IETF Logo Mail Archive

Re: [core] Last Call: <draft-ietf-core-block-18.txt> (Block-wise transfers in CoAP) to Proposed Standard

Göran Selander <goran.selander@ericsson.com> Thu, 26 November 2015 08:43 UTC

Return-Path: <goran.selander@ericsson.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B7D21B3728; Thu, 26 Nov 2015 00:43:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.901
X-Spam-Level:
X-Spam-Status: No, score=-3.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tI33hIY5X1jG; Thu, 26 Nov 2015 00:43:44 -0800 (PST)
Received: from sesbmg22.ericsson.net (sesbmg22.ericsson.net [193.180.251.48]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 60E401B3726; Thu, 26 Nov 2015 00:43:43 -0800 (PST)
X-AuditID: c1b4fb30-f79296d00000141d-0c-5656c63d1d38
Received: from ESESSHC011.ericsson.se (Unknown_Domain [153.88.183.51]) by sesbmg22.ericsson.net (Symantec Mail Security) with SMTP id 85.2B.05149.D36C6565; Thu, 26 Nov 2015 09:43:41 +0100 (CET)
Received: from ESESSMB303.ericsson.se ([169.254.3.32]) by ESESSHC011.ericsson.se ([153.88.183.51]) with mapi id 14.03.0248.002; Thu, 26 Nov 2015 09:43:21 +0100
From: Göran Selander <goran.selander@ericsson.com>
To: Carsten Bormann <cabo@tzi.org>
Thread-Topic: Last Call: <draft-ietf-core-block-18.txt> (Block-wise transfers in CoAP) to Proposed Standard
Thread-Index: AQHRI9sb/ga71FS+3UKAe+rFI8Rp+56t6kEAgAAAkICAABp4gA==
Date: Thu, 26 Nov 2015 08:43:20 +0000
Message-ID: <D27C7DBC.3F244%goran.selander@ericsson.com>
References: <20151120213250.32473.53283.idtracker@ietfa.amsl.com> <D27C68A8.3F21C%goran.selander@ericsson.com> <5656BE03.3090604@tzi.org>
In-Reply-To: <5656BE03.3090604@tzi.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.4.7.141117
x-originating-ip: [153.88.183.150]
Content-Type: text/plain; charset="utf-8"
Content-ID: <1530EF0D3BF7EC45A56C1628088A91F4@ericsson.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrHIsWRmVeSWpSXmKPExsUyM2K7sa7tsbAwg7XXFC2+P7/GYnFkyl1W i20bL7BZ7Hu7ntmi8dA8RotnG+ezWDx73sLowO6xc9Zddo8lS34yedx+PZ/ZY9qizACWKC6b lNSczLLUIn27BK6MNWtmMxcc4K+49q+NrYGxh7+LkZNDQsBEov9UGzuELSZx4d56ti5GLg4h gcOMEvs/PmKHcBYzSvQufMAKUsUm4CLxoOERE4gtIqAkceHiGrAOZoE5TBI7G2+xgSSEBXIk Xnz7BFTEAVSUK7F8pjVEvZPE30+NjCA2i4CqxIL+WcwgNq+AhcTMpt2sEMu6GSXObXkAtoBT QF1iavtksAZGoPO+n1oDFmcWEJe49WQ+E8TZAhJL9pxnhrBFJV4+/gd2qKiAnsTK601sEHEl iRXbLzGC3MMsoCmxfpc+xBhriXONV9kgbEWJKd0P2SHuEZQ4OfMJywRGiVlIts1C6J6FpHsW ku5ZSLoXMLKuYhQtTi1Oyk03MtJLLcpMLi7Oz9PLSy3ZxAiM5YNbfhvsYHz53PEQowAHoxIP 74bSsDAh1sSy4srcQ4wSHMxKIrwx2UAh3pTEyqrUovz4otKc1OJDjNIcLErivM1MD0KFBNIT S1KzU1MLUotgskwcnFINjLPPHNpm9uLP1SUnX/6WCw/YqfJr26Ps4LgDbLv//5jz8dic7ckb H5wW6pb5vluv2eyMhOCSv0ly1Z8lvc8IbFa8efV50jQHvdypPex6J533H/K1Xpq14uYMB7O7 oomppZUBRtM6s5+X84nHe3nbXmVb2tSUe/rvGp9flVWzKn6t+OFcdjUjPk6JpTgj0VCLuag4 EQCZ0vO74QIAAA==
Archived-At: <http://mailarchive.ietf.org/arch/msg/core/L1C4oeT9HG0CpQEzwbGnTJnM7s8>
Cc: "core-chairs@ietf.org" <core-chairs@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "core@ietf.org" <core@ietf.org>, "barryleiba@gmail.com" <barryleiba@gmail.com>, "draft-ietf-core-block@ietf.org" <draft-ietf-core-block@ietf.org>
Subject: Re: [core] Last Call: <draft-ietf-core-block-18.txt> (Block-wise transfers in CoAP) to Proposed Standard
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Nov 2015 08:43:46 -0000


On 2015-11-26 09:08, "Carsten Bormann" <cabo@tzi.org> wrote:

>Göran Selander wrote:
>> we should
>> not ignore these security issues in new standards.
>
>Definitely, we shouldn't ignore these security issues when defining new
>standards.
>
>Now why is this a comment on the IETF last-call for an existing
>specification? 

I’m sorry if you find this comment coming a bit late. Let me expand on the
history. 

As mentioned the object security work has been going on since a year
starting with CoAP. When turning to the other drafts in the CoAP suite, we
couldn't understand how blockwise works with proxies from the draft and
asked the question to the CORE list (June). The only answer we got was
actually wrong, in the sense that it gave the impression that this is not
a proxy operation that would be of any use - an indication that  blockwise
proxy operations, although not invented yesterday, has not been well
understood.

It was not until the social event in Prague (July) where we learnt (in
private conversation) that this is not a corner case. In the mail
discussion that follow on the CoRE list I formulate this problem as a
question to you but I don’t get any answer (Sept. 2). In the CORE WG f2f
meeting in Yokohama I raised the issue with blockwise and proposed
solution in my presentation (Nov. 5), but there is no comment.

That is why this is a comment on the IETF last-call.

Göran

v2.23.0 | Report a Bug | By Email