Hi Hannes, Thanks for the warm welcome! See inline my comments... Stevie
> From: Ace [mailto:ace-boun...@ietf.org] On Behalf Of Hannes Tschofenig > Sent: Thursday, October 19, 2017 8:02 AM > To: ace@ietf.org > Subject: [Ace] multicast > > Hi all, > > During the ACE conference call we had a few new participants, namely Stevie, > Piotr and Marius, from the lighting consortium Fairhair attending. > Great to see new participants "on-board". > > Stevie explained that he needs a document that contains a solution using > asymmetric and symmetric cryptography, that they intend to use the > asymmetric solution whenever there is no low latency requirement > (and for unicast communication), and only use the symmetric key approach > when the low latency requirements demand it. > > Is this a correct summary? [Stevie] Well, slightly different. First, my interest is to separate unicast from multicast communication completely. (Use of DTLS, for all unicast communication) For multicast, my focus is on using asymmetric encryption for authentication & integrity, and using symmetric encryption for confidentiality. I see high chances for reasonable options to achieve this with the given drafts [1] / [2] / [3], even supporting the "low-latency" requirements we need, also considering the main ideas from [4]. Note this is still mostly a "gut feeling" today - as I am still not familiar enough with all potentially relevant details. Let me (better: us) give some more days to elaborate on that before starting broader discussion... [1] https://tools.ietf.org/html/draft-ietf-ace-dtls-authorize-01 [2] https://tools.ietf.org/html/draft-tiloca-core-multicast-oscoap-03 [3] https://tools.ietf.org/html/draft-tiloca-ace-oscoap-joining-00 [4] https://tools.ietf.org/html/draft-somaraju-ace-multicast-02 > > Ciao > Hannes > > PS: Stevie also mentioned that he likes draft-tiloca-ace-oscoap-joining-00.txt > but not draft-somaraju-ace-multicast. This was rather surprising since > draft-somaraju-ace-multicastwas written by the lighting community (in the > OpenAIS project) specifically addressing the low latency requirements of that > community. Stevie, could you explain? [Stevie] I did (and still do) support draft-somaraju-ace-multicast, see also my email to the list in March [5]. I just think that there should not be two competing drafts, where there is chance to combine them (especially when there's a chance to improve the security aspects within that common approach). I cannot speak for the OpenAIS project, but at least in the Fairhair Alliance there is currently common sense to focus on one approach (i.e. not attempting to "revive" draft-somaraju-ace-multicast) [5] https://mailarchive.ietf.org/arch/search/?email_list=ace&q=stevie
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace