Re: [6tisch] Roman Danyliw's No Objection on draft-ietf-6tisch-architecture-24: (with COMMENT)
Roman Danyliw <rdd@cert.org> Thu, 22 August 2019 20:57 UTC
Return-Path: <rdd@cert.org>
X-Original-To: 6tisch@ietfa.amsl.com
Delivered-To: 6tisch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4CDC120C28; Thu, 22 Aug 2019 13:57:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s6LDg51pm6O8; Thu, 22 Aug 2019 13:57:21 -0700 (PDT)
Received: from taper.sei.cmu.edu (taper.sei.cmu.edu [147.72.252.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 85EAB1209AE; Thu, 22 Aug 2019 13:57:21 -0700 (PDT)
Received: from korb.sei.cmu.edu (korb.sei.cmu.edu [10.64.21.30]) by taper.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id x7MKvHuO011499; Thu, 22 Aug 2019 16:57:18 -0400
DKIM-Filter: OpenDKIM Filter v2.11.0 taper.sei.cmu.edu x7MKvHuO011499
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=yc2bmwvrj62m; t=1566507438; bh=UkzwpQKAOut+Qkj6UjFvcCEmejOa4mUMOxjjpQesNE8=; h=From:To:CC:Subject:Date:References:In-Reply-To:From; b=tQN8labuSTj4A50IxPzc+pIcT2STr2mleQPoC5mPiJ1gdKMlBGOlbawBiKSuc0R75 eu+YvpvsIdVzMneVR57Vd1d2NGV0FQ1ammHSVFle6c6VNVazHMiXFx9/n/a9q5+Fty /yIKZHDkWfFDPa4t9DsMMKVHylUdi2+u9f6oR9gE=
Received: from CASSINA.ad.sei.cmu.edu (cassina.ad.sei.cmu.edu [10.64.28.249]) by korb.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id x7MKvFPC020627; Thu, 22 Aug 2019 16:57:15 -0400
Received: from MARATHON.ad.sei.cmu.edu ([10.64.28.250]) by CASSINA.ad.sei.cmu.edu ([10.64.28.249]) with mapi id 14.03.0468.000; Thu, 22 Aug 2019 16:57:15 -0400
From: Roman Danyliw <rdd@cert.org>
To: "Pascal Thubert (pthubert)" <pthubert@cisco.com>, The IESG <iesg@ietf.org>
CC: "draft-ietf-6tisch-architecture@ietf.org" <draft-ietf-6tisch-architecture@ietf.org>, "6tisch-chairs@ietf.org" <6tisch-chairs@ietf.org>, "shwetha.bhandari@gmail.com" <shwetha.bhandari@gmail.com>, "6tisch@ietf.org" <6tisch@ietf.org>
Thread-Topic: Roman Danyliw's No Objection on draft-ietf-6tisch-architecture-24: (with COMMENT)
Thread-Index: AQHVTaF1QPulf1nnNEKJhKsKAmiODacHob2AgAAXSLA=
Date: Thu, 22 Aug 2019 20:57:14 +0000
Message-ID: <359EC4B99E040048A7131E0F4E113AFC01B343BFC0@marathon>
References: <156523837973.8301.2864865066450595993.idtracker@ietfa.amsl.com> <MN2PR11MB3565FC066DB6EB01DA5E30F1D8A50@MN2PR11MB3565.namprd11.prod.outlook.com>
In-Reply-To: <MN2PR11MB3565FC066DB6EB01DA5E30F1D8A50@MN2PR11MB3565.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.64.22.6]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/6tisch/CzQKm_7o3uh0DgWBxvNziPM4ps4>
Subject: Re: [6tisch] Roman Danyliw's No Objection on draft-ietf-6tisch-architecture-24: (with COMMENT)
X-BeenThere: 6tisch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discuss link layer model for Deterministic IPv6 over the TSCH mode of IEEE 802.15.4e, and impacts on RPL and 6LoWPAN such as resource allocation" <6tisch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tisch>, <mailto:6tisch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6tisch/>
List-Post: <mailto:6tisch@ietf.org>
List-Help: <mailto:6tisch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tisch>, <mailto:6tisch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Aug 2019 20:57:25 -0000
Hi Pascal! Thank you for publishing -25. It addresses my concern. I have one detailed response below about a possible edit based on your question. Roman > -----Original Message----- > From: Pascal Thubert (pthubert) [mailto:pthubert@cisco.com] > Sent: Thursday, August 22, 2019 11:19 AM > To: Roman Danyliw <rdd@cert.org>; The IESG <iesg@ietf.org> > Cc: draft-ietf-6tisch-architecture@ietf.org; 6tisch-chairs@ietf.org; > shwetha.bhandari@gmail.com; 6tisch@ietf.org > Subject: RE: Roman Danyliw's No Objection on draft-ietf-6tisch-architecture- > 24: (with COMMENT) > > Hello Roman: > > Many thanks for your review, your time is much appreciated. > > Please see below: > > > > > ---------------------------------------------------------------------- > > COMMENT: > > ---------------------------------------------------------------------- > > > > ** Why are both Section 3.4 and Section 4.4 needed? Both appear to > > explain the four scheduling mechanisms. Section 4.4. appears to have > more details. > > Section 3 is a high level architecture, section 4 a low level. Having both in 1 > document was a conscious decision since the early review by Ralph. We split > in a high and a low level architecture and kept them combined to avoid the > explosion of documents. For the same reason, we later incorporated the > terminology that was initially a separate spec. > > As a result this draft has 2/3 documents in one, with commonalities in section > 3.4 and 4.4 for instance. That's where we are and as you say, there is no > fundamental new reason to undo that. > > There was a desire to make section 4 self-sufficient, with the idea of possibly > splitting section 3 and 4 which we never did. Still it might be useful to the > reader who just reads that section. > And there was a desire to have a discussion at the high level architecture on > this topic so removing 3.4 is not good either. > > I'm quite afraid to destabilize the document by doing a major change now. Understood. I can appreciate the intent here. > > > ** Section 3.6. Per the summary table in this section, what is the > > routing technique “reactive P2P”. It doesn’t appear to be explained in the > text above. > > PT> I removed the P2P which is not explained. The relevant text > PT> otherwise is > " > or by in a distributed fashion using a reactive routing protocol and > a Hop-by-Hop scheduling protocol. > " > > > > ** Section 3.6. Per the “Hop-by-Hop (TBD)” in the scheduling column > > in the summary table, to what does the “TBD”? > > PT> good catch. It is now AODV RPL, updated the picture > Thanks. > > ** Section 6. In reviewing the Security Considerations section, there > > is a substantial amount of technical detail (thank you!). However, > > despite this detail, understanding the overall security properties of > > the architecture and associate implementations mechanisms used by the > > architecture was challenging for me. Specifically, if 6TiSCH “is > > subject to the observations in section 5 of > > [I-D.ietf-detnet-architecture]”, then per [I-D.ietf-detnet- > > architecture] it should provide “confidentiality of data traversing > > the DetNet”, “authentication and authorization … for each connected > > device”, availability, and precision timing. The text needs to be > > clearer on how those properties are realized, and if there are > > residual threat. My recommended way to realize this clarity is restructure > the text into blocks around the relevant security properties and explicitly > state the property as an introduction. > > PT > I made an attempt at it, please see -25 once published. > The outlook would be > > 6. Security Considerations . . . . . . . . . . . . . . . . . . . 51 > 6.1. Availability of Remote Services . . . . . . . . . . . . . 51 > 6.2. MAC-Layer Security . . . . . . . . . . . . . . . . . . . 52 > 6.3. Time Synchronization . . . . . . . . . . . . . . . . . . 53 > 6.4. Selective Jamming . . . . . . . . . . . . . . . . . . . . 53 > 6.5. Validating ASN . . . . . . . . . . . . . . . . . . . . . 53 > 6.6. Rekeying . . . . . . . . . . . . . . . . . . . . . . . . 54 > 6.7. Deeper Considerations . . . . . . . . . . . . . . . . . . 54 > > More below This new text if very helpful and addresses my concern. Thank you. > > > A few additional points: > > > > -- Per precision timing, the text in this section says “measures must > > be taken to protect the time synchronization, and for 6TiSCH this > > includes ensuring that the Absolute Slot Number (ASN), which is used > > as ever incrementing counter for the computation of the Link-Layer > > security nonce, is not compromised, more below on this.” In the > > subsequent text there is “[t]he standard [IEEE802154] assumes that the > ASN is distributed securely by other means. > > The ASN is not passed explicitly in the data frames”. To confirm, is > > this the intended guidance on avoiding “compromising” the ASN – > > distribute it out of band and don’t pass it in the data frame? > > PT > ASN is not passed in the frame because it would was 5 octets. A network > is non-functional if nodes do not have the right sense of ASN so if the > network works, it means the 5 bytes can be saved. > PT > With 6TiSCH, ASN is learned from unsecured beacons, and needs t be > proven before used. We hint how that is done in this spec, and detail in > minimal security. > PT > once installed and as long as the node is synchronized to the network > ASN is implicit and cannot be compromised. > PT > One of the new sections deals with ASN protection and the details are in > the 6tisch minimal security draft > > > -- Per confidentiality (but it is really more than that), a series of > > security mechanisms/assumptions are inherited from [IEEE Std. > > 802.15.4] around link- layer security. They need to be explicitly > > stated (i.e., confidentiality, authenticity, with what crypto, > > relative to whom, etc.). The operational details of key management has no > treatment. > > PT> > PT > For the most part, I pointed at the minimal security draft for more > details, made it a normative reference: this comes from a chat with Ben > Kaduk and the authors of minimal security. We wish to place the gory details > in the security section of minimal security, and that includes key > management. Still I added some of the text below, a section on rekeying, > and MAC security, which is basically CCM* with a network-wide key, using > ASN and MAC addresses in the nonce: > " > > 6.4. Rekeying > > Though it is possible to use peer-wise keys, a 6TiSCH network > typically uses a network-wide key that is common for all > transmissions in the LLN. [I-D.ietf-6tisch-minimal-security] enables > to obtain that key and to rekey the network when needed. Since the > ASN is expressed in 5 octets, it should never wrap during a network > lifetime, and it is possible that a network never needs to rekey. > > Still, there are occasions where rekeying is necessary, for instance: > > o An unwelcome node has joined and needs to be expelled > > o The JRC needs to reassign a short address that was already > assigned while the current network key was in use. > > o Resetting Epoch time when rebooting the network. > " > > " 6.2. Relative to MAC-Layer Security > > This architecture operates on IEEE Std. 802.15.4 and expects the > Link-Layer security to be enabled at all times between connected > devices, except for the very first step of the device join process, > where a joining device may need some initial, unsecured exchanges so > as to obtain its initial key material. In a typical deployment, all > joined nodes use the same keys and rekeying needs to be global. > > The 6TISCH Architecture relies on the join process to deny > authorization of invalid nodes and preserve the integrity of the > network keys. A rogue that managed to access the network can perform > a large variety of attacks from DoS to injecting forged packets and > routing information. "Zero-trust" properties would be highly > desirable but are mostly not available at the time of this writing. > [I-D.ietf-6lo-ap-nd] is a notable exception that protects the > ownership of IPv6 addresses and prevents a rogue node with L2 access > from stealing and injecting traffic on behalf of a legitimate node. > > ... > " Works for me. > > -- Per availability, the text notes “communication with the PCE must > > be secured and protected against DoS”. Secured how? > > PT > This is what section 9 of RFC 8453 discusses. Note that it mostly insists on > PKI / AAA as opposed to delay attacks and black holes. > How can take us in network architecture, isolation, firewalls. That seems to > take us quite off topic , doesn't it? > > > > > > ** Section 6. Per “Section 9 of [RFC8453] applies equally to 6TiSCH”, > > this reference organizes threats and mitigations around the CMI and > > MPI interfaces. > > What is the analog to those in this architecture? > > PT> This is the same parallel as done in the DetNet architecture from which > this is inherited, using the same reference. > The security issues that arise when a centralized control is separate from the > forwarding plane are similar: rogue access to one of the components, and > attacks on the connectivity on the control path, including interception, > blackholing or latency injection. > I can remove the reference and replace by text like the above, please advise. > In parammme please condsider the security section of the detnet > architecture, it is in AUTH 48 but still changeable. I would recommend taking a hybrid approach. I think it's worth making the more specific statement you propose but also citing that the more general version of this consideration comes from [RFC8453]. > > > > > ** Section 6. Please provide a citation for “CCM*” > > PT > Added Thanks. > > ** Editorial > > -- Section 3.1. Typo. s/an homogenous/a homogenous/ > > > > -- Section 3.5. Typo. s/[RFC6550]is/[RFC6550] is/ > > > > -- Section 3.6. Typo. s/A central/a central/ > > > > -- Section 3.6. Typo. s/an hybrid/a hybrid/ > > > > -- Section 3.7. The paragraph starting with “The reference stack that > > the 6TiSCH architecture presents …” doesn’t seem to add any clarity. > > > > -- Section 4.2.1. Typo. s/(JP):/(JP),/ > > > > -- Section 4.2.2. Typo. /ND ot the/ND to the/ > > > > -- Section 4.3.1.1. Typo. s/are are/are/ > > > > -- Section 4.3.1.1. Duplicate phrase. “added/moved/deleted, in which > > case 6top can only act as instructed,” appears twice. > > > > -- Section 4.3.5. Typo. s/an height/a height/ > > PT> all nits processed, many thanks! Thanks for these changes. > I will publish 25 to provide a abase on which we can refine in the next > minutes. > Please consider it before replying to this mail. > > Many thanks again! > > Pascal
- [6tisch] Roman Danyliw's No Objection on draft-ie… Roman Danyliw via Datatracker
- Re: [6tisch] Roman Danyliw's No Objection on draf… Pascal Thubert (pthubert)
- Re: [6tisch] Roman Danyliw's No Objection on draf… Roman Danyliw
- Re: [6tisch] Roman Danyliw's No Objection on draf… Pascal Thubert (pthubert)
- Re: [6tisch] Roman Danyliw's No Objection on draf… Pascal Thubert (pthubert)
- Re: [6tisch] Roman Danyliw's No Objection on draf… Tero Kivinen
- Re: [6tisch] Roman Danyliw's No Objection on draf… Pascal Thubert (pthubert)
- Re: [6tisch] Roman Danyliw's No Objection on draf… Michael Richardson
- Re: [6tisch] Roman Danyliw's No Objection on draf… Pascal Thubert (pthubert)
- Re: [6tisch] Roman Danyliw's No Objection on draf… Tero Kivinen
- Re: [6tisch] Roman Danyliw's No Objection on draf… Tero Kivinen