From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: dice WG <dtls-iot@ietf.org>
Subject: WG Review: DTLS In Constrained Environments (dice)
A new IETF working group has been proposed in the Security Area. The IESG
has not made any determination yet. The following draft charter was
submitted, and is provided for informational purposes only. Please send
your comments to the IESG mailing list (iesg at ietf.org) by 2013-09-23.
DTLS In Constrained Environments (dice)
------------------------------------------------
Current Status: Proposed WG
Assigned Area Director:
Stephen Farrell <stephen.farrell@cs.tcd.ie>
Mailing list
Address: dtls-iot@ietf.org
To Subscribe: https://www.ietf.org/mailman/listinfo/dtls-iot
Archive: http://www.ietf.org/mail-archive/web/dtls-iot/
Charter:
The Constrained Application Protocol (CoAP) can be used to manipulate
resources on a device in constrained environments secured by Datagram
Transport Layer Security (DTLS, RFC 6347). The DTLS In Constrained
Environments (DICE) working group focuses on supporting the use of DTLS
Transport-Layer Security in these environments.
The first task of the working group is to define a DTLS profile that is
suitable for Internet of Things applications and is reasonably
implementable on many constrained devices.
The second task of the working group is to define how DTLS record layer
can be used to transmit multicast messages securely. Security for these
multicast messages is needed in many Internet of Things environments, as
some messages are commonly multicast among a set of receivers. Session
keys are needed in order to use the DTLS record layer in this way.
Changes to the DTLS handshake to support this may be needed in future but
are not part of the initial charter for DICE wg.
The third task of the working group is to investigate practical issues
around the DTLS handshake in constrained environments. Many current
systems end up fragmenting messages, and the re-transmission and
re-ordering of handshake messages results in significant complexity and
reliability problems. Additional reliability mechanisms for transporting
DTLS handshake messages are required as they will ensure that handling of
re-ordered messages needs to be done only once in a single place in the
stack. The DICE working group may also look at alternative TLS transports
in cooperation with the TLS WG.
The DTLS state machine should not be modified and key management
(including for multicast security) and multi-cast session setup are out
the scope for the initial work.
The DICE working group will work closely with the TLS, CoRE and LWIG
working groups.
Milestones:
TBD
WG action announcement
WG Action Announcement
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: dice WG <dtls-iot@ietf.org>
Subject: WG Action: Formed DTLS In Constrained Environments (dice)
A new IETF working group has been formed in the Security Area. For
additional information please contact the Area Directors or the WG
Chairs.
DTLS In Constrained Environments (dice)
------------------------------------------------
Current Status: Proposed WG
Chairs:
Dorothy Gellert <dorothy.gellert@gmail.com>
Zach Shelby <zach@sensinode.com>
Assigned Area Director:
Stephen Farrell <stephen.farrell@cs.tcd.ie>
Mailing list
Address: dtls-iot@ietf.org
To Subscribe: https://www.ietf.org/mailman/listinfo/dtls-iot
Archive: http://www.ietf.org/mail-archive/web/dtls-iot/
Charter:
The Constrained Application Protocol (CoAP) can be used to manipulate
resources on a device in constrained environments secured by Datagram
Transport Layer Security (DTLS, RFC 6347). The DTLS In Constrained
Environments (DICE) working group focuses on supporting the use of DTLS
Transport-Layer Security in these environments. Constrained environments
looked at in DICE include contrained devices (e.g. memory, algorithm
choices) and constrained networks (e.g. PDU sizes, packet loss).
The first task of the working group is to define a DTLS profile that is
suitable for Internet of Things applications and is reasonably
implementable on many constrained devices.
The second task of the working group is to define how DTLS record layer
can be used to transmit multicast messages securely. Security for these
multicast messages is needed in many Internet of Things environments, as
some messages are commonly multicast among a set of receivers. Session
keys are needed in order to use the DTLS record layer in this way.
Changes to the DTLS handshake to support this may be needed in future but
are not part of the initial charter for DICE wg.
The third task of the working group is to investigate practical issues
around the DTLS handshake in constrained environments. Many current
systems end up fragmenting messages, and the re-transmission and
re-ordering of handshake messages results in significant complexity and
reliability problems. Additional reliability mechanisms for transporting
DTLS handshake messages are required as they will ensure that handling of
re-ordered messages needs to be done only once in a single place in the
stack. The DICE working group may also look at alternative TLS transports
in cooperation with the TLS WG.
The DTLS state machine should not be modified and key management
(including for multicast security) and multi-cast session setup are out
the scope for the initial work.
The DICE working group will work closely with the TLS, CoRE and LWIG
working groups.
Milestones:
Dec 2013 - WG document for DTLS for Constrained Environments profile
Dec 2013 - WG document for secure group communication for IoT
May 2014 - DTLS for IoT profile specification submitted to the IESG for
publication as standards track
Jun 2014 - Secure group communication specification submitted to the
IESG for publication as standards track