Re: [6lo] Roman Danyliw's Discuss on draft-ietf-6lo-use-cases-14: (with DISCUSS and COMMENT)
Erik Kline <ek.ietf@gmail.com> Wed, 01 February 2023 06:49 UTC
Return-Path: <ek.ietf@gmail.com>
X-Original-To: 6lo@ietfa.amsl.com
Delivered-To: 6lo@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 81610C1575BC; Tue, 31 Jan 2023 22:49:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.094
X-Spam-Level:
X-Spam-Status: No, score=-2.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CbA8sUnJT2HQ; Tue, 31 Jan 2023 22:49:52 -0800 (PST)
Received: from mail-vs1-xe2c.google.com (mail-vs1-xe2c.google.com [IPv6:2607:f8b0:4864:20::e2c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BF4BEC1575BB; Tue, 31 Jan 2023 22:49:52 -0800 (PST)
Received: by mail-vs1-xe2c.google.com with SMTP id 187so18576871vsv.10; Tue, 31 Jan 2023 22:49:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=eKgsDiqUY8W/nHD6nb1v7wRJXkXxDmeoPupuwCFl9aQ=; b=Q+hlz+UgDpCosK3WfHKy3Z9P/DC9hHcDonj+6BxDBz9FBmw7rxYUyIIREkwU2ZQSp1 E298k1/RqVrQ6ox8Up5ON5oayCOQmJeMwwZ05riP7un6b4SGowCF0CNPG39huLc3GAhc 25jV/OlyThz4Yzan8Gp2jDh7cO4FpWDm7eD2X6hIWJFflB+zufJXkVTnCo5fHWu+mv6c 7m3Probs8YHAJzikb9r/3SAqqptsdvhqrliHE0ZfluUl9BoN0vM2oHEpp6xs2rd49b7A 4H/g8vmGe5HGfs+HdcVbreOPjAQ/RsutlVBUXAPA0HLav15yhkHpkFx1ONcuBLl+9VD1 R1+g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=eKgsDiqUY8W/nHD6nb1v7wRJXkXxDmeoPupuwCFl9aQ=; b=xVImwRtppLGEzQoCzJOaqlB5Bul+XyB27eKqHrGLP8jJ7xbgx43nFv/4RhJJl3FUe+ qw5lJfVB5GfM+YY7MBlDEcwPJl85k8lZpgYr99xvqpA39eGmIJkK42LmuzzzTzCbx0mW 9pvO4cVyVVYCs9wMwM1usTMUuNpHYxW/suxm7jnospnVfZoHmk2hkVOO5wqjHY9Od/lb plZCao/jN5OKTcsmiZrQm9tHIE8EcF0ZBauDsFWfnYmoFt14HBfSqLTbib+F2qUe1iss K9EinJWld14Tnkhyz5FsLWhAyFLtEoGIQYoRAtUUOJDYtIWDESlOf1AZ5hBJMl0xoSgB m1cQ==
X-Gm-Message-State: AO0yUKVxKv0b7Tt+xyM+xEFoMyjLeUERBZYn0iFSO0FwZeCliQsl+moW Yy6nTFRAD/+N4qA8BrbaD3cbzJK4WBG7x+hLIl2zWKbw
X-Google-Smtp-Source: AK7set/sLnErntOJWeOrRYq/otKxU2vCGMgJ2d6ONKc+6YnAvNBmyWrQpWtVnHFK7BvvBYPWjzuL7J9o689KELVTXCc=
X-Received: by 2002:a05:6102:100c:b0:3ef:6249:694c with SMTP id q12-20020a056102100c00b003ef6249694cmr252564vsp.78.1675234191386; Tue, 31 Jan 2023 22:49:51 -0800 (PST)
MIME-Version: 1.0
References: <167097330864.46451.16737695388174276673@ietfa.amsl.com>
In-Reply-To: <167097330864.46451.16737695388174276673@ietfa.amsl.com>
From: Erik Kline <ek.ietf@gmail.com>
Date: Tue, 31 Jan 2023 22:49:40 -0800
Message-ID: <CAMGpriU_ON6k2J7ZVyq=vuLGv+q_RRS14EDC3Xamk9KtcXJfoA@mail.gmail.com>
To: Roman Danyliw <rdd@cert.org>
Cc: The IESG <iesg@ietf.org>, draft-ietf-6lo-use-cases@ietf.org, 6lo-chairs@ietf.org, 6lo@ietf.org, shwetha.bhandari@gmail.com
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/6lo/Vkuegl5YLXRx6cQfF4bTksquKW8>
Subject: Re: [6lo] Roman Danyliw's Discuss on draft-ietf-6lo-use-cases-14: (with DISCUSS and COMMENT)
X-BeenThere: 6lo@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Mailing list for the 6lo WG for Internet Area issues in IPv6 over constrained node networks." <6lo.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6lo>, <mailto:6lo-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6lo/>
List-Post: <mailto:6lo@ietf.org>
List-Help: <mailto:6lo-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6lo>, <mailto:6lo-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Feb 2023 06:49:53 -0000
Thank you, Roman, for the review. Authors: I believe we're waiting for someone to produce one or more updates that collectively address the comments provided. Thanks, -ek On Tue, Dec 13, 2022 at 3:15 PM Roman Danyliw via Datatracker <noreply@ietf.org> wrote: > > Roman Danyliw has entered the following ballot position for > draft-ietf-6lo-use-cases-14: Discuss > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ > for more information about how to handle DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-6lo-use-cases/ > > > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > Section 3 > > Security and Encryption: Though 6LoWPAN basic specifications do > not address security at the network layer, the assumption is that > L2 security must be present. In addition, application-level > security is highly desirable. The working groups [IETF_ace] and > [IETF_core] should be consulted for application and transport > level security. The 6lo working group has worked on address > authentication [RFC8928] and secure bootstrapping is also being > discussed in the IETF. However, there may be other security > mechanisms available in a deployment through other standards such > as hardware-level security or certificates for the initial booting > process. Encryption is important if the implementation can afford > it. > > With the exception of authentication and secure bootstrapping, this text is > vague on what security properties are to be considered. Likewise, saying > “encryption” is not informative as it can help provide specific (but unnamed) > security properties. What is intended is not clear. Specifically: > > -- What is the “L2 security” that “must be present” specifically? What > properties are being addressed (e.g., confidentiality? Authenticity?) > > -- What is “application-level security” that is “desirable”? > > -- “Affordability” on what dimension per the supporting encryption? Is that a > notional budget for the application, power/battery, etc? > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Thank you to Robert Sparks for the SECDIR review. > > ** Section 1. > > Running IPv6 on constrained node networks presents challenges, due to > the characteristics of these networks such as small packet size, low > power, low bandwidth, low cost, > > Why is “lost cost” a challenge to running IPv6 on a constrained network? It > seems like a desirable property. > > ** Section 2. Editorial. Inconsistent descriptions of the protocols: > > -- Data rate: not mentioned in Section 2.2. > -- Range: not mentioned in Sections 2.1, 2.2, 2.3, 2.5 > > ** Section 2.2. Editorial. Could references to Bluetooth 4.0, 4.1, and IPSP > please be provided. > > ** Section 2.3. Editorial. Please provide a reference to DECT-ULE. > > ** Section 2.5. > NFC technology enables simple and safe two-way interactions between > electronic devices > > Are the other protocols in Section 2.* not “simple” or “safe”? > > ** Section 2.7 > > The following table shows the dominant parameters of each > use case corresponding to the 6lo link layer technology. > > Is NFC “dominantly” only used in “health-care services”? Is there a basis for > that assertion. > > ** Section 3. > ... L2-address-derived IPv6 addresses are > > specified in [RFC4944], but there exist implications for privacy. > > Explicitly state those privacy implications. > > ** Section 4.2. Section 4.* is titled “deployment scenarios”. Section 4.1, > 4.3, and 4.4 explicitly state where they are deployed. This section described > Thread, but omits describing the envisioned deployment. > > ** Section 4.2. Editorial. The term “future-proof designs” seems like > marketing. > > ** Section 4.* and 5.*. Editorial. I don’t understand the difference between a > “deployment scenario” and a “6lo use case”. > > ** Section 5.1. > > Security support is required, especially for safety- > related communication. > > What is a “security support”? Is “security” not desirable in the other use > cases such as Section 5.2 - 5.4 > > >
- [6lo] Roman Danyliw's Discuss on draft-ietf-6lo-u… Roman Danyliw via Datatracker
- Re: [6lo] Roman Danyliw's Discuss on draft-ietf-6… Erik Kline
- Re: [6lo] Roman Danyliw's Discuss on draft-ietf-6… Yong-Geun Hong
- Re: [6lo] Roman Danyliw's Discuss on draft-ietf-6… Yong-Geun Hong