The IESG has approved the following document: - 'Using Ephemeral Diffie-Hellman Over COSE (EDHOC) with the Constrained Application Protocol (CoAP) and Object Security for Constrained RESTful Environments (OSCORE)' (draft-ietf-core-oscore-edhoc-11.txt) as Proposed Standard
This document is the product of the Constrained RESTful Environments Working Group. The IESG contact persons are Zaheduzzaman Sarker, Paul Wouters and Francesca Palombini. A URL of this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-core-oscore-edhoc/ Technical Summary The lightweight authenticated key exchange protocol EDHOC can be run over CoAP and used by two peers to establish an OSCORE Security Context. This document details this use of the EDHOC protocol, by specifying a number of additional and optional mechanisms. These especially include an optimization approach for combining the execution of EDHOC with the first OSCORE transaction. This combination reduces the number of round trips required to set up an OSCORE Security Context and to complete an OSCORE transaction using that Security Context. Working Group Summary There is broad agreement that this document should go forward, and a core group of people who have satisfied themselves about the technical details. Document Quality The number of implementations is limited, as the underlying EDHOC protocol (LAKE WG) has only just reached the IESG and needs to be implemented first. Since EDHOC has recently made an on-wire change that also required to make a change in the implementation, there is a certain reluctance to commit to implementations before the document is approved. There is a common sentiment that implementing this protocol will be a matter of course in the emerging CoAP/EDHOC implementations. An early example for this is the following implementation that includes the OSCORE-EDHOC protocol: * https://github.com/rikard-sics/californium/tree/edhoc Personnel The Document Shepherd for this document is Carsten Bormann. The Responsible Area Director is Paul Wouters. _______________________________________________ IETF-Announce mailing list IETF-Announce@ietf.org https://www.ietf.org/mailman/listinfo/ietf-announce