwT6+2SJXzKD3eUXh4qaGBoNAq+sqYtaWMPn9+PFw==
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: ad6ab49e-ebf6-48c2-741e-08d682cf6c64
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605077)(4618075)(2017052603328)(7153060)(7193020); SRVR:VI1PR0801MB1437; 
x-ms-traffictypediagnostic: VI1PR0801MB1437:
x-microsoft-antispam-prvs: <VI1PR0801MB1437E516CF8747C6040CE6C5FA9B0@VI1PR0801MB1437.eurprd08.prod.outlook.com>
x-forefront-prvs: 0928072091
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(39860400002)(346002)(366004)(396003)(136003)(199004)(189003)(13464003)(40434004)(6916009)(2940100002)(6506007)(186003)(229853002)(102836004)(53546011)(97736004)(68736007)(105586002)(66066001)(2351001)(6436002)(26005)(55016002)(2906002)(66574012)(99286004)(486006)(5640700003)(106356001)(86362001)(305945005)(81166006)(3846002)(2473003)(33656002)(6306002)(5024004)(6116002)(256004)(76176011)(478600001)(14444005)(81156014)(7736002)(71190400001)(71200400001)(25786009)(9686003)(1730700003)(446003)(2501003)(8676002)(72206003)(316002)(8936002)(11346002)(93156006)(14454004)(476003)(53936002)(7696005)(74316002)(966005); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR0801MB1437; H:VI1PR0801MB2112.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; 
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: zqqUS+cbjhuGR/zxNqv0Ft875g71WhJimi2Acc/gU5I1CcDvheoYbDWk2C1GxIZeN+6CJc0UsTMwxemQRgtpotFK+CFeHz0EXJ9QHy3ZZOSH8ThN5E6ZXffy7E4Y8yO6akdq8xXDFzVpdZS7ZOCOR8aNvLWh5EckYKpyvpDRhu6tgzK980G6r+edfNCvGyjSHQe3NnMmYoo2W0xiaTHr3Jd6PJ2AVgDxEbRXVE2RFYj17ITqnWhMvoHGBuKna7HzQM7rA3t0p0mowuL1TvhgrjhkSGEO/CXFpf0Q9owPv9LBdUtGKRlYkngXuuqghRXUxPYqtbYp0sGFFO6BBURo9E/Hg3Tsaepz/yKI4Q0aOrQp6n6naMwyxaFsE4EfbA6YO55UUoZ4hIfj15HXq2PoMb12YKVSDr3LCK7tvCPMBEY=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ad6ab49e-ebf6-48c2-741e-08d682cf6c64
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Jan 2019 14:14:30.6148 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0801MB1437
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/oLeeGAlLphWjVGtfRiJQEnIjse8>
Subject: [Secdispatch] FW: [secdir] EDHOC and Transports
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Jan 2019 14:14:38 -0000

Fwd to SecDispatch since it was only posted on the SecDir list

-----Original Message-----
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
Sent: Freitag, 25. Januar 2019 14:07
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>; Jim Schaad <ietf@augustc=
ellars.com>; secdir@ietf.org
Subject: RE: [secdir] EDHOC and Transports

A minor follow-up: I mentioned that I am aware of a company using the energ=
y scavenging devices and it turns out that this information is actually pub=
lic and there is even a short video on YouTube. The company we worked with =
is called Alphatronics and here is the video: https://www.youtube.com/watch=
?v=3DJHpJV_CPYb4

As you can hear in the video we have been using our Mbed OS together with o=
ur device management solution (LwM2M with DTLS and CoAP) for these types of=
 devices.

Ciao
Hannes

-----Original Message-----
From: secdir <secdir-bounces@ietf.org> On Behalf Of Hannes Tschofenig
Sent: Freitag, 25. Januar 2019 13:52
To: Jim Schaad <ietf@augustcellars.com>; secdir@ietf.org
Subject: Re: [secdir] EDHOC and Transports

Hi Jim,

what we are doing here is making an optimization. For some (unknown reason)=
 we have focused our attention to the over-the-wire transmission overhead (=
not code size, RAM utilization, or developer usability*). We are doing this=
 optimization mostly based on information about what other people tell us r=
ather than based on our experience. The problem is that we have too few peo=
ple with hands-on knowledge and/or deployment experience and if they have t=
hat experience they may not like to talk about it. So, we are stepping arou=
nd in the dark and mostly perceived problems.

Having said that I would like to provide a few remarks to your list below:

1.  Low-power devices that either are battery based or scavenge power, thes=
e devices pay a power penalty for every byte of data sent and thus have a d=
esire for the smallest messages possible.

[Hannes] Low power is a very complex topic since it is a system issue and b=
oiling it down to the transmission overhead of every byte is an oversimplif=
ication. You are making certain assumptions of how power consumption of rad=
io technologies work, which will be hard to verify. I have been working on =
power measurements recently (but only focused on power measurements of cryp=
to, see https://community.arm.com/arm-research/b/articles/posts/testing-cry=
pto-performance-and-power-consumption). I doubt that many people on this li=
st nor in the IETF have a lot of experience in this field to use this as a =
basic for an optimization.

My co-workers, who are active in this space, tell me that there is nothing =
like a "per byte" linear relationship (for small quantities of data) in ter=
ms of energy cost. Obviously if you trigger "an additional transmission", w=
hich requires you to ramp up a PLL, turn on radio amplifiers, send lengthy =
preambles etc then the incremental cost of sending 64 bytes in that packet =
vs 16 bytes might be immeasurable small.  The critical thing appears to be =
how long the RF amplifiers are powered on. Hence, you will often see public=
ations that tell you that waiting for incoming packets is actually the most=
 expensive task (in terms of power consumption).

When it comes to energy scavenging devices then it becomes even more challe=
nging since this is a more rarely used case. I know about one company doing=
 this and I have spoken with a researchers at last year's Arm research summ=
it who show-cased one device. The device shown by the researcher was a prot=
otype and didn't use any Internet protocol nor a security mechanism. I woul=
dn't call myself knowledgeable enough to optimize a system based on this ex=
perience but maybe you have more expertise in this field. I am happy to lea=
rn more.

2. CoAP over SMS:  SMS has a 140 byte packet size.  There are two approache=
s for dealing with packets of larger than 140 bytes:  1) There is a method =
of appending multiple packets together to form a single larger packet.  2) =
You can use CoAP blockwise transfer.  Using CoAP blockwise would result in =
128 byte packets for the underlying transfer assuming that only 12 bytes ar=
e needed for the CoAP header itself.

[Hannes] It turns out that CoAP over SMS is rarely used for delivering data=
 of IP-based devices since SMS is a pretty expensive transport. From my wor=
k in the OMA I know that people use SMS to trigger the wake-up of devices a=
nd then switch to regular data transmission over IP. IMHO optimizing for us=
e cases that barely anyone  uses appears to be a waste of time.

3. 6LoPan over IEEE 802.15.4:  This has a packet size of 127 bytes.  The ma=
ximum frame overhead size is 25 bytes allowing for 102 bytes of message
space.   If one assumes 20 bytes of overhead for CoAP then this means a
protocol packet size of 82 bytes.  If one needs to break the message across=
 multiple packets then the maximum data size is going to be 64 bytes using =
CoAP blockwise options.

[Hannes] For some reason there seems to be the worry that a small MTU size =
at the link layer will cause a lot of problems. There are some radios that =
have this small MTU size, IEEE 802.15.4 and Bluetooth Low Energy belong to =
them. It turns out, however, that higher layers then offer fragmentation an=
d reassembly support so that higher layers just don't get to see any of thi=
s. In IEEE 802.15.4 this fragmentation & reassembly support is offered by 6=
lowpan and in case of Bluetooth Low Energy the link layer actually consists=
 of various sub-protocols. One of them offers fragmentation & reassembly. A=
s such, the problem you describe is actually not a problem. There is no rea=
son why you always have to put a single application layer payload into a si=
ngle link layer frame.

We have been using LwM2M (which uses DTLS and CoAP) over IEEE 802.15.4 netw=
orks successfully for big commercial deployments. We have not run into prob=
lems with the smaller MTU size at the lower layers. The handshake itself is=
 just a very small part of the overall size of data that gets transmitted d=
uring the lifetime of the device since the handshake obviously happens extr=
emely rarely. There are much better ways to optimize traffic and you obviou=
sly have to look at all the data you are transmitting for the device.

Ciao
Hannes

*: In my experience the ability for developers to easily use any of the per=
formance optimization techniques is the biggest barrier for gaining perform=
ance. Of course, this does not fit nicely in any of the standardization eff=
orts in the IETF so the focus has to be somewhere else.
IMPORTANT NOTICE: The contents of this email and any attachments are confid=
ential and may also be privileged. If you are not the intended recipient, p=
lease notify the sender immediately and do not disclose the contents to any=
 other person, use it for any purpose, or store or copy the information in =
any medium. Thank you.

_______________________________________________
secdir mailing list
secdir@ietf.org
https://www.ietf.org/mailman/listinfo/secdir
wiki: http://tools.ietf.org/area/sec/trac/wiki/SecDirReview
IMPORTANT NOTICE: The contents of this email and any attachments are confid=
ential and may also be privileged. If you are not the intended recipient, p=
lease notify the sender immediately and do not disclose the contents to any=
 other person, use it for any purpose, or store or copy the information in =
any medium. Thank you.


From nobody Fri Jan 25 10:31:30 2019
Return-Path: <ietf@augustcellars.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 44259131016 for <secdispatch@ietfa.amsl.com>; Fri, 25 Jan 2019 10:31:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level: 
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KfO22cT__V1t for <secdispatch@ietfa.amsl.com>; Fri, 25 Jan 2019 10:31:26 -0800 (PST)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F071D13100F for <secdispatch@ietf.org>; Fri, 25 Jan 2019 10:31:25 -0800 (PST)
Received: from Jude (73.180.8.170) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Fri, 25 Jan 2019 10:30:59 -0800
From: Jim Schaad <ietf@augustcellars.com>
To: <secdispatch@ietf.org>
References: <00ac01d4b46c$00f9de30$02ed9a90$@augustcellars.com> <23627.7865.796955.746573@fireball.acr.fi>
In-Reply-To: <23627.7865.796955.746573@fireball.acr.fi>
Date: Fri, 25 Jan 2019 10:30:57 -0800
Message-ID: <00c201d4b4dc$1ea67fe0$5bf37fa0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQISHjo9/BRwb3VmC0XN/Msem1f46wMYsmVapSy2FtA=
Content-Language: en-us
X-Originating-IP: [73.180.8.170]
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/YL87cuiakGP2UtlaEsfZR8CPe10>
Subject: [Secdispatch] FW: [secdir] EDHOC and Transports
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Jan 2019 18:31:28 -0000

Move to the list I meant it to be on.

-----Original Message-----
From: Tero Kivinen <kivinen@iki.fi> 
Sent: Friday, January 25, 2019 6:36 AM
To: Jim Schaad <ietf@augustcellars.com>
Cc: secdir@ietf.org
Subject: [secdir] EDHOC and Transports

Jim Schaad writes:
> 3. 6LoPan over IEEE 802.15.4:  This has a packet size of 127 bytes.  
> The maximum frame overhead size is 25 bytes allowing for 102 bytes of
message
> space.   If one assumes 20 bytes of overhead for CoAP then this means a
> protocol packet size of 82 bytes.  If one needs to break the message 
> across multiple packets then the maximum data size is going to be 64 
> bytes using CoAP blockwise options.

IEEE 802.15.9 which provides framework for providing key management for IEEE
802.15.4 do provide its own fragmentation and reassembly service, thus
allows bigger packets to delivered between devices. When
802.15.9 was being specified we saw that support for larger packets in KMP
is needed than what 802.15.4 provides (note, that in some cases the phy
layer limits the packet size even more), and thats why we did define a
fragmentation and reassembly protocol there too. 

Currently specified key management protocols for 802.15.9 include
802.1X/MKA, HIP, IKEv2, PANA, Dragonfly, 802.11/4WH, 802.11/GKH, ETSI TS 102
887-2. Someone would need to write specification how to use EDHOC over
802.15.9 to make it usable there too. Another omission in the KMPs provided
by the 802.15.9 is the TLS, as nobody wanted to write that specification. In
the IEEE there is some plans of doing amendment to the 802.15.9 which could
include some new key management protocols, depending who would be
interesting to write the text...
--
kivinen@iki.fi