Re: [6lowpan] SOLACE things at SAAG

Stephen Farrell <stephen.farrell@cs.tcd.ie> Mon, 29 October 2012 20:46 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: 6lowpan@ietfa.amsl.com
Delivered-To: 6lowpan@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C5A921F871D; Mon, 29 Oct 2012 13:46:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.483
X-Spam-Level:
X-Spam-Status: No, score=-102.483 tagged_above=-999 required=5 tests=[AWL=0.116, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wPjbcul9PEef; Mon, 29 Oct 2012 13:46:24 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id 3F4E321F870C; Mon, 29 Oct 2012 13:46:24 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 7434FC77B; Mon, 29 Oct 2012 20:46:01 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4Pp2h1LZO0hf; Mon, 29 Oct 2012 20:45:59 +0000 (GMT)
Received: from [10.87.48.4] (unknown [86.42.183.189]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 4325CBE25; Mon, 29 Oct 2012 20:45:59 +0000 (GMT)
Message-ID: <508EEB07.8080807@cs.tcd.ie>
Date: Mon, 29 Oct 2012 20:45:59 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:16.0) Gecko/20121017 Thunderbird/16.0.1
MIME-Version: 1.0
To: Michael Richardson <mcr+ietf@sandelman.ca>
References: <015901cdb0d3$d38cf1f0$7aa6d5d0$@a-star.edu.sg> <CAC8QAccHFddngBnWynnVbSc=hhwbCmXbh9QRo=jcqPxfGYeiHg@mail.gmail.com> <1116.1351177270@sandelman.ca> <02a101cdb5f5$51109a70$f331cf50$@a-star.edu.sg> <A6012D01-F7B0-406F-8585-FFEF4A0E92D9@tzi.org> <508EBD6B.1070606@cs.tcd.ie> <10703.1351542774@obiwan.sandelman.ca>
In-Reply-To: <10703.1351542774@obiwan.sandelman.ca>
X-Enigmail-Version: 1.4.5
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: Cullen Jennings <fluffy@cisco.com>, roll@ietf.org, "'Keoh, Sye Loong'" <sye.loong.keoh@philips.com>, saag@ietf.org, "Turner, Sean P." <turners@ieca.com>, 6lowpan@ietf.org, Carsten Bormann <cabo@tzi.org>
Subject: Re: [6lowpan] SOLACE things at SAAG
X-BeenThere: 6lowpan@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Working group discussion for IPv6 over LowPan networks <6lowpan.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6lowpan>, <mailto:6lowpan-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/6lowpan>
List-Post: <mailto:6lowpan@ietf.org>
List-Help: <mailto:6lowpan-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6lowpan>, <mailto:6lowpan-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Oct 2012 20:46:25 -0000

Hiya,

So Carsten volunteered to give saag a heads-up on the
problem this time. If he and Cullen want to arm-wrestle
that's fine:-) I'm sure either would do a fine job.

I didn't mean to say anything about the solace draft
being good, bad or indifferent. But I figured someone
is working on this problem somewhere and would like
to make sure that whatever solution looks like it'll
be adopted is something that wouldn't cause saag folk
to have fits.

Cheers,
S.

On 10/29/2012 08:32 PM, Michael Richardson wrote:
> 
>>>>>> "Stephen" == Stephen Farrell <stephen.farrell@cs.tcd.ie> writes:
>     Stephen> Would it be timely to spend 10 minutes on this during the saag
>     Stephen> session?
> 
> I think, if you want to talk something SOLACE related which is more
> concrete than a possible SOLACE IRTF "charter", then maybe have Cullen
> talk about:
> 
> http://www.lix.polytechnique.fr/hipercom/SmartObjectSecurity/papers/CullenJennings.pdf
> http://www.lix.polytechnique.fr/hipercom/SmartObjectSecurity/slides/Cullen1.pdf
> 
>     Stephen> I'd really like that the security area not end up being surprised
>     Stephen> by whatever is eventually decided so getting a presentation at
>     Stephen> saag would be useful at the point where you more or less know
>     Stephen> the direction, but are still flexible enough to deal with someone
>     Stephen> who e.g. points out significant security issues.
> 
> Except that:
> 1) the constrained devices are more constrained than the IP phones
>    described.
> 
> 2) the constrained devices probably can not be attacked/p0wned until
>    after they get on the network, and so actually authenticating to the
>    network is the "application"
> 
> Cullen's slides provide a really good starting explanation.
> While the details of the ultimate answer are going to be a bit different
> in small ways,  the basic architecture he presents has been articulated
> repeatedly by many.
> 
> So, if your aim is to get more security geeks thinking about attacks,
> and about defenses, in advance of an actual proposed protocol (and
> SOLACE is an I*R*TF group, recall. A protocol might not be the result
> anyway), then I suggest giving Cullen a few minutes to talk about his
> slide 7,8,9.
> 
>     Stephen> It might be that waiting another meeting cycle or two would be
>     Stephen> better if the basic ideas aren't yet firmed up.
> 
> One meeting cycle won't help.  Four might.
>