Hi Gonzalo, Bob, all, sorry for being unresponsive.
I have been working extensively on the draft in the past since becoming co-editor of draft-moskowitz-hip-dex-01 back in March 2014, but I have not been following HIP-related emails lately in accordance with Bob. I also want to take this opportunity to note that I will not have any significant amount of time for contributions in the future. That said, I still would like to briefly explain the high-level rationale behind our choice of cryptographic primitives for HIP DEX, which are Eric's key points as I see it: In 2014 and beyond, many (Industrial) IoT devices often did not offer communication security or relied on fixed symmetric keys, potentially resulting in overuse of these keys. This was - and to my understanding still is - a direct result of the relatively high cost (ROM, RAM, CPU cycles, network usage) of public key cryptography on many microcontroller-based embedded devices. Taking HIP BEX as a starting point, the idea therefore was to reduce the overhead of the cryptographic primitives by omitting public-key signatures and hash functions as the main overhead drivers regarding the above cost factors. That also meant losing some cryptographic properties such as PFS and SIGMA-compliance, many of which are taken for granted for traditional Internet security. This is the trade-off that we were willing to accept for HIP DEX in order to improve on deployed state of the art and our approach is to be very open about these trade-offs. This is why we added text to that direction right to the start of the document (https://tools.ietf.org/html/draft-ietf-hip-dex-06#section-1). I suggest for the WG to decide whether this rationale and these trade-offs are still valid and acceptable in 2019 and to proceed accordingly. @Bob: Please comment if your view differs. Regards, René -----Original Message----- From: Hipsec <[email protected]> On Behalf Of Gonzalo Camarillo Sent: Dienstag, 15. Januar 2019 15:28 To: HIP <[email protected]> Subject: [Hipsec] Status of draft-ietf-hip-dex Hi, I want to give the group a status update on the HIP DEX draft. Terry, our AD, had to remove it from the agenda of the telechat where it was going to be discussed (in May) because of security-related concerns about the draft (from the Security ADs). We have been periodically pinging Rene and Bob (authors of the draft) since then (9 months!), but we have not been able to get any response from them... note that we had added Rene as a coauthor of this draft because Bob's lack of cycles. Terry would like to get this done by the end of February. Any proposals on how to proceed? Cheers, Gonzalo _______________________________________________ Hipsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/hipsec _______________________________________________ Hipsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/hipsec
