Using Ephemeral Diffie-Hellman Over COSE (EDHOC) with the Constrained Application Protocol (CoAP) and Object Security for Constrained RESTful Environments (OSCORE)
draft-ietf-core-oscore-edhoc-11
Technical Summary
The lightweight authenticated key exchange protocol EDHOC can be run
over CoAP and used by two peers to establish an OSCORE Security
Context. This document details this use of the EDHOC protocol, by
specifying a number of additional and optional mechanisms. These
especially include an optimization approach for combining the
execution of EDHOC with the first OSCORE transaction. This
combination reduces the number of round trips required to set up an
OSCORE Security Context and to complete an OSCORE transaction using
that Security Context.
Working Group Summary
There is broad agreement that this document should go forward, and a core group
of people who have satisfied themselves about the technical details.
Document Quality
The number of implementations is limited, as the underlying EDHOC protocol
(LAKE WG) has only just reached the IESG and needs to be implemented first.
Since EDHOC has recently made an on-wire change that also required to make a
change in the implementation, there is a certain reluctance to commit to
implementations before the document is approved. There is a common sentiment
that implementing this protocol will be a matter of course in the emerging
CoAP/EDHOC implementations. An early example for this is the following
implementation that includes the OSCORE-EDHOC protocol:
* https://github.com/rikard-sics/californium/tree/edhoc
Personnel
The Document Shepherd for this document is Carsten Bormann. The
Responsible Area Director is Paul Wouters.