From nobody Wed Mar 1 08:12:06 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0615C1295B8 for ; Wed, 1 Mar 2017 08:12:05 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.898 X-Spam-Level: X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=erdtman-se.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tMa5zoSieA1A for ; Wed, 1 Mar 2017 08:12:03 -0800 (PST) Received: from mail-ot0-x229.google.com (mail-ot0-x229.google.com [IPv6:2607:f8b0:4003:c0f::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 03258129598 for ; Wed, 1 Mar 2017 08:12:02 -0800 (PST) Received: by mail-ot0-x229.google.com with SMTP id x10so32883422otb.1 for ; Wed, 01 Mar 2017 08:12:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=erdtman-se.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=oIeUpKKtLMby4/tR0JT+yYdIguLVIJ7mIZL4Fr/5CoU=; b=YnvQEbKrnLguQxoOSm+unVY4ZEdB0p3BYartZ8xWepAAK3OMf1ifPf9ytPuYoU9vT2 14tn3kzvSvNwRnh9CLyFDqydSbNkwFWXpQ64XkV0jLYigOI5xXI2f3/pTKYXGsa0sn6P YioKEf35PBsdYw9gulzjc9T8Uas0Gb+5DoUHScMsGAn7Wh8koNkBis7IHvHUf+QnC7Gf GOvaXbRNYbZYjOkqqDy11xV9hTqW6GaW0geb5DT5Ygb7CgAYvRDD5mW5/a0oaOLH64h8 kCG5BvuLbx0nreozJnlOoaWUyQH9BqQtEpUFLzAp65rRoyK7vCt7cY2U0ye/oLTsvxoY VLSg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=oIeUpKKtLMby4/tR0JT+yYdIguLVIJ7mIZL4Fr/5CoU=; b=Led2kfQGxkSgah9GFwPiMGQGwzevROjZ6Tue3uZRf4Jw/bgvS34sj4ExluIDPdZaAb N0Y22oLa3GVT7EdLOaxJ4xQi3yJ2Y5Y0MaA51CongfO9XRY2zE+WB6OIQcR/BgtVLmfG 7D1ZR/fgWoljC8PNg7e58bAR9Z3UGN7rkHuKFODCu1bnt4BLJLdKDn1Luli/gZN/cag5 7at8NOWzPkzKdCz6KsEAStk+2L/PCugVNt64JNyvvo/krXfDFoeZeYl5XcZmi+DlDHmi gxHWrsiUQStc+fWSb3pP53RgjTnKINCMqfJMDrMcv6HgVKAP0DPH1WHkipLOGOpukB+D 9dSQ== X-Gm-Message-State: AMke39nmbBjbPKBV2+avgQoHy703KBsyhdn6WCLiGIKQzNkfvmz57QgRI6JiPG/fQ8wMkcNaObRaUp/fXcd3zA== X-Received: by 10.157.43.110 with SMTP id f43mr726722otd.132.1488384722199; Wed, 01 Mar 2017 08:12:02 -0800 (PST) MIME-Version: 1.0 Received: by 10.182.125.40 with HTTP; Wed, 1 Mar 2017 08:12:01 -0800 (PST) In-Reply-To: <28841.1483385618@obiwan.sandelman.ca> References: <28841.1483385618@obiwan.sandelman.ca> From: Samuel Erdtman Date: Wed, 1 Mar 2017 17:12:01 +0100 Message-ID: To: Michael Richardson Content-Type: multipart/alternative; boundary=001a11c162bca7ff380549ad9266 Archived-At: Cc: ace Subject: Re: [Ace] some comments on draft-ietf-cose-msg-24 and draft-ietf-ace-cbor-web-token-01 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Mar 2017 16:12:05 -0000 --001a11c162bca7ff380549ad9266 Content-Type: text/plain; charset=UTF-8 Hi Michael, Sorry for not replying earlier. The examples in current CWT draft is bad in many ways, e.g. not signed, contains claims not register and maybe more. We are soon publishing a new draft with update examples. //Samuel On Mon, Jan 2, 2017 at 8:33 PM, Michael Richardson wrote: > > I am implementing some Ruby code to validate the claims shown in the > appendix > A of draft-ietf-ace-cbor-web-token-01. It wasn't obvious at first, or > maybe I just don't get it, but the examples there are not, I think, signed. > We are looking at the content that would get signed. > > What I see in A.2 is a claim about a public key, but no signature: > "This is then packaged signed and encrypted using COSE." > > Are there any plans to provide a signed test vector as part of CWT? > > It also seems that perhaps CWT doesn't not need all of the modes that > ietf-cose-msg provides. Also, cose-msg has 10 further revisions since the > -14 that > cwt points to... I don't know if there are any things affecting it. > > I am currently making sure that I can validate some of the vectors in > Appendix C of ietf-cose-msg. I think that the examples are from: > https://github.com/cose-wg/Examples > > I wonder if the directories could say "c-1-1" or something in them? > (or the other way around). I think that: > C.1.1. Single Signature > > is ecdsa-01.json, which has a nice > "title":"ECDSA-01: ECDSA - P-256" > > maybe that could be in the document? > > (My thanks for the LotR inspired keys!) > > I am aware that ietf-cose-msg-24 has past the WGLC... > > ietf-cose-msg-24 says on pg 11: > protected: Contains parameters about the current layer that are to > be cryptographically protected. This bucket MUST be empty if it > > and after explaining that a zero length string should be used, it > says: > "This avoids the problem of all > parties needing to be able to do a common canonical encoding." > > Isn't saying it's a zero-length string, a canonical encoding? > > > -- > Michael Richardson , Sandelman Software Works > -= IPv6 IoT consulting =- > > > > > _______________________________________________ > Ace mailing list > Ace@ietf.org > https://www.ietf.org/mailman/listinfo/ace > > --001a11c162bca7ff380549ad9266 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Hi Michael,

Sorry for not repl= ying earlier. The examples in current CWT draft is bad in many ways, e.g. n= ot signed, contains claims not register and maybe more.

We are= soon publishing a new draft with update examples.

//Samuel

On Mon, Ja= n 2, 2017 at 8:33 PM, Michael Richardson <mcr+ietf@sandelman.ca>= ; wrote:

I am implementing some Ruby code to validate the claims shown in the append= ix
A of draft-ietf-ace-cbor-web-token-01.=C2=A0 It wasn't obvious at = first, or
maybe I just don't get it, but the examples there are not, I think, sig= ned.
We are looking at the content that would get signed.

What I see in A.2 is a claim about a public key, but no signature:
=C2=A0 =C2=A0 =C2=A0 "This is then packaged signed and encrypted using= COSE."

Are there any plans to provide a signed test vector as part of CWT?

It also seems that perhaps CWT doesn't not need all of the modes that ietf-cose-msg provides.=C2=A0 Also, cose-msg has 10 further revisions since= the -14 that
cwt points to... I don't know if there are any things affecting it.

I am currently making sure that I can validate some of the vectors in
Appendix C of ietf-cose-msg.=C2=A0 =C2=A0I think that the examples are from= :
=C2=A0 =C2=A0 https://github.com/cose-wg/Examples

I wonder if the directories could say "c-1-1" or something in the= m?
(or the other way around).=C2=A0 I think that:
=C2=A0 =C2=A0 C.1.1.=C2=A0 Single Signature

is ecdsa-01.json, which has a nice
=C2=A0 =C2=A0"title":"ECDSA-01: ECDSA - P-256"

maybe that could be in the document?

(My thanks for the LotR inspired keys!)

I am aware that ietf-cose-msg-24 has past the WGLC...

ietf-cose-msg-24 says on pg 11:
=C2=A0 =C2=A0protected:=C2=A0 Contains parameters about the current layer t= hat are to
=C2=A0 =C2=A0 =C2=A0 be cryptographically protected.=C2=A0 This bucket MUST= be empty if it

and after explaining that a zero length string should be used, it
says:
=C2=A0 "This avoids the problem of all
=C2=A0 =C2=A0 parties needing to be able to do a common canonical encoding.= "

Isn't saying it's a zero-length string, a canonical encoding?


--
Michael Richardson <mcr+IETF@= sandelman.ca>, Sandelman Software Works
=C2=A0-=3D IPv6 IoT consulting =3D-




_______________________________________________
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace


--001a11c162bca7ff380549ad9266-- From nobody Thu Mar 2 17:55:45 2017 Return-Path: X-Original-To: ace@ietf.org Delivered-To: ace@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id C34BF129445; Thu, 2 Mar 2017 17:55:43 -0800 (PST) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit From: internet-drafts@ietf.org To: X-Test-IDTracker: no X-IETF-IDTracker: 6.46.1 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <148850614379.30886.17679770975759446708.idtracker@ietfa.amsl.com> Date: Thu, 02 Mar 2017 17:55:43 -0800 Archived-At: Cc: ace@ietf.org Subject: [Ace] I-D Action: draft-ietf-ace-cbor-web-token-03.txt X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Mar 2017 01:55:43 -0000 A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Authentication and Authorization for Constrained Environments of the IETF. Title : CBOR Web Token (CWT) Authors : Michael B. Jones Erik Wahlström Samuel Erdtman Hannes Tschofenig Filename : draft-ietf-ace-cbor-web-token-03.txt Pages : 21 Date : 2017-03-02 Abstract: CBOR Web Token (CWT) is a compact means of representing claims to be transferred between two parties. CWT is a profile of the JSON Web Token (JWT) that is optimized for constrained devices. The claims in a CWT are encoded in the Concise Binary Object Representation (CBOR) and CBOR Object Signing and Encryption (COSE) is used for added application layer security protection. A claim is a piece of information asserted about a subject and is represented as a name/ value pair consisting of a claim name and a claim value. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-ace-cbor-web-token/ There's also a htmlized version available at: https://tools.ietf.org/html/draft-ietf-ace-cbor-web-token-03 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-ace-cbor-web-token-03 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ From nobody Thu Mar 2 17:59:44 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 58685129445 for ; Thu, 2 Mar 2017 17:59:41 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.01 X-Spam-Level: X-Spam-Status: No, score=-3.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=-1, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B7C2yxGLayVL for ; Thu, 2 Mar 2017 17:59:39 -0800 (PST) Received: from NAM01-BN3-obe.outbound.protection.outlook.com (mail-bn3nam01on0098.outbound.protection.outlook.com [104.47.33.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 534FD129431 for ; Thu, 2 Mar 2017 17:59:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=DuJRQPsjtUFl/xNZqdOZdbACRYq2GrRG3Wt99ZL+uCI=; b=SaZRWNdFjKQLvMbLrPjDyGHOIY+COAoE68xJ0vD6D5iUV77vQhLdciQxu31b9ZOscz5Enzd6ihhEiiT/KuZl6CZXG81FAuh4EkAXPY8RgoSpooGodmi8XG0xL6xU+Zg4sWUJcL7HmToZGIxP+xdBD0i9VnCltzL3RGQFlJS5hNs= Received: from CY4PR21MB0504.namprd21.prod.outlook.com (10.172.122.14) by CY4PR21MB0504.namprd21.prod.outlook.com (10.172.122.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.947.0; Fri, 3 Mar 2017 01:59:36 +0000 Received: from CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) by CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) with mapi id 15.01.0947.007; Fri, 3 Mar 2017 01:59:36 +0000 From: Mike Jones To: "ace@ietf.org" Thread-Topic: CBOR Web Token (CWT) with better examples and a CBOR tag Thread-Index: AdKTvu9L4t6x+q7TRGGj33H0349isg== Date: Fri, 3 Mar 2017 01:59:36 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=microsoft.com; x-originating-ip: [2001:4898:80e8:5::70e] x-ms-office365-filtering-correlation-id: 13f1d291-673f-46a6-f31f-08d461d8f1cc x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081); SRVR:CY4PR21MB0504; x-microsoft-exchange-diagnostics: 1; CY4PR21MB0504; 7:bxENQpINPymEqNPx3tn4yU9IT+wd8tDz4zVUF09XAL8wOzLdvLAqDI0SOq/dz7XROUDvN0jj8UrR8KjqQSo5lqIKd8u2TZYYOEtqln2BNHKBtPAS4SFpFL0/gjlbjzGp3LrZRPkCY8wo0HxbKuKc3SM/xrFgLIRaC0N/BK4OzzQ3v6mtGYCxx/4OS0Jy5xjtJqDL5WWczLZoZ1mjhAGWLL1Nr9p30rqgPJzKvddumDb8gLSOB48DtsgDpeHASoSzElDPceMD8e9F00EbKrgMRiIvRh94kjcVXX+e7Y2dhzXjQIdsj/dMrhr4WvXBU5z9JmIJyzNw/yRO2Gs5Q+uUYIeOGWniKfpvdxqF1GwILD8= x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(31418570063057)(21748063052155); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(6040375)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026)(61426038)(61427038)(6041248)(20161123564025)(20161123555025)(20161123560025)(20161123562025)(20161123558025)(6072148)(6042181); SRVR:CY4PR21MB0504; BCL:0; PCL:0; RULEID:; SRVR:CY4PR21MB0504; x-forefront-prvs: 0235CBE7D0 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(7916002)(209900001)(966004)(122556002)(99286003)(53376002)(110136004)(54896002)(86362001)(38730400002)(450100001)(53936002)(102836003)(5630700001)(6306002)(25786008)(5640700003)(6916009)(50986999)(55016002)(92566002)(606005)(6506006)(77096006)(236005)(9686003)(6436002)(7696004)(5660300001)(8990500004)(2906002)(3660700001)(2501003)(54356999)(5005710100001)(86612001)(2900100001)(3280700002)(6116002)(10090500001)(790700001)(81166006)(7906003)(74316002)(33656002)(1730700003)(10290500002)(189998001)(7736002)(8676002)(2351001)(8936002)(6606295002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0504; H:CY4PR21MB0504.namprd21.prod.outlook.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; LANG:en; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_CY4PR21MB05042B3614CF65F13EA4B07FF52B0CY4PR21MB0504namp_" MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Mar 2017 01:59:36.1721 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0504 Archived-At: Subject: [Ace] CBOR Web Token (CWT) with better examples and a CBOR tag X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Mar 2017 01:59:41 -0000 --_000_CY4PR21MB05042B3614CF65F13EA4B07FF52B0CY4PR21MB0504namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable A new CBOR Web Token (CWT) draft is available with completely rewritten and= much more useful examples, thanks to Samuel Erdtman. There are now examples of signed, MACed, encrypted, and nested CW= Ts that use all of the defined claims (and no claims not yet defined). A C= BOR tag for CWTs is now also defined. People are highly encouraged to revi= ew the new examples and validate them. The specification is available at: * https://tools.ietf.org/html/draft-ietf-ace-cbor-web-token-03 An HTML-formatted version is also available at: * http://self-issued.info/docs/draft-ietf-ace-cbor-web-token-03.htm= l -- Mike P.S. This notice was also posted at http://self-issued.info/?p=3D1650 and = as @selfissued. --_000_CY4PR21MB05042B3614CF65F13EA4B07FF52B0CY4PR21MB0504namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

A new CBOR Web Token (CWT) draft is available with c= ompletely rewritten and much more useful examples, thanks to Samuel Erdtman.  There ar= e now examples of signed, MACed, encrypted, and nested CWTs that use all of= the defined claims (and no claims not yet defined).  A CBOR tag for C= WTs is now also defined.  People are highly encouraged to review the new examples and validate them.

 

The specification is available at:

  • <= a href=3D"https://tools.ietf.org/html/draft-ietf-ace-cbor-web-token-03">htt= ps://tools.ietf.org/html/draft-ietf-ace-cbor-web-token-03

 

An HTML-formatted version is also available at:=

·      &n= bsp;  http://self-issued.info/docs/draft-ietf-ace-cbor-web-token-03.ht= ml

 

        &nbs= p;            &= nbsp;           &nbs= p;            &= nbsp;        -- Mike

 

P.S.  This notice was also posted at http://self-issued.info/?p=3D1650 and as @selfissued.

 

--_000_CY4PR21MB05042B3614CF65F13EA4B07FF52B0CY4PR21MB0504namp_-- From nobody Fri Mar 3 16:01:45 2017 Return-Path: X-Original-To: ace@ietf.org Delivered-To: ace@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id C925C12969B; Fri, 3 Mar 2017 15:55:35 -0800 (PST) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: "\"IETF Secretariat\"" To: , X-Test-IDTracker: no X-IETF-IDTracker: 6.46.1 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <148858533581.15846.6627316986243575226.idtracker@ietfa.amsl.com> Date: Fri, 03 Mar 2017 15:55:35 -0800 Archived-At: Cc: Kathleen.Moriarty.ietf@gmail.com, ace@ietf.org Subject: [Ace] ace - Requested session has been scheduled for IETF 98 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Mar 2017 23:55:36 -0000 Dear Kepeng Li, The session(s) that you have requested have been scheduled. Below is the scheduled session information followed by the original request. ace Session 1 (2:30:00) Monday, Morning Session I 0900-1130 Room Name: Zurich C size: 100 --------------------------------------------- Request Information: --------------------------------------------------------- Working Group Name: Authentication and Authorization for Constrained Environments Area Name: Security Area Session Requester: Kepeng Li Number of Sessions: 1 Length of Session(s): 2.5 Hours Number of Attendees: 100 Conflicts to Avoid: First Priority: core oauth saag lwig tokbind tls People who must be present: Kathleen Moriarty Hannes Tschofenig Kepeng Li Resources Requested: Projector in room Special Requests: Avoid entire SEC areas. Please avoid a session on Friday! --------------------------------------------------------- From nobody Fri Mar 3 16:25:20 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C65612706D; Fri, 3 Mar 2017 16:25:02 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.199 X-Spam-Level: X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id frFQV70myTzd; Fri, 3 Mar 2017 16:25:00 -0800 (PST) Received: from mailhost.informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 03E0B128AB0; Fri, 3 Mar 2017 16:24:48 -0800 (PST) X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de Received: from submithost.informatik.uni-bremen.de (submithost.informatik.uni-bremen.de [134.102.201.11]) by mailhost.informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id v240Oj9j005097; Sat, 4 Mar 2017 01:24:45 +0100 (CET) Received: from [192.168.217.124] (p5DCCCDC2.dip0.t-ipconnect.de [93.204.205.194]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by submithost.informatik.uni-bremen.de (Postfix) with ESMTPSA id 3vZmyj0KjVzDJ6h; Sat, 4 Mar 2017 01:24:45 +0100 (CET) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\)) From: Carsten Bormann In-Reply-To: <880044A0-E3F0-436D-BB45-6751A01EDB6B@tzi.org> Date: Sat, 4 Mar 2017 01:24:44 +0100 X-Mao-Original-Outgoing-Id: 510279884.362881-152b94dac84d17b5022d5bfde5097d7b Content-Transfer-Encoding: quoted-printable Message-Id: References: <880044A0-E3F0-436D-BB45-6751A01EDB6B@tzi.org> To: ace@ietf.org, "core@ietf.org WG" , cose@ietf.org, cbor@ietf.org, t2trg@irtf.org X-Mailer: Apple Mail (2.3259) Archived-At: Subject: [Ace] Constrained Node/Network Cluster @ IETF98: FINAL AGENDA X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Mar 2017 00:25:02 -0000 Here is my usual eclectic condensed agenda based on the "FINAL" AGENDA for IETF98. Remember that agenda definitions are never really "FINAL"... "While this is considered the final agenda for printing, changes may be made to the agenda up until and during the meeting. Updates will be reflected on the web versions of the agenda." Compared to the draft agenda, this has mostly room changes. v6ops moved around, and tsvarea got extended to an almost four-hour meeting. All times are CDT (UTC-0500) -- yes, the US will be on DST already for a couple of weeks, while Europe moves over right on Mar 26th. (The browser timezone function still is not yet reinstated on https://datatracker.ietf.org/meeting/agenda-utc, for those who want to listen from remote.) Gr=C3=BC=C3=9Fe, Carsten SUNDAY, March 26, 2017 0900-1700 IRTF*** icnrg, with some t2trg-related items on the = agenda MONDAY, March 27, 2017 0900-1130 Morning Session I Zurich A ART dispatch Dispatch WG Zurich D INT homenet Home Networking WG Zurich C SEC *** ace Authentication and Authorization for = Constrained Environments WG 1300-1500 Afternoon Session I Vevey 1/2 IRTF*** t2trg Thing-to-Thing Zurich A OPS anima Autonomic Networking Integrated Model = and Approach WG Zurich B RTG bier Bit Indexed Explicit Replication WG Zurich G RTG detnet Deterministic Networking WG Zurich E/F TSV tsvarea Transport Area Open Meeting 1520-1650 Afternoon Session II Zurich A SEC tokbind Token Binding WG Zurich E/F TSV tsvarea Transport Area Open Meeting 1710-1810 Afternoon Session III Zurich E/F GEN wugh WGs Using GitHub BOF Zurich D INT *** lwig Light-Weight Implementation Guidance WG Montreux 3 SEC curdle CURves, Deprecating and a Little more = Encryption WG Zurich C SEC oauth Web Authorization Protocol WG Vevey 1/2 TSV tsvwg Transport Area Working Group WG TUESDAY, March 28, 2017 0900-1130 Morning Session I Zurich C INT *** 6tisch IPv6 over the TSCH mode of IEEE = 802.15.4e WG Zurich D IRTF maprg Measurement and Analysis for Protocols Zurich E/F SEC tls Transport Layer Security WG 1300-1430 Afternoon Session I Zurich C ART *** core Constrained RESTful Environments WG Zurich D INT intarea Internet Area Working Group WG Zurich A RTG babel Babel routing protocol WG 1450-1620 Afternoon Session II Zurich G ART uta Using TLS in Applications WG Zurich E/F SEC *** teep A Protocol for Dynamic Trusted Execution = Environment Enablement BOF 1640-1840 Afternoon Session III Zurich B INT dnssd Extensions for Scalable DNS Service = Discovery WG Zurich E/F TSV taps Transport Services WG WEDNESDAY, March 29, 2017 0900-1130 Morning Session I Zurich A INT *** 6lo IPv6 over Networks of = Resource-constrained Nodes WG 1300-1500 Afternoon Session I Zurich C INT *** lpwan IPv6 over Low Power Wide-Area Networks = WG Zurich A OPS v6ops IPv6 Operations WG Montreux 3 TSV tcpinc TCP Increased Security WG THURSDAY, March 30, 2017 0900-1130 Morning Session I Zurich D INT 6man IPv6 Maintenance WG Zurich C IRTF icnrg Information-Centric Networking Zurich E/F RTG rtgarea Routing Area Open Meeting Vevey 1/2 TSV quic QUIC WG 1300-1500 Afternoon Session I Zurich B ART *** cbor Concise Binary Object Representation = Maintenance and Extensions WG Zurich G SEC acme Automated Certificate Management = Environment WG Zurich A TSV tsvwg Transport Area Working Group WG 1520-1720 Afternoon Session II Zurich D SEC saag Security Area Open Meeting 1740-1840 Afternoon Session III Zurich B RTG *** roll Routing Over Low power and Lossy = networks WG FRIDAY, March 31, 2017 0900-1130 Morning Session I Vevey 1/2 ART httpbis Hypertext Transfer Protocol WG Zurich E/F INT ipwave IP Wireless Access in Vehicular = Environments WG Zurich A OPS anima Autonomic Networking Integrated Model = and Approach WG Zurich C SEC oauth Web Authorization Protocol WG 1150-1320 Afternoon Session I Zurich C ART *** core Constrained RESTful Environments WG From nobody Sat Mar 4 07:36:04 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7892C1295CD for ; Sat, 4 Mar 2017 07:36:02 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=alibaba-inc.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Yrqw--JtBspx for ; Sat, 4 Mar 2017 07:36:00 -0800 (PST) Received: from out0-136.mail.aliyun.com (out0-136.mail.aliyun.com [140.205.0.136]) by ietfa.amsl.com (Postfix) with ESMTP id 3362B1294EE for ; Sat, 4 Mar 2017 07:35:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alibaba-inc.com; s=default; t=1488641754; h=Date:Subject:From:To:Message-ID:Mime-version:Content-type; bh=yTmv1Ee3gHyGDlpsiUGcuPEqiLg3ykxrmRwY2NY6YmE=; b=ZeDr8JRbFiZzXnHdJgdOhZLCiu8qPqqYQoHLOTpMjwncn2jJLMyXb57kygq0vxMCN/XMnt6xLR4UZTEEuHC4UUvCw8SOkjB4u7ese3NxyvT4E7gjW7lI3CqmSAjaKxQm38dy26EnXUrL0WvIHEYdo99cfNs3CfsyuMWZ6s8ezVM= X-Alimail-AntiSpam: AC=PASS; BC=-1|-1; BR=01201311R401e4; FP=0|-1|-1|-1|0|-1|-1|-1; HT=e02c03307; MF=kepeng.lkp@alibaba-inc.com; NM=1; PH=DU; RN=4; SR=0; TI=SMTPD_---.7kh7E0f_1488641745; Received: from 30.39.36.209(mailfrom:kepeng.lkp@alibaba-inc.com ip:42.120.73.208) by smtp.aliyun-inc.com(127.0.0.1); Sat, 04 Mar 2017 23:35:49 +0800 User-Agent: Microsoft-MacOutlook/14.6.8.160830 Date: Sat, 04 Mar 2017 22:42:36 +0800 From: "Kepeng Li" To: "Kepeng Li" , Message-ID: Thread-Topic: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 Mime-version: 1.0 Content-type: multipart/alternative; boundary="B_3571515349_20829708" Archived-At: Cc: Kathleen Moriarty , Hannes Tschofenig Subject: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Mar 2017 15:36:02 -0000 > ´ËÓʼþʹÓà MIME ¸ñʽ¡£ÓÉÓÚÓʼþÔĶÁ³ÌÐò²»ÄÜʶ±ð ´Ë¸ñʽ£¬Òò´Ë£¬¿ÉÄÜÎÞ·¨Ê¶±ð¸ÃÓʼþµÄ·Ö²¿»ò²¿·ÖÄÚÈÝ¡£ --B_3571515349_20829708 Content-type: text/plain; charset="GB2312" Content-transfer-encoding: quoted-printable > The call ends on Mar 7, 2017. Sorry, let me make a correction on this. Usually the call for adoption should take two weeks. It started from 24 Feb, and should end on 10 Mar. Kindly remind you to provide your feedback before the deadline. Thanks, Kind Regards Kepeng =B7=A2=BC=FE=C8=CB: Ace on behalf of Li Kepeng =C8=D5=C6=DA: Thursday, 23 February 2017 at 5:48 PM =D6=C1: =B3=AD=CB=CD: Kathleen Moriarty , Hannes Tschofenig =D6=F7=CC=E2: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 Hello all, =20 This note begins a Call For Adoption for draft-somaraju-ace-multicast-02 [1= ] to be adopted as an ACE working group item, and added in the charter. The call ends on Mar 7, 2017. =20 Keep in mind that adoption of a document does not mean the document as-is i= s ready for publication. It is merely acceptance of the document as a startin= g point for what will be the final product of the ACE working group. The working group is free to make changes to the document according to the normal consensus process. =20 Please reply on this thread with expressions of support or opposition, preferably with comments, regarding accepting this as a work item. =20 Thanks, =20 Kind Regards Kepeng (ACE co-chair) =20 [1] https://datatracker.ietf.org/doc/draft-somaraju-ace-multicast/ _______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace --B_3571515349_20829708 Content-type: text/html; charset="GB2312" Content-transfer-encoding: quoted-printable 
> The call ends on Mar 7, 2017.
Sorry, let me make a correction on th=
is. 

Usually the call for adoption should take two weeks=
.

It started from 24 Feb, and should end on 10 Mar.

Kindly remind you to provide your feedback before the deadline.=

=

Thanks,

Kind Regards
Kepeng

=B7=A2=BC=FE=C8=CB: Ace <a= ce-bounces@ietf.org> on behalf of Li Kepeng <kepeng.lkp@alibaba-inc.com>
=C8=D5=C6=DA: Thursday, 23 February 2017 at 5:48 PM
=D6=C1: <Ace@= ietf.org>
=B3=AD=CB=CD: Kathleen Mo= riarty <kathleen.moriar= ty.ietf@gmail.com>, Hannes Tschofenig <hannes.tschofenig@gmx.net>
=D6=F7=CC=E2: [Ace] Call for adoption for draft-somaraju-ace-multica= st-02

Hello all,

 
T=
his note begins a Call For Adoption for draft-somaraju-ace-multicast-02 [1] to be adopted as an ACE working gro=
up item, and added in the charter. The call ends on Mar 7, 2017.

 

Keep in mind that adoption of a document =
does not mean the document as-is is ready for publication. It is merely acceptance of the document as a star=
ting point for what will be the final product of the ACE working group. The working group is=
 free to make changes to the document according to the normal consensus process.
 
Please reply on this thre=
ad with expressions of support or opposition, preferably with comments, regarding accepting =
this as a work item.

 <= /font>

Thanks,
 
Kind Regards
Kepeng (ACE co-chair)

 

_______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/ma= ilman/listinfo/ace --B_3571515349_20829708-- From nobody Sat Mar 4 07:36:09 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2D5291294EE for ; Sat, 4 Mar 2017 07:36:03 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=alibaba-inc.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 00vgiZ9GM5pl for ; Sat, 4 Mar 2017 07:36:00 -0800 (PST) Received: from out0-132.mail.aliyun.com (out0-132.mail.aliyun.com [140.205.0.132]) by ietfa.amsl.com (Postfix) with ESMTP id 68BC2129549 for ; Sat, 4 Mar 2017 07:35:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alibaba-inc.com; s=default; t=1488641756; h=Date:Subject:From:To:Message-ID:Mime-version:Content-type; bh=nXwquSV9qtDeSTMcuPBi5BnnGLHpjHNUb/e8cT4Nzlg=; b=Jnca70RO7OKGB5Eh87xLP4wH9jcsLvBrVrpPCKUkoI67owXlfqU92bZIH7yOC3jbThd3+9DBQ8FwBMua4xUT6Y0lojGXGnTOERUTWxJ3lvMZh1IRDV/G0blbTNyGYmqCM3QaAx0X+xo5LBrlL3EDJ1z9JkGHfGPe2I9Iq7VF918= X-Alimail-AntiSpam: AC=PASS; BC=-1|-1; BR=01201311R161e4; FP=0|-1|-1|-1|0|-1|-1|-1; HT=e02c03302; MF=kepeng.lkp@alibaba-inc.com; NM=1; PH=DS; RN=4; SR=0; TI=SMTPD_---.7kh7E0f_1488641745; Received: from 30.39.36.209(mailfrom:kepeng.lkp@alibaba-inc.com ip:42.120.73.208) by smtp.aliyun-inc.com(127.0.0.1); Sat, 04 Mar 2017 23:35:48 +0800 User-Agent: Microsoft-MacOutlook/14.6.8.160830 Date: Sat, 04 Mar 2017 22:30:29 +0800 From: "Kepeng Li" To: =?ISO-8859-1?B?R/ZyYW4=?= Selander , "Ace@ietf.org" , Hannes Tschofenig Message-ID: Thread-Topic: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 References: In-Reply-To: Mime-version: 1.0 Content-type: multipart/alternative; boundary="B_3571515348_20860711" Archived-At: Cc: Kathleen Moriarty Subject: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Mar 2017 15:36:03 -0000 > ´ËÓʼþʹÓà MIME ¸ñʽ¡£ÓÉÓÚÓʼþÔĶÁ³ÌÐò²»ÄÜʶ±ð ´Ë¸ñʽ£¬Òò´Ë£¬¿ÉÄÜÎÞ·¨Ê¶±ð¸ÃÓʼþµÄ·Ö²¿»ò²¿·ÖÄÚÈÝ¡£ --B_3571515348_20860711 Content-type: text/plain; charset="UTF-8" Content-transfer-encoding: quoted-printable This document is only the starting point for the work and the content will change as the working group works on it. Group communication security work has been contributed earlier to the group and has received a lot of attention. For this reason the call for adoption happens earlier. The call for adoption of other documents, some of them hav= e only recently been submitted to the group, will happen soon. Kind Regards Kepeng =E5=8F=91=E4=BB=B6=E4=BA=BA: G=C3=B6ran Selander =E6=97=A5=E6=9C=9F: Friday, 24 February 2017 at 3:34 PM =E8=87=B3: Li Kepeng , "Ace@ietf.org" = , Hannes Tschofenig =E6=8A=84=E9=80=81: Kathleen Moriarty =E4=B8=BB=E9=A2=98: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 I=E2=80=99m in favour of adopting a profile of the ACE framework [1] providing th= e functionality outlined in this draft. It was acknowledged in the latest ACE interim that this draft will be transformed into an ACE profile, but currently the mapping to ACE is not very clear: - Many of the "Requirements on Profiles=E2=80=9D (Appendix C of [1]) are not fulfilled, e.g. how is the "resource server" of the ACE framework mapped? I= s it the KDC? - Will the proposed ACE-DTLS profile [2] be used or will we have different methods for authorising DTLS in different profiles? There has been a lot of discussion of this draft, whereas "non-controversial=E2=80=9D profiles of ACE ([2], [3], [4]) has been disregarded = in the process. If one profile is being adopted without consideration of other profiles it may lead to duplication of specification, or different mechanisms being defined doing the same thing. Chairs: What is the plan for coordinating the functionality in the differen= t ACE profiles being adopted? G=C3=B6ran [1] https://tools.ietf.org/html/draft-ietf-ace-oauth-authz [2] https://tools.ietf.org/html/draft-gerdes-ace-dtls-authorize [3] https://tools.ietf.org/html/draft-seitz-ace-oscoap-profile [4] https://tools.ietf.org/html/draft-sengul-kirby-ace-mqtt-tls-profile From: Ace on behalf of Kepeng Li Date: Thursday 23 February 2017 at 10:48 To: "Ace@ietf.org" Cc: Kathleen Moriarty , Hannes Tschofenig Subject: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 > Hello all, > =20 > This note begins a Call For Adoption for draft-somaraju-ace-multicast-02 = [1] > to be adopted as an ACE working group item, and added in the charter. The= call > ends on Mar 7, 2017. > =20 > Keep in mind that adoption of a document does not mean the document as-is= is > ready for publication. It is merely acceptance of the document as a start= ing > point for what will be the final product of the ACE working group. The wo= rking > group is free to make changes to the document according to the normal > consensus process. > =20 > Please reply on this thread with expressions of support or opposition, > preferably with comments, regarding accepting this as a work item. > =20 > Thanks, > =20 > Kind Regards > Kepeng (ACE co-chair) > =20 >=20 > [1] https://datatracker.ietf.org/doc/draft-somaraju-ace-multicast/ --B_3571515348_20860711 Content-type: text/html; charset="UTF-8" Content-transfer-encoding: quoted-printable
= This document is only the starting point for the work and the content will c= hange as the working group works on it.

Group communication security work has b= een contributed earlier to the group and has received a lot of attention. Fo= r this reason the call for adoption happens earlier. The call for adoption o= f other documents, some of them have only recently been submitted to the gro= up, will happen soon.

= Kind Regards
Kepeng

=
=E5=8F=91=E4=BB=B6=E4=BA=BA: G=C3=B6ran Selander <goran.selander@ericsson.com>= ;
=E6=97=A5=E6=9C=9F: Friday, 24 February 2017= at 3:34 PM
=E8=87=B3: Li Kepeng <kepeng.lkp@alibaba-inc.com>,= "Ace@ietf.org" <Ace@ietf.org>, Hannes Tschofenig <hannes.tschofenig@gmx.net>
=E6=8A=84=E9=80=81: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
=E4=B8=BB=E9=A2=98: Re: [Ace] Call for adoption for draft-= somaraju-ace-multicast-02


=
I’m in favour of adopting a profile of the ACE framework [1= ] providing the functionality outlined in this draft.

It was acknowledged in the latest ACE interim that this draft will b= e transformed into an ACE profile, but currently the mapping to ACE is not v= ery clear:

- Many of the "Requirements on Profiles&= #8221; (Appendix C of [1]) are not fulfilled, e.g. how is the "resource serv= er" of the ACE framework mapped? Is it the KDC?
- Will the propose= d ACE-DTLS profile [2] be used or will we have different methods for authori= sing DTLS in different profiles?

There has been a l= ot of discussion of this draft, whereas "non-controversial” profiles o= f ACE ([2], [3], [4]) has been disregarded in the process. If one profile is= being adopted without consideration of other profiles it may lead to duplic= ation of specification, or different mechanisms being defined doing the same thing.

=
Chairs: What is the plan for coordinating the functionality in th= e different ACE profiles being adopted?



=
From= : Ace <ace-bounces@ietf.org<= /a>> on behalf of Kepeng Li <kepeng.lkp@alibaba-inc.com>
Date= : Thursday 23 February 2017 at 10:48
To: "Ace@ietf.org" <Ace@ietf.org>
C= c: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, Hannes Tschofenig <hannes.tschofenig@gmx.net>
Subject: [Ace] Call for adoption for dra= ft-somaraju-ace-multicast-02

Hello all,

 
This =
note begins a Call For Adoption for draft-somaraju-ace-multicast-02 [1] to be adopted as an ACE working group i=
tem, and added in the charter. The call ends on Mar 7, 2017.
 

Keep in mind that adoption of a document does=
 not mean the document as-is is ready for publication. It is merely acceptance of the document as a starting=
 point for what will be the final product of the ACE working group. The working group is fre=
e to make changes to the document according to the normal consensus process.
 
Please reply on this thread w=
ith expressions of support or opposition, preferably with comments, regarding accepting this=
 as a work item.

 

Tha=
nks,
 
Kind Regards
Kepeng (ACE co-chair)

 

 --B_3571515348_20860711-- From nobody Mon Mar 6 14:29:40 2017 Return-Path: X-Original-To: ace@ietf.org Delivered-To: ace@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 47E42129444; Mon, 6 Mar 2017 14:29:34 -0800 (PST) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: internet-drafts@ietf.org To: X-Test-IDTracker: no X-IETF-IDTracker: 6.46.1 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <148883937428.14971.10296138661074195041.idtracker@ietfa.amsl.com> Date: Mon, 06 Mar 2017 14:29:34 -0800 Archived-At: Cc: ace@ietf.org Subject: [Ace] I-D Action: draft-ietf-ace-actors-05.txt X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 22:29:34 -0000 A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Authentication and Authorization for Constrained Environments of the IETF. Title : An architecture for authorization in constrained environments Authors : Stefanie Gerdes Ludwig Seitz Goeran Selander Carsten Bormann Filename : draft-ietf-ace-actors-05.txt Pages : 33 Date : 2017-03-06 Abstract: Constrained-node networks are networks where some nodes have severe constraints on code size, state memory, processing capabilities, user interface, power and communication bandwidth (RFC 7228). This document provides terminology, and identifies the elements that an architecture needs to address, providing a problem statement, for authentication and authorization in these networks. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-ace-actors/ There's also a htmlized version available at: https://tools.ietf.org/html/draft-ietf-ace-actors-05 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-ace-actors-05 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ From nobody Mon Mar 6 14:33:19 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46062129489 for ; Mon, 6 Mar 2017 14:33:18 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.2 X-Spam-Level: X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Pa40xdh6_Ukp for ; Mon, 6 Mar 2017 14:33:16 -0800 (PST) Received: from mailhost.informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5C5DE129515 for ; Mon, 6 Mar 2017 14:33:16 -0800 (PST) X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de Received: from submithost.informatik.uni-bremen.de (submithost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::b]) by mailhost.informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id v26MXBNZ026190 for ; Mon, 6 Mar 2017 23:33:11 +0100 (CET) Received: from [192.168.217.124] (p5DCCCDC2.dip0.t-ipconnect.de [93.204.205.194]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by submithost.informatik.uni-bremen.de (Postfix) with ESMTPSA id 3vcZLb0tNwzDHPM; Mon, 6 Mar 2017 23:33:11 +0100 (CET) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\)) From: Carsten Bormann In-Reply-To: <148883937428.14971.10296138661074195041.idtracker@ietfa.amsl.com> Date: Mon, 6 Mar 2017 23:33:10 +0100 X-Mao-Original-Outgoing-Id: 510532390.233288-2b2f757a4f23c4eda060944a68f610e1 Content-Transfer-Encoding: quoted-printable Message-Id: <525A9805-D060-4372-8D93-D9E2C3430932@tzi.org> References: <148883937428.14971.10296138661074195041.idtracker@ietfa.amsl.com> To: ace@ietf.org X-Mailer: Apple Mail (2.3259) Archived-At: Subject: Re: [Ace] I-D Action: draft-ietf-ace-actors-05.txt X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 22:33:18 -0000 I uploaded the current status of the actors draft (which is half-way in = the processing of Robin Wilton=E2=80=99s extensive editorial comments, as could be seen in the ACE SVN for a few months = already) mainly to prevent the draft from expiring tomorrow. Gr=C3=BC=C3=9Fe, Carsten > Title : An architecture for authorization in = constrained environments > Authors : Stefanie Gerdes > Ludwig Seitz > Goeran Selander > Carsten Bormann > Filename : draft-ietf-ace-actors-05.txt > Pages : 33 > Date : 2017-03-06 >=20 > Abstract: > Constrained-node networks are networks where some nodes have severe > constraints on code size, state memory, processing capabilities, = user > interface, power and communication bandwidth (RFC 7228). >=20 > This document provides terminology, and identifies the elements that > an architecture needs to address, providing a problem statement, for > authentication and authorization in these networks. >=20 >=20 > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-ace-actors/ >=20 > There's also a htmlized version available at: > https://tools.ietf.org/html/draft-ietf-ace-actors-05 >=20 > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=3Ddraft-ietf-ace-actors-05 From nobody Mon Mar 6 17:55:47 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 26C95129A8C for ; Mon, 6 Mar 2017 17:55:46 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=augustcellars.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZunHUuRjMiv7 for ; Mon, 6 Mar 2017 17:55:44 -0800 (PST) Received: from mail4.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8E245120724 for ; Mon, 6 Mar 2017 17:55:44 -0800 (PST) Content-Type: multipart/alternative; boundary="----=_NextPart_000_07B9_01D296A2.E184C990" Content-Language: en-us DKIM-Signature: v=1; a=rsa-sha256; d=augustcellars.com; s=winery; c=simple/simple; t=1488851745; h=from:subject:to:date:message-id; bh=aLsVFwl7Ieq0bdCJuQqG98pLIkuS3XnblJ7B1rwJjNE=; b=Xem8liYrxPqWmbRBw6ewDmGzpUD+T+ldYKyFeUaqwTamuov9Ju0CdbcxuMQyBSjPPBHD3SsLq0I +grrXULnzPgoisDM5IDx6rXYko+EO20rwcYuVAJSlKIvmyOaJCwskXsZc0eGhAN1wKvpk82Zdnuzy KemEN8GVysrI8ea77uCNHgRoafXOv6460CN/3kjTYHn1CEwDvfn+SUBVjEQb2XXCqRaKMfehx0MN2 e9gPH/Vbf6pnz9jiVB0IK9dzN1wwI9sTqEq06+F2EApCg6VzMm8bN8qUwq4NzfQ6oGmDpjMkcRq3T UyrCfEUlWIuFk/HoMJyVGdNg2oD9dokYgvsQ== Received: from mail2.augustcellars.com (192.168.1.201) by mail4.augustcellars.com (192.168.1.153) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Mon, 6 Mar 2017 17:55:44 -0800 Received: from hebrews (24.21.96.37) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Mon, 6 Mar 2017 17:53:25 -0800 From: Jim Schaad To: 'Kepeng Li' , References: In-Reply-To: Date: Mon, 6 Mar 2017 17:55:43 -0800 Message-ID: <07b801d296e5$efa74640$cef5d2c0$@augustcellars.com> MIME-Version: 1.0 X-Mailer: Microsoft Outlook 16.0 Thread-Index: AQFSBgtZF75ik3TUettAxv04sm1uhqKJv1Fw X-Originating-IP: [24.21.96.37] Archived-At: Subject: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2017 01:55:46 -0000 ------=_NextPart_000_07B9_01D296A2.E184C990 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit After thinking about this for a long time, I will reluctantly state a position. I do not believe that the WG should adopt this document at least until such a time as a version has been released which does a substantially better job of restricting the scope of the problem to be solved. If the WG then decides to relax that scope so be it. Jim From: Ace [mailto:ace-bounces@ietf.org] On Behalf Of Kepeng Li Sent: Thursday, February 23, 2017 1:48 AM To: Ace@ietf.org Cc: Kathleen Moriarty ; Hannes Tschofenig Subject: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 Hello all, This note begins a Call For Adoption for draft-somaraju-ace-multicast-02 [1] to be adopted as an ACE working group item, and added in the charter. The call ends on Mar 7, 2017. Keep in mind that adoption of a document does not mean the document as-is is ready for publication. It is merely acceptance of the document as a starting point for what will be the final product of the ACE working group. The working group is free to make changes to the document according to the normal consensus process. Please reply on this thread with expressions of support or opposition, preferably with comments, regarding accepting this as a work item. Thanks, Kind Regards Kepeng (ACE co-chair) [1] https://datatracker.ietf.org/doc/draft-somaraju-ace-multicast/ ------=_NextPart_000_07B9_01D296A2.E184C990 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

After thinking about this for a long time, I will = reluctantly state a position.

 

I do not believe that the WG should adopt this document at = least until such a time as a version has been released which does a = substantially better job of restricting the scope of the problem to be = solved.  If the WG then decides to relax that scope so be = it.

 

Jim

 

 

From:<= /b> = Ace [mailto:ace-bounces@ietf.org] On Behalf Of Kepeng = Li
Sent: Thursday, February 23, 2017 1:48 AM
To: = Ace@ietf.org
Cc: Kathleen Moriarty = <kathleen.moriarty.ietf@gmail.com>; Hannes Tschofenig = <hannes.tschofenig@gmx.net>
Subject: [Ace] Call for = adoption for = draft-somaraju-ace-multicast-02

 

Hello = all,

<= pre style=3D'line-height:13.5pt;vertical-align:baseline'> <= span style=3D'color:black'>
This note begins a Call For =
Adoption for draft-somaraju-ace-multicast-02 [1] =
to be adopted as an ACE working group item, and added in the =
charter. The call ends on Mar 7, 2017.

 

<= pre style=3D'line-height:13.5pt;vertical-align:baseline'>Keep in mind that adoption of = a document does not mean the document as-is is ready for publication. It = is merely acceptance of the document as a starting point for what will = be the final product of the ACE working group. The working group is free = to make changes to the document according to the normal consensus = process.
 <=
span style=3D'color:black'>
Please reply on this thread =
with expressions of support or opposition, preferably with comments, =
regarding accepting this as a work item.

 

<= pre style=3D'line-height:13.5pt;vertical-align:baseline'>Thanks,
 
Kind Regards
Kepeng (ACE =
co-chair)

 

<= p class=3DMsoNormal>[1] h= ttps://datatracker.ietf.org/doc/draft-somaraju-ace-multicast/<= span = style=3D'font-size:10.5pt;color:black'>

=
------=_NextPart_000_07B9_01D296A2.E184C990-- From nobody Tue Mar 7 00:33:16 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7BA2D129437 for ; Tue, 7 Mar 2017 00:33:15 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.62 X-Spam-Level: X-Spam-Status: No, score=-2.62 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IpnY43LX7ygT for ; Tue, 7 Mar 2017 00:33:08 -0800 (PST) Received: from lb1-smtp-cloud6.xs4all.net (lb1-smtp-cloud6.xs4all.net [194.109.24.24]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 911B512711D for ; Tue, 7 Mar 2017 00:33:08 -0800 (PST) Received: from webmail.xs4all.nl ([194.109.20.207]) by smtp-cloud6.xs4all.net with ESMTP id swZ51u00E4U4Moq01wZ581; Tue, 07 Mar 2017 09:33:06 +0100 Received: from AMontpellier-654-1-111-191.w90-0.abo.wanadoo.fr ([90.0.86.191]) by webmail.xs4all.nl with HTTP (HTTP/1.1 POST); Tue, 07 Mar 2017 09:33:05 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Tue, 07 Mar 2017 09:33:05 +0100 From: peter van der Stok To: Jim Schaad Organization: vanderstok consultancy Mail-Reply-To: consultancy@vanderstok.org In-Reply-To: <07b801d296e5$efa74640$cef5d2c0$@augustcellars.com> References: <07b801d296e5$efa74640$cef5d2c0$@augustcellars.com> Message-ID: X-Sender: stokcons@xs4all.nl User-Agent: XS4ALL Webmail Archived-At: Cc: 'Kepeng Li' , Ace@ietf.org Subject: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list Reply-To: consultancy@vanderstok.org List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2017 08:33:15 -0000 After reading Jim's statement, my position is a bit different. Multicast security is severely needed. Not making it a WG document augments the risk that the subject is frozen and no progress is made. To guarantee progress, adoption seems to me the right way forward. Peter Jim Schaad schreef op 2017-03-07 02:55: > After thinking about this for a long time, I will reluctantly state a > position. > > I do not believe that the WG should adopt this document at least until > such a time as a version has been released which does a substantially > better job of restricting the scope of the problem to be solved. If > the WG then decides to relax that scope so be it. > > Jim > > FROM: Ace [mailto:ace-bounces@ietf.org] ON BEHALF OF Kepeng Li > SENT: Thursday, February 23, 2017 1:48 AM > TO: Ace@ietf.org > CC: Kathleen Moriarty ; Hannes > Tschofenig > SUBJECT: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 > > Hello all, > > This note begins a Call For Adoption for > draft-somaraju-ace-multicast-02 [1] to be adopted as an ACE working > group item, and added in the charter. The call ends on Mar 7, 2017. > > Keep in mind that adoption of a document does not mean the document > as-is is ready for publication. It is merely acceptance of the > document as a starting point for what will be the final product of the > ACE working group. The working group is free to make changes to the > document according to the normal consensus process. > > Please reply on this thread with expressions of support or opposition, > preferably with comments, regarding accepting this as a work item. > > Thanks, > > Kind Regards > > Kepeng (ACE co-chair) > > [1] https://datatracker.ietf.org/doc/draft-somaraju-ace-multicast/ > _______________________________________________ > Ace mailing list > Ace@ietf.org > https://www.ietf.org/mailman/listinfo/ace From nobody Tue Mar 7 00:38:20 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5BD63129437 for ; Tue, 7 Mar 2017 00:38:18 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -14.523 X-Spam-Level: X-Spam-Status: No, score=-14.523 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zQaz0V7fNC-6 for ; Tue, 7 Mar 2017 00:38:17 -0800 (PST) Received: from aer-iport-1.cisco.com (aer-iport-1.cisco.com [173.38.203.51]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A818B1293E4 for ; Tue, 7 Mar 2017 00:38:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1982; q=dns/txt; s=iport; t=1488875896; x=1490085496; h=subject:to:references:cc:from:message-id:date: mime-version:in-reply-to; bh=t5+teqp1d+T70a1VakHcCrVIA9JGiVCZbWt5s7Luy2w=; b=g0Cxvz8DG6hP7HPl7Neaqzyq5e3huI6TNicem7foFOtFEwVElH4GBa5E fKKdsaUIApknZe7MeXG+iJcHDlo5Y/cDOxxePwExTMT3iR2BOL4LS29d4 kYafWojU0mwqrvf0pPt8375e1FyUUXAmM7+6uY+nIFqM8iq5ChV/ixOp8 g=; X-Files: signature.asc : 481 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0DACgDucL5Y/xbLJq1eGQEBAQEBAQEBA?= =?us-ascii?q?QEBBwEBAQEBhDUnhD+Kf5BXlTeCDYYiAoJrFgECAQEBAQEBAWsohRYBBR0GVhA?= =?us-ascii?q?LGCoCAlcGAQwIAQGJeK88giaKeQEBAQEBAQEBAQEBAQEBAQEBAREPiFOCaodag?= =?us-ascii?q?l8FnDCDeIIJjDWBYwGIaoZRkzsmBC2BAyIVCBcVhxQ/ikgBAQE?= X-IronPort-AV: E=Sophos;i="5.35,257,1484006400"; d="asc'?scan'208";a="692789737" Received: from aer-iport-nat.cisco.com (HELO aer-core-2.cisco.com) ([173.38.203.22]) by aer-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 07 Mar 2017 08:38:14 +0000 Received: from [10.61.97.63] (dhcp-10-61-97-63.cisco.com [10.61.97.63]) by aer-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id v278cDbS012160; Tue, 7 Mar 2017 08:38:14 GMT To: consultancy@vanderstok.org, Jim Schaad References: <07b801d296e5$efa74640$cef5d2c0$@augustcellars.com> From: Eliot Lear Message-ID: <16e55d03-49a6-efdc-7ab0-582bc34e1253@cisco.com> Date: Tue, 7 Mar 2017 09:38:12 +0100 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="WpOJt2JPF0JK4bS1ELoMlOvaUrdhMFvhf" Archived-At: Cc: 'Kepeng Li' , Ace@ietf.org Subject: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2017 08:38:18 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --WpOJt2JPF0JK4bS1ELoMlOvaUrdhMFvhf Content-Type: multipart/mixed; boundary="fuTQpk6hdBv5nQt8fcknoqlOMKqQJQ0rP"; protected-headers="v1" From: Eliot Lear To: consultancy@vanderstok.org, Jim Schaad Cc: 'Kepeng Li' , Ace@ietf.org Message-ID: <16e55d03-49a6-efdc-7ab0-582bc34e1253@cisco.com> Subject: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 References: <07b801d296e5$efa74640$cef5d2c0$@augustcellars.com> In-Reply-To: --fuTQpk6hdBv5nQt8fcknoqlOMKqQJQ0rP Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable +1. On 3/7/17 9:33 AM, peter van der Stok wrote: > After reading Jim's statement, my position is a bit different. > Multicast security is severely needed. > Not making it a WG document augments the risk that the subject is > frozen and no progress is made. > To guarantee progress, adoption seems to me the right way forward. > > Peter --fuTQpk6hdBv5nQt8fcknoqlOMKqQJQ0rP-- --WpOJt2JPF0JK4bS1ELoMlOvaUrdhMFvhf Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2 iQEcBAEBCAAGBQJYvnF1AAoJEIe2a0bZ0nozOoYH/Ampj/FbACZGlXSfWT6Y/SlV Cug/J9LqKmjNZsHsMkwg3W+CBc7q07hJv+vGorauyaIRE86HftULxD0fwfvBM93o D7wAN+hmQ+56R3WtUd2sw243uYZG43aTvDQeAWxADVvoA4Mca3I3zmQzhKVrgclS UDKLMD2KiIwNs/BW7j05ZPJLb+mvc10Wdbe2WC4aAy94MX2An3iv2RtcdtfztKzg 87h7KIcd3PnwcH1LX42sBrHdxgi29tSNvvE3QKn7j4T0cqfnTHfSxThF5E+1mYAe s1I2x/35eCzM7oOTycqZQ3pRw8EYyppzmFxyz3VRRepFroctyCrAp39Q2gifRqw= =Xlgb -----END PGP SIGNATURE----- --WpOJt2JPF0JK4bS1ELoMlOvaUrdhMFvhf-- From nobody Tue Mar 7 08:37:11 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C0A841294B8 for ; Tue, 7 Mar 2017 08:37:10 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.699 X-Spam-Level: X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.net Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Lu-ZZOf9oc0B for ; Tue, 7 Mar 2017 08:37:08 -0800 (PST) Received: from resqmta-ch2-08v.sys.comcast.net (resqmta-ch2-08v.sys.comcast.net [IPv6:2001:558:fe21:29:69:252:207:40]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BB3BA1294B2 for ; Tue, 7 Mar 2017 08:37:08 -0800 (PST) Received: from resomta-ch2-12v.sys.comcast.net ([69.252.207.108]) by resqmta-ch2-08v.sys.comcast.net with SMTP id lI5jclPBLy4bMlI6mcSrN3; Tue, 07 Mar 2017 16:37:08 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20161114; t=1488904628; bh=zN+nNNHloyaERspTD6QLTKUSeGWtao0Hwjm64IR9onE=; h=Received:Received:Subject:To:From:Message-ID:Date:MIME-Version: Content-Type; b=dxDjb5Ps5s1/S1o/UEPW7LPNEZwh3onFy3G7er9OkQXUpR9mHr3pvr6ozAY16mqxO h1arj3rILbFPPTxdWUwp7DMJxFCxlkVM5iapLdJNacGpf6yLksrx2sCzvAfcJSeGoK hdZ+HUSHVi8H0cP8mWX/EoCmGO8fYvDgtStyJh+7sU9rWWgIT10Sypq+vYAXYPioC2 rdL5NutjrGcEhJeB2j2Waw8ReS5eYLV5b2feU21Djvsw4U+YTKK28O8NBaGLQtEPRd YDvL2HbWo6FABHm6tI6P/4hWRMmgfnuFb3GEGB06sP0XrLGohWkCpD8F/ztKj7LfJJ THZp8KrU+Wd7g== Received: from [IPv6:2601:152:4400:9b5f:f482:4eb0:d3e6:2420] ([IPv6:2601:152:4400:9b5f:f482:4eb0:d3e6:2420]) by resomta-ch2-12v.sys.comcast.net with SMTP id lI6kceDBpQybtlI6lcOa7o; Tue, 07 Mar 2017 16:37:07 +0000 To: ace@ietf.org References: <07b801d296e5$efa74640$cef5d2c0$@augustcellars.com> From: Michael StJohns Message-ID: <7295a8b4-5540-d0c4-61f7-40bdca57aabd@comcast.net> Date: Tue, 7 Mar 2017 11:37:16 -0500 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 In-Reply-To: <07b801d296e5$efa74640$cef5d2c0$@augustcellars.com> Content-Type: multipart/alternative; boundary="------------7319A86E51B283531E10EFB6" X-CMAE-Envelope: MS4wfLUAgtzIi7gM+2gXHdnItGlYbATYHs4i6E9UdPfQ3F33/oEMZU3dtG91K6IFKLh1APM515uhVefsRgcnWpbqP1I1jlgiCv05Fl93B8DIzH4+hkPoIRMV dtTussjLA3fasx6iz4znHyHgD/sqRbRBxpW+iDa0qa8dbT5O/cj0eZaLeIdyJs9IfGUVy2xfb148OQ== Archived-At: Subject: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2017 16:37:11 -0000 This is a multi-part message in MIME format. --------------7319A86E51B283531E10EFB6 Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit On 3/6/2017 8:55 PM, Jim Schaad wrote: > > After thinking about this for a long time, I will reluctantly state a > position. > > I do not believe that the WG should adopt this document at least until > such a time as a version has been released which does a substantially > better job of restricting the scope of the problem to be solved. If > the WG then decides to relax that scope so be it. > > Jim > I also cannot support the adoption of this document. After listening to the arguments about latency and cost and hearing assurances that the protocol could be restricted to limit the impact of symmetric key multicast for control, I spent another few days with the document and I don't see how that (restrictions) would be possible. I support the adoption of an asymmetric key multicast solution for IOT control. I cannot support any version, including this one, of a symmetric key multicast control system. As I've noted before, this proposal and document are based on a highly constrained, and as far as I can tell somewhat unique, set of limitations related to cost and latency (e.g. lighting control systems). Let me reiterate that I believe the small subset of folk that are dealing in this space should instead generate an informational "Here's how we do it" RFC rather than attempt to place this proposal on the standards track. With respect to Peter and Elliot's +1s on adoption, yes we could use a multicast based control system, and no, a symmetric key multicast system does not have the characteristics needed for secure control. Lastly, the latency requirement argues, or perhaps screams that this would be better handled at the L2 link layer rather than an IP based system. Simply IP routing the packet in an IOT system could consume most of the 250ms that the lighting folk argue is the maximum acceptable latency from throwing the switch until the lights go on. The argument about multiple technologies mostly doesn't hold water (e.g. you could use a consistent framing inside the various bearer RF and hard link link-layer standards). Mike > *From:*Ace [mailto:ace-bounces@ietf.org] *On Behalf Of *Kepeng Li > *Sent:* Thursday, February 23, 2017 1:48 AM > *To:* Ace@ietf.org > *Cc:* Kathleen Moriarty ; Hannes > Tschofenig > *Subject:* [Ace] Call for adoption for draft-somaraju-ace-multicast-02 > > Hello all, > > This note begins a Call For Adoption for > draft-somaraju-ace-multicast-02 [1] to be adopted as an ACE working > group item, and added in the charter. The call ends on Mar 7, 2017. > > Keep in mind that adoption of a document does not mean the document > as-is is ready for publication. It is merely acceptance of the > document as a starting point for what will be the final product of the > ACE working group. The working group is free to make changes to the > document according to the normal consensus process. > Please reply on this thread with expressions of support or opposition, > preferably with comments, regarding accepting this as a work item. > > Thanks, > Kind Regards > Kepeng (ACE co-chair) > > [1] https://datatracker.ietf.org/doc/draft-somaraju-ace-multicast/ > > > > _______________________________________________ > Ace mailing list > Ace@ietf.org > https://www.ietf.org/mailman/listinfo/ace --------------7319A86E51B283531E10EFB6 Content-Type: text/html; charset=windows-1252 Content-Transfer-Encoding: 8bit
On 3/6/2017 8:55 PM, Jim Schaad wrote:

After thinking about this for a long time, I will reluctantly state a position.

 

I do not believe that the WG should adopt this document at least until such a time as a version has been released which does a substantially better job of restricting the scope of the problem to be solved.  If the WG then decides to relax that scope so be it.

 

Jim

 


I also cannot support the adoption of this document.  After listening to the arguments about latency and cost and hearing assurances that the protocol could be restricted to limit the impact of symmetric key multicast for control, I spent another few days with the document and I don't see how that  (restrictions) would be possible.

I support the adoption of an asymmetric key multicast solution for IOT control.  I cannot support any version, including this one, of a symmetric key multicast control system.

As I've noted before, this  proposal and document are based on a highly constrained, and as far as I can tell somewhat unique, set of limitations related to cost and latency (e.g. lighting control systems).  Let me reiterate that I believe the small subset of folk that are dealing in this space should instead generate an informational "Here's how we do it" RFC rather than attempt to place this proposal on the standards track.

With respect to Peter and Elliot's +1s on adoption, yes we could use a multicast based control system, and no, a symmetric key multicast system does not have the characteristics needed for secure control.

Lastly, the latency requirement argues, or perhaps screams that this would be better handled at the L2 link layer rather than an IP based system.  Simply IP routing the packet in an IOT system could consume most of the 250ms that the lighting folk argue is the maximum acceptable latency from throwing the switch until the lights go on.  The argument about multiple technologies mostly doesn't hold water (e.g. you could use a consistent framing inside the various bearer RF and hard link link-layer standards).

Mike

 

From: Ace [mailto:ace-bounces@ietf.org] On Behalf Of Kepeng Li
Sent: Thursday, February 23, 2017 1:48 AM
To: Ace@ietf.org
Cc: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>; Hannes Tschofenig <hannes.tschofenig@gmx.net>
Subject: [Ace] Call for adoption for draft-somaraju-ace-multicast-02

 

Hello all,

 
This note begins a Call For Adoption for draft-somaraju-ace-multicast-02 [1] to be adopted as an ACE working group item, and added in the charter. The call ends on Mar 7, 2017.

 

Keep in mind that adoption of a document does not mean the document as-is is ready for publication. It is merely acceptance of the document as a starting point for what will be the final product of the ACE working group. The working group is free to make changes to the document according to the normal consensus process.
 
Please reply on this thread with expressions of support or opposition, preferably with comments, regarding accepting this as a work item.

 

Thanks,
 
Kind Regards
Kepeng (ACE co-chair)

 



_______________________________________________
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace


--------------7319A86E51B283531E10EFB6-- From nobody Tue Mar 7 08:46:08 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F5AC12944E for ; Tue, 7 Mar 2017 08:46:07 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.199 X-Spam-Level: X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0TXrttwgylVY for ; Tue, 7 Mar 2017 08:46:05 -0800 (PST) Received: from mailhost.informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4E17F128AB0 for ; Tue, 7 Mar 2017 08:46:05 -0800 (PST) X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de Received: from submithost.informatik.uni-bremen.de (submithost.informatik.uni-bremen.de [134.102.201.11]) by mailhost.informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id v27Gj3sM015249; Tue, 7 Mar 2017 17:45:03 +0100 (CET) Received: from [10.0.1.13] (reingewinn.informatik.uni-bremen.de [134.102.218.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by submithost.informatik.uni-bremen.de (Postfix) with ESMTPSA id 3vd2ZR5GH2zDHm2; Tue, 7 Mar 2017 17:45:03 +0100 (CET) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\)) From: Carsten Bormann In-Reply-To: <07b801d296e5$efa74640$cef5d2c0$@augustcellars.com> Date: Tue, 7 Mar 2017 17:45:03 +0100 X-Mao-Original-Outgoing-Id: 510597903.399003-38e21deb6bfcce15059471d55964195d Content-Transfer-Encoding: quoted-printable Message-Id: References: <07b801d296e5$efa74640$cef5d2c0$@augustcellars.com> To: Jim Schaad X-Mailer: Apple Mail (2.3259) Archived-At: Cc: Kepeng Li , Ace@ietf.org Subject: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2017 16:46:07 -0000 On 7 Mar 2017, at 02:55, Jim Schaad wrote: >=20 > After thinking about this for a long time, I will reluctantly state a = position. > =20 > I do not believe that the WG should adopt this document at least until = such a time as a version has been released which does a substantially = better job of restricting the scope of the problem to be solved. If the = WG then decides to relax that scope so be it. I believe this editorial issue is exactly the kind of thing the WG = process is very good in fixing. So I support adoption at this time; this is not a WGLC. Gr=C3=BC=C3=9Fe, Carsten From nobody Tue Mar 7 09:23:32 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A36951295C1 for ; Tue, 7 Mar 2017 09:23:28 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GJQbsQvMi66m for ; Tue, 7 Mar 2017 09:23:27 -0800 (PST) Received: from mail2.ihtfp.org (mail2.ihtfp.org [IPv6:2001:470:e448:1::3a11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1560D12959B for ; Tue, 7 Mar 2017 09:23:27 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id BB9E6E2044; Tue, 7 Mar 2017 12:23:25 -0500 (EST) Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 10764-01; Tue, 7 Mar 2017 12:23:23 -0500 (EST) Received: from securerf.ihtfp.org (unknown [IPv6:fe80::ea2a:eaff:fe7d:235]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id 99B51E2040; Tue, 7 Mar 2017 12:23:23 -0500 (EST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1488907403; bh=lzzVMuBXAJFJhVqsGRZwJRwyjT/afZ+GzWyQhS+x8mw=; h=From:To:Cc:Subject:References:Date:In-Reply-To; b=nHe/ck9rzq3qZ7ke1YzsStmjgz4FKuDj2uLLYrlsRJ6/niiDHtcovENSGqyA+ue61 35YHjO8QCPpjleupup4wbKA0CeEnXPI/wt3ACmi2yIZ+pnpnIQQD7Rc4EnKsop4eO9 v78LuxYFQHC166zLLPcfOuICft+pssebCkSNAWao= Received: (from warlord@localhost) by securerf.ihtfp.org (8.15.2/8.14.8/Submit) id v27HNKnK018993; Tue, 7 Mar 2017 12:23:20 -0500 From: Derek Atkins To: peter van der Stok References: <07b801d296e5$efa74640$cef5d2c0$@augustcellars.com> Date: Tue, 07 Mar 2017 12:23:20 -0500 In-Reply-To: (peter van der Stok's message of "Tue, 07 Mar 2017 09:33:05 +0100") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Virus-Scanned: Maia Mailguard 1.0.2a Archived-At: Cc: Jim Schaad , 'Kepeng Li' , consultancy@vanderstok.org, Ace@ietf.org Subject: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2017 17:23:28 -0000 Peter, peter van der Stok writes: > After reading Jim's statement, my position is a bit different. > Multicast security is severely needed. > Not making it a WG document augments the risk that the subject is > frozen and no progress is made. > To guarantee progress, adoption seems to me the right way forward. Can you please define what you mean by "Multicast Security"? Are you just looking for Group Confidentiality? Do you want Group Message Integrity without Source Authentication? Do you want Source Authentication? "multicast security" is too generic a term by itself and as others have pointed out depending on which specific security services you're talking about you will get a multitude of (potentially conflicting) requirements. For example, you cannot get source authentication with a shared-key-only solution. I recommend that, before adoption, an explicit set of requirements be defined and inserted into the scope. > Peter > > Jim Schaad schreef op 2017-03-07 02:55: >> After thinking about this for a long time, I will reluctantly state a >> position. >> >> I do not believe that the WG should adopt this document at least until >> such a time as a version has been released which does a substantially >> better job of restricting the scope of the problem to be solved. If >> the WG then decides to relax that scope so be it. >> >> Jim -derek -- Derek Atkins 617-623-3745 derek@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant From nobody Tue Mar 7 11:14:52 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E61B1294A3 for ; Tue, 7 Mar 2017 11:14:51 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.601 X-Spam-Level: X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9HMOETHZmLqq for ; Tue, 7 Mar 2017 11:14:50 -0800 (PST) Received: from mout.gmx.net (mout.gmx.net [212.227.15.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2B09C129483 for ; Tue, 7 Mar 2017 11:14:49 -0800 (PST) Received: from [192.168.91.177] ([80.92.114.23]) by mail.gmx.com (mrgmx002 [212.227.17.190]) with ESMTPSA (Nemesis) id 0M5Lmp-1cLQyd1GqF-00zahk; Tue, 07 Mar 2017 20:13:52 +0100 To: Derek Atkins , peter van der Stok References: <07b801d296e5$efa74640$cef5d2c0$@augustcellars.com> From: Hannes Tschofenig Openpgp: id=071A97A9ECBADCA8E31E678554D9CEEF4D776BC9 Message-ID: <98f7cfd5-de8f-a159-41eb-63d4ecaf7f4d@gmx.net> Date: Tue, 7 Mar 2017 20:13:46 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="xVxEWfrCeTKQ40c5ouo9oarhnBEDKaQl3" X-Provags-ID: V03:K0:uuMvCvPILkCaT7NnDNAWypWZIyq+JlNzfaNTMAVcrfYMz7p5E4x gdceEsr3HF4LTmV2Yx/flKGdiGqtLplJjC1jZYEGSrgyuxCiicGqVbW9TQ3Bw2ObjBXZpp5 Btsu90FA3p9DXij4MGgXP/r07OQWKFESKhNUxXcd0P6VNmtC7dhvFPYG16lAlkERKNwd2rx V4zI0W94W6BmB8ExKdh9A== X-UI-Out-Filterresults: notjunk:1;V01:K0:iVS9B3WIXiA=:pAA5hNpqH9hem3h1KQJNHk wdrhJfny9KiLw+9JB4TAKmoZeROTGgU901Lq61Gwec7YgSq+jN/f7vJcUXU8LHOC/ByFAGxOH AiMp9yapvoTB5bRRtQ56EJqMt5Mx/RtlGUW/vDsZuWje2YGSWvj7U0JentYjLSb+xWpJhl6G6 UNxnq8PiUZFNrE0UL1ZU296x6CA12NTX6e3DQj12UJp4unDhqekT9wcJwrWZWPBx+fPGBZqZ4 ycZNz8d7pE1f92Q2CCqmrIx1NsGaF9e08TBzt++AWIKcQ3ZaRZmPleWMO84eKtmA4v1urvikF tE/wCjvCAxsdX6tqWgxuWLeR1OnfmbuQt2ZPKzUhMYfPOC3Rg3Nn4yPpdGYD5YFB/oSXEBDTE 0HzNG/vKcdWDbyFWW40SiSXJyZ6MiFIzPKZB/9inSHqontfVq+aGRtRrGRsYFntnSSyfygfLv n+5pDyWh5WYL4xVrKQAr1nUT38kHaOYsXdmXx9PsyJ7mCXANlTnMh/5UH3zdVj9mJrtNyNIGn wd2v6HHbOCgU9bS/w0kfvy2GUdIEFvAw7xggoozFkMb3oGWs/uu2dD/yb1cgAqZolKXl1LbvB IGStDSI650yNeXgzIz+3+XuhFsAg0WPKQ3dczzUZIMBWDj31Qte4hTD5IxMIbepFuuzgshYXW UuzPYjvim//AEP2/cEZy83B2d8KoSYjbfOxPqZ2KZejRmKO9jsiR9MeGEN31ks00Un+MiDwee tBqd+kyg6jOPKk4G+75CHNrA6nWeEoxGFXTERchTWZJ/EqcstITeg/syKDM= Archived-At: Cc: Jim Schaad , 'Kepeng Li' , consultancy@vanderstok.org, Ace@ietf.org Subject: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2017 19:14:51 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --xVxEWfrCeTKQ40c5ouo9oarhnBEDKaQl3 Content-Type: multipart/mixed; boundary="ecNj9fmANBRO6g3M92nsLew5pXBFi6S3o"; protected-headers="v1" From: Hannes Tschofenig To: Derek Atkins , peter van der Stok Cc: Jim Schaad , 'Kepeng Li' , consultancy@vanderstok.org, Ace@ietf.org Message-ID: <98f7cfd5-de8f-a159-41eb-63d4ecaf7f4d@gmx.net> Subject: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 References: <07b801d296e5$efa74640$cef5d2c0$@augustcellars.com> In-Reply-To: --ecNj9fmANBRO6g3M92nsLew5pXBFi6S3o Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable Hi Derek we discussed the requirements quite a bit in the group already and the conclusion of the discussion was that we provide two solutions, one based on symmetric keys and the other based on asymmetric keys. The asymmetric key solution provides authentication of the individual sender where the symmetric key solution demonstrates knowledge of the group key. Ciao Hannes On 03/07/2017 06:23 PM, Derek Atkins wrote: > Peter, >=20 > peter van der Stok writes: >=20 >> After reading Jim's statement, my position is a bit different. >> Multicast security is severely needed. >> Not making it a WG document augments the risk that the subject is >> frozen and no progress is made. >> To guarantee progress, adoption seems to me the right way forward. >=20 > Can you please define what you mean by "Multicast Security"? Are you > just looking for Group Confidentiality? Do you want Group Message > Integrity without Source Authentication? Do you want Source > Authentication? "multicast security" is too generic a term by itself > and as others have pointed out depending on which specific security > services you're talking about you will get a multitude of (potentially > conflicting) requirements. For example, you cannot get source > authentication with a shared-key-only solution. >=20 > I recommend that, before adoption, an explicit set of requirements be > defined and inserted into the scope. >=20 >> Peter >> >> Jim Schaad schreef op 2017-03-07 02:55: >>> After thinking about this for a long time, I will reluctantly state a= >>> position. >>> >>> I do not believe that the WG should adopt this document at least unti= l >>> such a time as a version has been released which does a substantially= >>> better job of restricting the scope of the problem to be solved. If >>> the WG then decides to relax that scope so be it. >>> >>> Jim >=20 > -derek >=20 --ecNj9fmANBRO6g3M92nsLew5pXBFi6S3o-- --xVxEWfrCeTKQ40c5ouo9oarhnBEDKaQl3 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: GPGTools - http://gpgtools.org iQEcBAEBCgAGBQJYvwZqAAoJEGhJURNOOiAtDwIIAKAPx8A7n0mFRZyzz8D0eCmt ArPfPipgJACpj4XqpMiVA/D5bosQ3OPjETj81bn1wdrqgkL0trz3zBXddqudb6mI uKzrKpO7KDYiUujHq85o9QYsKaSmGhULHyBxGtgR1wglojSLhazxUKVG1+sXQsRK MFxzGaoNtY55rJG03WmQ2w4X4mdspJMQmUMdcYMMaGQwmo0rTlvdliNpL4+bOV8f tT3x/Z6FoyXgwZ6NzAGEGngEOQzNDv1+cBdrtyftOlMneu1G11mO0v9DIXAvKoNw 9NdfHJG+UHewi3UHkocyz0VtsDxzUquktQxPFPmOhaod/YzDJrnpEaS9CF+bBeg= =P6xu -----END PGP SIGNATURE----- --xVxEWfrCeTKQ40c5ouo9oarhnBEDKaQl3-- From nobody Tue Mar 7 14:25:35 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 83A9F129600 for ; Tue, 7 Mar 2017 14:25:33 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.001 X-Spam-Level: X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=augustcellars.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YChmhq33n5i0 for ; Tue, 7 Mar 2017 14:25:31 -0800 (PST) Received: from mail4.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A5675129536 for ; Tue, 7 Mar 2017 14:25:31 -0800 (PST) Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Language: en-us DKIM-Signature: v=1; a=rsa-sha256; d=augustcellars.com; s=winery; c=simple/simple; t=1488925523; h=from:subject:to:date:message-id; bh=EQdovE59m+9gzVR7LYEfNw7NNKmsMSO6vM3OUK3OuIs=; b=T71JxEVRFinR9I1Qdpsr9vIlz6+4Bp4whXGxUhgiP9O8JQp6BNUudYy6gnqNNMfhPtLzYwLzg4o OEf7zFTBaEX8PlIzLT7FPz/PC7xZwFO0rmxNtDL3NPHyy7+7sXbYwztTOwguQ0wG8GYlI8qeKLV+Y /3j8Jgdx/iaPZxsaMCaw6pgwdApwxOENqzilVLo6rS6U8qENwcRNYdMrjh8NI0mdkifc+PNaG42ZY QOids19SGCNIye2RycyPUhDyRoKKmLJ1nGfz9tqXUOUoNO6G6sk/EF1Vtn6UywoTz3AfaEITi7Ch6 yqhCEpVc2kpT2UDgB3dsDn4AN/RsePYpX+wg== Received: from mail2.augustcellars.com (192.168.1.201) by mail4.augustcellars.com (192.168.1.153) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Tue, 7 Mar 2017 14:25:23 -0800 Received: from hebrews (192.168.1.151) by mail2.augustcellars.com (192.168.1.201) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Tue, 7 Mar 2017 14:23:05 -0800 From: Jim Schaad To: 'Hannes Tschofenig' , 'Derek Atkins' , 'peter van der Stok' References: <07b801d296e5$efa74640$cef5d2c0$@augustcellars.com> <98f7cfd5-de8f-a159-41eb-63d4ecaf7f4d@gmx.net> In-Reply-To: <98f7cfd5-de8f-a159-41eb-63d4ecaf7f4d@gmx.net> Date: Tue, 7 Mar 2017 14:25:17 -0800 Message-ID: <089001d29791$b4b0bf60$1e123e20$@augustcellars.com> MIME-Version: 1.0 X-Mailer: Microsoft Outlook 16.0 Thread-Index: AQFSBgtZF75ik3TUettAxv04sm1uhgMbE+BlAj1HO6ECmYPA8AJGuwBZojlSbOA= X-Originating-IP: [192.168.1.151] Archived-At: Cc: 'Kepeng Li' , consultancy@vanderstok.org, Ace@ietf.org Subject: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2017 22:25:33 -0000 And of course, the asymmetric solution is not the one that is currently in the document. > -----Original Message----- > From: Hannes Tschofenig [mailto:hannes.tschofenig@gmx.net] > Sent: Tuesday, March 7, 2017 11:14 AM > To: Derek Atkins ; peter van der Stok > > Cc: Jim Schaad ; 'Kepeng Li' inc.com>; consultancy@vanderstok.org; Ace@ietf.org > Subject: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 > > Hi Derek > > we discussed the requirements quite a bit in the group already and the > conclusion of the discussion was that we provide two solutions, one based > on symmetric keys and the other based on asymmetric keys. > > The asymmetric key solution provides authentication of the individual sender > where the symmetric key solution demonstrates knowledge of the group > key. > > Ciao > Hannes > > > On 03/07/2017 06:23 PM, Derek Atkins wrote: > > Peter, > > > > peter van der Stok writes: > > > >> After reading Jim's statement, my position is a bit different. > >> Multicast security is severely needed. > >> Not making it a WG document augments the risk that the subject is > >> frozen and no progress is made. > >> To guarantee progress, adoption seems to me the right way forward. > > > > Can you please define what you mean by "Multicast Security"? Are you > > just looking for Group Confidentiality? Do you want Group Message > > Integrity without Source Authentication? Do you want Source > > Authentication? "multicast security" is too generic a term by itself > > and as others have pointed out depending on which specific security > > services you're talking about you will get a multitude of (potentially > > conflicting) requirements. For example, you cannot get source > > authentication with a shared-key-only solution. > > > > I recommend that, before adoption, an explicit set of requirements be > > defined and inserted into the scope. > > > >> Peter > >> > >> Jim Schaad schreef op 2017-03-07 02:55: > >>> After thinking about this for a long time, I will reluctantly state > >>> a position. > >>> > >>> I do not believe that the WG should adopt this document at least > >>> until such a time as a version has been released which does a > >>> substantially better job of restricting the scope of the problem to > >>> be solved. If the WG then decides to relax that scope so be it. > >>> > >>> Jim > > > > -derek > > From nobody Tue Mar 7 14:27:03 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 540B4129630 for ; Tue, 7 Mar 2017 14:27:01 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.001 X-Spam-Level: X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=augustcellars.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id waXP9xtQEeQ3 for ; Tue, 7 Mar 2017 14:26:59 -0800 (PST) Received: from mail4.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8359512962B for ; Tue, 7 Mar 2017 14:26:56 -0800 (PST) Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Language: en-us DKIM-Signature: v=1; a=rsa-sha256; d=augustcellars.com; s=winery; c=simple/simple; t=1488925615; h=from:subject:to:date:message-id; bh=BG/r/hEY9NWxijyalAjuy3M+LFUpktGWNWEsn0kbKuw=; b=G26tiP5Ns5POzktLCd1T0ZOJ4s6/xxw4mqb6PC/5JSuCitYfZrWv53cs/qJxZzX0oAY7QKJOzX4 wRhJ9SViEXbG1EroySVZ5DLoeFJkT5Oc3cu6Hvm9pjWS39Efh9nGzocgWQ0Ov6W65Ckc6WaAysg/Q CuaRn0giq+XYvILGnZyr6D+iwgyOgiVBVCuWNB2yhzvAcwt+qZUf+hRbooKRP8PEalFnLIouuIFS+ 08rvWPug6j8SLsiBiI6NJNSyewo9NjZaJpNKh8122sshKPt/vCIFCzx9bjUiiwWQQ28v090Z8n9al yvQi+vALOLVZ/pFQbm++Geym9OhSDCJI+24Q== Received: from mail2.augustcellars.com (192.168.1.201) by mail4.augustcellars.com (192.168.1.153) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Tue, 7 Mar 2017 14:26:54 -0800 Received: from hebrews (192.168.1.151) by mail2.augustcellars.com (192.168.1.201) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Tue, 7 Mar 2017 14:24:37 -0800 From: Jim Schaad To: References: <07b801d296e5$efa74640$cef5d2c0$@augustcellars.com> In-Reply-To: Date: Tue, 7 Mar 2017 14:26:48 -0800 Message-ID: <089101d29791$eaf6ca60$c0e45f20$@augustcellars.com> MIME-Version: 1.0 X-Mailer: Microsoft Outlook 16.0 Thread-Index: AQFSBgtZF75ik3TUettAxv04sm1uhgMbE+BlAj1HO6GiYFSBEA== X-Originating-IP: [192.168.1.151] Archived-At: Cc: 'Kepeng Li' , Ace@ietf.org Subject: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2017 22:27:01 -0000 It might just take one more update for me to feel happy with this. However, an update of the document has not yet been forth coming since I asked for a couple of different types of things for the security solutions and so forth. I would hope that the authors are not waiting for the outcome of this adoption call as a gating factor to produce such an update. jim > -----Original Message----- > From: peter van der Stok [mailto:stokcons@xs4all.nl] > Sent: Tuesday, March 7, 2017 12:33 AM > To: Jim Schaad > Cc: 'Kepeng Li' ; Ace@ietf.org > Subject: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 > > After reading Jim's statement, my position is a bit different. > Multicast security is severely needed. > Not making it a WG document augments the risk that the subject is frozen > and no progress is made. > To guarantee progress, adoption seems to me the right way forward. > > Peter > > Jim Schaad schreef op 2017-03-07 02:55: > > After thinking about this for a long time, I will reluctantly state a > > position. > > > > I do not believe that the WG should adopt this document at least until > > such a time as a version has been released which does a substantially > > better job of restricting the scope of the problem to be solved. If > > the WG then decides to relax that scope so be it. > > > > Jim > > > > FROM: Ace [mailto:ace-bounces@ietf.org] ON BEHALF OF Kepeng Li > > SENT: Thursday, February 23, 2017 1:48 AM > > TO: Ace@ietf.org > > CC: Kathleen Moriarty ; Hannes > > Tschofenig > > SUBJECT: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 > > > > Hello all, > > > > This note begins a Call For Adoption for > > draft-somaraju-ace-multicast-02 [1] to be adopted as an ACE working > > group item, and added in the charter. The call ends on Mar 7, 2017. > > > > Keep in mind that adoption of a document does not mean the document > > as-is is ready for publication. It is merely acceptance of the > > document as a starting point for what will be the final product of the > > ACE working group. The working group is free to make changes to the > > document according to the normal consensus process. > > > > Please reply on this thread with expressions of support or opposition, > > preferably with comments, regarding accepting this as a work item. > > > > Thanks, > > > > Kind Regards > > > > Kepeng (ACE co-chair) > > > > [1] https://datatracker.ietf.org/doc/draft-somaraju-ace-multicast/ > > _______________________________________________ > > Ace mailing list > > Ace@ietf.org > > https://www.ietf.org/mailman/listinfo/ace From nobody Wed Mar 8 02:37:49 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AFDE2129479 for ; Wed, 8 Mar 2017 02:37:48 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.902 X-Spam-Level: X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=philips.onmicrosoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y3h7vsAcvXdi for ; Wed, 8 Mar 2017 02:37:45 -0800 (PST) Received: from EUR03-DB5-obe.outbound.protection.outlook.com (mail-eopbgr40107.outbound.protection.outlook.com [40.107.4.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 19969129478 for ; Wed, 8 Mar 2017 02:37:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Philips.onmicrosoft.com; s=selector1-philips-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=HoGYdBtDoPyDVOY7kypCDLAA566OgeG8fuDF7LAXtDc=; b=UDwTTgV3+xJZP1RncbSCd6RO4jQFCsftF7i9cO8LuHCtdx0XYMQ+iJoKc3YgNUZ56tLu5WozFaBM/fv9PhPW1muUIpVwjj9KfzxrE7dYbQ0S7lsriSg8U72cGwBhMYfeL/wYXhCFoE0XvEsI3VZX59mjlcwvrsvPyXllgPPf/H4= Received: from DB5P122CA0002.EURP122.PROD.OUTLOOK.COM (129.75.100.208) by HE1P122MB0076.EURP122.PROD.OUTLOOK.COM (129.75.166.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.947.12; Wed, 8 Mar 2017 10:37:42 +0000 Received: from AM1FFO11FD042.protection.gbl (2a01:111:f400:7e00::163) by DB5P122CA0002.outlook.office365.com (2603:10a6:20:2::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.947.12 via Frontend Transport; Wed, 8 Mar 2017 10:37:42 +0000 Authentication-Results: spf=neutral (sender IP is 23.103.228.20) smtp.mailfrom=philips.com; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=philips.com; Received-SPF: Neutral (protection.outlook.com: 23.103.228.20 is neither permitted nor denied by domain of philips.com) Received: from 011-smtp-out.Philips.com (23.103.228.20) by AM1FFO11FD042.mail.protection.outlook.com (10.174.64.231) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.947.7 via Frontend Transport; Wed, 8 Mar 2017 10:37:42 +0000 Received: from DB4PR90MB0108.MGDPHG.emi.philips.com (141.251.117.84) by DB4PR90MB0105.MGDPHG.emi.philips.com (141.251.117.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.933.12; Wed, 8 Mar 2017 10:37:42 +0000 Received: from DB4PR90MB0108.MGDPHG.emi.philips.com ([141.251.117.84]) by DB4PR90MB0108.MGDPHG.emi.philips.com ([141.251.117.84]) with mapi id 15.01.0933.026; Wed, 8 Mar 2017 10:37:41 +0000 From: "Dijk, Esko" To: "ace@ietf.org" Thread-Topic: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 Thread-Index: AdKX9v6CRQBZ1UMJROmzygoKbHGn/Q== Date: Wed, 8 Mar 2017 10:37:41 +0000 Message-ID: <75d1a775cb25464bbfa6d84e2111c71b@DB4PR90MB0108.MGDPHG.emi.philips.com> Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [194.171.252.122] X-MS-Office365-Filtering-Correlation-Id: c09d59b5-7243-4127-3fe0-08d4660f26a4 Content-Type: multipart/alternative; boundary="_000_75d1a775cb25464bbfa6d84e2111c71bDB4PR90MB0108MGDPHGemip_" MIME-Version: 1.0 X-OrganizationHeadersPreserved: DB4PR90MB0105.MGDPHG.emi.philips.com X-EOPAttributedMessage: 0 X-MS-Office365-Filtering-HT: Tenant X-Forefront-Antispam-Report: CIP:23.103.228.20; IPV:CAL; CTRY:; EFV:NLI; SFV:NSPM; SFS:(10019020)(6009001)(39410400002)(39850400002)(39450400003)(39840400002)(39860400002)(2980300002)(85714005)(189002)(199003)(55904004)(374574003)(9170700003)(260700001)(5660300001)(55016002)(66066001)(53936002)(6306002)(110136004)(54896002)(356003)(3846002)(6246003)(6916009)(8936002)(7696004)(38730400002)(6116002)(512954002)(1730700003)(790700001)(81166006)(2351001)(50986999)(24736003)(8676002)(189998001)(102836003)(105586002)(230783001)(54356999)(108616004)(33646002)(229853002)(84326002)(86362001)(7736002)(5640700003)(2906002)(2501003)(2900100001)(106466001); DIR:OUT; SFP:1102; SCL:1; SRVR:HE1P122MB0076; H:011-smtp-out.Philips.com; FPR:; SPF:Neutral; MLV:sfv; MX:1; A:1; LANG:en; X-Microsoft-Exchange-Diagnostics: 1; AM1FFO11FD042; 1:0ruWQBkd1SHhdPRWLTRIxxlihGTUsP5l+CmsDmzwmAUe1K9hzKP7iROKB8AmkFsT8YJ7TcNJE2fVSCbv0F30HYdS7lca5xQemqeVXW2OYH/T5QYdjSwxMpsDLcLKVs2yErNlp5ObPDgUE1wlmUwk3JDwc0soVFLBpGy5HZgVpmbekOocctNWiFq6sIaIarZn6JUoDb9RfVdklj7Wb4XRCz5Tyrk2yV/TRKY0uGdn0vhw1QIrJ+nmvXGlKZ9Sdn1wIqWnynKsikFNdxUxT7oG/7K23gb4mVP1Lp56uwTWONyOnwR1If9oR/skgr7/tPi/PBPnz62fc1vjHae8YhUMfyOyjEnFCOkk+fFxoWbgMmtaTU8Zj9c/f59tOrM7oj1n0Q3MdvTKALC9vcHxarEyuz+oQXYXSSo/sQdQqJCD5MXKP39xY2X7X9WtPZhW93ngisxOUumRmZwVMXB6mtjcdChmuijWr3dyL0F9623na1mvWHRr5zPksOXYD74WxJ/L X-CrossPremisesHeadersPromoted: AM1FFO11FD042.protection.gbl X-CrossPremisesHeadersFiltered: AM1FFO11FD042.protection.gbl X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001);SRVR:HE1P122MB0076; X-Microsoft-Exchange-Diagnostics: 1; HE1P122MB0076; 3:Dr50gEXIQqR2Qp5AHJBkdH/oG5oD6u0mUstJ/mjPNOaxmbjBg/M4LCpCzFiCyBV6pvQGZUy/MtWisVjlu9911KNVXykNLkxUjJsirIbO6IbqrmVTC1nGODx4OBmWyOvmMQADAYvHjFRTfYdHOpP8V0fs0+mVfA/jV1JvL7N3xLnYCRP1GqsFv+Ob6F/5c/4lK8mXPCxTvusr6Fm5+CDlxhv1bv7e7PfgPLCcEOGE3vbNM9DrpSQVh8PhmppyexVoAMoXOvoxRQKY7K1FzdmtjWC7Z+kg5dbPbvMIFBBzo3jkMqpkWPtCg/+vftCG7/Pw9aNM/0y5NAZMrDYAR1/AyzYn9wqyBTm/JjUd5KYil3Y=; 25:Tf6fjGjM6DcW0ayjTE19thlh0MR1JBksHG6+aoE8/OM908gPoQgsj+YZbr0eR2B0fw8wgVW4x0/KsPimri5Mur9zN0FFesOfJPpQkVbojIPfjNEtaVJvk9btt2e4ljC054zZEFDrOgbTFRm2V6d4zy6+HVUoityCppflx+zTCpwK8R/nczaMBYuO3hvL1l13/ddiKcj6BrIeaxqpug2h4l1ODF+R1YBW3mYe8/azFeaHuyvhymIK2qGBjLqaxPmrEH7yreFEJoZu9YVn4GiHW+s4WpAXnN1YIBJo2ozfQQT4yvZV0hGi9S+tgRr/LApgF1I/ZbMDykmMyOxjl4hqyISY6XvqxFOdSDu0wAAF3Q6Z8TBt1DleBN0HmbIOmbZQ19B/yfpY2niCSU511wibkUO1OJVfuIT/xh9Ce5m/7sAhegGesOJ7VxxhodEkaXdt10a/IKoOO+nSK+STDXIe5Q== X-Microsoft-Exchange-Diagnostics: 1; HE1P122MB0076; 31:Rroyo10ZfGGGwvAYTrh00toBr8o8ZNF213y7vxEOEBDcfPenBnBKzIJ5A0Hm2FCUny8ug9nzzCT00OqIvROaem39VUbS91qKLMTojue2WhVCs6rpOUcwx1OTPLHOlIjgXjQUTuCAvXyu6i6y+I3Et3R05aWVP88NS1PdnxLY6NjWo+mhdsWxvvMKttf92HqqFh6NrqU74vPeVjuVWePrr4ddMXjoRrD+2UsBlxpJEE0cKYOpMXQtyldYEiXwUSdTg/nmOJvqyCi8fayK7DQKWw==; 20:yVfK4g7rwsSleNYa2iQ83OB7ivjHKhzXT23+bNZhgOzioHn3wRIHPOho7SnPUAIM5AcSC+rmnVelxGvZ431W3cAr81rcloXGX836rgzE2MMbjQUJ04/ljOkvtb2klLRBrSC5+PdxoIMNjmMRquJEXzZkyV+EE4HlLiC0rimGNXLW7vd/qP9jT9jVXO5bpyaIIM8GL8ndCxSxMRbwl1Sm+JDRVg+zqzvncap9DrTMdnM3sleuD2KE+NVmnqGAZdEmtDS2eECrJ5AKa3W9KyyMghMVStb6bj9JQsOa9ijco0iJXH4kOec9xDdu10PdIXyse9rWgNpGFzU9AwDXC3igoJWWX9c04Q4lEAEXA8bAdV2+PeFQS2GLWLS+iV0XP7+v4sxvtXfN589Lb+GmsSJAM76b+kkQNJd5mnio3j1bfVyrkLTtR7rT/FZBIQBNAgGzMWt5K5VpL9zWdDe2TyhisBaiRMa6cOa+zNYc9IZsOtZU4eqn9YRuAJuBWhjBAPQk X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(21748063052155); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040375)(2401047)(13023025)(13021025)(13013025)(8121501046)(5005006)(10201501046)(3002001)(6055026)(6041248)(20161123558025)(20161123562025)(20161123564025)(20161123560025)(20161123555025)(6072148); SRVR:HE1P122MB0076; BCL:0; PCL:0; RULEID:; SRVR:HE1P122MB0076; X-Microsoft-Exchange-Diagnostics: 1; HE1P122MB0076; 4:yY3bxcp1KQ3PRYxFG/8Ap6L4OM/B9Cvr4/OGizm/74Ww/DvyXxMKxQH/ibGOhHag2dcVmlILV/YcN5k9h6tB7qjOv8PGaes6ePtnJZ9ToYzfn0Mlhgu43trGqTd8jMqFp/g8+r0Xhbvg4tdxk5etEeUaLUyLa7cpmSf7fJVDGNrk61U7nxgo/GwfMmC04bPmt+husRYRc6N8St9BjZ6lPIPjjkbKjKfLcYpCRWJCf1UZa/9IcwCs/de0W4U5zE7QpObuMfYQBzeRcbtRpqAjdFXPwMUYa36JNOdGxz3OF2qUF9nVzK4UUSp686q7bjERfhkaMhokfxGJ9nssx1bjXY2U7cghZPunhz4go8oenzVSqvvQt/7Zm55RhSY7kfpjlH6lNuXhDbTEYdmZIarkLrDihVW1lXKCcB9mL4Vw8LWoRLEEgntDm7dcdfJvYxZNES/I2D9mMNMIWpNX0/ODvwbOu37IbdV4pP6DAjoP+LFm/U86/PR6FeKVSs5R/boQP6DS9BAqbNkFt2aH9aVRUzBqP8tUguFHaUVKJ15bxsiyFrMoYp2jv3Dum9PH8O1kvuyac6mNQdAX7im5oIfET2Ki5NO7BAoKWWuG0I79HvYJZGNhv2Y7wb+ttQc1wt2z/EbUYtZ4QvKNqwARGhWjNX/LLSGiH1E10VFdoahil4WSKc9qGMY+VNkaRI0ESI2dF6g/6ojYSqotVMoY8BWW6A== X-Forefront-PRVS: 02408926C4 X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; HE1P122MB0076; 23:6l4tozixf8aiceZCha/E0ijNmKlyNTaIht7L0vbix?= =?us-ascii?Q?gn57X53XFDxfJPVTe+ggt5D90J5k2ybDkx+F+0zv/di/H7yF6FTNknrWCHlL?= =?us-ascii?Q?9OC8qKo/hiijbiOBoYO79sToRFW+bwpdI/vZYqD0jkd1407zKa/LQbDsnpSA?= =?us-ascii?Q?MIbO87gDRuVOgvgMvHq43AiaEwcUDY+/hGkm4CpAoyBfUAUkis5WkgM8jzWz?= =?us-ascii?Q?EM5SNMnI7w/PM4qwQod9n+M++mRZwfM1dovADTrxfmjKFirBpOuPnj15x33J?= =?us-ascii?Q?dejozCoBlEwTQS4s25VnM+6hUfQlwL8hEfRi13167augoGXXTq/3IR2iWSJD?= =?us-ascii?Q?MPQwATuXK/LlY3mBe3/7jM9MzR3/dOcCyAyGswwdZkl5G/LFM9nC8sVGf1lh?= =?us-ascii?Q?ww36pybc7cftA3N46WIgNynGNAB9fPtZG/lzbVa/IRCBQyMtTEi8XcYgI+fS?= =?us-ascii?Q?xtgZVIFLxNSPGhCSBQf2Z3xlm5S9bYD8Rq2RKrj9bn2EEwkm2e+VF/89Ro64?= =?us-ascii?Q?DpK302WmOjFswGypaqdVmBlyuQQKd6DAXg6TtkwBeuoHiaEfUtzNfzsS36eS?= =?us-ascii?Q?+xo6tNWbuGeWr6xRpPvG3MY9M7xHqcdJvGWg1wXoFDDX+T8UAbkhf8zomxtB?= =?us-ascii?Q?VYVPamN73Cz4Q0MWL4pdFvBBOEtnXnqyJUFja2qnkW+2KFllpfqD2idqWHdz?= =?us-ascii?Q?+aSuFck+W/i+8Bns4HmichKYaXuOx1F41LiVRlk7P4uyrXr/WFqRjf+sKGYg?= =?us-ascii?Q?S29r6IM14ue7bv47wmzusxjULbzHRiCXixPSUN8rLajxq4ol+lZkgxGAP5b1?= =?us-ascii?Q?YK5J7PB9DNCJTPrEcOg7KBI/9M3YKsRnIyxUaEl9H8TTN1FGd8Bvod1JBqjM?= =?us-ascii?Q?qeBZrazONXuMaxX4JB09RlcvkwUvWZwA+3NQ2T1GaA0xiBIvUe8nUuZC9lDt?= =?us-ascii?Q?bEf5rYBnwYcjbgtIipjIMs8Or54oDBKUBPgwvEu3agN20DNgb2B/d6mOGG9a?= =?us-ascii?Q?NeMahh5b3qakq0FVtGnwpn3qF9yBvz7LwWIso0w98eZQs9YT0RtkxkWOS53D?= =?us-ascii?Q?v5WD8aN8HEX+K3yW9qo4iC2kQaXbkGB9j5lHY8SON95ffCddzWB1mYDS2rql?= =?us-ascii?Q?3G01zcAD5+Bwlpxa+dT3bB5wCI/bPHNbDhivwej4EfdOHUZoZw+Evgnr9+FR?= =?us-ascii?Q?Oi4vC1EsK9SleYP2okv7t84iHtvWnyPOGdvaqDx/O5CDZqnh1KqIsx+gEeeh?= =?us-ascii?Q?CxS8suqC/MYwHB6prPdBbRWqr+EIeoBBa5yaontnIiw57phLd4rcvdb9en/H?= =?us-ascii?B?QT09?= X-Microsoft-Exchange-Diagnostics: 1; HE1P122MB0076; 6:KCRcNA6+4Si7Zq0O35XiMZdegrfDZ7vHb6dUeMumBUAOFEbHEYDnm45xl07V1fcHh95Bc2Xj+swxByzGFB7aHO7RGesOQyqxNSQnJCdie06z6Bg0xJze/hzBkytIb+hOdK+GHeaWfjqEHrnGwrTjMEXqnIvM/LFVE49bLqHqylc8AN/wztxCQh90rmW9l/40VQk7gHJTs61DcjCgFptvnqGjLulxJPxP9VSGTjj8L8nOcdrNW0ysAHlTMg1u/pkHlGLWhihl+7iq1RxsaPXxpIXZHn37ItcmeOlZK7kb+tnLXjl7KuNj5X/49P89LTuXKdYXPiJiNzOXGFMfWcD+u5Xc4/xNOgap+veTEwSZ68b2cuEEgAQMYRE9OODtBLKh+LQ0ndnXYF90q9+pQwmQMTkNAqkYjqn6epQRYypslEo=; 5:vx4jZx5fX+Ft7hwkvuS2tTMZFIhQ4MUVJC9nulRcEPvoprihpNGAYGcbwpgzAC72avkVTZSkj3w1mKcuO7dVKrdK//Lx2J6j4lu+7+9jXBczr6L0XHUzXdcK+ITUVC+MoblffW/mnYWzBzB532NI9Q==; 24:+KZqmoEMVM91u+Mr71/fKRKFMFyMRMBh/NjBZMoTneu6vwsRUkP6imHCca4wSwOpg0+F5pp/VRYchn4JTumN6TTcskY4IL1WAlVFht7vBrM= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; HE1P122MB0076; 7:tbo3nwaTbm6ghzZYBb6+GWDRkdJJDFzEeU2Z021dU+03UepR2e8dT+ke7Q7Zitxcvk1GaJyEbsETfL1btUd/HycDz954OupR24quU/HzlnyJM72S0cobbVaNgnXyb0D7GwLDugollLNBl7yFRvw3jnEGPjH9WVSViE3onAJYebU1OwCYNJIwJDMdDwd02SHhTAZ+ytUUsCz5YphfslMpgGT1tD75GFKnptiyl2z+zmjJWluEKKPYyVuncKn+tTjDdDmHlvjPZZAOTF/VK/p+1hr7DG8eyX2UVbOkwKFl9Qd6eUNEyH31qHNuCxkwFxW/jyArlaWUs0NsHaJzEMz4AQ== X-OriginatorOrg: philips.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Mar 2017 10:37:42.4455 (UTC) X-MS-Exchange-CrossTenant-Id: 1a407a2d-7675-4d17-8692-b3ac285306e4 X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=1a407a2d-7675-4d17-8692-b3ac285306e4; Ip=[23.103.228.20]; Helo=[011-smtp-out.Philips.com] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1P122MB0076 X-MS-Exchange-CrossPremises-AuthAs: Internal X-MS-Exchange-CrossPremises-AuthMechanism: 04 X-MS-Exchange-CrossPremises-AuthSource: DB4PR90MB0108.MGDPHG.emi.philips.com X-MS-Exchange-CrossPremises-SCL: 1 X-MS-Exchange-CrossPremises-messagesource: StoreDriver X-MS-Exchange-CrossPremises-BCC: X-MS-Exchange-CrossPremises-originalclientipaddress: 194.171.252.122 X-MS-Exchange-CrossPremises-disclaimer-hash: 7fd5309d68bb4378c576a4d2c2ad972d336f5eb0475879c2a0b14da1aac98972 X-MS-Exchange-CrossPremises-processed-by-journaling: Journal Agent X-MS-Exchange-CrossPremises-AVStamp-Service: 1.0 X-MS-Exchange-CrossPremises-Antispam-ScanContext: DIR:Originating; SFV:NSPM; SKIP:0; X-OrganizationHeadersPreserved: HE1P122MB0076.EURP122.PROD.OUTLOOK.COM Archived-At: Subject: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2017 10:37:48 -0000 --_000_75d1a775cb25464bbfa6d84e2111c71bDB4PR90MB0108MGDPHGemip_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hello Kepeng, all, I support the adoption of draft-somaraju-ace-multicast-02 as an ACE working= group draft. There was some discussion whether the scope and requirements are clear enou= gh. Perhaps adding dedicated "scope" and "requirements" sections early in t= he draft could help to address this? Currently this information is rather s= cattered over the various sections. best regards Esko Dijk ________________________________ The information contained in this message may be confidential and legally p= rotected under applicable law. The message is intended solely for the addre= ssee(s). If you are not the intended recipient, you are hereby notified tha= t any use, forwarding, dissemination, or reproduction of this message is st= rictly prohibited and may be unlawful. If you are not the intended recipien= t, please contact the sender by return e-mail and destroy all copies of the= original message. --_000_75d1a775cb25464bbfa6d84e2111c71bDB4PR90MB0108MGDPHGemip_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hello Kepeng, all,

 

I support the adoption of draft-somaraju-ace-multica= st-02 as an ACE working group draft.

There was some discussion whether the scope and requ= irements are clear enough. Perhaps adding dedicated "scope" and &= quot;requirements" sections early in the draft could help to address t= his? Currently this information is rather scattered over the various sections.

 

best regards

Esko Dijk


The information contained in= this message may be confidential and legally protected under applicable la= w. The message is intended solely for the addressee(s). If you are not the = intended recipient, you are hereby notified that any use, forwarding, dissemination, or reproduction of this message i= s strictly prohibited and may be unlawful. If you are not the intended reci= pient, please contact the sender by return e-mail and destroy all copies of= the original message.
 --_000_75d1a775cb25464bbfa6d84e2111c71bDB4PR90MB0108MGDPHGemip_-- From nobody Wed Mar 8 09:23:18 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A35B9129713 for ; Wed, 8 Mar 2017 09:23:17 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.901 X-Spam-Level: X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=osram.onmicrosoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L_9gPODT3K95 for ; Wed, 8 Mar 2017 09:23:14 -0800 (PST) Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-db5eur01on0061.outbound.protection.outlook.com [104.47.2.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3BF13129712 for ; Wed, 8 Mar 2017 09:23:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=osram.onmicrosoft.com; s=selector1-osram-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=H9uZvWoMkmlCib+ufs3KgTzBekWShEy6QKfdRvQbADg=; b=bC7lNLMlPVufLps46eLjdWZpDDXgMWdtmu9SRHlDtSmYuWsBTEGm29Ybg/Y4PaVsu/hB0PYvzJh7ypwYkpP+XrCInMUkkHUzy7Z8Cmfw2SnwnWZWVHlTh8i/fQlx7X0H3N+MAlmBSTQRAlLGFnkwFp7iJmovm4KooUpc22Mk83Q= Received: from HE1PR07MB1657.eurprd07.prod.outlook.com (10.166.124.135) by HE1PR07MB1658.eurprd07.prod.outlook.com (10.166.124.136) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.961.8; Wed, 8 Mar 2017 17:23:11 +0000 Received: from HE1PR07MB1657.eurprd07.prod.outlook.com ([10.166.124.135]) by HE1PR07MB1657.eurprd07.prod.outlook.com ([10.166.124.135]) with mapi id 15.01.0961.014; Wed, 8 Mar 2017 17:23:10 +0000 From: "Beck, Stefan" To: "Dijk, Esko" , "ace@ietf.org" Thread-Topic: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 Thread-Index: AdKX9v6CRQBZ1UMJROmzygoKbHGn/QAOZTnw Date: Wed, 8 Mar 2017 17:23:10 +0000 Message-ID: References: <75d1a775cb25464bbfa6d84e2111c71b@DB4PR90MB0108.MGDPHG.emi.philips.com> In-Reply-To: <75d1a775cb25464bbfa6d84e2111c71b@DB4PR90MB0108.MGDPHG.emi.philips.com> Accept-Language: en-US Content-Language: de-DE X-MS-Has-Attach: yes X-MS-TNEF-Correlator: authentication-results: philips.com; dkim=none (message not signed) header.d=none;philips.com; dmarc=none action=none header.from=osram.com; x-originating-ip: [32.66.115.43] x-ms-office365-filtering-correlation-id: 100811a3-53b2-4df7-a9e5-08d46647cb87 x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001);SRVR:HE1PR07MB1658; x-microsoft-exchange-diagnostics: 1; HE1PR07MB1658; 7:zRtb2boshY6KBKGzkMTpBDXsKvQy9FuM8A0J1dIHdMh1rYiWFMBvndhwC+wlrL8NNcAKtaj0vJRb4piZuigRvsEQC/fxBn4y7sWuxm17WlOauB/9OyAjgXcxetBPSPMdO0B4LkOBPE2/kxy8nHAP/o94VoCJTDpuMcSwXoKvvC4Xpkb6VENlJo3KOufKGsiGf6HHhG4ttX+sfWSavw9peZCfmguajPP8lF1uQX7Zg2XQKOQIuERcQzTeWDgz20SHlKQxsRpoeWHw+Ysth5WK2igB+N025RnbPqoL/RNuHuplMmvdhglNlZm+BbMaVTkqr7731ve2j9gF2m7kCo31jQ== x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(21748063052155); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(102415395)(6040375)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001)(6041248)(20161123555025)(20161123562025)(20161123564025)(20161123558025)(20161123560025)(6072148); SRVR:HE1PR07MB1658; BCL:0; PCL:0; RULEID:; SRVR:HE1PR07MB1658; x-forefront-prvs: 02408926C4 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(39450400003)(374574003)(85714005)(377454003)(2900100001)(6116002)(86362001)(790700001)(102836003)(2906002)(3280700002)(3846002)(50986999)(76176999)(6436002)(99286003)(25786008)(3660700001)(55016002)(9686003)(229853002)(189998001)(54896002)(6306002)(77096006)(6506006)(81166006)(8936002)(7736002)(7696004)(99936001)(53546006)(38730400002)(54356999)(74316002)(66066001)(5660300001)(230783001)(122556002)(53936002)(6246003)(2950100002)(33656002)(8676002)(19627235001); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR07MB1658; H:HE1PR07MB1657.eurprd07.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_NextPart_000_00C3_01D29839.09B3ECB0" MIME-Version: 1.0 X-OriginatorOrg: Osram.com X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Mar 2017 17:23:10.7740 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: ec1ca250-c234-4d56-a76b-7dfb9eee0c46 X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB1658 Archived-At: Subject: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2017 17:23:18 -0000 ------=_NextPart_000_00C3_01D29839.09B3ECB0 Content-Type: multipart/alternative; boundary="----=_NextPart_001_00C4_01D29839.09B3ECB0" ------=_NextPart_001_00C4_01D29839.09B3ECB0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit +1 Stevie Beck From: Ace [mailto:ace-bounces@ietf.org] On Behalf Of Dijk, Esko Sent: Wednesday, March 08, 2017 11:38 AM To: ace@ietf.org Subject: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 Hello Kepeng, all, I support the adoption of draft-somaraju-ace-multicast-02 as an ACE working group draft. There was some discussion whether the scope and requirements are clear enough. Perhaps adding dedicated "scope" and "requirements" sections early in the draft could help to address this? Currently this information is rather scattered over the various sections. best regards Esko Dijk _____ The information contained in this message may be confidential and legally protected under applicable law. The message is intended solely for the addressee(s). If you are not the intended recipient, you are hereby notified that any use, forwarding, dissemination, or reproduction of this message is strictly prohibited and may be unlawful. If you are not the intended recipient, please contact the sender by return e-mail and destroy all copies of the original message. ------=_NextPart_001_00C4_01D29839.09B3ECB0 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

+1

 

Stevie = Beck

 

From: Ace [mailto:ace-bounces@ietf.org] On Behalf Of Dijk, = Esko
Sent: Wednesday, March 08, 2017 11:38 AM
To: = ace@ietf.org
Subject: Re: [Ace] Call for adoption for = draft-somaraju-ace-multicast-02

 

Hello = Kepeng, all,

 

I support the adoption of = draft-somaraju-ace-multicast-02 as an ACE working group draft. =

There was some discussion whether = the scope and requirements are clear enough. Perhaps adding dedicated = "scope" and "requirements" sections early in the = draft could help to address this? Currently this information is rather = scattered over the various sections.

 

best = regards

Esko Dijk

 

The = information contained in this message may be confidential and legally = protected under applicable law. The message is intended solely for the = addressee(s). If you are not the intended recipient, you are hereby = notified that any use, forwarding, dissemination, or reproduction of = this message is strictly prohibited and may be unlawful. If you are not = the intended recipient, please contact the sender by return e-mail and = destroy all copies of the original message.

------=_NextPart_001_00C4_01D29839.09B3ECB0-- ------=_NextPart_000_00C3_01D29839.09B3ECB0 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIITQDCCBZcw ggN/oAMCAQICEH2N5rAAeSCGTQvIxSt6cDswDQYJKoZIhvcNAQELBQAwZDETMBEGCgmSJomT8ixk ARkWA2NvbTEbMBkGCgmSJomT8ixkARkWC29zcmFtLWxpZ2h0MRMwEQYKCZImiZPyLGQBGRYDaW50 MRswGQYDVQQDDBJPU1JBTSBSb290IENBIDIwMTUwHhcNMTUwOTE3MDk0NzMyWhcNNDAwOTE3MDk1 NzI2WjBkMRMwEQYKCZImiZPyLGQBGRYDY29tMRswGQYKCZImiZPyLGQBGRYLb3NyYW0tbGlnaHQx EzARBgoJkiaJk/IsZAEZFgNpbnQxGzAZBgNVBAMMEk9TUkFNIFJvb3QgQ0EgMjAxNTCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBAMPOLdsM1I8Fll2DJ5A01Y53Cbq88OH6/ZocCMhm+9Ro Ce4RHnIB+WKi8+4fTUYU3DjwgXiI3tH6YG9j9o3ahkepcaRx1arkNJCfGs8UKbHQnxVM9n5Sv3lp Qm/OyE+qwl8sA77nVvrmAiYDIXdlJajITmqMBiSS5TfS7YO7knMLOv5bzd4ihUizsNGgVIvPyowz NpsA/yYzIJJhSYCdSc9Aji5MDF4fscYaffpdaM3VoZ4gdZiVgcYrnUVR4oFsNkoja6MV3Vk9o5py 8I6ff5Dhc6ZStrjYG1Q9iIIawvvi4e4A6ISRmxw3QBUZtlvBiC8Z2g/XVJnwz91RKIT1lQPbb2Cw 88E1nRVfF1txiVbQXw+TjNnyIVcxZS/p34yHXS9/gmPVXBUx3SYqAMI9vk/mqvkDGPAkIrpILTQT XcxkJVwQukR7mSpRw4bx0bg4mxH1x6tr4HqZe5hFtQTs+VckNiXLF5xFbOjFuck5UBRbW8J3ENCA ohtR/OdOAKFrS7Y5uPLA5ENMt+Ee2LeaEmwUIIioYZuToXngaimCg6m9aIGv9ytMUgnF3+9CRsKr drVw6Er2eKnGOXyBaMOkR14loeFISsA9UL85Ib80MHLZd8t0rkIpThZSKMMS/eKpGyZMv9HLYrVZ 1TssyD8pvu4yzrHGtrtehXu2JfRm+gzdAgMBAAGjRTBDMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMB Af8ECDAGAQH/AgECMB0GA1UdDgQWBBRBffSxSuh0TnMOw0EPaZQm3UsWYTANBgkqhkiG9w0BAQsF AAOCAgEAoHwKO+Sh72eofY0BSZ+h+ajR9K7PJnwrLV557s4Id1EIvfMU8geELns5FsKOcAg9ipnv PPt0EVFFGulfyKRa0OPLvz7ofpEF0Bs8LVdAbqtImf9YGAmFtf7zIEdKmtDhGdKNabwt0QbVKOEs IzbQCeKXdFQ6/s0c+aSO/I1wLOekihbY1PY0IzNzDBfIbzDdFgcQfVc+kSlV2sSKjrqpG9qGvvwL VCWSCGFC/nAkb4g4PXhmOEIfo04vaibNHYFyl4ltZiWph/mism4MM1bAvPtZM8fFc1J6Sgkir7vD XQOCpQrxFYAKTqOIhAGn0hY/AY7198X5Jeh/tCUjatDz7AHuhdBTPC+XeGMyzvj7fkVwTv3TazEo u6jpmn6b2QY+0GdVytR4R0KFFIjGvxmOH4gg7pfOwplpjzE3K11CHGsEXQwAZNPnhj/EXEqSdx3g dUX77plIcnE8TwXxoY+aa9p1JfAmKVLT3vZbT8YDm83RkN7vcyGW/NBDq2OyihORutQxuy9PpYaM Txnzp9M620XFwKJbU3D0vYvHOgYFKQy71hgn/AX3KnQ+MXgiRCy5phiSTOTc8SZzuijBV2X30hX+ NAd3M4dQq4/VnK/Zop0LYornrFK79re2RLDqm1NP/k9yAOCc0WR7lQOhFW3R0JgFSmRSMsR4PWGg afjpMSgwggZ1MIIEXaADAgECAhMYAADE1BvnBAMoNJsjAAAAAMTUMA0GCSqGSIb3DQEBCwUAMGcx EzARBgoJkiaJk/IsZAEZFgNjb20xGzAZBgoJkiaJk/IsZAEZFgtvc3JhbS1saWdodDETMBEGCgmS JomT8ixkARkWA2ludDEeMBwGA1UEAwwVT1NSQU0gSXNzdWluZyBDQSAyMDE1MB4XDTE2MTEwMzE1 NTYxMVoXDTIxMTEwMjE1NTYxMVowcjELMAkGA1UEBhMCREUxDjAMBgNVBAoMBU9TUkFNMRwwGgYD VQQLDBNPU1JBTSBHbWJILCBHZXJtYW55MRQwEgYDVQQDDAtTdGVmYW4gQmVjazEfMB0GCSqGSIb3 DQEJARYQUy5CZWNrQG9zcmFtLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKht x104jKLZgCEyi4IKs7QjFm+csCMA3g4nYkhYmv5yK4Jtw6pixicOV4KUypkejZhbWmU+vyD3iY/0 aZ+uvwyNl90CA8fWmKdC1sF7xs7MtYvaQOycf47BTkqAdlOep9iTKxKpEW9B9LchU2iBUdhdQUsy jYrvq3MzPGw5ERW9dSwsXf4M5l3pDmlfPgCAYmEdRop4eUshqh87cr8AfzTm4XEcR7pG6lOgTkFa kZAltl6U3+VHQ2PQj6pw5VRHuaqPunZVFJL8e8kNErDgPkRnY2t12qNIbvxiSri3gSDHlOJJ/kND HHzI2+yOEA70nFfFG0tY6DcXwm8qWmT6uMECAwEAAaOCAg0wggIJMAsGA1UdDwQEAwIF4DA9Bgkr BgEEAYI3FQcEMDAuBiYrBgEEAYI3FQiCuLoUhdG3QIS5iTOG7K5ahOeweYENxscDgoHuRQIBZAIB CDBEBgkqhkiG9w0BCQ8ENzA1MA4GCCqGSIb3DQMCAgIAgDAOBggqhkiG9w0DBAICAIAwBwYFKw4D AgcwCgYIKoZIhvcNAwcwHQYDVR0OBBYEFKLokmPgby7PzMPWwS913WLd8w7yMB8GA1UdIwQYMBaA FAd1EUQRun6PdD2R16jhaq0s694uMF8GA1UdHwRYMFYwVKBSoFCGTmh0dHA6Ly9wa2kub3NyYW0t bGlnaHQuY29tL09TUkFNLUlTU1VJTkctQ0EtMjAxNS9DUkwvT1NSQU0tSVNTVUlORy1DQS0yMDE1 LmNybDBrBggrBgEFBQcBAQRfMF0wWwYIKwYBBQUHMAKGT2h0dHA6Ly9wa2kub3NyYW0tbGlnaHQu Y29tL09TUkFNLUlTU1VJTkctQ0EtMjAxNS9DZXJ0L09TUkFNLUlTU1VJTkctQ0EtMjAxNS5jcnQw HwYDVR0lBBgwFgYIKwYBBQUHAwQGCisGAQQBgjcKAwQwKQYJKwYBBAGCNxUKBBwwGjAKBggrBgEF BQcDBDAMBgorBgEEAYI3CgMEMBsGA1UdEQQUMBKBEFMuQmVja0Bvc3JhbS5jb20wDQYJKoZIhvcN AQELBQADggIBAAeoZQyM9u1NEpKRRDYMydLJ1wa1Y1m7rDfp5CPp0uni4qS5iXReWgIEzkhNCV5E oC0DosSOqnh2BkAkX+khNPuhLjjM/ApbFIqnnY+RD+xz3fxjx584TFmBugWHvKycYyD5NWhtD6Ej mWv6tUsxjYCv652LruxCdGJDbsaaEKP28te5dwMLD9wqSrBVU6ftbuzb9rL7IatpcBPCDkuCXSSQ lnAefbP2Y73wm1/+tbP/FxgyQjZUFR5qbXl2fMyynsrqLr3c6K7VxZs8+psbd+PiOlQnXcfGGCWR cZxr0cUZP/O861rFlE8s1OpxN5XI2pQIAzJx2toIsmHdk6hOY7t/2lYaMtqQLl2+cd2RoUMijM+1 Yi+v2WwuErdZzmgjTKht8rinng7GAuiSIQB489J4FgOEBWYne8zrl7jyuU9RYcYN9Nc5IZhK2Nfg 0xDh4tWeMWIuCg8f9ubeHOekdrg01cazDavxjaftQ25+2J5EwAWxc4ZPivOD9bkiYknSfg2iih2Y iRxUXqVq0q+qCfVDeys+MSFcu/WetN2ibvouzr+q4Aw+71j6M7FaWWpRz5FFKz40O/wAzoR2WB7u gGuT4RlAb7Yr8zM8TRpHKmrOSi19o/5qbGrPOX3u/B9UjK3LvR0n7TO6J9q0qxKveWlu6cofPQRd 2UVQoaNLB90mMIIHKDCCBRCgAwIBAgITWAAAAAXTK7hm1i4tGAAAAAAABTANBgkqhkiG9w0BAQsF ADBkMRMwEQYKCZImiZPyLGQBGRYDY29tMRswGQYKCZImiZPyLGQBGRYLb3NyYW0tbGlnaHQxEzAR BgoJkiaJk/IsZAEZFgNpbnQxGzAZBgNVBAMMEk9TUkFNIFJvb3QgQ0EgMjAxNTAeFw0xNTA5MzAx MjM2MTdaFw0yNzA5MzAxMjQ2MTdaMGcxEzARBgoJkiaJk/IsZAEZFgNjb20xGzAZBgoJkiaJk/Is ZAEZFgtvc3JhbS1saWdodDETMBEGCgmSJomT8ixkARkWA2ludDEeMBwGA1UEAwwVT1NSQU0gSXNz dWluZyBDQSAyMDE1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvbRnffh0KvDggawO /LfHMVmHl1fTbjzZQRjbbdUG6aKwTGeIpg7M4RXUIObssQ7sbSxuu77Vz2OFdSf5vk1fVZn8DFD8 dVB2AsYKPWZmBO+CYOvb2NCNqyLnt2/Mlk74gwTXdBgJsNjDbxs6yIfwn+rdGNt3gDwPeTiX+0Rn Ccj1NclFef00nW4kKFr2kkf+tVXMQx3pS7BQAjyuL+coQmOD5vIM+qU4dGy9ndYExTMTOPbDQaAO lx/vPXUSS1FvMJtKz//ODt/yew5RL55ZKuh6Mi7TvGTYcSH989NlXjYIYGQ0/5zfukj6CcscjInX 9W4U6NFvZL8YoVR6RLQkOTtfYa36t/iw16diSlBVeM7wq471fRXpytuGjLVtOl+oGGA7uM1QJ2OH OaXKzb6S28h8/W2urmHWMnSsBioznyio28I1PzyiwQeSe1NuMRobL0wSOTL/wljsxEkapvn4u3oW +SQCNyvXyigIYh+OaKNWFj62GclxPzoWkeT6FD6a6GS6geNyAF04N8fA/P1G/sSSCUcNdLodeEQz 17uSvIxKIFb0t7TgM40vgfwW929cv8hSoEfYQykeuPWPRc8nYkb9y6FSqpWxkXCFZRcVr826I7HY 3c2cfjFytMx4eyE5NzLV8n8jbEG0oM8c1SO1ojT4eQUgJgR2dE0OM6iJi6cCAwEAAaOCAc4wggHK MAsGA1UdDwQEAwIBhjAdBgNVHQ4EFgQUB3URRBG6fo90PZHXqOFqrSzr3i4wgaQGA1UdIASBnDCB mTCBlgYdKwYBBAGCNxUIgri6FIXRt0CEuYkzhuyuWoTnsHkwdTA8BggrBgEFBQcCAjAwHi4ATABl AGcAYQBsACAAcABvAGwAaQBjAHkAIABzAHQAYQB0AGUAbQBlAG4AdAAuMDUGCCsGAQUFBwIBFilo dHRwOi8vcGtpLm9zcmFtLWxpZ2h0LmNvbS9DUFMvaW5kZXguaHRtADASBgNVHRMBAf8ECDAGAQH/ AgEBMB8GA1UdIwQYMBaAFEF99LFK6HROcw7DQQ9plCbdSxZhMFkGA1UdHwRSMFAwTqBMoEqGSGh0 dHA6Ly9wa2kub3NyYW0tbGlnaHQuY29tL09TUkFNLVJvb3QtQ0EtMjAxNS9DUkwvT1NSQU0tUm9v dC1DQS0yMDE1LmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSWh0dHA6Ly9wa2kub3Ny YW0tbGlnaHQuY29tL09TUkFNLVJvb3QtQ0EtMjAxNS9DZXJ0L09TUkFNLVJvb3QtQ0EtMjAxNS5j cnQwDQYJKoZIhvcNAQELBQADggIBACnQrysmPX41U+j/Q33kIHIGxFU0aYS0qrBmzGGGGNamqD8H 2SGy8LdCVcGeecE3XlKzZe+AnTTa1ejhHvhMJc8tHCgMLyvdSxKjJ69Rp75AaknxX15AwuFMkqLQ O+itE0PV6f3QHVdYevo2asZ3UgaQGOBFEo782qiNBDHawzuuXpXUTo4gWntTieXICIXWEenOgin1 901aoM0qzHTd8CXHdN8W7UNOE/6eCH02LofORiL2OzOAaz6aduK76KIEn3Fb2fbFAwKVIgTbvflA 9AWliukXYOSTGg9NXOyUVAE+ti4s720bYAJNrHTSbxbVpkDaWyZOhL/MsDAl3Q5/tMBbykhIy1pA 0zg5Q0QVr7B57x2Yo62nbduruNAnA0t+Q6DOrIRudaboAEeIXsQzVuUKd11o9mDOcVuetRxoS7lN 33zC3IHQajDFs8UHt4z6Cjj3EGttiS+ApUyDztgThD8bq7JSiAcFuXXD7zKmWN4TR6hKqTr9YGqA qhx/Dh7yYGUIOGAQi/EM0X1Ak73R45BopSyUm6oVj9i+w3SVvW66GxHbSUHqj8hA5Mokb9/ZC4Hn r/8CTC6MyfFJgksnMLEnhQOpCCaOzKtJ7UMnSeJHYHQUiDksIY5d3Y2T7QWDww7U95fMtGfPhqbA cF1qh4o9RYzuFWS6puXo7eRS2O1lMYIDwDCCA7wCAQEwfjBnMRMwEQYKCZImiZPyLGQBGRYDY29t MRswGQYKCZImiZPyLGQBGRYLb3NyYW0tbGlnaHQxEzARBgoJkiaJk/IsZAEZFgNpbnQxHjAcBgNV BAMMFU9TUkFNIElzc3VpbmcgQ0EgMjAxNQITGAAAxNQb5wQDKDSbIwAAAADE1DAJBgUrDgMCGgUA oIICFzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0xNzAzMDgxNzIz MDlaMCMGCSqGSIb3DQEJBDEWBBR+cVQ6jHljTXJRn7LBE4BghdsDvzCBjgYJKwYBBAGCNxAEMYGA MH4wZzETMBEGCgmSJomT8ixkARkWA2NvbTEbMBkGCgmSJomT8ixkARkWC29zcmFtLWxpZ2h0MRMw EQYKCZImiZPyLGQBGRYDaW50MR4wHAYDVQQDDBVPU1JBTSBJc3N1aW5nIENBIDIwMTUCExgAAMTU G+cEAyg0myMAAAAAxNQwgZAGCyqGSIb3DQEJEAILMYGAoH4wZzETMBEGCgmSJomT8ixkARkWA2Nv bTEbMBkGCgmSJomT8ixkARkWC29zcmFtLWxpZ2h0MRMwEQYKCZImiZPyLGQBGRYDaW50MR4wHAYD VQQDDBVPU1JBTSBJc3N1aW5nIENBIDIwMTUCExgAAMTUG+cEAyg0myMAAAAAxNQwgZMGCSqGSIb3 DQEJDzGBhTCBgjALBglghkgBZQMEASowCwYJYIZIAWUDBAEWMAoGCCqGSIb3DQMHMAsGCWCGSAFl AwQBAjAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAhowCwYJYIZIAWUDBAID MAsGCWCGSAFlAwQCAjALBglghkgBZQMEAgEwDQYJKoZIhvcNAQEBBQAEggEAaniktvN/0a8ln4xE J31MjKjZdgcMIt4T+ktIZx23R++7YWkO1Bf4SOsQjQNtiJMHUXbzkJeVuZEbH5928Y9qNyeYjHzY +jKhQmP3XekJTne0ndayuRmNSpS/vy7nzuntt1xKb0DXTCsVWVGez2f+G4Ti/z290QRBgq3aOZv1 rBUSZSa3ZIinH97d2QxJFO3Q9EpvZn6OzgRWyZv6XYj2lMqboMy7/xCZ18d95/3Q0yykpUUgJTs0 5XYkSt+YbpaNb0DcEBlMEI3mwcPpFknwEf3P7h93LO5kRwdnSOYaGdOHCPuqPlqMjLG2bPhuX5pa 3KjwrgA8Nz2OUzDAwiJZaQAAAAAAAA== ------=_NextPart_000_00C3_01D29839.09B3ECB0-- From nobody Thu Mar 9 05:45:00 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8512F129611 for ; Thu, 9 Mar 2017 05:44:58 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.62 X-Spam-Level: X-Spam-Status: No, score=-2.62 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0ZH_joWLKpSb for ; Thu, 9 Mar 2017 05:44:56 -0800 (PST) Received: from lb1-smtp-cloud2.xs4all.net (lb1-smtp-cloud2.xs4all.net [194.109.24.21]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C419312941A for ; Thu, 9 Mar 2017 05:44:55 -0800 (PST) Received: from webmail.xs4all.nl ([194.109.20.200]) by smtp-cloud2.xs4all.net with ESMTP id tpku1u0014K0fSy01pku7w; Thu, 09 Mar 2017 14:44:54 +0100 Received: from 2001:983:a264:1:8562:6a83:d41:d7ce by webmail.xs4all.nl with HTTP (HTTP/1.1 POST); Thu, 09 Mar 2017 14:44:54 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Thu, 09 Mar 2017 14:44:54 +0100 From: peter van der Stok To: ace@ietf.org Organization: vanderstok consultancy Mail-Reply-To: consultancy@vanderstok.org In-Reply-To: <148906690815.5852.18109423432053476440.idtracker@ietfa.amsl.com> References: <148906690815.5852.18109423432053476440.idtracker@ietfa.amsl.com> Message-ID: X-Sender: stokcons@xs4all.nl User-Agent: XS4ALL Webmail Archived-At: Subject: [Ace] Fwd: New Version Notification for draft-vanderstok-ace-coap-est-01.txt X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list Reply-To: consultancy@vanderstok.org List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Mar 2017 13:44:58 -0000 Hi Ace, This is a new version based on improved insight and comments we received since presentation of the problem during the Seoul ACE meeting. Looking forward to your comments, Peter A new version of I-D, draft-vanderstok-ace-coap-est-01.txt has been successfully submitted by Peter van der Stok and posted to the IETF repository. Name: draft-vanderstok-ace-coap-est Revision: 01 Title: EST over secure CoAP (EST-coaps) Document date: 2017-03-09 Group: Individual Submission Pages: 25 URL: https://www.ietf.org/internet-drafts/draft-vanderstok-ace-coap-est-01.txt Status: https://datatracker.ietf.org/doc/draft-vanderstok-ace-coap-est/ Htmlized: https://tools.ietf.org/html/draft-vanderstok-ace-coap-est-01 Diff: https://www.ietf.org/rfcdiff?url2=draft-vanderstok-ace-coap-est-01 Abstract: Low-resource devices in a Low-power and Lossy Network (LLN) can operate in a mesh network using the IPv6 over Low-power Wireless Personal Area Networks (6LoWPAN) and IEEE 802.15.4 link-layer standards. Provisioning these devices in a secure manner with keys (often called secure bootstrapping) used to encrypt and authenticate messages is the subject of Bootstrapping of Remote Secure Key Infrastructures (BRSKI) [I-D.ietf-anima-bootstrapping-keyinfra] and 6tisch Secure Join [I-D.ietf-6tisch-dtsecurity-secure-join]. Enrollment over Secure Transport (EST) [RFC7030], based on TLS and HTTP, is used in BRSKI. Low-resource devices often use the lightweight Constrained Application Protocol (CoAP) [RFC7252] for message exchanges. This document defines how low-resource devices are expected to use EST over secure CoAP (EST-coaps) for secure bootstrapping and certificate enrollment. 6LoWPAN fragmentation management and minor extensions to CoAP are needed to enable EST- coaps. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat From nobody Fri Mar 10 07:33:03 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D123129639; Fri, 10 Mar 2017 07:33:01 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.902 X-Spam-Level: X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R5qGmbuHMLVN; Fri, 10 Mar 2017 07:32:59 -0800 (PST) Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9D09E12964B; Fri, 10 Mar 2017 07:32:55 -0800 (PST) Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 81EDCE207; Fri, 10 Mar 2017 10:55:43 -0500 (EST) Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 5AA086381A; Fri, 10 Mar 2017 10:32:54 -0500 (EST) From: Michael Richardson To: "Panos Kampanakis \(pkampana\)" In-Reply-To: X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1 X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m Archived-At: Cc: "6tisch@ietf.org" <6tisch@ietf.org>, "anima-bootstrap@ietf.org" , "6tisch-security@ietf.org" <6tisch-security@ietf.org>, "ace@ietf.org" Subject: Re: [Ace] [Anima-bootstrap] EST over CoAP in ACE wg X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list Reply-To: 6tisch-security@ietf.org, anima-bootstrap@ietf.org List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Mar 2017 15:33:01 -0000 --=-=-= Content-Type: text/plain {to reply to an old email with some valid questions, and some questions of my own. I am also clipping the reply-To} Panos Kampanakis (pkampana) wrote: > I am curious about your workflow in > https://www.ietf.org/mail-archive/web/6tisch/current/msg05020.html You > are envisioning for the JCE to initiate the bootstrapping to the > pledge, but wouldn't that better be defined in the > anima-bootstrapping-keyinfra doc? Constrained bootstrap is not really in scope for ANIMA. The general constrained bootstrap situation is too big, but 6tisch constrains the possible solution space, which is why we feel that we can make progress there. So, I want to accomodate constrained bootstrap in anima-bootstrap, but not define it. > About 'simple system that can be used with PSKs as authentication', I > was curious. Did you have TLS-PSK, or TLS-SRP or OSCOAP message auth > with PSK/RPK/Cert? Anything more detail about these usecases? This is being proposed as 6tisch-minimal-security, and it uses OSCOAP and EDHOC. > A nit in " <--- CoAP POST /cert----- [PKCS7 Certificate] ". That > message would require the private key to be included with the cert > since the pledge did not generate it by himself. EST defines CMS for > this message. PKCS12 could suffice here as well with the challenge if > the passphrase provisioning being the problem. I'm not sure I understand this. Why do you say that the pledge did not generate it by himself? I"m assuming that it did so at manufacturing time, and that an IDevID certificate was bound to the public part of the key. -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEbsyLEzg/qUTA43uogItw+93Q3WUFAljCxyMACgkQgItw+93Q 3WXhWwf/UL6gJbmBQNTQWDcOpV94AhybwzKFHvwf16x6SpTkCZaankGezId9jSic sdjLlKoU1j2YTFW2Iyf/JkV1V5cxSrzXIZFdbFAgt5Zh5XapRO4JzRz3A4u09nwc yDwRAgncVutxQOM+7M0rI/5AiJ+UoqvP0tnaB7w9KAmy1o0JEskwl8zctq1RFw0S eglLq7tgbU096kmW/BMvDwK0bq0csq/nKoR+CjMGITGFr/8Dvsl1sAj8JoclfT9f 9n952+sqgoERhd76yK694LFCG+luYq3Y8crwVli/ldjHEK4zDV/M/PBBZpGhLAYL bvasuIKq1UHCRs44itQ9lX9l6NHjVQ== =QofY -----END PGP SIGNATURE----- --=-=-=-- From nobody Mon Mar 13 01:58:33 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 77D1B128AB0 for ; Mon, 13 Mar 2017 01:58:33 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.221 X-Spam-Level: X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ea4O9Qyg90Sh for ; Mon, 13 Mar 2017 01:58:31 -0700 (PDT) Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F2C4F127ABE for ; Mon, 13 Mar 2017 01:58:30 -0700 (PDT) Received: from 172.18.7.190 (EHLO LHREML711-CAH.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DCR70632; Mon, 13 Mar 2017 08:58:28 +0000 (GMT) Received: from DGGEMA401-HUB.china.huawei.com (10.3.20.42) by LHREML711-CAH.china.huawei.com (10.201.108.34) with Microsoft SMTP Server (TLS) id 14.3.301.0; Mon, 13 Mar 2017 08:57:38 +0000 Received: from DGGEMA505-MBS.china.huawei.com ([169.254.4.26]) by DGGEMA401-HUB.china.huawei.com ([10.3.20.42]) with mapi id 14.03.0301.000; Mon, 13 Mar 2017 16:57:27 +0800 From: "Zhujintao (Julian)" To: "ace@ietf.org" Thread-Topic: New Version Notification for draft-zhu-ace-offline-00.txt Thread-Index: AQHSm9I8SZAf9/ztj0SBJR/86hTtHKGScp7A Date: Mon, 13 Mar 2017 08:57:27 +0000 Message-ID: References: <148939302956.17039.2709994558301784875.idtracker@ietfa.amsl.com> In-Reply-To: <148939302956.17039.2709994558301784875.idtracker@ietfa.amsl.com> Accept-Language: zh-CN, en-US Content-Language: zh-CN X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.146.38.66] Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A090205.58C65F35.0039, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.4.26, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 6c0b2e7a255560769450a8f4a1574503 Archived-At: Subject: [Ace] FW: New Version Notification for draft-zhu-ace-offline-00.txt X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Mar 2017 08:58:33 -0000 SGkgYWNlLA0KDQpJIGhhdmUgc3VibWl0dGVkIGEgbmV3IGRyYWZ0IGFib3V0IG9mZmxpbmUgYXV0 aGVudGljYXRpb24gYW5kIGF1dGhvcml6YXRpb24gY2FzZXMuDQpUaGlzIGRyYWZ0IGRpc2N1c3Nl cyBkaXNjb25uZWN0aW9uIGNhc2VzIGJldHdlZW4gKDEpY2xpZW50L0FTLCAoMilSUy9BUyBhbmQg KDMpY2xpZW50L1JTLg0KRGlzY29ubmVjdGlvbiBoYXBwZW5zIGEgbG90IGluIHRoZSBjb25zdHJh aW5lZCBlbnZpcm9ubWVudCBlc3BlY2lhbGx5IHVuZGVyIHRoZSBjZWxsdWxhciBJb1QgbmV0d29y ay4NClRodXMsIEkgdGhpbmsgaXQncyB3b3J0aCBoYXZpbmcgYSBkaXNjdXNzaW9uIG9uIHRoaXMg dG9waWMuDQoNCllvdXIgcmV2aWV3IGFuZCBjb21tZW50cyBhcmUgd2VsY29tZSENCg0KQmVzdCBy ZWdhcmRzLA0KSnVsaWFuDQoNCi0tLS0tT3JpZ2luYWwgTWVzc2FnZS0tLS0tDQpGcm9tOiBpbnRl cm5ldC1kcmFmdHNAaWV0Zi5vcmcgW21haWx0bzppbnRlcm5ldC1kcmFmdHNAaWV0Zi5vcmddIA0K U2VudDogTW9uZGF5LCBNYXJjaCAxMywgMjAxNyA0OjE3IFBNDQpUbzogWmh1amludGFvIChKdWxp YW4pIDxqaW50YW8uemh1QGh1YXdlaS5jb20+OyBaaHVqaW50YW8gKEp1bGlhbikgPGppbnRhby56 aHVAaHVhd2VpLmNvbT4NClN1YmplY3Q6IE5ldyBWZXJzaW9uIE5vdGlmaWNhdGlvbiBmb3IgZHJh ZnQtemh1LWFjZS1vZmZsaW5lLTAwLnR4dA0KDQoNCkEgbmV3IHZlcnNpb24gb2YgSS1ELCBkcmFm dC16aHUtYWNlLW9mZmxpbmUtMDAudHh0IGhhcyBiZWVuIHN1Y2Nlc3NmdWxseSBzdWJtaXR0ZWQg YnkgSmludGFvIFpodSBhbmQgcG9zdGVkIHRvIHRoZSBJRVRGIHJlcG9zaXRvcnkuDQoNCk5hbWU6 CQlkcmFmdC16aHUtYWNlLW9mZmxpbmUNClJldmlzaW9uOgkwMA0KVGl0bGU6CQlPZmZsaW5lIHVz YWdlIG9mIEFDRQ0KRG9jdW1lbnQgZGF0ZToJMjAxNy0wMy0xMw0KR3JvdXA6CQlJbmRpdmlkdWFs IFN1Ym1pc3Npb24NClBhZ2VzOgkJOQ0KVVJMOiAgICAgICAgICAgIGh0dHBzOi8vd3d3LmlldGYu b3JnL2ludGVybmV0LWRyYWZ0cy9kcmFmdC16aHUtYWNlLW9mZmxpbmUtMDAudHh0DQpTdGF0dXM6 ICAgICAgICAgaHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9kb2MvZHJhZnQtemh1LWFjZS1v ZmZsaW5lLw0KSHRtbGl6ZWQ6ICAgICAgIGh0dHBzOi8vdG9vbHMuaWV0Zi5vcmcvaHRtbC9kcmFm dC16aHUtYWNlLW9mZmxpbmUtMDANCg0KDQpBYnN0cmFjdDoNCiAgIFtJLUQuaWV0Zi1hY2Utb2F1 dGgtYXV0aHpdIGRlZmluZXMgYSBmcmFtZXdvcmsgZm9yIGJvdGgNCiAgIGF1dGhlbnRpY2F0aW9u IGFuZCBhdXRob3JpemF0aW9uIGluIGNvbnN0cmFpbmVkIEludGVybmV0IG9mIFRoaW5ncw0KICAg KElvVCkgZW52aXJvbm1lbnRzLiAgQSBjb25zdHJhaW5lZCBub2RlIGluIHRoaXMgZnJhbWV3b3Jr IG1heSBoYXZlDQogICBjb25zdHJhaW50cyBpbiBjb21wdXRhdGlvbmFsIGNhcGFiaWxpdHksIG1l bW9yeSBzdG9yYWdlLCBsYWNrIG9mIHVzZXINCiAgIGludGVyZmFjZSwgdHJhbnNtaXNzaW9uIGJh bmR3aWR0aCBhbmQvb3IgcG93ZXIgc3VwcGx5LiAgQmF0dGVyeS0NCiAgIHBvd2VyZWQgZGV2aWNl cyBhcmUgd2lkZWx5IHVzZWQgaW4gSW9UIGRlcGxveW1lbnRzIGFuZCB0aGV5IHNsZWVwDQogICBt b3N0IG9mIHRoZWlyIGxpZmV0aW1lIGZvciBiYXR0ZXJ5IHNhdmluZy4gIEhlbmNlLCB0aGV5IGFy ZSB1c3VhbGx5DQogICBkaXNjb25uZWN0ZWQgZnJvbSBvdGhlciBub2Rlcy4gIFRoaXMgZHJhZnQg cHJvdmlkZXMgYW4gb3ZlcnZpZXcgb2YNCiAgIHRoZSBkaXNjb25uZWN0aW9uIHVzZSBjYXNlcyBh bmQgZGlzY3Vzc2VzIG9mZmxpbmUgYXV0aGVudGljYXRpb24gYW5kDQogICBhdXRob3JpemF0aW9u IHNvbHV0aW9ucy4NCg0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIA0KDQoNClBsZWFzZSBub3Rl IHRoYXQgaXQgbWF5IHRha2UgYSBjb3VwbGUgb2YgbWludXRlcyBmcm9tIHRoZSB0aW1lIG9mIHN1 Ym1pc3Npb24gdW50aWwgdGhlIGh0bWxpemVkIHZlcnNpb24gYW5kIGRpZmYgYXJlIGF2YWlsYWJs ZSBhdCB0b29scy5pZXRmLm9yZy4NCg0KVGhlIElFVEYgU2VjcmV0YXJpYXQNCg0K From nobody Mon Mar 13 03:12:34 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08FCC12945D for ; Mon, 13 Mar 2017 03:12:33 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.199 X-Spam-Level: X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mwibpp7aXOrU for ; Mon, 13 Mar 2017 03:12:31 -0700 (PDT) Received: from mailhost.informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D723F127078 for ; Mon, 13 Mar 2017 03:12:30 -0700 (PDT) X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de Received: from submithost.informatik.uni-bremen.de (submithost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::b]) by mailhost.informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id v2DACRDn028050 for ; Mon, 13 Mar 2017 11:12:27 +0100 (CET) Received: from aung.tzi.org (unknown [IPv6:2001:638:708:30da:60ba:cecd:db79:ef13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by submithost.informatik.uni-bremen.de (Postfix) with ESMTPSA id 3vhYZg2lFczDJDR for ; Mon, 13 Mar 2017 11:12:27 +0100 (CET) From: Olaf Bergmann To: ace@ietf.org Date: Mon, 13 Mar 2017 11:12:27 +0100 Message-ID: <87k27tv62c.fsf@aung.informatik.uni-bremen.de> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Archived-At: Subject: [Ace] Fwd: New Version Notification for draft-gerdes-ace-dtls-authorize-01.txt X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Mar 2017 10:12:33 -0000 --=-=-= Content-Type: text/plain Hi all, we have submitted a new version of the coap-dtls profile draft for ACE. Besides some minor editorial changes it contains new text that resolves an inconsistency in the dynamic update for the PSK case. Best regards Olaf --=-=-= Content-Type: message/rfc822 Content-Disposition: inline Return-Path: Delivered-To: Received: from dspam.localhost by imap.informatik.uni-bremen.de (Dovecot) with LMTP id qSdwJcNuxli0JQAACethxA for ; Mon, 13 Mar 2017 11:07:37 +0100 Return-Path: X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de X-Spam-Flag: NO X-Spam-Score: -2.301 X-Spam-Level: X-Spam-Status: No, score=-2.301 tagged_above=-999 required=6.2 tests=[RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001] autolearn=disabled Received: from mail.ietf.org (mail.ietf.org [4.31.198.44]) by mailhost.informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id v2DA7Sat022750 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 13 Mar 2017 11:07:33 +0100 (CET) Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id A9D85129592; Mon, 13 Mar 2017 03:07:25 -0700 (PDT) From: internet-drafts@ietf.org To: "Ludwig Seitz" , "Carsten Bormann" , "Olaf Bergmann" , "Stefanie Gerdes" , =?utf-8?Q?G=C3=B6ran_Selander?= Subject: New Version Notification for draft-gerdes-ace-dtls-authorize-01.txt X-Test-IDTracker: no X-IETF-IDTracker: 6.47.0 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <148939964569.16921.12714630242985509175.idtracker@ietfa.amsl.com> Date: Mon, 13 Mar 2017 03:07:25 -0700 MIME-Version: 1.0 Content-Type: text/plain A new version of I-D, draft-gerdes-ace-dtls-authorize-01.txt has been successfully submitted by Olaf Bergmann and posted to the IETF repository. Name: draft-gerdes-ace-dtls-authorize Revision: 01 Title: Datagram Transport Layer Security (DTLS) Profile for Authentication and Authorization for Constrained Environments (ACE) Document date: 2017-03-13 Group: Individual Submission Pages: 17 URL: https://www.ietf.org/internet-drafts/draft-gerdes-ace-dtls-authorize-01.txt Status: https://datatracker.ietf.org/doc/draft-gerdes-ace-dtls-authorize/ Htmlized: https://tools.ietf.org/html/draft-gerdes-ace-dtls-authorize-01 Diff: https://www.ietf.org/rfcdiff?url2=draft-gerdes-ace-dtls-authorize-01 Abstract: This specification defines a profile for delegating client authentication and authorization in a constrained environment by establishing a Datagram Transport Layer Security (DTLS) channel between resource-constrained nodes. The protocol relies on DTLS for communication security between entities in a constrained network. A resource-constrained node can use this protocol to delegate management of authorization information to a trusted host with less severe limitations regarding processing power and memory. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat --=-=-=-- From nobody Mon Mar 13 06:56:20 2017 Return-Path: X-Original-To: ace@ietf.org Delivered-To: ace@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F3E412961F; Mon, 13 Mar 2017 06:56:14 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: internet-drafts@ietf.org To: X-Test-IDTracker: no X-IETF-IDTracker: 6.47.0 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <148941337450.16921.15897270304012406779@ietfa.amsl.com> Date: Mon, 13 Mar 2017 06:56:14 -0700 Archived-At: Cc: ace@ietf.org Subject: [Ace] I-D Action: draft-ietf-ace-oauth-authz-06.txt X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Mar 2017 13:56:14 -0000 A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Authentication and Authorization for Constrained Environments of the IETF. Title : Authentication and Authorization for Constrained Environments (ACE) Authors : Ludwig Seitz Goeran Selander Erik Wahlstroem Samuel Erdtman Hannes Tschofenig Filename : draft-ietf-ace-oauth-authz-06.txt Pages : 63 Date : 2017-03-13 Abstract: This specification defines a framework for authentication and authorization in Internet of Things (IoT) environments. The framework is based on a set of building blocks including OAuth 2.0 and CoAP, thus making a well-known and widely used authorization solution suitable for IoT devices. Existing specifications are used where possible, but where the constraints of IoT devices require it, extensions are added and profiles are defined. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-ace-oauth-authz/ There's also a htmlized version available at: https://tools.ietf.org/html/draft-ietf-ace-oauth-authz-06 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-ace-oauth-authz-06 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ From nobody Mon Mar 13 06:59:16 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EFCD1129659 for ; Mon, 13 Mar 2017 06:59:14 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.601 X-Spam-Level: X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DjjTBwcAtzRO for ; Mon, 13 Mar 2017 06:59:13 -0700 (PDT) Received: from se-out2.mx-wecloud.net (se-out2.mx-wecloud.net [89.221.255.177]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 89A8D12964D for ; Mon, 13 Mar 2017 06:59:07 -0700 (PDT) Received: from sp-mail-2.sp.se (unknown [194.218.146.197]) by se-out2.mx-wecloud.net (Postfix) with ESMTPS id 6496D22080A for ; Mon, 13 Mar 2017 13:59:05 +0000 (UTC) Received: from [192.168.0.166] (10.116.0.226) by sp-mail-2.sp.se (10.100.0.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.669.32; Mon, 13 Mar 2017 14:59:05 +0100 To: References: <148941337450.16921.15897270304012406779@ietfa.amsl.com> From: Ludwig Seitz Message-ID: <3afa1c0b-6f97-aad8-d483-11ad2a20d83f@ri.se> Date: Mon, 13 Mar 2017 14:59:04 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0 MIME-Version: 1.0 In-Reply-To: <148941337450.16921.15897270304012406779@ietfa.amsl.com> Content-Type: text/plain; charset="windows-1252"; format=flowed Content-Transfer-Encoding: 7bit X-Originating-IP: [10.116.0.226] X-ClientProxiedBy: sp-mail-1.sp.se (10.100.0.161) To sp-mail-2.sp.se (10.100.0.162) X-CMAE-Score: 0 X-CMAE-Analysis: v=2.2 cv=PPl/wbiC c=1 sm=1 tr=0 a=L5DDne6A+dD0FbDkt2Fblw==:117 a=L5DDne6A+dD0FbDkt2Fblw==:17 a=sZ8rJzgPlrQA:10 a=N659UExz7-8A:10 a=6Iz7jQTuP9IA:10 a=48vgC7mUAAAA:8 a=x70TR3niv5234GTKc4cA:9 a=pILNOxqGKmIA:10 a=w1C3t2QeGrPiZgrLijVG:22 X-Virus-Scanned: clamav-milter 0.99.2 at MailSecurity X-Virus-Status: Clean X-MailSecurity-Status: 0 X-Scanned-By: WeCloud MailSecurity X-MailSecurity-Score: 0 Archived-At: Subject: Re: [Ace] I-D Action: draft-ietf-ace-oauth-authz-06.txt X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Mar 2017 13:59:15 -0000 Hello ACE, We have updated our draft, with the most notable change of adding some text on how to handle OAuth 2.0 grants (the rest is restructuring, fixing typos and unclear sentences). Regards, Ludwig Seitz > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Authentication and Authorization for Constrained Environments of the IETF. > > Title : Authentication and Authorization for Constrained Environments (ACE) > Authors : Ludwig Seitz > Goeran Selander > Erik Wahlstroem > Samuel Erdtman > Hannes Tschofenig > Filename : draft-ietf-ace-oauth-authz-06.txt > Pages : 63 > Date : 2017-03-13 > > Abstract: > This specification defines a framework for authentication and > authorization in Internet of Things (IoT) environments. The > framework is based on a set of building blocks including OAuth 2.0 > and CoAP, thus making a well-known and widely used authorization > solution suitable for IoT devices. Existing specifications are used > where possible, but where the constraints of IoT devices require it, > extensions are added and profiles are defined. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-ace-oauth-authz/ > > There's also a htmlized version available at: > https://tools.ietf.org/html/draft-ietf-ace-oauth-authz-06 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-ace-oauth-authz-06 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > Ace mailing list > Ace@ietf.org > https://www.ietf.org/mailman/listinfo/ace > -- Ludwig Seitz, PhD Security Lab, RISE SICS Phone +46(0)70-349 92 51 From nobody Tue Mar 14 21:22:15 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3AE78128796 for ; Tue, 14 Mar 2017 21:22:13 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.998 X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=alibaba-inc.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qd3IEWyvmcO0 for ; Tue, 14 Mar 2017 21:22:10 -0700 (PDT) Received: from out0-133.mail.aliyun.com (out0-133.mail.aliyun.com [140.205.0.133]) by ietfa.amsl.com (Postfix) with ESMTP id 4C12F12894A for ; Tue, 14 Mar 2017 21:22:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alibaba-inc.com; s=default; t=1489551726; h=Date:Subject:From:To:Message-ID:Mime-version:Content-type; bh=MHfqKnOkUUlnSqjg/GebFUt1DpBKd7Oi4HBvE5oT9ps=; b=ChfOLkX65dwnqqICB0iG8xzLqlr0ukNMqLj7Tzn4JOoR1KcPVb0d/D+OJwKA59xp5Dsj4cbp9Puw2yudVUBd9iVauaXWTqFM4KXZwJLTquIc/9U4zt6PWNmKDgnQHrQ6Hn4d/1Fw0pI5WKv/ZTVeETyNYoxlWmo68Gj3ToHEeOI= X-Alimail-AntiSpam: AC=PASS; BC=-1|-1; BR=01201311R131e4; FP=0|-1|-1|-1|0|-1|-1|-1; HT=e01l10425; MF=kepeng.lkp@alibaba-inc.com; NM=1; PH=DS; RN=1; SR=0; TI=SMTPD_---.7o78xpU_1489551717; Received: from 30.39.5.231(mailfrom:kepeng.lkp@alibaba-inc.com ip:42.120.73.202) by smtp.aliyun-inc.com(127.0.0.1); Wed, 15 Mar 2017 12:22:00 +0800 User-Agent: Microsoft-MacOutlook/14.6.8.160830 Date: Wed, 15 Mar 2017 12:21:55 +0800 From: "Kepeng Li" To: "Ace@ietf.org" Message-ID: Thread-Topic: Call for presentations for IETF98 Mime-version: 1.0 Content-type: multipart/alternative; boundary="B_3572425320_20496740" Archived-At: Subject: [Ace] Call for presentations for IETF98 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Mar 2017 04:22:13 -0000 > ´ËÓʼþʹÓà MIME ¸ñʽ¡£ÓÉÓÚÓʼþÔĶÁ³ÌÐò²»ÄÜʶ±ð ´Ë¸ñʽ£¬Òò´Ë£¬¿ÉÄÜÎÞ·¨Ê¶±ð¸ÃÓʼþµÄ·Ö²¿»ò²¿·ÖÄÚÈÝ¡£ --B_3572425320_20496740 Content-type: text/plain; charset="GB2312" Content-transfer-encoding: quoted-printable Hi everyone, So far, the chairs have had two requests for presentations at the ACE meeting of IETF98, which we will be accommodating along with discussion on the current draft progress. We=A1=AFre putting the agenda together now, and we would like to know if anyone else has a topic that they=A1=AFd like to present and discuss at the upcoming face to face. Please send feedback to Hannes and me before the end of 17th Mar, including draft name, presenter, how much time, objectives. Thanks. Kepeng & Hannes --B_3572425320_20496740 Content-type: text/html; charset="GB2312" Content-transfer-encoding: quoted-printable
Hi everyone,

So far, the chairs have had two requests for presentations a= t the ACE meeting of IETF98, which we will be accommodating along with discu= ssion on the current draft progress. 

We’re putting the agenda together now, and we would like to know= if anyone else has a topic that they’d like to present and discuss at= the upcoming face to face.

Please send feed= back to Hannes and me before the end of 17th Mar, including draft name, pres= enter, how much time, objectives.

Thanks.

Kepeng & H= annes
--B_3572425320_20496740-- From nobody Thu Mar 16 02:34:09 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F255126DED; Thu, 16 Mar 2017 02:34:07 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.221 X-Spam-Level: X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.onmicrosoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GNzo6Pvlm_EA; Thu, 16 Mar 2017 02:34:05 -0700 (PDT) Received: from sessmg22.ericsson.net (sessmg22.ericsson.net [193.180.251.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2CD5E126C23; Thu, 16 Mar 2017 02:34:04 -0700 (PDT) X-AuditID: c1b4fb3a-e689b98000003781-75-58ca5c0b579a Received: from ESESSHC009.ericsson.se (Unknown_Domain [153.88.183.45]) by (Symantec Mail Security) with SMTP id FE.9B.14209.B0C5AC85; Thu, 16 Mar 2017 10:34:03 +0100 (CET) Received: from EUR03-VE1-obe.outbound.protection.outlook.com (153.88.183.145) by oa.msg.ericsson.com (153.88.183.45) with Microsoft SMTP Server (TLS) id 14.3.319.2; Thu, 16 Mar 2017 10:33:03 +0100 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.onmicrosoft.com; s=selector1-ericsson-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=+LSBnbP0Gn7HZ9KNftCzhlmhfTzhXEv409WBVXB1Uc4=; b=eRq4xQK2jQgpS19Wi7bYCredCTG6D89oUMEfGBabTGWbmb7wfEZcVkC/stwGpOtG9vwNVmpCEFzdAQUk6tJCVb23e/UWaiGBrx0016+oc+arfeQtYKTE/wf4HqGpbaGrjRA/AXLP0IK0PRqUM0nzYv/3V9+rIGlFH8YX5PRXl3I= Received: from HE1PR0701MB2539.eurprd07.prod.outlook.com (10.168.129.17) by HE1PR0701MB2540.eurprd07.prod.outlook.com (10.168.129.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.977.5; Thu, 16 Mar 2017 09:33:02 +0000 Received: from HE1PR0701MB2539.eurprd07.prod.outlook.com ([10.168.129.17]) by HE1PR0701MB2539.eurprd07.prod.outlook.com ([10.168.129.17]) with mapi id 15.01.0977.010; Thu, 16 Mar 2017 09:33:02 +0000 From: Francesca Palombini To: "ace@ietf.org" , "ace-chairs@ietf.org" Thread-Topic: New Version Notification for draft-palombini-ace-coap-pubsub-profile-00.txt Thread-Index: AQHSnA1yafydqdgw4EKXZi+wgkglBqGXNu3Q Date: Thu, 16 Mar 2017 09:33:02 +0000 Message-ID: References: <148941843410.16965.1910232818689672279.idtracker@ietfa.amsl.com> In-Reply-To: <148941843410.16965.1910232818689672279.idtracker@ietfa.amsl.com> Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ericsson.com; x-originating-ip: [192.36.157.200] x-microsoft-exchange-diagnostics: 1; HE1PR0701MB2540; 7:1buzQsk2zFQQBiB1a37djuk5bzLHESXkc5/yTi8yUgRE87bABXurlPbikOqnaCy1azqF499um/fyUfPnMOrYHwwleLMb2Gqn4SkqQekOvXMJewT/Xyo+dq4F4wP6sX/Tkl7lHRhIprlT5N9EjQRXXziTGaYS1g25tItJaRuCER/g2/TJf6l0fH6W6TyuKrw8t1AELHk7+zvjTsHFgGW047eL/5ZdA9rjqszaK/+84GmaeIpVUm0T5FDc9dFDZ2IxTXDxClWPwHUB6fR/IR//R/Qp2CjnmIUrAOv7vrtcYUBXwRc+fglD3k93qzxwYPg3KOWPP7gehfxVxivaVqIxcw== x-ms-office365-filtering-correlation-id: 0998a5e3-547b-4777-ee6b-08d46c4f712f x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001); SRVR:HE1PR0701MB2540; x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(37575265505322)(120809045254105)(192374486261705); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040375)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6041248)(20161123564025)(20161123560025)(20161123555025)(20161123562025)(20161123558025)(6072148); SRVR:HE1PR0701MB2540; BCL:0; PCL:0; RULEID:; SRVR:HE1PR0701MB2540; x-forefront-prvs: 024847EE92 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(39450400003)(13464003)(53754006)(377424004)(8936002)(81166006)(3660700001)(2906002)(3280700002)(86362001)(50986999)(54356999)(229853002)(450100002)(7736002)(33656002)(76176999)(2501003)(66066001)(38730400002)(3846002)(6116002)(8676002)(5660300001)(6506006)(122556002)(7696004)(230783001)(2950100002)(53546007)(25786008)(2473003)(6306002)(55016002)(9686003)(189998001)(99286003)(74316002)(15650500001)(102836003)(77096006)(6436002)(2900100001)(53936002)(305945005); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR0701MB2540; H:HE1PR0701MB2539.eurprd07.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Mar 2017 09:33:02.1744 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2540 X-OriginatorOrg: ericsson.com X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrLIsWRmVeSWpSXmKPExsUyM2K7ri53zKkIg8cz5S2m3f3NavH9Ww+z A5PHkiU/mQIYo7hsUlJzMstSi/TtErgybl69zlrwS6Ti2PSH7A2MW0S6GDk5JARMJB537Wfu YuTiEBJYxyjx781ldgjnBKPEn+2H2ECqWAR6mSWOzOGCSMxkklh8bQ0rhHOKUWLvxceMIFVs AjYSFx6+ZwWxRQT8JLbdO80EYgsLREl0zTrFBhGPlvh7sZsJwjaS2LVvAhPEBlWJeVea2UFs XoEEibaHn8HiQgK+EhsPPAW6j4ODE2jm8kNgJYwCshJfGlczg9jMAuISt57MZ4J4R0BiyZ7z zBC2qMTLx//A7mQU6GaU+DDvGlSRksSOptlgP0sI9DFLzFw9gREi4Svx5f85FgjbX+LSmTZW kMUSAvkSpy86QZgxEn8OiUG0zmOSWHtwBztEuYzE0Y1rWCASLawSDTs2QD0vJXH3SicjhC0j 8eLOXrCZzAKaEut36U9g1JiF5IdZCBmIsKLElO6H7LPAoSIocXLmE5YFjCyrGEWLU4uLc9ON jPRSizKTi4vz8/TyUks2MQITxcEtv612MB587niIUYCDUYmH90PYyQgh1sSy4srcQ4wSHMxK IrwPuE9FCPGmJFZWpRblxxeV5qQWH2KU5mBREuc1W3k/XEggPbEkNTs1tSC1CCbLxMEp1cAY mv945VP/ks19y5+8lnVLreFJnZOWmNbfN21G/cnlQVtOfTTysVFY3BL1U7zL/fPr+elJdby8 d74UVt5MUyxatEpR6Vit1IcUnmDp0/O2Sgu+4pNOuL9P0Id733vteg7HcA6WA36H9zw/tr5J +eGWgqt7vhb91j2/fdYfhsNFESeZdnbaiixUYinOSDTUYi4qTgQA45ZT8hADAAA= Archived-At: Subject: [Ace] FW: New Version Notification for draft-palombini-ace-coap-pubsub-profile-00.txt X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Mar 2017 09:34:08 -0000 SGkgYWxsLA0KDQpJIGhhdmUgc3VibWl0dGVkIGEgbmV3IHByb2ZpbGUgZm9yIEFDRSwgYWltaW5n IGF0IGEgQ29BUCBwdWItc3ViIHR5cGUgb2Ygc2NlbmFyaW86DQoNCmh0dHBzOi8vZGF0YXRyYWNr ZXIuaWV0Zi5vcmcvZG9jL2RyYWZ0LXBhbG9tYmluaS1hY2UtY29hcC1wdWJzdWItcHJvZmlsZS8N Cg0KQGNoYWlyczogSSdkIGxpa2UgdG8gYXNrIGZvciAxNSBtaW51dGVzIHRvIHByZXNlbnQgdGhp cyBhdCB0aGUgSUVURjk4Lg0KDQpCZXN0IHJlZ2FyZHMsDQpGcmFuY2VzY2ENCg0KPiAtLS0tLU9y aWdpbmFsIE1lc3NhZ2UtLS0tLQ0KPiBGcm9tOiBpbnRlcm5ldC1kcmFmdHNAaWV0Zi5vcmcgW21h aWx0bzppbnRlcm5ldC1kcmFmdHNAaWV0Zi5vcmddDQo+IFNlbnQ6IGRlbiAxMyBtYXJzIDIwMTcg MTY6MjENCj4gVG86IEZyYW5jZXNjYSBQYWxvbWJpbmkgPGZyYW5jZXNjYS5wYWxvbWJpbmlAZXJp Y3Nzb24uY29tPg0KPiBTdWJqZWN0OiBOZXcgVmVyc2lvbiBOb3RpZmljYXRpb24gZm9yIGRyYWZ0 LXBhbG9tYmluaS1hY2UtY29hcC1wdWJzdWItDQo+IHByb2ZpbGUtMDAudHh0DQo+IA0KPiANCj4g QSBuZXcgdmVyc2lvbiBvZiBJLUQsIGRyYWZ0LXBhbG9tYmluaS1hY2UtY29hcC1wdWJzdWItcHJv ZmlsZS0wMC50eHQNCj4gaGFzIGJlZW4gc3VjY2Vzc2Z1bGx5IHN1Ym1pdHRlZCBieSBGcmFuY2Vz Y2EgUGFsb21iaW5pIGFuZCBwb3N0ZWQgdG8gdGhlDQo+IElFVEYgcmVwb3NpdG9yeS4NCj4gDQo+ IE5hbWU6CQlkcmFmdC1wYWxvbWJpbmktYWNlLWNvYXAtcHVic3ViLXByb2ZpbGUNCj4gUmV2aXNp b246CTAwDQo+IFRpdGxlOgkJQ29BUCBQdWItU3ViIFByb2ZpbGUgZm9yIEF1dGhlbnRpY2F0aW9u IGFuZCBBdXRob3JpemF0aW9uDQo+IGZvciBDb25zdHJhaW5lZCBFbnZpcm9ubWVudHMgKEFDRSkN Cj4gRG9jdW1lbnQgZGF0ZToJMjAxNy0wMy0xMw0KPiBHcm91cDoJCUluZGl2aWR1YWwgU3VibWlz c2lvbg0KPiBQYWdlczoJCTE0DQo+IFVSTDogICAgICAgICAgICBodHRwczovL3d3dy5pZXRmLm9y Zy9pbnRlcm5ldC1kcmFmdHMvZHJhZnQtcGFsb21iaW5pLWFjZS1jb2FwLQ0KPiBwdWJzdWItcHJv ZmlsZS0wMC50eHQNCj4gU3RhdHVzOiAgICAgICAgIGh0dHBzOi8vZGF0YXRyYWNrZXIuaWV0Zi5v cmcvZG9jL2RyYWZ0LXBhbG9tYmluaS1hY2UtY29hcC0NCj4gcHVic3ViLXByb2ZpbGUvDQo+IEh0 bWxpemVkOiAgICAgICBodHRwczovL3Rvb2xzLmlldGYub3JnL2h0bWwvZHJhZnQtcGFsb21iaW5p LWFjZS1jb2FwLXB1YnN1Yi0NCj4gcHJvZmlsZS0wMA0KPiANCj4gDQo+IEFic3RyYWN0Og0KPiAg ICBUaGlzIHNwZWNpZmljYXRpb24gZGVmaW5lcyBhIHByb2ZpbGUgZm9yIGF1dGhlbnRpY2F0aW9u IGFuZA0KPiAgICBhdXRob3JpemF0aW9uIGZvciBwdWJsaXNoZXJzIGFuZCBzdWJzY3JpYmVycyBp biBhIHB1Yi1zdWIgc2V0dGluZw0KPiAgICBzY2VuYXJpbyBpbiBhIGNvbnN0cmFpbmVkIGVudmly b25tZW50LCB1c2luZyB0aGUgQUNFIGZyYW1ld29yay4gIFRoaXMNCj4gICAgcHJvZmlsZSByZWxp ZXMgb24gdHJhbnNwb3J0IGxheWVyIG9yIGFwcGxpY2F0aW9uIGxheWVyIHNlY3VyaXR5IHRvDQo+ ICAgIGF1dGhvcml6ZSB0aGUgcHVibGlzaGVyIHRvIHRoZSBicm9rZXIuICBNb3Jlb3ZlciwgaXQg cmVsaWVzIG9uDQo+ICAgIGFwcGxpY2F0aW9uIGxheWVyIHNlY3VyaXR5IGZvciBwdWJsaXNoZXIt YnJva2VyIGFuZCBzdWJzY3JpYmVyLWJyb2tlcg0KPiAgICBjb21tdW5pY2F0aW9uLg0KPiANCj4g DQo+IA0KPiANCj4gUGxlYXNlIG5vdGUgdGhhdCBpdCBtYXkgdGFrZSBhIGNvdXBsZSBvZiBtaW51 dGVzIGZyb20gdGhlIHRpbWUgb2Ygc3VibWlzc2lvbg0KPiB1bnRpbCB0aGUgaHRtbGl6ZWQgdmVy c2lvbiBhbmQgZGlmZiBhcmUgYXZhaWxhYmxlIGF0IHRvb2xzLmlldGYub3JnLg0KPiANCj4gVGhl IElFVEYgU2VjcmV0YXJpYXQNCg0K From nobody Thu Mar 16 22:42:45 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6756B127F0E for ; Thu, 16 Mar 2017 22:42:44 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.219 X-Spam-Level: X-Spam-Status: No, score=-4.219 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lzc_LOF4X1in for ; Thu, 16 Mar 2017 22:42:42 -0700 (PDT) Received: from sesbmg23.ericsson.net (sesbmg23.ericsson.net [193.180.251.37]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4E76E1201F2 for ; Thu, 16 Mar 2017 22:42:42 -0700 (PDT) X-AuditID: c1b4fb25-ce3ff70000002d78-13-58cb774f8bb3 Received: from ESESSHC016.ericsson.se (Unknown_Domain [153.88.183.66]) by (Symantec Mail Security) with SMTP id 3D.53.11640.F477BC85; Fri, 17 Mar 2017 06:42:40 +0100 (CET) Received: from ESESSMB107.ericsson.se ([169.254.7.76]) by ESESSHC016.ericsson.se ([153.88.183.66]) with mapi id 14.03.0319.002; Fri, 17 Mar 2017 06:42:38 +0100 From: =?utf-8?B?R8O2cmFuIFNlbGFuZGVy?= To: "Ace@ietf.org" , Kepeng Li , Hannes Tschofenig Thread-Topic: [Ace] Call for presentations for IETF98 Thread-Index: AQHSnuFJm22VO4+C0USPUiEnXv/9nA== Date: Fri, 17 Mar 2017 05:42:38 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.7.1.161129 x-originating-ip: [153.88.183.150] Content-Type: multipart/alternative; boundary="_000_D4F12A9A79B86goranselanderericssoncom_" MIME-Version: 1.0 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFupjkeLIzCtJLcpLzFFi42KZGbHdSTeg/HSEwa9ZQhbfv/UwW9yccYrJ 4vL8Igdmj4lvP7J4rJm3htFjyZKfTAHMUVw2Kak5mWWpRfp2CVwZbYvyCr4mVty6fZ65gXFO fBcjJ4eEgInE5St7mUFsIYF1jBKL22W7GLmA7MWMElsePGIFSbAJuEg8aHjEBGKLCFRJfD+3 GCwuDNR8/9EsoGYOoLipxNpnchAlehKvNpwAK2cRUJVYuuA5G4jNK2AhsffueRYQm1FATOL7 qTVgNcwC4hK3nsxngrhHQGLJnvPMELaoxMvH/8BWiQLNXP58DVRcSWLF9kuMEL2xEgvOfWaF mC8ocXLmE5YJjEKzkIydhaRsFpKyWUBXMwtoSqzfpQ9RoigxpfshO4StIdE6Zy6UbS1xd8s1 VmQ1Cxg5VjGKFqcWJ+WmGxnrpRZlJhcX5+fp5aWWbGIExtLBLb9VdzBefuN4iFGAg1GJh7dg xakIIdbEsuLK3EOMEhzMSiK87CAh3pTEyqrUovz4otKc1OJDjNIcLErivGYr74cLCaQnlqRm p6YWpBbBZJk4OKUaGGvqXvQaSnoe7mA/Ja83WUjb5EB/hPbGqGSH15XecyoKXpUue+XxP8Y4 dKXQ57D2pHNyRz4H/DqgcObJpf7gwwdZWPTM9j4+XDh9i/mq4K/ut/nyFmrWTLi3OcbMY/LC nge1uzYci9zlpPH334OFvS3P65r/BM1qP379+opwg6PHb7h+jZu9z1KJpTgj0VCLuag4EQAY lJncoQIAAA== Archived-At: Subject: Re: [Ace] Call for presentations for IETF98 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Mar 2017 05:42:44 -0000 --_000_D4F12A9A79B86goranselanderericssoncom_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 DQpIaSBBQ0UgY2hhaXJzIGFuZCBhbGwsDQoNCkhlcmUgYXJlIHNvbWUgcHJvcG9zZWQgYWdlbmRh IGl0ZW1zIGZvciBBQ0U6DQoNCiogQUNFIHByb2ZpbGVzLg0KDQpBIG51bWJlciBvZiBkcmFmdHMg aGF2ZSBiZWVuIHN1Ym1pdHRlZCBhcyBwcm9maWxlcyBvZiB0aGUgQUNFIGZyYW1ld29yay4gVGhl IGRyYWZ0cyB2YXJ5IHNvbWV3aGF0IGluIHNjb3BlIGFuZCBpbiBkZWdyZWUgb2YgZGV0YWlsIHdo YXQgdGhleSBzcGVjaWZ5LiBTb21lIGZ1bmN0aW9uYWxpdHkgaXMgb3ZlcmxhcHBpbmcgYmV0d2Vl biB0aGUgZHJhZnRzLiBTb21lIGZ1bmN0aW9uYWxpdHkgZGVzY3JpYmVkIGluIG9uZSBBQ0UgcHJv ZmlsZSBpcyBhcHBsaWNhYmxlIHRvIGFsbCBwcm9maWxlcyBhbmQgbWF5IGVpdGhlciBiZSBjb3Bp ZWQgb3ZlciBvciBpbmNsdWRlZCBpbiB0aGUgZnJhbWV3b3JrLg0KDQpUaW1lOiAyMCBtaW51dGVz DQpPYmplY3RpdmU6IEFzayBmb3IgdGhlIFdHJ3MgdmlldyBvbiBjb29yZGluYXRpbmcgY29udGVu dCBpbiB0aGUgQUNFIHByb2ZpbGVzLiBBcmUgdGhlIHJlcXVpcmVtZW50cyBvbiBwcm9maWxlcyBk ZXNjcmliZWQgaW4gdGhlIEFDRSBmcmFtZXdvcmsgc3VmZmljaWVudD8gKGh0dHBzOi8vdG9vbHMu aWV0Zi5vcmcvaHRtbC9kcmFmdC1pZXRmLWFjZS1vYXV0aC1hdXRoei0wNiNhcHBlbmRpeC1DKQ0K DQoNCiogRURIT0MNCg0KaHR0cHM6Ly90b29scy5pZXRmLm9yZy9odG1sL2RyYWZ0LXNlbGFuZGVy LWFjZS1jb3NlLWVjZGhlLTA1DQoNCkZvbGxvd2luZyB0aGUgbGFzdCByb3VuZCBvZiByZXZpZXdz IHdlIGhhdmUgdXBkYXRlZCB0aGlzIGFwcGxpY2F0aW9uIGxheWVyIGtleSBleGNoYW5nZSBwcm90 b2NvbCB3aGljaCBpcyB1c2VkIGUuZy4gaW4gdGhlIE9TQ09BUCBwcm9maWxlIG9mIEFDRSBhbmQg aW4gdGhlIDZUaVNDSCBtaW5pbWFsIHNlY3VyaXR5IGZyYW1ld29yay4gV2UgdGhpbmsgdGhpcyBp cyBub3cgcmVhZHkgdG8gbW92ZSBmb3J3YXJkLg0KDQpUaW1lOiAxNSBtaW4NCk9iamVjdGl2ZTog Q2FsbCBmb3IgYWRvcHRpb24NCg0KDQoqIEVBTFMNCg0KaHR0cHM6Ly93d3cuaWV0Zi5vcmcvaW50 ZXJuZXQtZHJhZnRzL2RyYWZ0LXNlbGFuZGVyLWFjZS1lYWxzLTAwLnR4dA0KDQpUaGlzIGlzIGEg c3RyYXdtYW4gb24gY2VydGlmaWNhdGUgZW5yb2xtZW50IHVzaW5nIHRoZSBuZXcgSW9UIGFwcGxp Y2F0aW9uIGxheWVyIHNlY3VyaXR5IHByb3RvY29scy4gSWYgY2VydGlmaWNhdGUgZW5yb2xtZW50 IGZvciBJb1QgZGV2aWNlcyBpcyBvbiB0aGUgYWdlbmRhIHRoZW4gd2Ugd291bGQgbGlrZSB0byBw cmVzZW50IHRoaXMuDQoNClRpbWU6IDEwIG1pbg0KT2JqZWN0aXZlOiBBc2sgZm9yIHJldmlldw0K DQoNCkfDtnJhbg0KDQoNCg0KDQpGcm9tOiBBY2UgPGFjZS1ib3VuY2VzQGlldGYub3JnPG1haWx0 bzphY2UtYm91bmNlc0BpZXRmLm9yZz4+IG9uIGJlaGFsZiBvZiBLZXBlbmcgTGkgPGtlcGVuZy5s a3BAYWxpYmFiYS1pbmMuY29tPG1haWx0bzprZXBlbmcubGtwQGFsaWJhYmEtaW5jLmNvbT4+DQpE YXRlOiBXZWRuZXNkYXkgMTUgTWFyY2ggMjAxNyBhdCAwNToyMQ0KVG86ICJBY2VAaWV0Zi5vcmc8 bWFpbHRvOkFjZUBpZXRmLm9yZz4iIDxBY2VAaWV0Zi5vcmc8bWFpbHRvOkFjZUBpZXRmLm9yZz4+ DQpTdWJqZWN0OiBbQWNlXSBDYWxsIGZvciBwcmVzZW50YXRpb25zIGZvciBJRVRGOTgNCg0KSGkg ZXZlcnlvbmUsDQoNClNvIGZhciwgdGhlIGNoYWlycyBoYXZlIGhhZCB0d28gcmVxdWVzdHMgZm9y IHByZXNlbnRhdGlvbnMgYXQgdGhlIEFDRSBtZWV0aW5nIG9mIElFVEY5OCwgd2hpY2ggd2Ugd2ls bCBiZSBhY2NvbW1vZGF0aW5nIGFsb25nIHdpdGggZGlzY3Vzc2lvbiBvbiB0aGUgY3VycmVudCBk cmFmdCBwcm9ncmVzcy4NCg0KV2XigJlyZSBwdXR0aW5nIHRoZSBhZ2VuZGEgdG9nZXRoZXIgbm93 LCBhbmQgd2Ugd291bGQgbGlrZSB0byBrbm93IGlmIGFueW9uZSBlbHNlIGhhcyBhIHRvcGljIHRo YXQgdGhleeKAmWQgbGlrZSB0byBwcmVzZW50IGFuZCBkaXNjdXNzIGF0IHRoZSB1cGNvbWluZyBm YWNlIHRvIGZhY2UuDQoNClBsZWFzZSBzZW5kIGZlZWRiYWNrIHRvIEhhbm5lcyBhbmQgbWUgYmVm b3JlIHRoZSBlbmQgb2YgMTd0aCBNYXIsIGluY2x1ZGluZyBkcmFmdCBuYW1lLCBwcmVzZW50ZXIs IGhvdyBtdWNoIHRpbWUsIG9iamVjdGl2ZXMuDQoNClRoYW5rcy4NCg0KS2VwZW5nICYgSGFubmVz DQo= --_000_D4F12A9A79B86goranselanderericssoncom_ Content-Type: text/html; charset="utf-8" Content-ID: <2BDAC3B3FFFBAD42AAA7C4B261B12B1F@ericsson.com> Content-Transfer-Encoding: base64 PGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0i dGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjwvaGVhZD4NCjxib2R5IHN0eWxlPSJ3b3JkLXdy YXA6IGJyZWFrLXdvcmQ7IC13ZWJraXQtbmJzcC1tb2RlOiBzcGFjZTsgLXdlYmtpdC1saW5lLWJy ZWFrOiBhZnRlci13aGl0ZS1zcGFjZTsgY29sb3I6IHJnYigwLCAwLCAwKTsgZm9udC1zaXplOiAx NHB4OyBmb250LWZhbWlseTogQ2FsaWJyaSwgc2Fucy1zZXJpZjsiPg0KPGRpdj48YnI+DQo8L2Rp dj4NCjxkaXY+SGkgQUNFIGNoYWlycyBhbmQgYWxsLDwvZGl2Pg0KPGRpdj48YnI+DQo8L2Rpdj4N CjxkaXY+SGVyZSBhcmUgc29tZSBwcm9wb3NlZCBhZ2VuZGEgaXRlbXMgZm9yIEFDRTo8L2Rpdj4N CjxkaXY+PGJyPg0KPC9kaXY+DQo8ZGl2PiogQUNFIHByb2ZpbGVzLjwvZGl2Pg0KPGRpdj48YnI+ DQo8L2Rpdj4NCjxkaXY+QSBudW1iZXIgb2YgZHJhZnRzIGhhdmUgYmVlbiBzdWJtaXR0ZWQgYXMg cHJvZmlsZXMgb2YgdGhlIEFDRSBmcmFtZXdvcmsuIFRoZSBkcmFmdHMgdmFyeSBzb21ld2hhdCBp biBzY29wZSBhbmQgaW4gZGVncmVlIG9mIGRldGFpbCB3aGF0IHRoZXkgc3BlY2lmeS4gU29tZSBm dW5jdGlvbmFsaXR5IGlzIG92ZXJsYXBwaW5nIGJldHdlZW4gdGhlIGRyYWZ0cy4gU29tZSBmdW5j dGlvbmFsaXR5IGRlc2NyaWJlZCBpbiBvbmUgQUNFIHByb2ZpbGUNCiBpcyBhcHBsaWNhYmxlIHRv IGFsbCBwcm9maWxlcyBhbmQgbWF5IGVpdGhlciBiZSBjb3BpZWQgb3ZlciBvciBpbmNsdWRlZCBp biB0aGUgZnJhbWV3b3JrLjwvZGl2Pg0KPGRpdj48YnI+DQo8L2Rpdj4NCjxkaXY+VGltZTogMjAg bWludXRlczwvZGl2Pg0KPGRpdj5PYmplY3RpdmU6IEFzayBmb3IgdGhlIFdHJ3MgdmlldyBvbiBj b29yZGluYXRpbmcgY29udGVudCBpbiB0aGUgQUNFIHByb2ZpbGVzLiBBcmUgdGhlIHJlcXVpcmVt ZW50cyBvbiBwcm9maWxlcyBkZXNjcmliZWQgaW4gdGhlIEFDRSBmcmFtZXdvcmsgc3VmZmljaWVu dD8gKGh0dHBzOi8vdG9vbHMuaWV0Zi5vcmcvaHRtbC9kcmFmdC1pZXRmLWFjZS1vYXV0aC1hdXRo ei0wNiNhcHBlbmRpeC1DKTwvZGl2Pg0KPGRpdj48YnI+DQo8L2Rpdj4NCjxkaXY+PGJyPg0KPC9k aXY+DQo8ZGl2PiogRURIT0M8L2Rpdj4NCjxkaXY+PGJyPg0KPC9kaXY+DQo8ZGl2PjxhIGhyZWY9 Imh0dHBzOi8vdG9vbHMuaWV0Zi5vcmcvaHRtbC9kcmFmdC1zZWxhbmRlci1hY2UtY29zZS1lY2Ro ZS0wNSIgc3R5bGU9ImZvbnQtZmFtaWx5OiBDb25zb2xhcywgbW9ub3NwYWNlOyBmb250LXNpemU6 IDEycHg7Ij5odHRwczovL3Rvb2xzLmlldGYub3JnL2h0bWwvZHJhZnQtc2VsYW5kZXItYWNlLWNv c2UtZWNkaGUtMDU8L2E+PC9kaXY+DQo8ZGl2Pjxicj4NCjwvZGl2Pg0KPGRpdj5Gb2xsb3dpbmcg dGhlIGxhc3Qgcm91bmQgb2YgcmV2aWV3cyB3ZSBoYXZlIHVwZGF0ZWQgdGhpcyBhcHBsaWNhdGlv biBsYXllciBrZXkgZXhjaGFuZ2UgcHJvdG9jb2wgd2hpY2ggaXMgdXNlZCBlLmcuIGluIHRoZSBP U0NPQVAgcHJvZmlsZSBvZiBBQ0UgYW5kIGluIHRoZSA2VGlTQ0ggbWluaW1hbCBzZWN1cml0eSBm cmFtZXdvcmsuIFdlIHRoaW5rIHRoaXMgaXMgbm93IHJlYWR5IHRvIG1vdmUgZm9yd2FyZC48L2Rp dj4NCjxkaXY+PGJyPg0KPC9kaXY+DQo8ZGl2PlRpbWU6IDE1IG1pbjwvZGl2Pg0KPGRpdj5PYmpl Y3RpdmU6IENhbGwgZm9yIGFkb3B0aW9uPC9kaXY+DQo8ZGl2Pjxicj4NCjwvZGl2Pg0KPGRpdj48 YnI+DQo8L2Rpdj4NCjxkaXY+KiBFQUxTPC9kaXY+DQo8ZGl2Pjxicj4NCjwvZGl2Pg0KPGRpdj48 YSBocmVmPSJodHRwczovL3d3dy5pZXRmLm9yZy9pbnRlcm5ldC1kcmFmdHMvZHJhZnQtc2VsYW5k ZXItYWNlLWVhbHMtMDAudHh0IiBzdHlsZT0iZm9udC1mYW1pbHk6IENvbnNvbGFzLCBtb25vc3Bh Y2U7IGZvbnQtc2l6ZTogMTJweDsiPmh0dHBzOi8vd3d3LmlldGYub3JnL2ludGVybmV0LWRyYWZ0 cy9kcmFmdC1zZWxhbmRlci1hY2UtZWFscy0wMC50eHQ8L2E+PC9kaXY+DQo8ZGl2Pjxicj4NCjwv ZGl2Pg0KPGRpdj5UaGlzIGlzIGEgc3RyYXdtYW4gb24gY2VydGlmaWNhdGUgZW5yb2xtZW50IHVz aW5nIHRoZSBuZXcgSW9UIGFwcGxpY2F0aW9uIGxheWVyIHNlY3VyaXR5IHByb3RvY29scy4gSWYg Y2VydGlmaWNhdGUgZW5yb2xtZW50IGZvciBJb1QgZGV2aWNlcyBpcyBvbiB0aGUgYWdlbmRhIHRo ZW4gd2Ugd291bGQgbGlrZSB0byBwcmVzZW50IHRoaXMuPC9kaXY+DQo8ZGl2Pjxicj4NCjwvZGl2 Pg0KPGRpdj5UaW1lOiAxMCBtaW48L2Rpdj4NCjxkaXY+T2JqZWN0aXZlOiBBc2sgZm9yIHJldmll dzwvZGl2Pg0KPGRpdj48YnI+DQo8L2Rpdj4NCjxkaXY+PGJyPg0KPC9kaXY+DQo8ZGl2PkfDtnJh bjwvZGl2Pg0KPGRpdj48YnI+DQo8L2Rpdj4NCjxkaXY+PGJyPg0KPC9kaXY+DQo8ZGl2Pjxicj4N CjwvZGl2Pg0KPGRpdj48YnI+DQo8L2Rpdj4NCjxzcGFuIGlkPSJPTEtfU1JDX0JPRFlfU0VDVElP TiI+DQo8ZGl2IHN0eWxlPSJmb250LWZhbWlseTpDYWxpYnJpOyBmb250LXNpemU6MTFwdDsgdGV4 dC1hbGlnbjpsZWZ0OyBjb2xvcjpibGFjazsgQk9SREVSLUJPVFRPTTogbWVkaXVtIG5vbmU7IEJP UkRFUi1MRUZUOiBtZWRpdW0gbm9uZTsgUEFERElORy1CT1RUT006IDBpbjsgUEFERElORy1MRUZU OiAwaW47IFBBRERJTkctUklHSFQ6IDBpbjsgQk9SREVSLVRPUDogI2I1YzRkZiAxcHQgc29saWQ7 IEJPUkRFUi1SSUdIVDogbWVkaXVtIG5vbmU7IFBBRERJTkctVE9QOiAzcHQiPg0KPHNwYW4gc3R5 bGU9ImZvbnQtd2VpZ2h0OmJvbGQiPkZyb206IDwvc3Bhbj5BY2UgJmx0OzxhIGhyZWY9Im1haWx0 bzphY2UtYm91bmNlc0BpZXRmLm9yZyI+YWNlLWJvdW5jZXNAaWV0Zi5vcmc8L2E+Jmd0OyBvbiBi ZWhhbGYgb2YgS2VwZW5nIExpICZsdDs8YSBocmVmPSJtYWlsdG86a2VwZW5nLmxrcEBhbGliYWJh LWluYy5jb20iPmtlcGVuZy5sa3BAYWxpYmFiYS1pbmMuY29tPC9hPiZndDs8YnI+DQo8c3BhbiBz dHlsZT0iZm9udC13ZWlnaHQ6Ym9sZCI+RGF0ZTogPC9zcGFuPldlZG5lc2RheSAxNSBNYXJjaCAy MDE3IGF0IDA1OjIxPGJyPg0KPHNwYW4gc3R5bGU9ImZvbnQtd2VpZ2h0OmJvbGQiPlRvOiA8L3Nw YW4+JnF1b3Q7PGEgaHJlZj0ibWFpbHRvOkFjZUBpZXRmLm9yZyI+QWNlQGlldGYub3JnPC9hPiZx dW90OyAmbHQ7PGEgaHJlZj0ibWFpbHRvOkFjZUBpZXRmLm9yZyI+QWNlQGlldGYub3JnPC9hPiZn dDs8YnI+DQo8c3BhbiBzdHlsZT0iZm9udC13ZWlnaHQ6Ym9sZCI+U3ViamVjdDogPC9zcGFuPltB Y2VdIENhbGwgZm9yIHByZXNlbnRhdGlvbnMgZm9yIElFVEY5ODxicj4NCjwvZGl2Pg0KPGRpdj48 YnI+DQo8L2Rpdj4NCjxibG9ja3F1b3RlIGlkPSJNQUNfT1VUTE9PS19BVFRSSUJVVElPTl9CTE9D S1FVT1RFIiBzdHlsZT0iQk9SREVSLUxFRlQ6ICNiNWM0ZGYgNSBzb2xpZDsgUEFERElORzowIDAg MCA1OyBNQVJHSU46MCAwIDAgNTsiPg0KPGRpdj4NCjxkaXYgc3R5bGU9IndvcmQtd3JhcDogYnJl YWstd29yZDsgLXdlYmtpdC1uYnNwLW1vZGU6IHNwYWNlOyAtd2Via2l0LWxpbmUtYnJlYWs6IGFm dGVyLXdoaXRlLXNwYWNlOyBjb2xvcjogcmdiKDAsIDAsIDApOyBmb250LXNpemU6IDE0cHg7IGZv bnQtZmFtaWx5OiDlrovkvZMsIHNhbnMtc2VyaWY7Ij4NCjxkaXY+PHNwYW4gc3R5bGU9ImZvbnQt ZmFtaWx5OiDlrovkvZM7Ij5IaSBldmVyeW9uZSw8L3NwYW4+PC9kaXY+DQo8c3BhbiBpZD0iT0xL X1NSQ19CT0RZX1NFQ1RJT04iPg0KPGRpdiBzdHlsZT0iY29sb3I6IHJnYigwLCAwLCAwKTsgZm9u dC1zaXplOiAxNHB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3Jt YWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IG9ycGhhbnM6 IGF1dG87IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9y bTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd2lkb3dzOiBhdXRvOyB3b3JkLXNwYWNpbmc6 IDBweDsgLXdlYmtpdC10ZXh0LXNpemUtYWRqdXN0OiBhdXRvOyAtd2Via2l0LXRleHQtc3Ryb2tl LXdpZHRoOiAwcHg7IGZvbnQtZmFtaWx5OiDlrovkvZM7Ij4NCjxicj4NCjwvZGl2Pg0KPGRpdiBz dHlsZT0iY29sb3I6IHJnYigwLCAwLCAwKTsgZm9udC1zaXplOiAxNHB4OyBmb250LXN0eWxlOiBu b3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxl dHRlci1zcGFjaW5nOiBub3JtYWw7IG9ycGhhbnM6IGF1dG87IHRleHQtYWxpZ246IHN0YXJ0OyB0 ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1h bDsgd2lkb3dzOiBhdXRvOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXNpemUtYWRq dXN0OiBhdXRvOyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IGZvbnQtZmFtaWx5OiDl rovkvZM7Ij4NClNvIGZhciwgdGhlIGNoYWlycyBoYXZlIGhhZCB0d28gcmVxdWVzdHMgZm9yIHBy ZXNlbnRhdGlvbnMgYXQgdGhlIEFDRSBtZWV0aW5nIG9mIElFVEY5OCwgd2hpY2ggd2Ugd2lsbCBi ZSBhY2NvbW1vZGF0aW5nIGFsb25nIHdpdGggZGlzY3Vzc2lvbiBvbiB0aGUgY3VycmVudCBkcmFm dCBwcm9ncmVzcy4mbmJzcDs8L2Rpdj4NCjxkaXYgc3R5bGU9ImNvbG9yOiByZ2IoMCwgMCwgMCk7 IGZvbnQtc2l6ZTogMTRweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczog bm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyBvcnBo YW5zOiBhdXRvOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFu c2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdpZG93czogYXV0bzsgd29yZC1zcGFj aW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zaXplLWFkanVzdDogYXV0bzsgLXdlYmtpdC10ZXh0LXN0 cm9rZS13aWR0aDogMHB4OyBmb250LWZhbWlseTog5a6L5L2TOyI+DQo8YnI+DQo8L2Rpdj4NCjxk aXYgc3R5bGU9ImNvbG9yOiByZ2IoMCwgMCwgMCk7IGZvbnQtc2l6ZTogMTRweDsgZm9udC1zdHls ZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFs OyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyBvcnBoYW5zOiBhdXRvOyB0ZXh0LWFsaWduOiBzdGFy dDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBu b3JtYWw7IHdpZG93czogYXV0bzsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zaXpl LWFkanVzdDogYXV0bzsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyBmb250LWZhbWls eTog5a6L5L2TOyI+DQpXZeKAmXJlIHB1dHRpbmcgdGhlIGFnZW5kYSB0b2dldGhlciBub3csIGFu ZCB3ZSB3b3VsZCBsaWtlIHRvIGtub3cgaWYgYW55b25lIGVsc2UgaGFzIGEgdG9waWMgdGhhdCB0 aGV54oCZZCBsaWtlIHRvIHByZXNlbnQgYW5kIGRpc2N1c3MgYXQgdGhlIHVwY29taW5nIGZhY2Ug dG8gZmFjZS48L2Rpdj4NCjwvc3Bhbj4NCjxkaXY+PGJyPg0KPC9kaXY+DQo8ZGl2PlBsZWFzZSBz ZW5kIGZlZWRiYWNrIHRvIEhhbm5lcyBhbmQgbWUgYmVmb3JlIHRoZSBlbmQgb2YgMTd0aCBNYXIs IGluY2x1ZGluZyBkcmFmdCBuYW1lLCBwcmVzZW50ZXIsIGhvdyBtdWNoIHRpbWUsIG9iamVjdGl2 ZXMuPC9kaXY+DQo8ZGl2Pjxicj4NCjwvZGl2Pg0KPGRpdj5UaGFua3MuPC9kaXY+DQo8c3BhbiBp ZD0iT0xLX1NSQ19CT0RZX1NFQ1RJT04iPg0KPGRpdiBzdHlsZT0iY29sb3I6IHJnYigwLCAwLCAw KTsgZm9udC1zaXplOiAxNHB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBz OiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IG9y cGhhbnM6IGF1dG87IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRy YW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd2lkb3dzOiBhdXRvOyB3b3JkLXNw YWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXNpemUtYWRqdXN0OiBhdXRvOyAtd2Via2l0LXRleHQt c3Ryb2tlLXdpZHRoOiAwcHg7IGZvbnQtZmFtaWx5OiDlrovkvZM7Ij4NCjxicj4NCjwvZGl2Pg0K PGRpdiBzdHlsZT0iY29sb3I6IHJnYigwLCAwLCAwKTsgZm9udC1zaXplOiAxNHB4OyBmb250LXN0 eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3Jt YWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IG9ycGhhbnM6IGF1dG87IHRleHQtYWxpZ246IHN0 YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6 IG5vcm1hbDsgd2lkb3dzOiBhdXRvOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXNp emUtYWRqdXN0OiBhdXRvOyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IGZvbnQtZmFt aWx5OiDlrovkvZM7Ij4NCktlcGVuZyAmYW1wOyBIYW5uZXM8L2Rpdj4NCjwvc3Bhbj48L2Rpdj4N CjwvZGl2Pg0KPC9ibG9ja3F1b3RlPg0KPC9zcGFuPg0KPC9ib2R5Pg0KPC9odG1sPg0K --_000_D4F12A9A79B86goranselanderericssoncom_-- From nobody Fri Mar 17 15:05:32 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ADF80129544 for ; Fri, 17 Mar 2017 15:05:29 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.796 X-Spam-Level: X-Spam-Status: No, score=-4.796 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.796, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LKZwcAr5qhug for ; Fri, 17 Mar 2017 15:05:26 -0700 (PDT) Received: from NAM03-BY2-obe.outbound.protection.outlook.com (mail-by2nam03on0117.outbound.protection.outlook.com [104.47.42.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E597127011 for ; Fri, 17 Mar 2017 15:05:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=1+MTjkTJ9bxCrJ8Q3QgzXGh0/ONLVzNtfgtFDUXRJho=; b=omrdKFHR3HMGWubJAizE7zGZbXCkrRQrtotRdpARzpOI3cYyYN07eX8NFyuld72dIlQYYnlA6kh5maqqXJjJXaGPSeAxq83o2JeVTsJCJoWo2QqJkNF2q2DwIlcJxqwU8dMtN8KWzRycCcv/6DS9CvfN/mnLl5r+3xOAcseTeKg= Received: from CY4PR21MB0504.namprd21.prod.outlook.com (10.172.122.14) by CY4PR21MB0503.namprd21.prod.outlook.com (10.172.122.13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.991.0; Fri, 17 Mar 2017 22:05:25 +0000 Received: from CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) by CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) with mapi id 15.01.0991.009; Fri, 17 Mar 2017 22:05:25 +0000 From: Mike Jones To: Kepeng Li , "Ace@ietf.org" Thread-Topic: Call for presentations for IETF98 Thread-Index: AQHSnUO70vvLbbk2/E+4fiBDjrEJnqGZmgbQ Date: Fri, 17 Mar 2017 22:05:24 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: alibaba-inc.com; dkim=none (message not signed) header.d=none;alibaba-inc.com; dmarc=none action=none header.from=microsoft.com; x-originating-ip: [2001:4898:80e8:5::72e] x-microsoft-exchange-diagnostics: 1; CY4PR21MB0503; 7:8jl73jTGUiKv8HsD3JxZ5GnskjPRQFiOm+mJ75T622PWyY4Nl7+YttG/GKQeRqEEmwyluMBXxjqhX9OdCh4jKMJrVm6CJCiNGzcxKnscxhh8hAO81AKXJPKHMpUr7J1whOp2ttdmzcMYgbS0EU/G1mCy0PyA8bHd9QEP+9b1pt4BqEp/GQRXbShQbm0Cb58PGRcrD9xmfY8XSD9QU9rw2JG203TSkVQu596l+aeRmf4PgsGCKdVBY33hzOLfQ0er0U0Eyjp4zcc8E7K5QN06RYL36a7gjdxK7WHrpxWeYiE/UTy4Yk2lq4Z3ok6J+chZx59uwCYvhrOp8qWjIirMbNZAK0zddJxqI3hjzoNb4z8= x-ms-office365-filtering-correlation-id: ff435f5e-78ce-499d-a9b8-08d46d81b6d5 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254054)(48565401081); SRVR:CY4PR21MB0503; x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(21748063052155); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(6040375)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(93006021)(93001021)(6055026)(61426038)(61427038)(6041248)(20161123558025)(20161123555025)(20161123560025)(20161123562025)(20161123564025)(6072148); SRVR:CY4PR21MB0503; BCL:0; PCL:0; RULEID:; SRVR:CY4PR21MB0503; x-forefront-prvs: 0249EFCB0B x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(39860400002)(39450400003)(39850400002)(39840400002)(39410400002)(377454003)(53754006)(5005710100001)(25786008)(790700001)(6506006)(6116002)(102836003)(55016002)(77096006)(54896002)(6436002)(10290500002)(8990500004)(3660700001)(9686003)(2501003)(5660300001)(189998001)(38730400002)(6306002)(86362001)(10090500001)(6246003)(229853002)(86612001)(99286003)(122556002)(74316002)(50986999)(54356999)(7736002)(2906002)(7696004)(76176999)(2950100002)(8676002)(3280700002)(33656002)(81166006)(8936002)(53546008)(2900100001); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0503; H:CY4PR21MB0504.namprd21.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_CY4PR21MB050413DC923272B6452D1655F5390CY4PR21MB0504namp_" MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Mar 2017 22:05:25.0296 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0503 Archived-At: Subject: Re: [Ace] Call for presentations for IETF98 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Mar 2017 22:05:30 -0000 --_000_CY4PR21MB050413DC923272B6452D1655F5390CY4PR21MB0504namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable I'd be glad to do a presentation on the status of CBOR Web Token (CWT) draf= t-ietf-ace-cbor-web-token. It should take 10-15 minutes. Thanks, -- Mike From: Ace [mailto:ace-bounces@ietf.org] On Behalf Of Kepeng Li Sent: Tuesday, March 14, 2017 9:22 PM To: Ace@ietf.org Subject: [Ace] Call for presentations for IETF98 Hi everyone, So far, the chairs have had two requests for presentations at the ACE meeti= ng of IETF98, which we will be accommodating along with discussion on the c= urrent draft progress. We're putting the agenda together now, and we would like to know if anyone = else has a topic that they'd like to present and discuss at the upcoming fa= ce to face. Please send feedback to Hannes and me before the end of 17th Mar, including= draft name, presenter, how much time, objectives. Thanks. Kepeng & Hannes --_000_CY4PR21MB050413DC923272B6452D1655F5390CY4PR21MB0504namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

I’d = be glad to do a presentation on the status of CBOR Web Token (CWT) draft-ie= tf-ace-cbor-web-token.  It should take 10-15 minutes.

 = ;

 &nbs= p;            &= nbsp;           &nbs= p;            &= nbsp;           &nbs= p;            Thanks= ,

 &nbs= p;            &= nbsp;           &nbs= p;            &= nbsp;           &nbs= p;            -- Mik= e

 = ;

From: Ace [mailto:ace-bounces@ietf.o= rg] On Behalf Of Kepeng Li
Sent: Tuesday, March 14, 2017 9:22 PM
To: Ace@ietf.org
Subject: [Ace] Call for presentations for IETF98

 

Hi ever= yone,

&n= bsp;

So far,= the chairs have had two requests for presentations at the ACE meeting of I= ETF98, which we will be accommodating along with discussion on the current = draft progress. 

&n= bsp;

Were putting the agenda together now, and we wo= uld like to know if anyone else has a topic that they&= #8217;d like to present and discuss at the upcoming face to face.

&n= bsp;

Please = send feedback to Hannes and me before the end of 17th Mar, including draft = name, presenter, how much time, objectives.

&n= bsp;

Thanks.=

&n= bsp;

Kepeng = & Hannes

--_000_CY4PR21MB050413DC923272B6452D1655F5390CY4PR21MB0504namp_-- From nobody Mon Mar 20 14:57:57 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0AB7B126DFB; Mon, 20 Mar 2017 14:57:49 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.902 X-Spam-Level: X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t9gtcqmaDIxC; Mon, 20 Mar 2017 14:57:47 -0700 (PDT) Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24A311276AF; Mon, 20 Mar 2017 14:57:47 -0700 (PDT) Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 00EEEE033; Mon, 20 Mar 2017 18:21:10 -0400 (EDT) Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 45DD3636BB; Mon, 20 Mar 2017 17:57:46 -0400 (EDT) From: Michael Richardson To: "Ace\@ietf.org" reply-to: ace@ietf.org CC: 6tisch@ietf.org In-Reply-To: References: X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1 X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m Archived-At: Subject: [Ace] EDHOC and EALS use in 6tisch (minimal) bootstrap X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Mar 2017 21:57:49 -0000 --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable {I left G=C3=B6ran's links at the bottom. Please excuse the length: I didn'= t have time to make it shorter} The documents https://datatracker.ietf.org/doc/draft-ietf-6tisch-minimal/ and https://datatracker.ietf.org/doc/draft-ietf-6tisch-dtsecurity-secure-jo= in/ are in the process of being hybridized. Some background: There are two of them because there is some concern that a full zero-touch bootstrap will require too many round trips. In the smallest networks a completely manual bootstrap is acceptable to some. In the biggest industrial networks, nothing less than a full asymmetric key bootstrap is acceptable. This is often due to human factors as well well (installers not trusted with symmetric keys!). In between are some networks where managing a large number of (hopefully unique!) symmetric join keys that have to be provisioned at the factory is acceptable. This is how pre-6tisch 802.15.4 networks are being deployed today. We are doing this work in 6tisch because we can pin down a number of variables that would otherwise cause significant scope creep: 1) we assume a clueful network operator (or contractor) who can sanely operate our Join Registrar/Coordinator [which is in the zero-touch cas= e, is a CA]. ---> this means our solution does not scale to residential or small office situations, and that is acceptable to us. 2) we have some pretty low constraints on network bandwidth available, but we also have ways to partition available bandwidth so that we can limit the impact of DoS attacks. 3) we are very much starved for broadcast slots (one opportunity every few minutes is not unusual). So we do want to pack all our discovery into a single broadcast packet. Said discovery packet can be authenticated= , but needs to be unencrypted for a number reasons. 4) we use RPL as the routing protocol across a mesh, which forms one (or more) tree-like DAGs. Close to the root there are significant bandwid= th constraints, and the convergence of traffic there can cause congestion. If properly provisioned, upper-mesh nodes may not suffer as much from energy, it can really hurt nodes further down the tree if they transmit packets upwards, only to have them dropped due to congestion, and then are forced to carry useless retransmits. As such, we are looking for solutions that where can coordinate the join process centrally, and we can accomodate innovation at the edges in the form of DoS defenses. 5) because the is radios, there is no inherent "this is the right network, because the operator plugged you", which comes with most wired network= s. There also isn't a user to pick the right ESSID. Many of these requirements do not apply to many in-home devices that can expect to operate over high-bandwidth wifi, with mains power or easily recharged batteries. REUSE =3D=3D=3D=3D=3D One of the major goals of the 6tisch-security design team is invent as litt= le as possible! In particular, code and libraries that would be present for bootstrap and be unused during the application usage are to avoided! Code space is precious, but more precious is developers paying attention to quality of implementation issues in the core. So we are trying to reuse as much of the ACE "platform" as we can: a) CoAP is the base. b) CoAP block transfer where we need bigger blocks. c) rekeying using OSCOAP to access a CoMI defined set of 802.15.4 mgmt interfaces. d) EDHOC can provide for our initial keying process. With symmetric per-pledge one-touch keys, this is very frugle for number of bytes transfered. Asymmetric keys use zero-touch IDevID certificates, and ownership vouchers which are in common with the work in ANIMA and NETCONF. e) we think that our enrollment protocol is ideally suited to make the introductions between RS<->RO, and C<->RqP that ACE needs for bootstraping it's trust model. It might be that the OSCOAP connection created *is* the trust session keys, or could be that another connection is leveraged from that trust relationship. In particular, we want rekeying the 6tisch L2 network keys to be just "yet another" mgmt process that occurs between our network management elements and groups of nodes. ADOPTING DOCUMENTS =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D We (6tisch) need EDHOC, and either EALS or something like it as our equivalent to EST. We need them adopted and progressed. Working on them ourselves is not in our charter. I'm personally not sure that EDHOC and EALS belong in ACE. It could be that they really belonged in COSE, but that WG has been concluded. Given that, I don't see another place for them other than ACE, but I am concerned that it may be too distracting to other work in ACE. G=C3=B6ran Selander wrote: > * EDHOC > https://tools.ietf.org/html/draft-selander-ace-cose-ecdhe-05 > Following the last round of reviews we have updated this application > layer key exchange protocol which is used e.g. in the OSCOAP profile = of > ACE and in the 6TiSCH minimal security framework. We think this is now > ready to move forward. > Time: 15 min Objective: Call for adoption > * EALS > https://www.ietf.org/internet-drafts/draft-selander-ace-eals-00.txt > This is a strawman on certificate enrolment using the new IoT > application layer security protocols. If certificate enrolment for IoT > devices is on the agenda then we would like to present this. > Time: 10 min Objective: Ask for review =2D- Michael Richardson , Sandelman Software Works -=3D IPv6 IoT consulting =3D- --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEbsyLEzg/qUTA43uogItw+93Q3WUFAljQUFkACgkQgItw+93Q 3WX85Af9FnlNxhkDftXJjKklNfA5408F47QCRHtKgniAf3R7hTNQbJee2/vxYlPv 37ygQ0EMwYL8A+F/biuWDacxv+2C4vlQbSICnje/Xtu9Qd7arKkdp8+INuJMfAnV tbaANuADV/RKcmxiGOd/sqfy6xE+02sCrctn3WEL19UByvf5LEJiuyKrha1FwzHe fACPvrDAvXeYaBVhD0QC5Lhvw7BpSz/cfo42kXBRifPEVtc504By+M138Em2LjZJ aYOzVXAP6FfuBmNe6D4iaScppRrI7ZZj1uhnsjzxWyiiWGoKk6b/BUYqF5iV3vMF sm1GJ6bB/yjRUWZUo6mC0W76Pyt1TA== =5u4V -----END PGP SIGNATURE----- --=-=-=-- From nobody Tue Mar 21 05:45:51 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D4F21297DE; Tue, 21 Mar 2017 05:45:45 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.9 X-Spam-Level: X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rKy7Xv72vFwu; Tue, 21 Mar 2017 05:45:42 -0700 (PDT) Received: from mail3-relais-sop.national.inria.fr (mail3-relais-sop.national.inria.fr [192.134.164.104]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C5C40129850; Tue, 21 Mar 2017 05:45:41 -0700 (PDT) X-IronPort-AV: E=Sophos;i="5.36,198,1486422000"; d="scan'208";a="217509691" Received: from unknown (HELO [128.93.85.17]) ([128.93.85.17]) by mail3-relais-sop.national.inria.fr with ESMTP/TLS/DHE-RSA-AES256-SHA; 21 Mar 2017 13:45:39 +0100 Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\)) From: =?utf-8?Q?Mali=C5=A1a_Vu=C4=8Dini=C4=87?= In-Reply-To: <25751.1490047066@obiwan.sandelman.ca> Date: Tue, 21 Mar 2017 13:45:38 +0100 Cc: 6tisch@ietf.org Content-Transfer-Encoding: quoted-printable Message-Id: <43F68CBB-147F-4C85-BE7B-33B741AFEA05@inria.fr> References: <25751.1490047066@obiwan.sandelman.ca> To: ace@ietf.org X-Mailer: Apple Mail (2.3124) Archived-At: Subject: Re: [Ace] [6tisch] EDHOC and EALS use in 6tisch (minimal) bootstrap X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Mar 2017 12:45:45 -0000 +1 on adopting the EDHOC work in ACE.=20 To add to Michael=E2=80=99s summary, I would also like to stress that in = draft-ietf-6tisch-minimal-security the one-hop neighbor of a pledge = (joining node) plays the role of an untrusted CoAP proxy in order to = facilitate pledge=E2=80=99s communication with the Registrar. = Facilitating key agreement in such a setting, i.e. through the proxy, is = necessary and is another reason why we use EDHOC. Mali=C5=A1a > On 20 Mar 2017, at 22:57, Michael Richardson = wrote: >=20 >=20 > {I left G=C3=B6ran's links at the bottom. Please excuse the length: I = didn't have > time to make it shorter} >=20 > The documents = https://datatracker.ietf.org/doc/draft-ietf-6tisch-minimal/ > and = https://datatracker.ietf.org/doc/draft-ietf-6tisch-dtsecurity-secure-join/= > are in the process of being hybridized. >=20 > Some background: >=20 > There are two of them because there is some concern that a full = zero-touch > bootstrap will require too many round trips. In the smallest networks = a > completely manual bootstrap is acceptable to some. >=20 > In the biggest industrial networks, nothing less than a full = asymmetric key > bootstrap is acceptable. This is often due to human factors as well = well > (installers not trusted with symmetric keys!). In between are some = networks > where managing a large number of (hopefully unique!) symmetric join = keys > that have to be provisioned at the factory is acceptable. This is how > pre-6tisch 802.15.4 networks are being deployed today. >=20 > We are doing this work in 6tisch because we can pin down a number of > variables that would otherwise cause significant scope creep: > 1) we assume a clueful network operator (or contractor) who can = sanely > operate our Join Registrar/Coordinator [which is in the zero-touch = case, > is a CA]. > ---> this means our solution does not scale to residential or = small > office situations, and that is acceptable to us. >=20 > 2) we have some pretty low constraints on network bandwidth = available, but > we also have ways to partition available bandwidth so that we can = limit > the impact of DoS attacks. >=20 > 3) we are very much starved for broadcast slots (one opportunity = every few > minutes is not unusual). So we do want to pack all our discovery = into > a single broadcast packet. Said discovery packet can be = authenticated, but needs > to be unencrypted for a number reasons. >=20 > 4) we use RPL as the routing protocol across a mesh, which forms one = (or > more) tree-like DAGs. Close to the root there are significant = bandwidth > constraints, and the convergence of traffic there can cause = congestion. > If properly provisioned, upper-mesh nodes may not suffer as much = from > energy, it can really hurt nodes further down the tree if they = transmit > packets upwards, only to have them dropped due to congestion, and = then > are forced to carry useless retransmits. > As such, we are looking for solutions that where can coordinate = the > join process centrally, and we can accomodate innovation at the = edges > in the form of DoS defenses. >=20 > 5) because the is radios, there is no inherent "this is the right = network, > because the operator plugged you", which comes with most wired = networks. > There also isn't a user to pick the right ESSID. >=20 > Many of these requirements do not apply to many in-home devices that = can > expect to operate over high-bandwidth wifi, with mains power or easily > recharged batteries. >=20 > REUSE > =3D=3D=3D=3D=3D >=20 > One of the major goals of the 6tisch-security design team is invent as = little > as possible! In particular, code and libraries that would be present = for > bootstrap and be unused during the application usage are to avoided! = Code > space is precious, but more precious is developers paying attention to > quality of implementation issues in the core. >=20 > So we are trying to reuse as much of the ACE "platform" as we can: >=20 > a) CoAP is the base. >=20 > b) CoAP block transfer where we need bigger blocks. >=20 > c) rekeying using OSCOAP to access a CoMI defined set of 802.15.4 mgmt > interfaces. >=20 > d) EDHOC can provide for our initial keying process. With symmetric > per-pledge one-touch keys, this is very frugle for number of bytes > transfered. > Asymmetric keys use zero-touch IDevID certificates, and ownership > vouchers which are in common with the work in ANIMA and NETCONF. >=20 > e) we think that our enrollment protocol is ideally suited to > make the introductions between RS<->RO, and C<->RqP that ACE > needs for bootstraping it's trust model. > It might be that the OSCOAP connection created *is* the trust > session keys, or could be that another connection is leveraged from > that trust relationship. >=20 > In particular, we want rekeying the 6tisch L2 network keys to be = just > "yet another" mgmt process that occurs between our network = management > elements and groups of nodes. >=20 >=20 > ADOPTING DOCUMENTS > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D >=20 > We (6tisch) need EDHOC, and either EALS or something like it as our > equivalent to EST. We need them adopted and progressed. > Working on them ourselves is not in our charter. >=20 > I'm personally not sure that EDHOC and EALS belong in ACE. > It could be that they really belonged in COSE, but that WG has been > concluded. >=20 > Given that, I don't see another place for them other than ACE, but I = am > concerned that it may be too distracting to other work in ACE. >=20 >=20 >=20 > G=C3=B6ran Selander wrote: >> * EDHOC >=20 >> https://tools.ietf.org/html/draft-selander-ace-cose-ecdhe-05 >=20 >> Following the last round of reviews we have updated this application >> layer key exchange protocol which is used e.g. in the OSCOAP profile = of >> ACE and in the 6TiSCH minimal security framework. We think this is = now >> ready to move forward. >=20 >> Time: 15 min Objective: Call for adoption >=20 >> * EALS >=20 >> https://www.ietf.org/internet-drafts/draft-selander-ace-eals-00.txt >=20 >> This is a strawman on certificate enrolment using the new IoT >> application layer security protocols. If certificate enrolment for = IoT >> devices is on the agenda then we would like to present this. >=20 >> Time: 10 min Objective: Ask for review >=20 >=20 > -- > Michael Richardson , Sandelman Software Works > -=3D IPv6 IoT consulting =3D- >=20 >=20 >=20 > _______________________________________________ > 6tisch mailing list > 6tisch@ietf.org > https://www.ietf.org/mailman/listinfo/6tisch From nobody Tue Mar 21 06:16:14 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B6FD2129887 for ; Tue, 21 Mar 2017 06:16:12 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.527 X-Spam-Level: X-Spam-Status: No, score=0.527 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DATE_IN_PAST_06_12=1.543, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_FONT_FACE_BAD=0.981, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=alibaba-inc.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2bhrpNH72Nbz for ; Tue, 21 Mar 2017 06:16:11 -0700 (PDT) Received: from out0-149.mail.aliyun.com (out0-149.mail.aliyun.com [140.205.0.149]) by ietfa.amsl.com (Postfix) with ESMTP id BB44D129875 for ; Tue, 21 Mar 2017 06:16:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alibaba-inc.com; s=default; t=1490102168; h=Date:Subject:From:To:Message-ID:Mime-version:Content-type; bh=VjZyDl5qsOCays5HAPzhNHpKMWgHmhQ95QpG8G5Nims=; b=mjXmM+WJ3UI5w8pDolwVvUkVk9RenmvRgvFsSvdJ6A6zyLTUzlTF8vw1uZ+ihKuXfnxsmPvGvxU2bvmtPl99BOFlmimPyLYdjAJN0aBhd666xvpH8ZEyoZeg/GyZRGhlg5zrmA8I1VpDRzp+uy7Q66nl8fgw9X/uD8og5r3Gtqo= X-Alimail-AntiSpam: AC=PASS; BC=-1|-1; BR=01201311R191e4; FP=0|-1|-1|-1|0|-1|-1|-1; HT=e02c03274; MF=kepeng.lkp@alibaba-inc.com; NM=1; PH=DS; RN=1; SR=0; TI=SMTPD_---.7poyTGv_1490102159; Received: from 30.39.20.87(mailfrom:kepeng.lkp@alibaba-inc.com ip:42.120.73.207) by smtp.aliyun-inc.com(127.0.0.1); Tue, 21 Mar 2017 21:16:03 +0800 User-Agent: Microsoft-MacOutlook/14.6.8.160830 Date: Tue, 21 Mar 2017 14:13:40 +0800 From: "Kepeng Li" To: "Ace@ietf.org" Message-ID: Thread-Topic: Draft agenda for IETF98 Mime-version: 1.0 Content-type: multipart/alternative; boundary="B_3572950563_1014499" Archived-At: Subject: [Ace] Draft agenda for IETF98 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Mar 2017 13:16:13 -0000 > ´ËÓʼþʹÓà MIME ¸ñʽ¡£ÓÉÓÚÓʼþÔĶÁ³ÌÐò²»ÄÜʶ±ð ´Ë¸ñʽ£¬Òò´Ë£¬¿ÉÄÜÎÞ·¨Ê¶±ð¸ÃÓʼþµÄ·Ö²¿»ò²¿·ÖÄÚÈÝ¡£ --B_3572950563_1014499 Content-type: text/plain; charset="GB2312" Content-transfer-encoding: 7bit Hi all, Please find the draft ACE agenda below based on the requests and our arrangements: https://datatracker.ietf.org/meeting/98/agenda/ace/ Please check the agenda to see if anything is missing. Also, presenters, please send your slides to the chairs before the meeting. Our meeting is on Monday, 27 March 2017, 9:00 - 11:30. Thanks, Kind Regards Kepeng & Hannes --B_3572950563_1014499 Content-type: text/html; charset="GB2312" Content-transfer-encoding: quoted-printable
Hi all,

<= /div>
Please find the draft ACE agenda below based on the requests and = our arrangements:
=

Please check the agenda to see if anything is missing.

Also, presen= ters, please send your slides to the chairs before the meeting. Our meeting is on Monday, 27 March 2017,= 9:00 - 11:30.

Thanks,
Kind Regards
=
Kepeng & Hannes
--B_3572950563_1014499-- From nobody Tue Mar 21 07:27:02 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 09FCC12994E for ; Tue, 21 Mar 2017 07:27:01 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.396 X-Spam-Level: X-Spam-Status: No, score=-5.396 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-2.796, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PyFLJLvrEbAc for ; Tue, 21 Mar 2017 07:26:58 -0700 (PDT) Received: from se-out1.mx-wecloud.net (se-out1.mx-wecloud.net [89.221.255.93]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6CB57129961 for ; Tue, 21 Mar 2017 07:26:58 -0700 (PDT) Received: from sp-mail-2.sp.se (unknown [194.218.146.197]) by se-out1.mx-wecloud.net (Postfix) with ESMTPS id 7E664202927 for ; Tue, 21 Mar 2017 14:26:51 +0000 (UTC) Received: from [10.0.0.44] (10.116.0.226) by sp-mail-2.sp.se (10.100.0.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.669.32; Tue, 21 Mar 2017 15:26:51 +0100 To: References: From: Ludwig Seitz Message-ID: <95e78d61-f755-6557-4e85-0ca781dacb79@ri.se> Date: Tue, 21 Mar 2017 15:26:50 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="windows-1252"; format=flowed Content-Transfer-Encoding: 7bit X-Originating-IP: [10.116.0.226] X-ClientProxiedBy: sp-mail-3.sp.se (10.100.0.163) To sp-mail-2.sp.se (10.100.0.162) X-CMAE-Score: 0 X-CMAE-Analysis: v=2.2 cv=IMRyMknG c=1 sm=1 tr=0 a=L5DDne6A+dD0FbDkt2Fblw==:117 a=L5DDne6A+dD0FbDkt2Fblw==:17 a=sZ8rJzgPlrQA:10 a=N659UExz7-8A:10 a=6Iz7jQTuP9IA:10 a=48vgC7mUAAAA:8 a=DueGoXFUqa5L00sf2CoA:9 a=pILNOxqGKmIA:10 a=w1C3t2QeGrPiZgrLijVG:22 X-Virus-Scanned: clamav-milter 0.99.2 at MailSecurity X-Virus-Status: Clean X-MailSecurity-Status: 0 X-Scanned-By: WeCloud MailSecurity X-MailSecurity-Score: 0 Archived-At: Subject: Re: [Ace] Draft agenda for IETF98 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Mar 2017 14:27:01 -0000 On 2017-03-21 07:13, Kepeng Li wrote: > Hi all, > > Please find the draft ACE agenda below based on the requests and our > arrangements: > https://datatracker.ietf.org/meeting/98/agenda/ace/ > > Please check the agenda to see if anything is missing. > > Also, presenters, please send your slides to the chairs before the > meeting. Our meeting is on Monday, 27 March 2017, 9:00 - 11:30. > > Thanks, > Kind Regards > Kepeng & Hannes > > > _______________________________________________ > Ace mailing list > Ace@ietf.org > https://www.ietf.org/mailman/listinfo/ace > Hello chairs, I actually sent a slot request to the chairs on 2017-03-09 for draft-ietf-ace-oauth-authz, but it seems to have gotten lost. /Ludwig -- Ludwig Seitz, PhD Security Lab, RISE SICS Phone +46(0)70-349 92 51 From nobody Tue Mar 21 08:15:14 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2FF8E129A28 for ; Tue, 21 Mar 2017 08:15:12 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.456 X-Spam-Level: X-Spam-Status: No, score=-0.456 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DATE_IN_PAST_06_12=1.543, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=alibaba-inc.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p-R1KIlob3E3 for ; Tue, 21 Mar 2017 08:15:10 -0700 (PDT) Received: from out0-149.mail.aliyun.com (out0-149.mail.aliyun.com [140.205.0.149]) by ietfa.amsl.com (Postfix) with ESMTP id E29AA12948C for ; Tue, 21 Mar 2017 08:15:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alibaba-inc.com; s=default; t=1490109305; h=Date:Subject:From:To:Message-ID:Mime-version:Content-type; bh=8tazArhxmqIM1SNcE/9r1kjRS1aaSUjNXng5nORgEwM=; b=fuKPmuWyPlIsm9ZBxfm5fS35G48RYJ3SwHojhJGA1d6h+WbuvLPXO66J6LJk9R7mbf+xiAr+wdImPNIXLtsFlcA3ZifKpqKtStjbQmeURk5IVO6Fk1gUK6vDeDInFvsMStfkyKJPW3hOonpM2GVHMY8j2ZHf0ASzHwRT1fKS5QE= X-Alimail-AntiSpam: AC=PASS; BC=-1|-1; BR=01201311R451e4; FP=0|-1|-1|-1|0|-1|-1|-1; HT=e01l10425; MF=kepeng.lkp@alibaba-inc.com; NM=1; PH=DS; RN=2; SR=0; TI=SMTPD_---.7pmcmJY_1490109293; Received: from 30.39.20.87(mailfrom:kepeng.lkp@alibaba-inc.com ip:42.120.73.207) by smtp.aliyun-inc.com(127.0.0.1); Tue, 21 Mar 2017 23:15:00 +0800 User-Agent: Microsoft-MacOutlook/14.6.8.160830 Date: Tue, 21 Mar 2017 16:14:50 +0800 From: "Kepeng Li" To: Ludwig Seitz , Message-ID: Thread-Topic: [Ace] Draft agenda for IETF98 References: <95e78d61-f755-6557-4e85-0ca781dacb79@ri.se> In-Reply-To: <95e78d61-f755-6557-4e85-0ca781dacb79@ri.se> Mime-version: 1.0 Content-type: text/plain; charset="GB2312" Content-transfer-encoding: quoted-printable Archived-At: Subject: Re: [Ace] Draft agenda for IETF98 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Mar 2017 15:15:12 -0000 > I actually sent a slot request to the chairs on 2017-03-09 for > draft-ietf-ace-oauth-authz, but it seems to have gotten lost. Updated in: https://datatracker.ietf.org/meeting/98/agenda/ace/ Kind Regards Kepeng =D4=DA 21/03/2017, 10:26 PM=A3=AC "Ace on behalf of Ludwig Seitz" =D0=B4=C8=EB: >On 2017-03-21 07:13, Kepeng Li wrote: >> Hi all, >> >> Please find the draft ACE agenda below based on the requests and our >> arrangements: >> https://datatracker.ietf.org/meeting/98/agenda/ace/ >> >> Please check the agenda to see if anything is missing. >> >> Also, presenters, please send your slides to the chairs before the >> meeting. Our meeting is on Monday, 27 March 2017, 9:00 - 11:30. >> >> Thanks, >> Kind Regards >> Kepeng & Hannes >> >> >> _______________________________________________ >> Ace mailing list >> Ace@ietf.org >> https://www.ietf.org/mailman/listinfo/ace >> > >Hello chairs, > >I actually sent a slot request to the chairs on 2017-03-09 for >draft-ietf-ace-oauth-authz, but it seems to have gotten lost. > >/Ludwig > >--=20 >Ludwig Seitz, PhD >Security Lab, RISE SICS >Phone +46(0)70-349 92 51 > >_______________________________________________ >Ace mailing list >Ace@ietf.org >https://www.ietf.org/mailman/listinfo/ace From nobody Wed Mar 22 03:29:03 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 259711294CE for ; Wed, 22 Mar 2017 03:28:56 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.621 X-Spam-Level: X-Spam-Status: No, score=-2.621 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C2Bu5_lRhkmU for ; Wed, 22 Mar 2017 03:28:53 -0700 (PDT) Received: from lb3-smtp-cloud2.xs4all.net (lb3-smtp-cloud2.xs4all.net [194.109.24.29]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3204A1316CF for ; Wed, 22 Mar 2017 03:28:50 -0700 (PDT) Received: from webmail.xs4all.nl ([IPv6:2001:888:0:22:194:109:20:214]) by smtp-cloud2.xs4all.net with ESMTP id yyUn1u00F0F6qFb01yUnWF; Wed, 22 Mar 2017 11:28:48 +0100 Received: from 2001:983:a264:1:a040:505d:3433:bb87 by webmail.xs4all.nl with HTTP (HTTP/1.1 POST); Wed, 22 Mar 2017 11:28:47 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Wed, 22 Mar 2017 11:28:47 +0100 From: peter van der Stok To: ace@ietf.org Cc: 6tisch@ietf.org Organization: vanderstok consultancy Reply-To: consultancy@vanderstok.org Mail-Reply-To: consultancy@vanderstok.org In-Reply-To: <25751.1490047066@obiwan.sandelman.ca> References: <25751.1490047066@obiwan.sandelman.ca> Message-ID: <16fa51ecd0a5cc19020f0fafeb27b129@xs4all.nl> X-Sender: stokcons@xs4all.nl User-Agent: XS4ALL Webmail Archived-At: Subject: Re: [Ace] EDHOC and EALS use in 6tisch (minimal) bootstrap X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Mar 2017 10:28:56 -0000 Hi Michael, thanks for this extended explanation. This really helps to understand the final goals and motivation. A few questions below to remove my remaining confusion. Michael Richardson schreef op 2017-03-20 22:57: > > Some background: > > There are two of them because there is some concern that a full > zero-touch > bootstrap will require too many round trips. In the smallest networks a > completely manual bootstrap is acceptable to some. I need some more explanation here. It will help if there are some numbers comparing the two approaches. And is "completely manual" identical to "one touch"? Or do you see gradations from completely manual to fully automatic? > > In the biggest industrial networks, nothing less than a full asymmetric > key > bootstrap is acceptable. This is often due to human factors as well > well > (installers not trusted with symmetric keys!). In between are some > networks > where managing a large number of (hopefully unique!) symmetric join > keys > that have to be provisioned at the factory is acceptable. This is how > pre-6tisch 802.15.4 networks are being deployed today. The above applies to 6tisch networks only? > > We are doing this work in 6tisch because we can pin down a number of > variables that would otherwise cause significant scope creep: > 1) we assume a clueful network operator (or contractor) who can > sanely > operate our Join Registrar/Coordinator [which is in the zero-touch > case, > is a CA]. > ---> this means our solution does not scale to residential or > small > office situations, and that is acceptable to us. That is a very large logical step for me; small offices and residential are small networks in my view. And small networks do not accept zero touch? Probably, I misunderstand the reasoning. > > 4) we use RPL as the routing protocol across a mesh, which forms one > (or > more) tree-like DAGs. Close to the root there are significant > bandwidth > constraints, and the convergence of traffic there can cause > congestion. > If properly provisioned, upper-mesh nodes may not suffer as much > from > energy, it can really hurt nodes further down the tree if they > transmit > packets upwards, only to have them dropped due to congestion, and > then > are forced to carry useless retransmits. > As such, we are looking for solutions that where can coordinate > the > join process centrally, and we can accomodate innovation at the > edges > in the form of DoS defenses. Coordinate meaning a central control algorithm? The RPL bandwidth constraints at the root is a general problem. Can this not be separated out? > > REUSE > ===== > > One of the major goals of the 6tisch-security design team is invent as > little > as possible! In particular, code and libraries that would be present > for > bootstrap and be unused during the application usage are to avoided! > Code > space is precious, but more precious is developers paying attention to > quality of implementation issues in the core. > > So we are trying to reuse as much of the ACE "platform" as we can: I completely approve, this should also apply to other than 6tisch networks > > a) CoAP is the base. > > b) CoAP block transfer where we need bigger blocks. > > c) rekeying using OSCOAP to access a CoMI defined set of 802.15.4 mgmt > interfaces. interesting thought; Make re-keying a management issue. > > e) we think that our enrollment protocol is ideally suited to > make the introductions between RS<->RO, and C<->RqP that ACE > needs for bootstraping it's trust model. RS <-> RO and C<->RqP?; what is the mapping to pledge, JA and Registrar? Looking forward to the presentations, Peter From nobody Wed Mar 22 07:21:07 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD11E1243FE; Wed, 22 Mar 2017 06:31:46 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.902 X-Spam-Level: X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JZtt43TAbs8g; Wed, 22 Mar 2017 06:31:44 -0700 (PDT) Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 60EDE1201FA; Wed, 22 Mar 2017 06:31:44 -0700 (PDT) Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 96242E1EE; Wed, 22 Mar 2017 09:55:13 -0400 (EDT) Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 2F87E636BB; Wed, 22 Mar 2017 09:31:43 -0400 (EDT) From: Michael Richardson To: consultancy@vanderstok.org cc: ace@ietf.org, 6tisch@ietf.org In-Reply-To: <16fa51ecd0a5cc19020f0fafeb27b129@xs4all.nl> References: <25751.1490047066@obiwan.sandelman.ca> <16fa51ecd0a5cc19020f0fafeb27b129@xs4all.nl> X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1 X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m Archived-At: Subject: Re: [Ace] [6tisch] EDHOC and EALS use in 6tisch (minimal) bootstrap X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Mar 2017 13:31:47 -0000 --=-=-= Content-Type: text/plain peter van der Stok wrote: >> There are two of them because there is some concern that a full >> zero-touch bootstrap will require too many round trips. In the >> smallest networks a completely manual bootstrap is acceptable to some. > I need some more explanation here. It will help if there are some > numbers comparing the two approaches. And is "completely manual" > identical to "one touch"? Or do you see gradations from completely > manual to fully automatic? "completely manual" means: attach JTAG to device, write K1 key in. Or, "burn keys into source code", deploy. If one was using one of the testbeds, that might be rather easy. >> In the biggest industrial networks, nothing less than a full >> asymmetric key bootstrap is acceptable. This is often due to human >> factors as well well (installers not trusted with symmetric keys!). >> In between are some networks where managing a large number of >> (hopefully unique!) symmetric join keys that have to be provisioned at >> the factory is acceptable. This is how pre-6tisch 802.15.4 networks >> are being deployed today. > The above applies to 6tisch networks only? I'm not claiming that the constraints and opportunities that are specific to 6tisch networks are unique to 802.15.4 TSCH in Industrial settings. I'm rather saying that these are the constraints that allow us to make progress without unweidly scope creep. >> We are doing this work in 6tisch because we can pin down a number of >> variables that would otherwise cause significant scope creep: 1) we >> assume a clueful network operator (or contractor) who can sanely >> operate our Join Registrar/Coordinator [which is in the zero-touch >> case, is a CA]. ---> this means our solution does not scale to residential or small >> office situations, and that is acceptable to us. > That is a very large logical step for me; small offices and residential > are small networks in my view. And small networks do not accept zero > touch? Probably, I misunderstand the reasoning. Such networks do not at present, by default, have clueful operators to run the JRC. If a JRC can be assumed (homenet...), if it can be packaged up to be trivial, or if an upstream ISP or service provider can provide it, then progress could be made. That's a lot of IFs however, and it can hide a lot of ratholes. >> 4) we use RPL as the routing protocol across a mesh, which forms one >> (or more) tree-like DAGs. Close to the root there are significant >> bandwidth constraints, and the convergence of traffic there can cause >> congestion. If properly provisioned, upper-mesh nodes may not suffer >> as much from energy, it can really hurt nodes further down the tree if >> they transmit packets upwards, only to have them dropped due to >> congestion, and then are forced to carry useless retransmits. As >> such, we are looking for solutions that where can coordinate the join >> process centrally, and we can accomodate innovation at the edges in >> the form of DoS defenses. > Coordinate meaning a central control algorithm? The RPL bandwidth > constraints at the root is a general problem. Can this not be separated > out? Once the network is constructed there are a number of observations. 1) if the network is for control (such lighting), P2PRPL might provide for completely different paths which are not so contrained. 2) RPL DAO projection could remove traffic away from the root. 3) a data collector (in the P2MP metering scenarios) can also do management of bandwidth 4) 6tisch includes mechanisms to allocate bandwidth for different applications via the 6p mechanisms, so bandwidth can be reserved and latency can be made deterministic. 5) 6tisch envisions (but is not yet chartered) to deal with a PCE, [such as is used in ISA100, I'm told] that could plan tracks across the mesh in a centralized way. The point is that we can't spend very much of the available bandwidth for join traffic, it would be wasteful and would make the impact of DoS attacks higher. >> e) we think that our enrollment protocol is ideally suited to make the >> introductions between RS<->RO, and C<->RqP that ACE needs for >> bootstraping it's trust model. > RS <-> RO and C<->RqP?; what is the mapping to pledge, JA and > Registrar? > Looking forward to the presentations, I haven't asked for time at ACE about the join process. I think this is a simple application of OSCOAP to generate a new set of keys. This is a partly open OSCOAP issue. I'd also like to generate keys for the CoMI (rekey) interface. -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEbsyLEzg/qUTA43uogItw+93Q3WUFAljSfL4ACgkQgItw+93Q 3WVcswgAq+yFqZVs+0Sr9bJp+1HLk+fwi6QZzgwLKXv89l6Nt4VavT7OGDMJIV84 J2jdSaZq9oytJUziyiyjCVXfdvLx3sHjPWnoqXgD9mSe5fNZh0FzRY4xRTcsUNFL JZYCQR7cBRog1n4Nk49BzQhYFoCvvk+Q/Gchi5NpujtF0zVv7nqt5hVTBHeYBsJb l4OaJW2mDf6NyOs9SYJ5iVWJnWfcZB9JSJVxtbhJeIBajt6cN5KSiX8jPk0Yrr6c SyTpEEh91WMpsXgCvCHNBz6dUQFlQtaoRJvzms2iY3TKPbIdEKs4ewcXaoVqZ97j qdsxAz041qfxdbdKkKz8rnxKoPhKuA== =I4y3 -----END PGP SIGNATURE----- --=-=-=-- From nobody Mon Mar 27 00:17:18 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 26A39129411; Mon, 27 Mar 2017 00:17:12 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.199 X-Spam-Level: X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9Sp3IUgdhnzW; Mon, 27 Mar 2017 00:17:09 -0700 (PDT) Received: from mailhost.informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A1E4C12943E; Mon, 27 Mar 2017 00:17:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de Received: from submithost.informatik.uni-bremen.de (submithost.informatik.uni-bremen.de [134.102.201.11]) by mailhost.informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id v2R7H5CC000363; Mon, 27 Mar 2017 09:17:05 +0200 (CEST) Received: from client-0161.vpn.uni-bremen.de (client-0161.vpn.uni-bremen.de [134.102.107.161]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by submithost.informatik.uni-bremen.de (Postfix) with ESMTPSA id 3vs51r3qGczDHZS; Mon, 27 Mar 2017 09:17:04 +0200 (CEST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\)) From: Carsten Bormann Date: Mon, 27 Mar 2017 02:17:02 -0500 Cc: lo <6lo@ietf.org>, core , ace@ietf.org X-Mao-Original-Outgoing-Id: 512291822.346343-47e2969abfd4b61dad48cd9e4a28d700 Reply-To: t2trg@irtf.org Content-Transfer-Encoding: quoted-printable Message-Id: <003A0EEA-EAC8-4C64-AFC1-174E8360AB63@tzi.org> References: <149059838707.8031.8688478547594865185.idtracker@ietfa.amsl.com> To: t2trg@irtf.org X-Mailer: Apple Mail (2.3259) Archived-At: Subject: [Ace] SWORN: Secure Wake on Radio Nudging X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Mar 2017 07:17:12 -0000 I just submitted draft-bormann-t2trg-sworn-00.txt, which describes a = secure way for applications to wake sleepy nodes. For 6lo, it may be of interest as a way to expose a MAC layer feature to = the application layer in a secure way. For CoRE, it shows an unusual way to use the CoAP protocol. For ACE, it is an example of properly authorizing network functions. =20 (It is also an example of using COSE =E2=80=94 it could even use CWT, = but I didn=E2=80=99t specify that part.) (I probably could add other WGs, but the IETF mail server will only = allow so many destination addresses.) I=E2=80=99m looking forward to discussion about this little note, and = what kinds of standards possibly could be derived from it. Gr=C3=BC=C3=9Fe, Carsten > Htmlized: = https://tools.ietf.org/html/draft-bormann-t2trg-sworn-00 >=20 >=20 > Abstract: > Normally off devices (RFC7228) would need to expend considerable > energy resources to be reachable at all times. Instead, MAC layer > mechanisms are often employed that allow the last hop router of the > device to "wake" the device via radio when needed. Activating these > devices even for a short time still does expend energy and thus > should be available to authorized correspondents only. > Traditionally, this has been achieved by heavy firewalling, allowing > only authorized hosts to reach the device at all. This may be too > inflexible for an Internet of Things. >=20 > The present report describes how to use a combination of currently > standardized (or in progress) technologies to securely effect this > authorization. Gr=C3=BC=C3=9Fe, Carsten From nobody Wed Mar 29 14:55:26 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A540E12960D for ; Wed, 29 Mar 2017 14:55:24 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.202 X-Spam-Level: X-Spam-Status: No, score=-4.202 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IkIYGCQTB0ch for ; Wed, 29 Mar 2017 14:55:23 -0700 (PDT) Received: from colo.trepanning.net (colo.trepanning.net [69.55.226.174]) by ietfa.amsl.com (Postfix) with ESMTP id 4BA20126DDF for ; Wed, 29 Mar 2017 14:55:23 -0700 (PDT) Received: from dhcp-8f5c.meeting.ietf.org (dhcp-8f5c.meeting.ietf.org [31.133.143.92]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by colo.trepanning.net (Postfix) with ESMTPSA id 16CB61E011A for ; Wed, 29 Mar 2017 14:55:23 -0700 (PDT) To: ace@ietf.org From: Dan Harkins Message-ID: <9a28d26f-9069-7306-405d-eb7d945c03f0@lounge.org> Date: Wed, 29 Mar 2017 14:55:21 -0700 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Archived-At: Subject: [Ace] HKDF useage in ace-cose-ecdhe-05 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Mar 2017 21:55:25 -0000 Hello, I want to expand on my comments I made at the mic on Monday regarding key derivation with symmetric key authentication in draft-selander-ace- cose-ecdhe-05. When doing authentication with symmetric keys message 1 is encrypted using K_1 and K_1 is generated by passing (as far as I can tell, and I did admit at the mic that it's a little fuzzy) the PSK as salt and an empty key to HKDF. This poses some problems I think. - The only source of entropy in K_1 is the PSK and this makes the protocol susceptible to a passive dictionary attack[1] that would, otherwise, not be possible. - It seems somewhat unhygienic, from a crypto point of view, to pass a NULL key to a key derivation function. - Use of the PSK in messages 2 and 3 authenticate the particular key used in the AEAD and decryption/verification provides authentication of the sender to the receiver. But for message 1 is different. There is no benefit to the key exchange provided by encryption of message 1. The sole benefit of encrypting in message 1 seems to be that EXT_1 gets encrypted. But EXT_1 in the asymmetric case is not encrypted so there doesn't really seem there can be much that needs protection; seems like this is more of an opportunistic thing. That being the case, there is little upside and considerable downside to generating K_1 and encrypting a portion of message 1. I recommend that being removed from the draft. regards, Dan. [1] a dictionary attack is defined as one where the attacker gains an advantage from computation as opposed to interaction. The size of the dictionary (e.g. all numbers between 0 and 2^256) only affects the probability of success of the attack not whether it is a dictionary attack or not. From nobody Wed Mar 29 23:31:03 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC5DF129445 for ; Wed, 29 Mar 2017 23:31:01 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.221 X-Spam-Level: X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1-CbDfZrQRwY for ; Wed, 29 Mar 2017 23:30:59 -0700 (PDT) Received: from sessmg22.ericsson.net (sessmg22.ericsson.net [193.180.251.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4A9D31275C5 for ; Wed, 29 Mar 2017 23:30:59 -0700 (PDT) X-AuditID: c1b4fb3a-4d72198000003958-e2-58dca62012a1 Received: from ESESSHC011.ericsson.se (Unknown_Domain [153.88.183.51]) by (Symantec Mail Security) with SMTP id 86.10.14680.026ACD85; Thu, 30 Mar 2017 08:30:56 +0200 (CEST) Received: from ESESSMB107.ericsson.se ([169.254.7.125]) by ESESSHC011.ericsson.se ([153.88.183.51]) with mapi id 14.03.0339.000; Thu, 30 Mar 2017 08:30:55 +0200 From: =?utf-8?B?R8O2cmFuIFNlbGFuZGVy?= To: Dan Harkins , "ace@ietf.org" Thread-Topic: [Ace] HKDF useage in ace-cose-ecdhe-05 Thread-Index: AQHSqNcu88JAA4nRTU2MR4Jb7lLaT6Gsd1MA Date: Thu, 30 Mar 2017 06:30:54 +0000 Message-ID: References: <9a28d26f-9069-7306-405d-eb7d945c03f0@lounge.org> In-Reply-To: <9a28d26f-9069-7306-405d-eb7d945c03f0@lounge.org> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.7.1.161129 x-originating-ip: [153.88.183.150] Content-Type: text/plain; charset="utf-8" Content-ID: Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprAIsWRmVeSWpSXmKPExsUyM2K7sa7isjsRBlsYLb5/62G2WPrvC4sD k8eSJT+ZPJ7tfskSwBTFZZOSmpNZllqkb5fAlfH8zTfWgmfyFZcerGFtYPwj18XIySEhYCJx fM9jxi5GLg4hgfWMEqsX/mCCcJYwSnyfuIsVpIpNwEXiQcMjoAQHhwiQ/W5zFUhYWMBY4uzR /4wgtgjQoPvLn0HZRhJNk7eC2SwCqhI7vt9gA7F5BSwkjhxbxw5iCwnYSvSsvsUMMpJTwE7i +JtykDCjgJjE91NrmEBsZgFxiVtP5jNB3CkgsWTPeWYIW1Ti5eN/YJeJCuhJLH++BiquJLFi +yVGkJHMApoS63fpQ4yxlpgxexE7hK0oMaX7ITvENYISJ2c+YZnAKDYLybZZCN2zkHTPQtI9 C0n3AkbWVYyixanFxbnpRkZ6qUWZycXF+Xl6eaklmxiB8XRwy2+rHYwHnzseYhTgYFTi4X2w 93aEEGtiWXFl7iFGCQ5mJRHekyuBQrwpiZVVqUX58UWlOanFhxilOViUxHkd9l2IEBJITyxJ zU5NLUgtgskycXBKNTDOMdI+ns8z9VrQ3wXxFzgrv1mozeopzJU7+jVxzuSQSi6mzw+X6z0u 65fTbGB5P/na66WLK2e8PzfVw1aQ986b1fWzzp0qPnrFVuN+i8Ij59Srn6x/XEs35nn66tmE aRMiHUuvmd8w/muetX69fsvsAunpBStsLzm+/Xzq9323iRU1f3O3CIrMVmIpzkg01GIuKk4E AE7XNIujAgAA Archived-At: Subject: Re: [Ace] HKDF useage in ace-cose-ecdhe-05 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Mar 2017 06:31:02 -0000 SGVsbG8gRGFuLA0KDQpUaGFua3MgZm9yIGNvbW1lbnRpbmcuDQoNClRoZSBlbmNyeXB0aW9uIG9m IEtfMSBpbiB0aGUgc3ltbWV0cmljIGNhc2UgaXMgYW4gb3BlbiBpc3N1ZSwgd2Ugc2hvdWxkDQpo YXZlIG1lbnRpb25lZCB0aGF0IGluIHRoZSBtZWV0aW5nLiBKaW0gU2NoYWFkIGhhcyBhbHNvIHBy b3ZpZGVkIGFyZ3VtZW50cw0KdG8gcmVtb3ZlIGl0Lg0KDQpZb3VyIGV4cHJlc3Npb24g4oCcb3Bw b3J0dW5pc3RpY+KAnSBpcyBhIGdvb2QgY2hhcmFjdGVyaXNhdGlvbi4gV2UgaW5jbHVkZWQNCmVu Y3J5cHRpb24gYW5kIGludGVncml0eSBwcm90ZWN0aW9uIG9mIG1lc3NhZ2VfMSBpbiB0aGUgc3lt bWV0cmljIHZlcnNpb24NCm1haW5seSBiZWNhdXNlIHdlIGNhbiwgaW4gY29udHJhc3QgdG8gaW4g dGhlIGFzeW1tZXRyaWMgdmVyc2lvbi4gQnV0IGFzDQp5b3UgcG9pbnQgb3V0LCBpZiB3ZSBrZWVw IGVuY3J5cHRpb24gb2YgbWVzc2FnZV8xIHRoZW4gd2Ugc2hvdWxkIGRlcml2ZQ0KS18xIGluIGEg ZGlmZmVyZW50IHdheSwgYW5kIHRoZW4gdGhlIGtleSBkZXJpdmF0aW9uIGluIHRoZSBhc3ltbWV0 cmljIGFuZA0Kc3ltbWV0cmljIHZlcnNpb25zIG9mIHRoZSBwcm90b2NvbCB3b3VsZCBwcm9iYWJs eSBub3QgYmUgdGhlIHNhbWUsIHdoaWNoDQp3YXMgYW5vdGhlciBkZXNpZ24gb2JqZWN0aXZlLg0K DQpJIGhhdmVu4oCZdCB0YWxrZWQgd2l0aCBteSBjby1hdXRob3JzIHlldCwgYnV0IHdlIHdpbGwg ZWl0aGVyIG9taXQNCmVuY3J5cHRpb24gb2YgbWVzc2FnZV8xIGluIHRoZSBzeW1tZXRyaWMgY2Fz ZSBvciBjaGFuZ2UgdGhlIGRlcml2YXRpb24gb2YNCktfMS4NCg0KUmVnYXJkcywNCkfDtnJhbg0K DQoNCk9uIDIwMTctMDMtMjkgMjM6NTUsICJBY2Ugb24gYmVoYWxmIG9mIERhbiBIYXJraW5zIiA8 YWNlLWJvdW5jZXNAaWV0Zi5vcmcNCm9uIGJlaGFsZiBvZiBkaGFya2luc0Bsb3VuZ2Uub3JnPiB3 cm90ZToNCg0KPg0KPiAgIEhlbGxvLA0KPg0KPiAgIEkgd2FudCB0byBleHBhbmQgb24gbXkgY29t bWVudHMgSSBtYWRlIGF0IHRoZSBtaWMgb24gTW9uZGF5IHJlZ2FyZGluZw0KPmtleSBkZXJpdmF0 aW9uIHdpdGggc3ltbWV0cmljIGtleSBhdXRoZW50aWNhdGlvbiBpbiBkcmFmdC1zZWxhbmRlci1h Y2UtDQo+Y29zZS1lY2RoZS0wNS4gV2hlbiBkb2luZyBhdXRoZW50aWNhdGlvbiB3aXRoIHN5bW1l dHJpYyBrZXlzIG1lc3NhZ2UgMSBpcw0KPmVuY3J5cHRlZCB1c2luZyBLXzEgYW5kIEtfMSBpcyBn ZW5lcmF0ZWQgYnkgcGFzc2luZyAoYXMgZmFyIGFzIEkgY2FuIHRlbGwsDQo+YW5kIEkgZGlkIGFk bWl0IGF0IHRoZSBtaWMgdGhhdCBpdCdzIGEgbGl0dGxlIGZ1enp5KSB0aGUgUFNLIGFzIHNhbHQg YW5kDQo+YW4gZW1wdHkga2V5IHRvIEhLREYuIFRoaXMgcG9zZXMgc29tZSBwcm9ibGVtcyBJIHRo aW5rLg0KPg0KPiAgIC0gVGhlIG9ubHkgc291cmNlIG9mIGVudHJvcHkgaW4gS18xIGlzIHRoZSBQ U0sgYW5kIHRoaXMgbWFrZXMgdGhlDQo+cHJvdG9jb2wNCj4gICAgIHN1c2NlcHRpYmxlIHRvIGEg cGFzc2l2ZSBkaWN0aW9uYXJ5IGF0dGFja1sxXSB0aGF0IHdvdWxkLA0KPm90aGVyd2lzZSwgbm90 DQo+ICAgICBiZSBwb3NzaWJsZS4NCj4NCj4gICAtIEl0IHNlZW1zIHNvbWV3aGF0IHVuaHlnaWVu aWMsIGZyb20gYSBjcnlwdG8gcG9pbnQgb2YgdmlldywgdG8gcGFzcw0KPiAgICAgYSBOVUxMIGtl eSB0byBhIGtleSBkZXJpdmF0aW9uIGZ1bmN0aW9uLg0KPg0KPiAgIC0gVXNlIG9mIHRoZSBQU0sg aW4gbWVzc2FnZXMgMiBhbmQgMyBhdXRoZW50aWNhdGUgdGhlIHBhcnRpY3VsYXIga2V5DQo+ICAg ICB1c2VkIGluIHRoZSBBRUFEIGFuZCBkZWNyeXB0aW9uL3ZlcmlmaWNhdGlvbiBwcm92aWRlcyBh dXRoZW50aWNhdGlvbg0KPm9mDQo+ICAgICB0aGUgc2VuZGVyIHRvIHRoZSByZWNlaXZlci4gQnV0 IGZvciBtZXNzYWdlIDEgaXMgZGlmZmVyZW50LiBUaGVyZSBpcw0KPiAgICAgbm8gYmVuZWZpdCB0 byB0aGUga2V5IGV4Y2hhbmdlIHByb3ZpZGVkIGJ5IGVuY3J5cHRpb24gb2YgbWVzc2FnZSAxLg0K Pg0KPiAgIFRoZSBzb2xlIGJlbmVmaXQgb2YgZW5jcnlwdGluZyBpbiBtZXNzYWdlIDEgc2VlbXMg dG8gYmUgdGhhdCBFWFRfMSBnZXRzDQo+ZW5jcnlwdGVkLiBCdXQgRVhUXzEgaW4gdGhlIGFzeW1t ZXRyaWMgY2FzZSBpcyBub3QgZW5jcnlwdGVkIHNvIHRoZXJlDQo+ZG9lc24ndCByZWFsbHkgc2Vl bSB0aGVyZSBjYW4gYmUgbXVjaCB0aGF0IG5lZWRzIHByb3RlY3Rpb247IHNlZW1zIGxpa2UNCj50 aGlzIGlzIG1vcmUgb2YgYW4gb3Bwb3J0dW5pc3RpYyB0aGluZy4gVGhhdCBiZWluZyB0aGUgY2Fz ZSwgdGhlcmUgaXMNCj5saXR0bGUgdXBzaWRlIGFuZCBjb25zaWRlcmFibGUgZG93bnNpZGUgdG8g Z2VuZXJhdGluZyBLXzEgYW5kIGVuY3J5cHRpbmcNCj5hIHBvcnRpb24gb2YgbWVzc2FnZSAxLiBJ IHJlY29tbWVuZCB0aGF0IGJlaW5nIHJlbW92ZWQgZnJvbSB0aGUgZHJhZnQuDQo+DQo+ICAgcmVn YXJkcywNCj4NCj4gICBEYW4uDQo+DQo+WzFdIGEgZGljdGlvbmFyeSBhdHRhY2sgaXMgZGVmaW5l ZCBhcyBvbmUgd2hlcmUgdGhlIGF0dGFja2VyIGdhaW5zIGFuDQo+YWR2YW50YWdlIGZyb20gY29t cHV0YXRpb24gYXMgb3Bwb3NlZCB0byBpbnRlcmFjdGlvbi4gVGhlIHNpemUgb2YgdGhlDQo+ZGlj dGlvbmFyeSAoZS5nLiBhbGwgbnVtYmVycyBiZXR3ZWVuIDAgYW5kIDJeMjU2KSBvbmx5IGFmZmVj dHMgdGhlDQo+cHJvYmFiaWxpdHkgb2Ygc3VjY2VzcyBvZiB0aGUgYXR0YWNrIG5vdCB3aGV0aGVy IGl0IGlzIGEgZGljdGlvbmFyeQ0KPmF0dGFjayBvciBub3QuDQo+DQo+DQo+DQo+DQo+X19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18NCj5BY2UgbWFpbGluZyBs aXN0DQo+QWNlQGlldGYub3JnDQo+aHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5m by9hY2UNCg0K From nobody Thu Mar 30 07:08:35 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 72D8D1294D8 for ; Thu, 30 Mar 2017 07:08:33 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.699 X-Spam-Level: X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oJiQnyAgrkyE for ; Thu, 30 Mar 2017 07:08:32 -0700 (PDT) Received: from mail-lf0-x22b.google.com (mail-lf0-x22b.google.com [IPv6:2a00:1450:4010:c07::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A0AD7129412 for ; Thu, 30 Mar 2017 07:08:31 -0700 (PDT) Received: by mail-lf0-x22b.google.com with SMTP id j90so27624458lfk.2 for ; Thu, 30 Mar 2017 07:08:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=us1DR9TprCRnYZwGyAeOGXZlb0Ja8u8QQaMo69OhtAQ=; b=Bc7oEoX28oAGUW+CYwnUfHsIHB7HPuwMkZR6tyl+U/jl2QJFOi5HSAADncCLj8KpA3 nZZW+YTvoBiR2hTWrZvYpRqzKWRTxzd+/buQYZpHMAbi9qm47RseF05hzs8k+JFVhozZ 0fcmyysSlxZpyweVB3qxY3pTotQeBGGQ6UPk01YUfxQV/MdzcJ+6tRpC440kWO6Zy70b 1UhyovqJqXSPz1KenHQSwJu444CahcnsQZi0OUUlQlgBbg092sqMmzaxLeHrXF8tPMkM 4JlbsYAkB2/u+A262CLL8H15ZR9EuhJgycxuMeGD7JWMWhEfvds0+OoEtyxa4pKB9rQI UWLQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=us1DR9TprCRnYZwGyAeOGXZlb0Ja8u8QQaMo69OhtAQ=; b=AHuPn2KAeQ95QNAxPVly4nf59jpqNvTlsjx/j3mO/RTUfw/q42E6V1QU5qH23GrT7L NbVoGUchYuBijri3Omd/kM/f8LMSMw2wfVbA6Tih3/I+9b3z3yZKG98s7tMGrXxFSAaU I23HRNojYaYhpwf8vLAETgKAFYP/J4RCJqTow0iRGFmFxa1MA6Fj+zhtHVYeED5rC2Lb NsGKi7cDLxu4lsky7jk5VJ5JyupFFIAVkbtje4lkEfU3/6ynIEzTYe4y24J0xTx7ALEY WBGsqhVrQRcPqrSR2XZ4yfwi+SUF6PISzMQhJzcPOn8gv6T/bJ5wT4ecf4MF5UTIu/Fz 99sA== X-Gm-Message-State: AFeK/H0b5JMrRT+Kk1l9L1MUUSTmtNfNXSv1LK4Yd8icb6CeZigB5G7B8ySwOqc4PIKk4u3HZ/8JKKAiPRAXUA== X-Received: by 10.28.100.67 with SMTP id y64mr565260wmb.133.1490882909914; Thu, 30 Mar 2017 07:08:29 -0700 (PDT) MIME-Version: 1.0 Received: by 10.28.167.206 with HTTP; Thu, 30 Mar 2017 07:08:09 -0700 (PDT) From: Julien Vermillard Date: Thu, 30 Mar 2017 16:08:09 +0200 Message-ID: To: ace@ietf.org Cc: Hannes Tschofenig Content-Type: multipart/alternative; boundary=001a114b30403f5357054bf33a4e Archived-At: Subject: [Ace] EST over CoAP PKCS#10 encoding X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Mar 2017 14:08:33 -0000 --001a114b30403f5357054bf33a4e Content-Type: text/plain; charset=UTF-8 Hi, I'm currently implementing EST over CoAP. I wonder why, on simple enrollment, the payload is put in a CBOR binary string? I understand why dropping base64, but just putting the PKCS#10 binary in the CoAP payload is technically enough. What is the benefit of CBOR encapsulation? BTW you have a GitHub or something where I can post issues/comments? -- Julien Vermillard --001a114b30403f5357054bf33a4e Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Hi,
I'm currently impleme= nting EST over CoAP.

I wonder why, on simple enrollment, the p= ayload is put in a CBOR binary string?
I understand why dropping b= ase64, but just putting the PKCS#10 binary in the CoAP payload is technical= ly enough. What is the benefit of CBOR encapsulation?

BTW you = have a GitHub or something where I can post issues/comments?
--
Julien Vermillard
=
--001a114b30403f5357054bf33a4e-- From nobody Thu Mar 30 07:16:40 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 213CB12951F for ; Thu, 30 Mar 2017 07:16:38 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.621 X-Spam-Level: X-Spam-Status: No, score=-2.621 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YoQLwMesuw8V for ; Thu, 30 Mar 2017 07:16:36 -0700 (PDT) Received: from lb3-smtp-cloud3.xs4all.net (lb3-smtp-cloud3.xs4all.net [194.109.24.30]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0D7E9124BE8 for ; Thu, 30 Mar 2017 07:16:35 -0700 (PDT) Received: from webmail.xs4all.nl ([IPv6:2001:888:0:22:194:109:20:199]) by smtp-cloud3.xs4all.net with ESMTP id 2EGY1v00L4qMJlQ01EGZLd; Thu, 30 Mar 2017 16:16:34 +0200 Received: from t2001067c0370012870cdc2cd14bcdd6d.v6.meeting.ietf.org (2001:67c:370:128:70cd:c2cd:14bc:dd6d) by webmail.xs4all.nl with HTTP (HTTP/1.1 POST); Thu, 30 Mar 2017 16:16:32 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Thu, 30 Mar 2017 09:16:32 -0500 From: peter van der Stok To: Julien Vermillard Cc: ace@ietf.org, Hannes Tschofenig Organization: vanderstok consultancy Reply-To: consultancy@vanderstok.org Mail-Reply-To: consultancy@vanderstok.org In-Reply-To: References: Message-ID: X-Sender: stokcons@xs4all.nl User-Agent: XS4ALL Webmail Archived-At: Subject: Re: [Ace] EST over CoAP PKCS#10 encoding X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Mar 2017 14:16:38 -0000 HI Julien, Julien Vermillard schreef op 2017-03-30 09:08: > Hi, > I'm currently implementing EST over CoAP. Great, that is good news. > > I wonder why, on simple enrollment, the payload is put in a CBOR > binary string? > I understand why dropping base64, but just putting the PKCS#10 binary > in the CoAP payload is technically enough. What is the benefit of CBOR > encapsulation? Yes, that was a choice. I first had the simple binary in my mind, but then I thought that to use CBOR encapsulation would help to distinguish from other (future) versions of pkcs#10. > > BTW you have a GitHub or something where I can post issues/comments? I do have a Github but I am a very conservative user. > > -- > Julien Vermillard > _______________________________________________ > Ace mailing list > Ace@ietf.org > https://www.ietf.org/mailman/listinfo/ace From nobody Thu Mar 30 07:23:49 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B428C12950B for ; Thu, 30 Mar 2017 07:23:48 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GuX4sNx7CupK for ; Thu, 30 Mar 2017 07:23:46 -0700 (PDT) Received: from mail-wr0-x22b.google.com (mail-wr0-x22b.google.com [IPv6:2a00:1450:400c:c0c::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5C3AD126C26 for ; Thu, 30 Mar 2017 07:23:46 -0700 (PDT) Received: by mail-wr0-x22b.google.com with SMTP id w43so62944031wrb.0 for ; Thu, 30 Mar 2017 07:23:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=KynVrV/l8DA8zU1lXvt0kDFh4UgGweFrCamlk9Q3y5c=; b=Na3dwzIqvC9j2Q2VXdkc+kskDhYLHE304gJbZoaJUJ+utIjG8Ta48fEqbuCxAzKVfX 8uvS3zrWRVZF+L9vtoGf1u5UvSIuODoGRhh6vDQiV6DWQ9Na6oen9AbRcntiGZjIhIC+ FtNpfcz3KgT96AZ7EpnilyJOV1u9G/vAwf57nhSg32DY1NWCP162NwD86GkoFArNN7K0 BmcTNBP5sS+thB5tqXL3go6hFW6JuUver94+BJizO6XEzQejbZ+vQa6wSsJ4sr9sEaDa OvARfsTiC/HJNdPo6FIgSXSzEF1qrxzk8QGjoDIN57vykNfNV59iLVHlFqoEz9onKN8m h3vA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=KynVrV/l8DA8zU1lXvt0kDFh4UgGweFrCamlk9Q3y5c=; b=aSWxN03izUBd53yQP+OVIfHhwAFjKOA5cbeswt7xMs5hZrqmgyaFzohnxfZ9R7IGfy JNo83KLp17oY3EaG208Ls+3/6DYUFjDRJuJbs18Hq9aZpLFe1DfRZkghxyHMtZKGxGzK 2Jk7lyvQQB0Wssa9lzAgIqasAtBfTx9drWS6AkfAczMS9EPOj304Bt7Fr5IMHKnOBd5g WWdfuXAITWRhWzIeTFW2n2uiAk5N3Mthf+boxnEh9au4K+5X/qspq4ZQqCii5N+2+HnT B7nPW0EydoKCVnUqnP86hnXihlWjTObEWiy0pxBOJtfiwki/roZ2ZY7TblJSCERk3/Cg koVw== X-Gm-Message-State: AFeK/H1TfwfFjtP25NIij9SnkYTOBkmuV427tSN4k9Mro1vViAaxarMNhGifUuulMbeqmQSziK/339vWxjAdkg== X-Received: by 10.223.161.70 with SMTP id r6mr5740357wrr.65.1490883824525; Thu, 30 Mar 2017 07:23:44 -0700 (PDT) MIME-Version: 1.0 Received: by 10.28.167.206 with HTTP; Thu, 30 Mar 2017 07:23:24 -0700 (PDT) In-Reply-To: References: From: Julien Vermillard Date: Thu, 30 Mar 2017 16:23:24 +0200 Message-ID: To: consultancy@vanderstok.org Cc: ace@ietf.org, Hannes Tschofenig Content-Type: multipart/alternative; boundary=f403045e274ac329c7054bf370be Archived-At: Subject: Re: [Ace] EST over CoAP PKCS#10 encoding X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Mar 2017 14:23:49 -0000 --f403045e274ac329c7054bf370be Content-Type: text/plain; charset=UTF-8 Hi, Thanks for your answer. I think content negotiation should be done using the Content-Format option like other CoAP based protocols. And would also match the HTTP way to do it. -- Julien Vermillard On Thu, Mar 30, 2017 at 4:16 PM, peter van der Stok wrote: > HI Julien, > > > Julien Vermillard schreef op 2017-03-30 09:08: > >> Hi, >> I'm currently implementing EST over CoAP. >> > > Great, that is good news. > > >> I wonder why, on simple enrollment, the payload is put in a CBOR >> binary string? >> I understand why dropping base64, but just putting the PKCS#10 binary >> in the CoAP payload is technically enough. What is the benefit of CBOR >> encapsulation? >> > > Yes, that was a choice. I first had the simple binary in my mind, but then > I thought that to use CBOR encapsulation would help to distinguish from > other (future) versions of pkcs#10. > >> >> BTW you have a GitHub or something where I can post issues/comments? >> > > I do have a Github but I am a very conservative user. > >> >> -- >> Julien Vermillard >> _______________________________________________ >> Ace mailing list >> Ace@ietf.org >> https://www.ietf.org/mailman/listinfo/ace >> > --f403045e274ac329c7054bf370be Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Hi,
Thanks for your answer.
I think content negotiation should be done using the Content-Format = option like other CoAP based protocols.
And would also match the H= TTP way to do it.

--
Julien Vermillard

On Thu, Mar 30, 2017 at 4:16 PM, peter van d= er Stok <stokcons@xs4all.nl> wrote:
HI Julien,


Julien Vermillard schreef op 2017-03-30 09:08:
Hi,
I'm currently implementing EST over CoAP.

 Great, that is good news.


I wonder why, on simple enrollment, the payload is put in a CBOR
binary string?
I understand why dropping base64, but just putting the PKCS#10 binary
in the CoAP payload is technically enough. What is the benefit of CBOR
encapsulation?

 Yes, that was a choice. I first had the simple binary in my mind, but then = I thought that to use CBOR encapsulation would help to distinguish from oth= er (future) versions of pkcs#10.

BTW you have a GitHub or something where I can post issues/comments?

 I do have a Github but I am a very conservative user.

--
Julien Vermillard
_______________________________________________
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace

--f403045e274ac329c7054bf370be-- From nobody Thu Mar 30 07:29:44 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 58AE71243FE for ; Thu, 30 Mar 2017 07:29:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.621 X-Spam-Level: X-Spam-Status: No, score=-2.621 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t77AnTh4aGX1 for ; Thu, 30 Mar 2017 07:29:40 -0700 (PDT) Received: from lb2-smtp-cloud3.xs4all.net (lb2-smtp-cloud3.xs4all.net [194.109.24.26]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 03E7C128BB6 for ; Thu, 30 Mar 2017 07:29:39 -0700 (PDT) Received: from webmail.xs4all.nl ([IPv6:2001:888:0:22:194:109:20:199]) by smtp-cloud3.xs4all.net with ESMTP id 2EVd1v00Y4qMJlQ01EVd9Z; Thu, 30 Mar 2017 16:29:38 +0200 Received: from t2001067c0370012870cdc2cd14bcdd6d.v6.meeting.ietf.org (2001:67c:370:128:70cd:c2cd:14bc:dd6d) by webmail.xs4all.nl with HTTP (HTTP/1.1 POST); Thu, 30 Mar 2017 16:29:37 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Thu, 30 Mar 2017 09:29:37 -0500 From: peter van der Stok To: Julien Vermillard Cc: consultancy@vanderstok.org, Hannes Tschofenig , ace@ietf.org Organization: vanderstok consultancy Reply-To: consultancy@vanderstok.org Mail-Reply-To: consultancy@vanderstok.org In-Reply-To: References: Message-ID: <2604c21e3f03f52062edcf954ee67689@xs4all.nl> X-Sender: stokcons@xs4all.nl User-Agent: XS4ALL Webmail Archived-At: Subject: Re: [Ace] EST over CoAP PKCS#10 encoding X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Mar 2017 14:29:42 -0000 Hi, Right, will look into it. The github address is: https://github.com/SanKumar2015/EST-coaps Peter Julien Vermillard schreef op 2017-03-30 09:23: > Hi, > Thanks for your answer. > > I think content negotiation should be done using the Content-Format > option like other CoAP based protocols. > And would also match the HTTP way to do it. > > -- > Julien Vermillard > On Thu, Mar 30, 2017 at 4:16 PM, peter van der Stok > wrote: > >> HI Julien, >> >> Julien Vermillard schreef op 2017-03-30 09:08: >> >>> Hi, >>> I'm currently implementing EST over CoAP. >> >> Great, that is good news. >> >>> I wonder why, on simple enrollment, the payload is put in a CBOR >>> binary string? >>> I understand why dropping base64, but just putting the PKCS#10 >>> binary >>> in the CoAP payload is technically enough. What is the benefit of >>> CBOR >>> encapsulation? >> >> Yes, that was a choice. I first had the simple binary in my mind, >> but then I thought that to use CBOR encapsulation would help to >> distinguish from other (future) versions of pkcs#10. >> >>> BTW you have a GitHub or something where I can post >>> issues/comments? >> >> I do have a Github but I am a very conservative user. >> >>> -- >>> Julien Vermillard >>> _______________________________________________ >>> Ace mailing list >>> Ace@ietf.org >>> https://www.ietf.org/mailman/listinfo/ace [1] > > > > Links: > ------ > [1] https://www.ietf.org/mailman/listinfo/ace > _______________________________________________ > Ace mailing list > Ace@ietf.org > https://www.ietf.org/mailman/listinfo/ace From nobody Fri Mar 31 20:04:00 2017 Return-Path: X-Original-To: ace@ietfa.amsl.com Delivered-To: ace@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 106E0127201; Fri, 31 Mar 2017 20:03:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.002 X-Spam-Level: X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=augustcellars.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0pxTnhbhEoid; Fri, 31 Mar 2017 20:03:57 -0700 (PDT) Received: from mail4.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 64D851287A7; Fri, 31 Mar 2017 20:03:54 -0700 (PDT) Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Language: en-us DKIM-Signature: v=1; a=rsa-sha256; d=augustcellars.com; s=winery; c=simple/simple; t=1491015832; h=from:subject:to:date:message-id; bh=3SovMmdUhWb7Pd0UMI2EZKFZHBrrMZpBiERfBgiSiT4=; b=fqyh0icfYpvpUngXLnzqF8MLVMPni2p9tnjBStDCPvd2QeUsZ95g1l5MOyhv4yVPVbfY5vJwExM /CKYJpoybv0qxlCrcB9+IvPOGarT9h5rZtaDOYmBllEmWz6TQwvvJ9lmYQEA9yf9oy2sFYKyEfAjy xtolRMD/4cYD/YV5PsQ8tvFM+1diza0LmwgHf9daM3X+dAyxHVXqmQkWbY9MKP8UQDzoQjPBbty2b q4KFK5/MIu3XFL9VGJtFi/Tvk4Wx3+Na7nJLhQy8yNC/ZwnswGHWxALcnBxzm9czfBMMxLPp7NSXf RBkeXOl2SCRDlk2aX9f+WpXHHIsGxZiAz47Q== Received: from mail2.augustcellars.com (192.168.1.201) by mail4.augustcellars.com (192.168.1.153) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Fri, 31 Mar 2017 20:03:51 -0700 Received: from hebrews (64.134.171.131) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Fri, 31 Mar 2017 20:03:46 -0700 From: Jim Schaad To: CC: Date: Fri, 31 Mar 2017 22:03:45 -0500 Message-ID: <010201d2aa94$957b6760$c0723620$@augustcellars.com> MIME-Version: 1.0 X-Mailer: Microsoft Outlook 16.0 Thread-Index: AdKqjYd/dEU13IlnTS+NuoPqts/VjQ== X-Originating-IP: [64.134.171.131] Archived-At: Subject: [Ace] Review of draft-ietf-ace-cbor-web-token-03 X-BeenThere: ace@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 Apr 2017 03:03:59 -0000 Given that it was stated that the authors believe that the document was ready for publication, I decided to do another review pass. 1. Following the discussion in the SET WG meeting, I believe that it would be reasonable to define some inputs for the external data fields to allow for distinguishing between the different uses of JWT structures. Language about different applications extending this structure would also be reasonable. 2. I do not know if the authors looked at changing the Type3StringOrURI so that it would explicitly tag URIs or not. I do no remember seeing any discussions on the list but have not gone back to search 3. I find the description of Type6NumericDate to be slightly confusing as it appears to imply that this is not using a numeric value when it does. 4. The authors need to look at their use of Type6NumericDate and determine if this is what they really want to do. All of the examples are incorrect because of this tag usage. 5. After the discussions in the SET group, do the authors which to re-consider the MUST ignore statement in the first paragraph of section 3? 6. The string "6 tag value 1" is normally written as "6.1" when looking at pretty-printed CBOR diagnostics. This would be clearer than what is written. 7. The text should be altered to use a TBD for the CWT tag rather than using a constant so this is highlighted. 8. The note for step 5 in section 6.1 is problematic from a number of things. A) AEAD algorithms are required, so it is not clear that the recommendation makes sense. B) there is a big difference between signing and MACing in terms of the amount and type of integrity provided. Replacing signing w/ AEAD loses a lot. 9. Step 6 in section 6.1 does not agree w/ the language in section 5. MUST vs maybe. 10. In starting to verify the examples I ran across the following two issues: a) The hex string and the diagnostic notation are equivalent, but they are not the same. Specifically, the order of claims is not the same. CBOR.ME gives {2: "erikw", 3: "coap://light.example.com", 4: 1444064944, 5: 1443944944, 6: 1443944944, 1: "coap://as.example.com", 7: h'0b71'} b) The encoding of some of the claims is incorrect according to the document. It should be { 1: "coap://as.example.com", 2: "erikw", 3: "coap://light.example.com", 4: 1(1444064944), 5: 1(1443944944), 6: 1(1443944944),7: h'0b71'} Or a7 # map(7) 01 # unsigned(1) 75 # text(21) 636f61703a2f2f61732e6578616d706c652e636f6d # "coap://as.example.com" 02 # unsigned(2) 65 # text(5) 6572696b77 # "erikw" 03 # unsigned(3) 78 18 # text(24) 636f61703a2f2f6c696768742e6578616d706c652e636f6d # "coap://light.example.com" 04 # unsigned(4) c1 # tag(1) 1a 5612aeb0 # unsigned(1444064944) 05 # unsigned(5) c1 # tag(1) 1a 5610d9f0 # unsigned(1443944944) 06 # unsigned(6) c1 # tag(1) 1a 5610d9f0 # unsigned(1443944944) 07 # unsigned(7) 42 # bytes(2) 0b71 # "\vq" Note the additional tagging which is required.