[6lo] Roman Danyliw's No Objection on draft-ietf-6lo-nfc-20: (with COMMENT)

Roman Danyliw via Datatracker <noreply@ietf.org> Thu, 02 February 2023 21:01 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: 6lo@ietf.org
Delivered-To: 6lo@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id A8E18C1575D8; Thu, 2 Feb 2023 13:01:26 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-6lo-nfc@ietf.org, 6lo-chairs@ietf.org, 6lo@ietf.org, Samita Chakrabarti <samitac.ietf@gmail.com>, Carles Gomez <carlesgo@entel.upc.edu>, carlesgo@entel.upc.edu
X-Test-IDTracker: no
X-IETF-IDTracker: 9.8.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Roman Danyliw <rdd@cert.org>
Message-ID: <167537168668.39429.12111970205610008217@ietfa.amsl.com>
Date: Thu, 02 Feb 2023 13:01:26 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/6lo/GSQ6c-dBEp_4e-QZadnahNF79vo>
Subject: [6lo] Roman Danyliw's No Objection on draft-ietf-6lo-nfc-20: (with COMMENT)
X-BeenThere: 6lo@ietf.org
X-Mailman-Version: 2.1.39
List-Id: "Mailing list for the 6lo WG for Internet Area issues in IPv6 over constrained node networks." <6lo.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6lo>, <mailto:6lo-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6lo/>
List-Post: <mailto:6lo@ietf.org>
List-Help: <mailto:6lo-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6lo>, <mailto:6lo-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Feb 2023 21:01:26 -0000

Roman Danyliw has entered the following ballot position for
draft-ietf-6lo-nfc-20: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ 
for more information about how to handle DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-6lo-nfc/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

Thanks for addressing my DISCUSS feedback.

** Section 3.4.  Most of these normative statement appear to be restatements of
Section 4.5.2 of NFC Forum’s LLCP version 1.4.  The style of this document
seems to be specifying behavior that is in fact already specified
authoritatively elsewhere.

** Section 7.
   Ad-hoc secure data transfer can be established between two
   communication parties without any prior knowledge of the
   communication partner.  Ad-hoc secure data transfer can be vulnerable
   to Man-In-The-Middle (MITM) attacks.  Authenticated secure data
   transfer provides protection against Man-In-The-Middle (MITM)
   attacks.  In the initial bonding step, the two communicating parties
   store a shared secret along with a Bonding Identifier.  For all
   subsequent interactions, the communicating parties re-use the shared
   secret and compute only the unique encryption key for that session.
   Secure data transfer is based on the cryptographic algorithms defined
   in the NFC Authentication Protocol (NAP).

-- This entire text is cut-and-paste from Section 3.2.5 of NFC Forum LLC. 
Given that this text is used verbatim shouldn’t it be cited?

-- If the text is going to be restated, in the spirit of inclusive language,
please consider alternative language to “MiTM”.