Re: [6tisch] [6tisch-security] proposed security text for architecture draft

Michael Richardson <mcr+ietf@sandelman.ca> Fri, 14 November 2014 06:20 UTC

Return-Path: <mcr@sandelman.ca>
X-Original-To: 6tisch@ietfa.amsl.com
Delivered-To: 6tisch@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 440001A7021; Thu, 13 Nov 2014 22:20:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.495
X-Spam-Level:
X-Spam-Status: No, score=-2.495 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.594, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UHUJkFhpi8oo; Thu, 13 Nov 2014 22:20:42 -0800 (PST)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BB9DD1A0144; Thu, 13 Nov 2014 22:20:42 -0800 (PST)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id A1A2520098; Fri, 14 Nov 2014 01:22:54 -0500 (EST)
Received: by sandelman.ca (Postfix, from userid 179) id E41A8637F4; Fri, 14 Nov 2014 01:20:41 -0500 (EST)
Received: from sandelman.ca (localhost [127.0.0.1]) by sandelman.ca (Postfix) with ESMTP id CD5F7637F2; Fri, 14 Nov 2014 01:20:41 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: yoshihiro.ohba@toshiba.co.jp
In-Reply-To: <674F70E5F2BE564CB06B6901FD3DD78B272A9867@TGXML210.toshiba.local>
References: <20507.1415811045@sandelman.ca> <674F70E5F2BE564CB06B6901FD3DD78B272A8EFA@TGXML210.toshiba.local> <5854.1415835364@sandelman.ca> <674F70E5F2BE564CB06B6901FD3DD78B272A9108@TGXML210.toshiba.local> <12175.1415929463@sandelman.ca> <674F70E5F2BE564CB06B6901FD3DD78B272A9867@TGXML210.toshiba.local>
X-Mailer: MH-E 8.2; nmh 1.3-dev; GNU Emacs 23.4.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha1"; protocol="application/pgp-signature"
Date: Fri, 14 Nov 2014 01:20:41 -0500
Message-ID: <4002.1415946041@sandelman.ca>
Sender: mcr@sandelman.ca
Archived-At: http://mailarchive.ietf.org/arch/msg/6tisch/G_u_eFIYoDnEMVbSr4uYScW0FlA
Cc: 6tisch@ietf.org, 6tisch-security@ietf.org
Subject: Re: [6tisch] [6tisch-security] proposed security text for architecture draft
X-BeenThere: 6tisch@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discuss link layer model for Deterministic IPv6 over the TSCH mode of IEEE 802.15.4e, and impacts on RPL and 6LoWPAN such as resource allocation" <6tisch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tisch>, <mailto:6tisch-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/6tisch/>
List-Post: <mailto:6tisch@ietf.org>
List-Help: <mailto:6tisch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tisch>, <mailto:6tisch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Nov 2014 06:20:44 -0000

<yoshihiro.ohba@toshiba.co.jp> wrote:
    > I mentioned EAP because it does not require to change AAA
    > infrastructure to interwork with, and AAA is needed where a huge number
    > of nodes have to be managed.  In smart meter use case, the number can
    > be tens of millions of smart meters with hundreds of thousands of PCE
    > for a single utility company.

I agree with your concern about the need for a scalable backend when there
are millions of smart meters.

Can you tell me a bit about the legacy AAA infrastructure whose existence 
you want to leverage: I'm all for resuing existing, fully paid-up infrastructure.

What does it do now (before smart meters are installed).  
Will this AAA infrastructure already have the capacity for these tens of
millions of smart meters?

If an interface to an AAA infrastructure was desired, I would add that as a
northbound interface on the JCE.  For millions of smart meters, I would
imagine deploying JCEs for groups of maybe ~10^3 to ~10^5 meters, and the the
JCE would speak radius to the AAA. It would use the joining node's IDevID to
discovery the right policy for this meter. It could also take this from LDAP,
From a RESTful interface, or via database interface directly.  
It doesn't really matter... I don't think meters need roaming support, but
maybe there is a use case I don't know about.

Also, I do not claim that any of the 6tisch industrial zero-touch system is
appropriate for non-industrial uses.  It probably a non-starter in the
home that lacks any kind of professional manager, and also lacks someone to
run the authorization authority.

-- 
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-