Re: [6lo] FW: I-D Action: draft-ietf-6lo-plc-03.txt

"Liubing (Remy)" <remy.liubing@huawei.com> Mon, 08 June 2020 03:51 UTC

Return-Path: <remy.liubing@huawei.com>
X-Original-To: 6lo@ietfa.amsl.com
Delivered-To: 6lo@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5DDC83A09FD for <6lo@ietfa.amsl.com>; Sun, 7 Jun 2020 20:51:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7E9iM7Kot0DO for <6lo@ietfa.amsl.com>; Sun, 7 Jun 2020 20:51:29 -0700 (PDT)
Received: from huawei.com (lhrrgout.huawei.com [185.176.76.210]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EB5353A09FC for <6lo@ietf.org>; Sun, 7 Jun 2020 20:51:28 -0700 (PDT)
Received: from lhreml711-chm.china.huawei.com (unknown [172.18.7.108]) by Forcepoint Email with ESMTP id 22CDCC5D6FADB86DB289; Mon, 8 Jun 2020 04:51:26 +0100 (IST)
Received: from lhreml711-chm.china.huawei.com (10.201.108.62) by lhreml711-chm.china.huawei.com (10.201.108.62) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1913.5; Mon, 8 Jun 2020 04:51:25 +0100
Received: from DGGEMM401-HUB.china.huawei.com (10.3.20.209) by lhreml711-chm.china.huawei.com (10.201.108.62) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.1.1913.5 via Frontend Transport; Mon, 8 Jun 2020 04:51:25 +0100
Received: from DGGEMM506-MBX.china.huawei.com ([169.254.3.102]) by DGGEMM401-HUB.china.huawei.com ([10.3.20.209]) with mapi id 14.03.0487.000; Mon, 8 Jun 2020 11:51:20 +0800
From: "Liubing (Remy)" <remy.liubing@huawei.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>
CC: "6lo@ietf.org" <6lo@ietf.org>, Carles Gomez Montenegro <carlesgo@entel.upc.edu>
Thread-Topic: [6lo] FW: I-D Action: draft-ietf-6lo-plc-03.txt
Thread-Index: AdY9SA7CjyVbqV7OTp+0f738Wm7ojA==
Date: Mon, 8 Jun 2020 03:51:20 +0000
Message-ID: <BB09947B5326FE42BA3918FA28765C2E012D8CFE@DGGEMM506-MBX.china.huawei.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.108.203.246]
Content-Type: text/plain; charset="gb2312"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/6lo/_QIh7YhbAuKstAZ2dodOrwjs0I4>
Subject: Re: [6lo] FW: I-D Action: draft-ietf-6lo-plc-03.txt
X-BeenThere: 6lo@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Mailing list for the 6lo WG for Internet Area issues in IPv6 over constrained node networks." <6lo.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6lo>, <mailto:6lo-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6lo/>
List-Post: <mailto:6lo@ietf.org>
List-Help: <mailto:6lo-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6lo>, <mailto:6lo-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jun 2020 03:51:31 -0000

Hello Michael,

Thank you for helping us improving the draft, especially the security considerations.

Best regards.
Remy

-----邮件原件-----
发件人: Michael Richardson [mailto:mcr+ietf@sandelman.ca] 
发送时间: 2020年6月7日 7:16
收件人: Liubing (Remy) <remy.liubing@huawei.com>
抄送: 6lo@ietf.org; Carles Gomez Montenegro <carlesgo@entel.upc.edu>
主题: Re: 答复: 答复: [6lo] FW: I-D Action: draft-ietf-6lo-plc-03.txt


Liubing (Remy) <remy.liubing@huawei.com> wrote:
    > Thank you for your suggestion. I prefer not to include
    > [I-D.ietf-anima-bootstrapping-keyinfra], since it is not as directly
    > related to PLC as [I-D.ietf-6tisch-dtsecurity-zerotouch-join]. How
    > about make a very brief explanation just like you made for
    > [I-D.ietf-6tisch-minimal-security]?

    > I post the second paragraph of the security considerations
    > below. Please tell me your opinion. Thank you.

I like it, thank you.

    > Malicious PLC devices could paralyze the whole network via DOS attacks,
    > e.g., keep joining and leaving the network frequently, or multicast
    > routing messages containing fake metrics. A device may also join a
    > wrong or even malicious network, exposing its data to illegal
    > users. Mutual authentication of network and new device can be conducted
    > during the onboarding process of the new device. Methods include
    > protocols such as [RFC7925] (exchanging pre-installed certificates over
    > DTLS), [I-D.ietf-6tisch-minimal-security] (which uses pre-shared keys),
    > and [I-D.ietf-6tisch-dtsecurity-zerotouch-join] (which uses IDevID and
    > MASA service). It is also possible to use EAP methods such as
    > [I-D.ietf-emu-eap-noob] via transports like PANA [RFC5191]. No specific
    > mechanism is specified by this document as an appropriate mechanism
    > will depend upon deployment circumstances. The network encryption key
    > appropriate for the layer-2 can also be acquired during the onboarding
    > process.

--
Michael Richardson <mcr+IETF@sandelman.ca>ca>, Sandelman Software Works  -= IPv6 IoT consulting =-