Re: [6tisch] Updates to minimal-security-06
Thomas Watteyne <thomas.watteyne@inria.fr> Mon, 26 March 2018 07:00 UTC
Return-Path: <thomas.watteyne@inria.fr>
X-Original-To: 6tisch@ietfa.amsl.com
Delivered-To: 6tisch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 67FFA126B72 for <6tisch@ietfa.amsl.com>; Mon, 26 Mar 2018 00:00:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.909
X-Spam-Level:
X-Spam-Status: No, score=-6.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RDow2W_lTLAt for <6tisch@ietfa.amsl.com>; Mon, 26 Mar 2018 00:00:42 -0700 (PDT)
Received: from mail3-relais-sop.national.inria.fr (mail3-relais-sop.national.inria.fr [192.134.164.104]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B2C6E1204DA for <6tisch@ietf.org>; Mon, 26 Mar 2018 00:00:41 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="5.48,364,1517871600"; d="scan'208,217";a="259764866"
Received: from mail-ua0-f172.google.com ([209.85.217.172]) by mail3-relais-sop.national.inria.fr with ESMTP/TLS/AES128-GCM-SHA256; 26 Mar 2018 09:00:39 +0200
Received: by mail-ua0-f172.google.com with SMTP id m47so11407804uae.6 for <6tisch@ietf.org>; Mon, 26 Mar 2018 00:00:39 -0700 (PDT)
X-Gm-Message-State: AElRT7Hr6Ec/ZutDX38waDtszg6+6m46NGzx3MxmrclSEPQGAfqlkG5w bRPHQD3zwLOY6vmMpcM0ehqrBq791dPyrOFmwTA=
X-Google-Smtp-Source: AG47ELsjaFbUXgRFeyKPmkFzCwRztMO27VGmU1oEHy6Djp4/qe/76mtDluammTClSbTbzj1IHHo1ld+ReuG29JZWEaA=
X-Received: by 10.176.80.100 with SMTP id z33mr20324919uaz.139.1522047638571; Mon, 26 Mar 2018 00:00:38 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.176.29.23 with HTTP; Mon, 26 Mar 2018 00:00:18 -0700 (PDT)
In-Reply-To: <14716.1521930960@dooku.sandelman.ca>
References: <CANDGjydb27-u3r2vG5M6-mWj1fmin52Uq5qPu0d5n2OQsJQVyw@mail.gmail.com> <31648.1521740357@dooku.sandelman.ca> <CANDGjyeuj0jv17jz2v-iEJd2oxY3Lq0CxBPkcJvSRzWqy_thpQ@mail.gmail.com> <14716.1521930960@dooku.sandelman.ca>
From: Thomas Watteyne <thomas.watteyne@inria.fr>
Date: Mon, 26 Mar 2018 09:00:18 +0200
X-Gmail-Original-Message-ID: <CADJ9OA80gbZtX7aBVUR=y8G_pe7XWggZZJvTUWqggLALn_jC_g@mail.gmail.com>
Message-ID: <CADJ9OA80gbZtX7aBVUR=y8G_pe7XWggZZJvTUWqggLALn_jC_g@mail.gmail.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>
Cc: Mališa Vučinić <malishav@gmail.com>, "6tisch@ietf.org" <6tisch@ietf.org>, "c.amsuess@energyharvesting.at" <c.amsuess@energyharvesting.at>
Content-Type: multipart/alternative; boundary="94eb2c192582d4244805684b544e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/6tisch/F9z-WcgjLANvr_SwnqAifYVR0pA>
Subject: Re: [6tisch] Updates to minimal-security-06
X-BeenThere: 6tisch@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discuss link layer model for Deterministic IPv6 over the TSCH mode of IEEE 802.15.4e, and impacts on RPL and 6LoWPAN such as resource allocation" <6tisch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tisch>, <mailto:6tisch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6tisch/>
List-Post: <mailto:6tisch@ietf.org>
List-Help: <mailto:6tisch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tisch>, <mailto:6tisch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Mar 2018 07:00:47 -0000
There are two seperated discussions going on in this thread. @Malisa, if you agree, let's split the thread. I have clarifying questions about both. *About OBSERVE* The issue raised is that, during the join request/response exchange between the pledge and the JRC, the JRC never learns the IPv6 address of the pledge (thanks to the Stateless-Proxy CoAP option). This means that, if the join request is carried by a CoAP FETCH message with Observe, the JRC has no means of addressing the joined node when the Observe triggers. Doing a second GET with Observe once the pledge has joined defeats the purpose of going for FETCH. Any other option? *About COSE_Key* The issue raised is that, during a rekey of key K2 by the JRC, the JRC cannot specify an ASN from which the new key is to be used. A strong requirement is for a node NOT have a node rejoin for each rekey. Must we use the COSE_Key structure? Is the the message sent by the JRC containing the new key end-to-end ACK'ed, i.e. does the JRC know it got received? Thomas On Sat, Mar 24, 2018 at 11:36 PM, Michael Richardson <mcr+ietf@sandelman.ca> wrote: > > Mališa Vučinić <malishav@gmail.com> wrote: > mcr> I think that the mechanism that was explained at: > mcr> https://tools.ietf.org/html/draft-richardson-6tisch- > minimal-rekey-02# > mcr> section-4 > > mcr> is a better workable solution. Deploy all the new keys (it may > take some > mcr> days on sleep networks), and then have nodes switch when they see > traffic > mcr> with the new key. > > > Thanks, Michael, for the reminder on this document, I have to say > that I forgot > > about it.. IIUC, the issue you have with the mechanism I proposed is > that the > > JRC in some cases may not know how long it could take to deploy the > keys so > > that it cannot properly set the ASN. I think that's a valid concern > and that it > > would indeed be better if we could decouple the JRC from the inner > network > > specifics as much as possible. > > Exactly. > It does not have to change significantly what you have, it just has to > include the (new) keyIndex. > > > To do this and support rekeying with your proposal, we need to > differentiate > > between "start using this key" and "install the key but don't start > using it > > until you see it being used in the network", for 6LBR and joined > nodes to > > follow, respectively. We can likely do this by extending the > COSE_Key map with > > an additional parameter for this purpose, which I prefer to pulling > in the > > whole COMI machinery, as is suggested in the minimal-rekey draft. > > I agree, we don't need COMI, just the text about when to start using the > new key. > Shall I suggest some text it github? > > > Essentially, the process would be: > > - the JRC deploys the new key(s) to all the nodes except to the 6LBR. > > - nodes will install them, but keep using the old keys because the > new COSE_Key > > parameter is set to "install the key but don't start using it until > you see it > > being used in the network". > > I'd say that you always do this with any new key if you have no keys. > I don't think we need a flag. > > In fact, even for the "0th key", you would start using it as soon as you > see > something that passes with that key, such as authenticating the Beacon that > you used to find the Proxy in the first place.... > > > - deploy the key to the 6LBR, with the COSE_Key parameter set to > "start using > > now". > > - once a node sees the new key being used and the replay protection > and the > > authenticity check at L2 passes, it removes the old keys and starts > using the > > new key for all outgoing traffic > > Yes. > > -- > ] Never tell me the odds! | ipv6 mesh > networks [ > ] Michael Richardson, Sandelman Software Works | network > architect [ > ] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on > rails [ > > > _______________________________________________ > 6tisch mailing list > 6tisch@ietf.org > https://www.ietf.org/mailman/listinfo/6tisch > > -- ________________________________________ Thomas Watteyne, PhD Research Scientist & Innovator, Inria Sr Networking Design Eng, Analog Devices Founder & co-lead, UC Berkeley OpenWSN Co-chair, IETF 6TiSCH www.thomaswatteyne.com ________________________________________
- [6tisch] Updates to minimal-security-06 Mališa Vučinić
- Re: [6tisch] Updates to minimal-security-06 peter van der Stok
- Re: [6tisch] Updates to minimal-security-06 Mališa Vučinić
- Re: [6tisch] Updates to minimal-security-06 Michael Richardson
- Re: [6tisch] Updates to minimal-security-06 peter van der Stok
- Re: [6tisch] Updates to minimal-security-06 Mališa Vučinić
- Re: [6tisch] Updates to minimal-security-06 Mališa Vučinić
- Re: [6tisch] Updates to minimal-security-06 Michael Richardson
- Re: [6tisch] Updates to minimal-security-06 Michael Richardson
- Re: [6tisch] Updates to minimal-security-06 Michael Richardson
- Re: [6tisch] Updates to minimal-security-06 peter van der Stok
- Re: [6tisch] Updates to minimal-security-06 Thomas Watteyne
- Re: [6tisch] Updates to minimal-security-06 peter van der Stok
- [6tisch] Observe for rekeying (was: Updates to mi… Christian M. Amsüss
- Re: [6tisch] Observe for rekeying (was: Updates t… Mališa Vučinić
- Re: [6tisch] Updates to minimal-security-06 Mališa Vučinić
- [6tisch] Rekeying for minimal-security (was: Upda… Mališa Vučinić
- Re: [6tisch] Observe for rekeying (was: Updates t… Christian M. Amsüss
- Re: [6tisch] Observe for rekeying (was: Updates t… Mališa Vučinić
- Re: [6tisch] Observe for rekeying peter van der Stok
- Re: [6tisch] Observe for rekeying (was: Updates t… Mališa Vučinić
- Re: [6tisch] Rekeying for minimal-security (was: … Mališa Vučinić
- Re: [6tisch] Rekeying for minimal-security (was: … Michael Richardson
- Re: [6tisch] Rekeying for minimal-security (was: … Michael Richardson
- Re: [6tisch] Rekeying for minimal-security (was: … Mališa Vučinić
- Re: [6tisch] Rekeying for minimal-security (was: … Michael Richardson
- Re: [6tisch] Rekeying for minimal-security (was: … Michael Richardson
- Re: [6tisch] Rekeying for minimal-security (was: … Mališa Vučinić
- Re: [6tisch] Rekeying for minimal-security (was: … Michael Richardson
- Re: [6tisch] Rekeying for minimal-security (was: … Tero Kivinen
- Re: [6tisch] Rekeying for minimal-security (was: … Mališa Vučinić
- Re: [6tisch] Rekeying for minimal-security (was: … Mališa Vučinić
- Re: [6tisch] Rekeying for minimal-security (was: … Tero Kivinen
- Re: [6tisch] Rekeying for minimal-security (was: … Michael Richardson
- Re: [6tisch] Rekeying for minimal-security (was: … Michael Richardson
- Re: [6tisch] Rekeying for minimal-security (was: … Michael Richardson
- Re: [6tisch] Rekeying for minimal-security (was: … Michael Richardson
- Re: [6tisch] Rekeying for minimal-security (was: … Mališa Vučinić
- Re: [6tisch] Updates to minimal-security-06 Mališa Vučinić
- Re: [6tisch] Rekeying for minimal-security (was: … Michael Richardson