[6lo] Benjamin Kaduk's No Record on draft-ietf-6lo-rfc6775-update-17: (with COMMENT)
Benjamin Kaduk <kaduk@mit.edu> Tue, 03 April 2018 18:24 UTC
Return-Path: <kaduk@mit.edu>
X-Original-To: 6lo@ietf.org
Delivered-To: 6lo@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 5CFA5124BE8; Tue, 3 Apr 2018 11:24:38 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Benjamin Kaduk <kaduk@mit.edu>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-6lo-rfc6775-update@ietf.org, Gabriel Montenegro <Gabriel.Montenegro@microsoft.com>, 6lo-chairs@ietf.org, Gabriel.Montenegro@microsoft.com, 6lo@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.77.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <152277987837.22799.12025647276093031910.idtracker@ietfa.amsl.com>
Date: Tue, 03 Apr 2018 11:24:38 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/6lo/WCMNOLkkiipBIsIYBs4boTVUtt8>
Subject: [6lo] Benjamin Kaduk's No Record on draft-ietf-6lo-rfc6775-update-17: (with COMMENT)
X-BeenThere: 6lo@ietf.org
X-Mailman-Version: 2.1.22
List-Id: "Mailing list for the 6lo WG for Internet Area issues in IPv6 over constrained node networks." <6lo.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6lo>, <mailto:6lo-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6lo/>
List-Post: <mailto:6lo@ietf.org>
List-Help: <mailto:6lo-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6lo>, <mailto:6lo-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Apr 2018 18:24:38 -0000
Benjamin Kaduk has entered the following ballot position for draft-ietf-6lo-rfc6775-update-17: No Record When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-6lo-rfc6775-update/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Section 6.1 has: Registration Ownership Verifier (ROVR): Enables the correlation between multiple attempts to register a same IPv6 Address. This can be a unique ID of the Registering Node, such as the EUI-64 address of an interface. This can also be a token obtained with cryptographic methods and used as proof of ownership of the registration. [...] I understand that the actual crypto is (currently) in draft-ietf-6lo-ap-nd, but from the point of view of this document, the ROVR token (or "crypto-ID" in the terminology of 6lo-ap-nd) behaves as a bearer token. That is, I include it with my EARO and my registration request is authenticated and associated with that "identity"; there is not anything in this document that ties the crypto-ID to the EARO. From a very quick read of the other document, it sounds like the 6LR can optionally request validation that the 6LN using the crypto-ID actually has control of the associated private key, and is expected to do so on the first exchange, and so arguably the transport key+LLA are what associates the crypto-ID with the EARO. The conclusion from the above would be that this sort of ROVR is not itself proof of ownership of anything, so it might be better to have text like "this can also be a token obtained with cryptographic methods which can be used in additional protocol exchanges to associate a cryptographic identity (key) with this registration". In several places in section 7 it is indicated that implementations that support this spec should always use the new data structures even when talking to RFC6775-only peers; this generally seems fine due to the way that reserved fields are used. I was not entirely sure if the same holds for the use of new status codes in the EARO, though -- do things work out okay if (e.g.) "Moved" or "Removed" are interpreted as a generic error? In general the Security and Privacy Considerations seem well thought-out (in the model where Layer-2 security is already in place), thank you! (Key distribution remains a hard problem, of course, and sharing such keys across groups does reduce the security properties of the system, but this is not the right place to go into detail on such issues.) One final nit: what is the "port" involved in the Binding? It does not sound like it is an IP port...
- [6lo] Benjamin Kaduk's No Record on draft-ietf-6l… Benjamin Kaduk
- Re: [6lo] Benjamin Kaduk's No Record on draft-iet… Pascal Thubert (pthubert)
- Re: [6lo] Benjamin Kaduk's No Record on draft-iet… Benjamin Kaduk