Re: [Last-Call] Genart last call review of draft-ietf-core-oscore-edhoc-09

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello Joel,

Thanks a lot for your review! Please find in line below our detailed replies to your comments.

A Github PR where we have addressed your comments is available at [GENART-PR].

Unless any concern is raised, we plan to soon merge this PR (and the other ones related to other received reviews), and to submit the result as version -10 of the document.

Thanks,
/Marco

[GENART-PR] https://github.com/core-wg/oscore-edhoc/pull/15


On 2023-11-12 17:19, Joel Halpern via Datatracker wrote:
Reviewer: Joel Halpern
Review result: Ready with Issues

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at

<https://eur05.safelinks.protection.outlook.com/?url="">.

Document: draft-ietf-core-oscore-edhoc-09
Reviewer: Joel Halpern
Review Date: 2023-11-12
IETF LC End Date: 2023-11-13
IESG Telechat date: Not scheduled for a telechat

Summary: This document is ready for publication as a proposed standard
reviewer note: I did not attempt to verify that the description here of the
underlying security protocols is correct.  I leave that to the WG and the
security reviewers.

Major issues: N/A

Minor issues:
   In reading the first part of section 3, I found myself confused in two
   regards.  First, the diagram shows the third message as containing EDHOC
   message_3 + OSCORE-protected data. But the text refers to it as also
   containing C_R which is not apparently part of EDHOC message 3.  I think
   this is explained in step 4 of section 3.2, but it is at best jarring at
   this stage. (Maybe just call it OSCORE option C_R? Or note at this point,as
   you do later, in the text that the EDHOC C_R and the OSCORE C_R are
   identical?)

==>MT

The *CoAP request* contains C_R, while EDHOC message_3 does not. In fact, that is the case in both the original workflow and the optimized workflow.

That is, in both workflows, C_R is not part of EDHOC message_3, and it has to be somehow specified in the CoAP request that conveys EDHOC message_3.

As to the original workflow, this is already defined in draft-ietf-lake-edhoc, and reminded in Section 2 of the present document. That is, C_R is specified in the payload of the CoAP request, as prepended to EDHOC message_3, i.e.:

> The request payload consists of the EDHOC connection identifier C_R encoded as per Section 3.3 of [I-D.ietf-lake-edhoc], concatenated with EDHOC message_3.

As to the optimized workflow in Section 3, the diagram in Figure 2 is correct about what it shows. As it happens, C_R is already specified as the value of the 'kid' field in the CoAP OSCORE Option included in the CoAP request. Hence, we take advantage of that and we do not prepend C_R to EDHOC message_3 in the request payload.

Note that there is no concept of "OSCORE C_R" or "OSCORE option C_R", and the CoAP OSCORE Option does not include a C_R field. There is only EDHOC C_R, as the EDHOC Connection Identifier of the Responder.

To make these points clearer, in Section 3.0 we have revised the bullet list introduced by "That is, the EDHOC + OSCORE request ..." to become as follows.

> That is, the EDHOC + OSCORE request is composed of the following two parts combined together in a single CoAP message:
>
> * The OSCORE Request from Figure 1, which is also in this case sent to a protected resource, with the correct CoAP method and options intended for accessing that resource.
>
> * EDHOC data consisting of the pair (C_R, EDHOC message_3) required for completing the EDHOC session, transported as follows:
>    * C_R is the OSCORE Sender ID of the client and hence transported in the 'kid' field of the OSCORE Option (see Section 6.1 of RFC 8613). Unlike in the sequential workflow shown in Figure 1, C_R is thus not transported in the payload of the EDHOC + OSCORE request.
>    * EDHOC message_3 is transported in the payload of the EDHOC + OSCORE request, prepended to the payload of the OSCORE Request. This is because EDHOC message_3 may be too large to be included in a CoAP Option, e.g., when conveying a large public key certificate chain as ID_CRED_I (see Section 3.5.3 of [I-D.ietf-lake-edhoc]) or when conveying large External Authorization Data as EAD_3 (see Section 3.8 of [I-D.ietf-lake-edhoc]).

<==

    Second, the description here is worded in a way that leads the reader to
    understand that the EDHOC message is part of the OSCOR content.  The
    processing order and protection structure is spelled out in section 3.2. 
    Maybe just add something like "This structure can be processed in order due
    to the construction rules in section 3.2?

==>MT

In Section 3.0, we have extended the paragraph right before the bullet list as follows.

OLD
> That is, the EDHOC + OSCORE request is composed of the following two parts combined together in a single CoAP message:

NEW
> That is, the EDHOC + OSCORE request is composed of the following two parts combined together in a single CoAP message. The steps for processing the EDHOC + OSCORE request and the two parts combined in there are defined in Section 3.2 and Section 3.3.

<==


Nits/editorial comments:



-- 
Marco Tiloca
Ph.D., Senior Researcher

Phone: +46 (0)70 60 46 501

RISE Research Institutes of Sweden AB
Box 1263
164 29 Kista (Sweden)

Division: Digital Systems
Department: Computer Science
Unit: Cybersecurity

https://www.ri.se

Attachment: OpenPGP_0xEE2664B40E58DA43.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature.asc
Description: OpenPGP digital signature

-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux