Re: [6lowpan] IEEE 802.15.9 KMP over 802.15.4 and 802.15.7 approved

"Benjamin A. Rolfe" <ben@blindcreek.com> Mon, 14 November 2011 19:32 UTC

Return-Path: <ben@blindcreek.com>
X-Original-To: 6lowpan@ietfa.amsl.com
Delivered-To: 6lowpan@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A7E3321F8B1D for <6lowpan@ietfa.amsl.com>; Mon, 14 Nov 2011 11:32:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.996
X-Spam-Level:
X-Spam-Status: No, score=0.996 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, HOST_EQ_STATICB=1.372, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zCn1Af+K9hcb for <6lowpan@ietfa.amsl.com>; Mon, 14 Nov 2011 11:32:45 -0800 (PST)
Received: from wilson.nswebhost.com (static-6-231-217-209.nocdirect.com [209.217.231.6]) by ietfa.amsl.com (Postfix) with ESMTP id A0F1221F8D3D for <6lowpan@ietf.org>; Mon, 14 Nov 2011 11:32:45 -0800 (PST)
Received: from [64.74.213.174] (helo=[192.168.250.11]) by wilson.nswebhost.com with esmtpa (Exim 4.69) (envelope-from <ben@blindcreek.com>) id 1RQ2Gj-0008K5-08; Mon, 14 Nov 2011 13:32:37 -0600
Message-ID: <4EC16CDB.5010503@blindcreek.com>
Date: Mon, 14 Nov 2011 11:32:43 -0800
From: "Benjamin A. Rolfe" <ben@blindcreek.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.23) Gecko/20110920 Lightning/1.0b2 Thunderbird/3.1.15
MIME-Version: 1.0
To: 6lowpan@ietf.org, Robert Moskowitz <rgm@labs.htt-consult.com>
References: <4EBD7EC9.4090705@labs.htt-consult.com> <7122CCCC-BF56-4A67-B255-DF126BEA495D@yegin.org> <4EC145FC.4030601@labs.htt-consult.com> <CADrU+d++Z4gVVeQmu0nh2Y9kxsSyaEFKwtnP+y3SAtMzs9iYCA@mail.gmail.com>
In-Reply-To: <CADrU+d++Z4gVVeQmu0nh2Y9kxsSyaEFKwtnP+y3SAtMzs9iYCA@mail.gmail.com>
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - wilson.nswebhost.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - blindcreek.com
X-Source:
X-Source-Args:
X-Source-Dir:
Subject: Re: [6lowpan] IEEE 802.15.9 KMP over 802.15.4 and 802.15.7 approved
X-BeenThere: 6lowpan@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Working group discussion for IPv6 over LowPan networks <6lowpan.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6lowpan>, <mailto:6lowpan-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/6lowpan>
List-Post: <mailto:6lowpan@ietf.org>
List-Help: <mailto:6lowpan-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6lowpan>, <mailto:6lowpan-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Nov 2011 19:32:46 -0000

Excellent points that will make the PAR stronger.

Many on this list have been through the IEEE 802 project process, but for those that may not have it might help to explain the purpose of the PAR, which is to ask IEEE-SA to authorize a new project, in this case a recommended practice. The scope clause defines the direction of the project and can be thought of as the 'normative' part of the PAR.  The other clauses provide the New Standards committee (NesCom) background, and not in any way limitations.   

I see positive potential for the project. As Robert points out there are many security methods applied over and with 802.15 standards and for some (like me) it can be a mystifying topic.  I am looking to TG9 to help.

As currently drafted the scope is not limited to the particular protocols mentioned as examples. The 802.15 operating procedures allow a very open process and input is welcome from all that choose to participate. If/when it is approved the first steps will be to define, within the scope of the project, what specific protocols are relevant to the RP.  I commend Bob for reaching out at this early stage to solicit input on the project, and encourage continued participation.   The experience of those that have used 802.15.4 and other standards in the 802.15 family will be of great value.

So as a potential user of the RP (who isn't qualified to contribute much beyond desire ;-), thanks all for the help on the PAR and I look forward to continued contributions!

-B


Bob,

I have to say I object to the following statement in the PAR:

"Lack of key management support in IEEE Std 802.15.4 and IEEE Std 802.15.7 results in weak keys which is a common avenue for attacking the security system."

"results in weak keys" implies this is always the case, which is simply not true. This should be rephrased as "may result in weak keys". Users of 802.15.4 such as ZigBee have put in place a KMP which does not result in weak keys,

And I agree with Alper - if you are mentioning IETF and 802.1X, you really have to mention PANA as it is entirely relevant.

Robert

On Mon, Nov 14, 2011 at 4:46 PM, Robert Moskowitz <rgm@labs.htt-consult.com> wrote:
On 11/14/2011 03:17 PM, Alper Yegin wrote:
>

> Hi Bob,

>

> This PAR document still does not refer to IETF's PANA (IETF
RFC that

> is already adopted by the Zigbee IP spec.) I'm hoping the PAR
changes

> you are referring are already addressing that. Please let us
know.


It was a procedural question as to what is 'wanted' here.  Strictly IEEE standards or broader interpretation?  The 802EC clearified that a broader inclusion was desired so words have been added to point out that Zibgee IP has addressed this within their upper layer.  A 'literal' interpretation was that 802.1X does not work over 802.15.4 or 15.7 so there was no comparable standard.

Also 802.1 pointed out the need to include the potential need of an Registry Authority (6.1b) and that too was added.  The final posted PAR will reflect these two changes.


>

> Thanks.

>

> Alper

>

>

> On Nov 11, 2011, at 10:00 PM, Robert Moskowitz wrote:

>

>> The IEEE 802ec approved the PAR this afternoon. The PAR
documents

>> are at:

>>

>>
https://mentor.ieee.org/802.15/dcn/11/15-11-0613-05-0kmp-key-management-protocol-par.doc" target="_blank" rel="nofollow">https://mentor.ieee.org/802.15/dcn/11/15-11-0613-05-0kmp-key-management-protocol-par.doc

>>

>>

https://mentor.ieee.org/802.15/dcn/11/15-11-0665-05-0kmp-kmp-5c-draft.doc" target="_blank" rel="nofollow">https://mentor.ieee.org/802.15/dcn/11/15-11-0665-05-0kmp-kmp-5c-draft.doc
>>

>> We did agree to two procedural changes in the PAR, so
there will be

>> a rev 6 posted sometime soon.

>>

>>

>> _______________________________________________ 6lowpan
mailing

>> list 6lowpan@ietf.org

>> https://www.ietf.org/mailman/listinfo/6lowpan" target="_blank" rel="nofollow">https://www.ietf.org/mailman/listinfo/6lowpan

>

>



_______________________________________________
6lowpan mailing list
6lowpan@ietf.org
https://www.ietf.org/mailman/listinfo/6lowpan" target="_blank" rel="nofollow">https://www.ietf.org/mailman/listinfo/6lowpan




--

Robert Cragie

Gridmerge Ltd.
89 Greenfield Crescent,
Wakefield, WF4 4WA, UK
+44 1924 910888
+1 415 513 0064
http://www.gridmerge.com/" target="_blank" rel="nofollow">http://www.gridmerge.com


_______________________________________________ 6lowpan mailing list 6lowpan@ietf.org https://www.ietf.org/mailman/listinfo/6lowpan" rel="nofollow">https://www.ietf.org/mailman/listinfo/6lowpan