Re: [6lo] FW: I-D Action: draft-ietf-6lo-plc-03.txt

"Liubing (Remy)" <> Mon, 08 June 2020 03:51 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5DDC83A09FD for <>; Sun, 7 Jun 2020 20:51:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 7E9iM7Kot0DO for <>; Sun, 7 Jun 2020 20:51:29 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id EB5353A09FC for <>; Sun, 7 Jun 2020 20:51:28 -0700 (PDT)
Received: from (unknown []) by Forcepoint Email with ESMTP id 22CDCC5D6FADB86DB289; Mon, 8 Jun 2020 04:51:26 +0100 (IST)
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1913.5; Mon, 8 Jun 2020 04:51:25 +0100
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.1.1913.5 via Frontend Transport; Mon, 8 Jun 2020 04:51:25 +0100
Received: from ([]) by ([]) with mapi id 14.03.0487.000; Mon, 8 Jun 2020 11:51:20 +0800
From: "Liubing (Remy)" <>
To: Michael Richardson <>
CC: "" <>, Carles Gomez Montenegro <>
Thread-Topic: [6lo] FW: I-D Action: draft-ietf-6lo-plc-03.txt
Thread-Index: AdY9SA7CjyVbqV7OTp+0f738Wm7ojA==
Date: Mon, 8 Jun 2020 03:51:20 +0000
Message-ID: <>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
x-originating-ip: []
Content-Type: text/plain; charset="gb2312"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <>
Subject: Re: [6lo] FW: I-D Action: draft-ietf-6lo-plc-03.txt
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Mailing list for the 6lo WG for Internet Area issues in IPv6 over constrained node networks." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 08 Jun 2020 03:51:31 -0000

Hello Michael,

Thank you for helping us improving the draft, especially the security considerations.

Best regards.

发件人: Michael Richardson [] 
发送时间: 2020年6月7日 7:16
收件人: Liubing (Remy) <>
抄送:; Carles Gomez Montenegro <>
主题: Re: 答复: 答复: [6lo] FW: I-D Action: draft-ietf-6lo-plc-03.txt

Liubing (Remy) <> wrote:
    > Thank you for your suggestion. I prefer not to include
    > [I-D.ietf-anima-bootstrapping-keyinfra], since it is not as directly
    > related to PLC as [I-D.ietf-6tisch-dtsecurity-zerotouch-join]. How
    > about make a very brief explanation just like you made for
    > [I-D.ietf-6tisch-minimal-security]?

    > I post the second paragraph of the security considerations
    > below. Please tell me your opinion. Thank you.

I like it, thank you.

    > Malicious PLC devices could paralyze the whole network via DOS attacks,
    > e.g., keep joining and leaving the network frequently, or multicast
    > routing messages containing fake metrics. A device may also join a
    > wrong or even malicious network, exposing its data to illegal
    > users. Mutual authentication of network and new device can be conducted
    > during the onboarding process of the new device. Methods include
    > protocols such as [RFC7925] (exchanging pre-installed certificates over
    > DTLS), [I-D.ietf-6tisch-minimal-security] (which uses pre-shared keys),
    > and [I-D.ietf-6tisch-dtsecurity-zerotouch-join] (which uses IDevID and
    > MASA service). It is also possible to use EAP methods such as
    > [I-D.ietf-emu-eap-noob] via transports like PANA [RFC5191]. No specific
    > mechanism is specified by this document as an appropriate mechanism
    > will depend upon deployment circumstances. The network encryption key
    > appropriate for the layer-2 can also be acquired during the onboarding
    > process.

Michael Richardson <>ca>, Sandelman Software Works  -= IPv6 IoT consulting =-