Re: [Ace] draft-ietf-ace-coap-est-00

2018-03-13 Thread Benjamin Kaduk 
On Tue, Mar 13, 2018 at 09:44:37PM -0400, Michael Richardson wrote:
> 
> Jim Schaad  wrote:
> > In section 2 - There will be a problem in that the port format 
> extension is
> > being eliminated in TLS 1.3 - We may want to divide this into a 1.2 and 
> 1.3
> > section for clarity.
> 
> I don't understand what you are referring to.
> 
> What is the "port format extension" you are referring to, and where in
> section 2 do you think we are depending upon it?

   [...] DTLS
   implementations MUST use the Supported Elliptic Curves and Supported
   Point Formats Extensions [RFC4492]; the uncompressed point format
   MUST be supported; [RFC6090] can be used as an implementation method.

The uncompressed point format only exists in (D)TLS 1.2 and lower.
(TLS 1.3 does not separately negotiate point format, rather, the
point format is determined by the group/curve to be used.)

I think the fix would just be something like "the uncompressed point
format MUST be supported for DTLS versions prior to 1.3".

-Ben


signature.asc
Description: PGP signature
___
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace

Re: [Ace] draft-ietf-ace-coap-est-00

2018-03-13 Thread Michael Richardson 

Jim Schaad  wrote:
> In section 2 - There will be a problem in that the port format extension 
is
> being eliminated in TLS 1.3 - We may want to divide this into a 1.2 and 
1.3
> section for clarity.

I don't understand what you are referring to.

What is the "port format extension" you are referring to, and where in
section 2 do you think we are depending upon it?

I'm thinking that you are jumping to a conclusion based upon some poorly
written text on our part :-)

But, since I think all the authors are ignorant of that extension, we must be
misleading you unintentionally.


--
Michael Richardson , Sandelman Software Works
 -= IPv6 IoT consulting =-





signature.asc
Description: PGP signature
___
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace

Re: [Ace] draft-ietf-ace-coap-est-00

2018-03-13 Thread Michael Richardson 

peter van der Stok  wrote:
>> *  In section 6- All proxies are required by CoAP blocking to re-assemble
>> the entire message at the proxy.  It can re-block things going to the 
next
>> proxy.  While there is no requirement that the proxy get the entire 
message
>> before sending on pieces, this should be common practice and would be
>> required for a CoAP/HTTP proxy.

> Agree fully, we need to clarify that.

If we are talking about CoAP->HTTP proxy, then clearly that's absolutely true.
How could it be any other way?  We can't do CoAP block mode over HTTP that
I know of :-)

There are other proxy types that we need to describe.


>> * Should probably add a note in section 6 that any proxy that terminates
>> the
>> DTLS connection is going to be required to act as an RA.  RAs are 
required
>> to have the entire request for adding authentication as necessary.

> This is visible in the figure of section 6, but needs elaboration in the
> text.

I don't understand why we have that paragraph.
An end point that terminates the Pledge (D)TLS connection and acts as
an RA *IS* a Join Registrar, not a Proxy.

--
Michael Richardson , Sandelman Software Works
 -= IPv6 IoT consulting =-





signature.asc
Description: PGP signature
___
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace

[Ace] Draft agenda for London

2018-03-13 Thread Benjamin Kaduk 
Hi all,

I just (belatedly) posted a draft agenda to the datatracker
(https://datatracker.ietf.org/doc/agenda-101-ace/), also copied
below.  Please holler if there are obvious bugs, you requested time
but didn't get a response, etc.

I know it's a little bit of short notice, but to the speakers:
please get some form of slides to the chairs this week (before
Saturday) so that we can look over them in advance.  We should not
be scrambling on Monday morning!

Thanks,

Ben
for the chairs

%%

ACE WG IETF 101, Monday March 19, 2018 0930h-1200h (2.5h)

Chairs -- Note Well and agenda bashing, 5min
Chairs -- document status update, 5min

Mike -- draft-ietf-ace-cwt-proof-of-possession, 10min

Peter -- draft-ietf-ace-coap-est, 10min
Gőran -- draft-selander-ace-coap-est-oscore, 5min

Ludwig -- draft-ietf-ace-oauth-authz, 10min
Ludwig -- draft-ietf-ace-dtls-authorize, 5min 
Ludwig -- draft-ietf-ace-oscore-profile, 5min

Marco -- draft-tiloca-ace-oscoap-joining, 10min
Francesca -- draft-palombini-ace-key-groupcomm, 10min

Gőran -- key exchange for OSCORE (EDHOC vs. TLS-OSCORE), 15min
Gőran -- scope of authorization work, 30min

___
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace