Hi Rene, if you do not hear anything against your explanation before, please engage with Terry and Eric so that we can move forward. Thanks!
Cheers, Gonzalo On 16-Jan-19 01:25, René Hummen wrote: > Hi Gonzalo, Bob, all, > > sorry for being unresponsive. > > I have been working extensively on the draft in the past since becoming > co-editor of draft-moskowitz-hip-dex-01 back in March 2014, but I have not > been following HIP-related emails lately in accordance with Bob. I also want > to take this opportunity to note that I will not have any significant amount > of time for contributions in the future. > > That said, I still would like to briefly explain the high-level rationale > behind our choice of cryptographic primitives for HIP DEX, which are Eric's > key points as I see it: > In 2014 and beyond, many (Industrial) IoT devices often did not offer > communication security or relied on fixed symmetric keys, potentially > resulting in overuse of these keys. This was - and to my understanding still > is - a direct result of the relatively high cost (ROM, RAM, CPU cycles, > network usage) of public key cryptography on many microcontroller-based > embedded devices. > > Taking HIP BEX as a starting point, the idea therefore was to reduce the > overhead of the cryptographic primitives by omitting public-key signatures > and hash functions as the main overhead drivers regarding the above cost > factors. That also meant losing some cryptographic properties such as PFS > and SIGMA-compliance, many of which are taken for granted for traditional > Internet security. > > This is the trade-off that we were willing to accept for HIP DEX in order to > improve on deployed state of the art and our approach is to be very open > about these trade-offs. This is why we added text to that direction right to > the start of the document > (https://tools.ietf.org/html/draft-ietf-hip-dex-06#section-1). > > I suggest for the WG to decide whether this rationale and these trade-offs > are still valid and acceptable in 2019 and to proceed accordingly. > > @Bob: Please comment if your view differs. > > Regards, > René > > > -----Original Message----- > From: Hipsec <[email protected]> On Behalf Of Gonzalo Camarillo > Sent: Dienstag, 15. Januar 2019 15:28 > To: HIP <[email protected]> > Subject: [Hipsec] Status of draft-ietf-hip-dex > > Hi, > > I want to give the group a status update on the HIP DEX draft. Terry, our > AD, had to remove it from the agenda of the telechat where it was going to > be discussed (in May) because of security-related concerns about the draft > (from the Security ADs). We have been periodically pinging Rene and Bob > (authors of the draft) since then (9 months!), but we have not been able to > get any response from them... note that we had added Rene as a coauthor of > this draft because Bob's lack of cycles. > > Terry would like to get this done by the end of February. Any proposals on > how to proceed? > > Cheers, > > Gonzalo > > _______________________________________________ > Hipsec mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/hipsec > _______________________________________________ Hipsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/hipsec
