Re: [6tisch] #32 (terminology): New terms for security
Thomas Watteyne <watteyne@eecs.berkeley.edu> Fri, 19 December 2014 12:56 UTC
Return-Path: <twatteyne@gmail.com>
X-Original-To: 6tisch@ietfa.amsl.com
Delivered-To: 6tisch@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE1371A9108 for <6tisch@ietfa.amsl.com>; Fri, 19 Dec 2014 04:56:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.277
X-Spam-Level:
X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8h6WUdye_P7F for <6tisch@ietfa.amsl.com>; Fri, 19 Dec 2014 04:56:36 -0800 (PST)
Received: from mail-wi0-x232.google.com (mail-wi0-x232.google.com [IPv6:2a00:1450:400c:c05::232]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 267E81A9130 for <6tisch@ietf.org>; Fri, 19 Dec 2014 04:56:36 -0800 (PST)
Received: by mail-wi0-f178.google.com with SMTP id em10so1648022wid.17 for <6tisch@ietf.org>; Fri, 19 Dec 2014 04:56:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-type; bh=3nePbJSgYjm9GgdIXLirCF6cTQTK0E+CFsjbemALbjc=; b=SeWlpPBmAMOQjVz5jgCv+uz0OefKvDPnTRKAAwAWRBOc5if+xX7l9A7mfDBxWGP4Gz DqjoSqKKOlHozEVQnQthrTJ1TkVTAzVJpOR/cQvemgPKlHBczz50jJYk2alygFSbHz8S xdEyXukP87GyrzjOQIX+DnMT+jF1yQEgUnIldpG3RprXvFSgpVhSIlhz/W45zpWYaroP bWywX1MXQdmEszBugmkHvMEZ9u/+JG5dwjmw7HKmHDs/TFSagvzzoAe3+fQ166OCRbLn UrvhAVSX7jaWlt8N8XgcaYL6yI+x2oXFOSwmkkxbdVj56p0/oMG9nxG0kYZ9YDJbu18y wBTQ==
X-Received: by 10.194.77.38 with SMTP id p6mr5674341wjw.62.1418993794907; Fri, 19 Dec 2014 04:56:34 -0800 (PST)
MIME-Version: 1.0
Sender: twatteyne@gmail.com
Received: by 10.194.68.199 with HTTP; Fri, 19 Dec 2014 04:56:14 -0800 (PST)
In-Reply-To: <E045AECD98228444A58C61C200AE1BD848A9DFB0@xmb-rcd-x01.cisco.com>
References: <E045AECD98228444A58C61C200AE1BD848A9DF4C@xmb-rcd-x01.cisco.com> <E045AECD98228444A58C61C200AE1BD848A9DFB0@xmb-rcd-x01.cisco.com>
From: Thomas Watteyne <watteyne@eecs.berkeley.edu>
Date: Fri, 19 Dec 2014 13:56:14 +0100
X-Google-Sender-Auth: ruRdyTN9uGnHCKIxEfmR9JO5NHU
Message-ID: <CADJ9OA9ULEn+Y7j+WanwN68aNEPh-4CM0Q50eMU=-AJenYGf2A@mail.gmail.com>
To: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
Content-Type: multipart/alternative; boundary="047d7bfcf2881584fb050a913d4a"
Archived-At: http://mailarchive.ietf.org/arch/msg/6tisch/KvEijvhtvHHSFB0xzptqRog_654
Cc: "6tisch@ietf.org" <6tisch@ietf.org>
Subject: Re: [6tisch] #32 (terminology): New terms for security
X-BeenThere: 6tisch@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discuss link layer model for Deterministic IPv6 over the TSCH mode of IEEE 802.15.4e, and impacts on RPL and 6LoWPAN such as resource allocation" <6tisch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tisch>, <mailto:6tisch-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/6tisch/>
List-Post: <mailto:6tisch@ietf.org>
List-Help: <mailto:6tisch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tisch>, <mailto:6tisch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Dec 2014 12:56:39 -0000
+1 on Pascal's suggestions. Maria Rita, are those definitions you would have time to add to the draft? On Sat, Dec 6, 2014 at 1:22 AM, Pascal Thubert (pthubert) < pthubert@cisco.com> wrote: > > My own revue: > > Cheers > > > > JCE the Join Coordination Entity. This acronym is > > > chosen to parallel the PCE. > > [PT] I'd remove "This acronym is chosen to parallel the PCE." And say that > this is a central entity like the PCE that is in charge of authorization in > the network and providing security material to the joining devices. > > > > joining node The newly unboxed constrained node that needs > to > > > join a network. > > [PT] The joining node (JN) leverages the JA and the JCE to learn or > refresh its knowledge of the network operational state, typically the TSCH > schedule, and to obtain security material such as keys, so as to > participate to the production network. > > > > > join protocol the protocol which secures initial > communication > > > between the joining node and the JCE > > > > > > join assistant A constrained node near the joining node that > > > will act as it's first 6LR, and will relay > > > traffic to/from the joining node. > > > > [PT] Again, add the acronym > > > > unique join key a key shared between a newly joining node, and > > > the JCE. This key supports smaller > installations > > > for which asymmetric methods are considered too > > > large > > > > > > production network A 802.15.4e network whose encryption/ > > > authentication keys are determined by some > > > algorithm/protocol. There may have > network-wide > > > group keys, or per-link keys. > > > > > > production network key A L2-key known by all authorized nodes, > used > > > for multicast messages > > > > > > per-peer L2 key a key that results from an exchange (such as > MLE) > > > that creates a pair-wise L2 key which is known > > > only to the two nodes involved, > > > [I-D.piro-6tisch-security-issues] calls this a > > > LinkKey > > > > > > The following terms are used in this document and come from other > > > documents: > > > > > > DevID [IEEE.802.1AR] defines the secure DEVice > > > IDentifier as a device identifier that is > > > cryptographically bound to the device and is > > > composed of the Secure Device Identifier Secret > > > and the Secure Device Identifier Credential. > > > > > > IDevID The Initial secure DEVice IDentifier (IDevID) > is > > > the Device Identifier which was installed on > the > > > device by the manufacturer. > > > > > > LDevID A Locally significant secure DEVice IDentifiers > > > (LDevIDs) is a Secure Device Identifier > > > credential that is unique in the local > > > administrative domain in which the device is > > > used. The LDevID is usually a new certificate > > > provisioned by some local means, such as the > 6top > > > mechanism defined in this document. > > > > > > CoAP The CoAP protocol, defined in [RFC7252] is an > > > HTTP-like resource access protocol. CoAP runs > > > over UDP. > > > > > > DTLS The datagram version of TLS, defined in > > > [RFC6347], and which can be used to secure CoAP > > > in the same way that TLS secures HTTP. > > > > > > ARO [RFC6775]defines a number of new Neighbor > > > Discovery options including the Address > > > Registration Option > > > > > > DAR/DAC [RFC6775]defines the Duplicate Address Request > > > and Duplicate Address Confirmation options to > > > turn the multicasted Duplicate Address > Detection > > > protocol into a client/server process > > > > > > EARO [I-D.thubert-6lo-rfc6775-update-reqs]extends > the > > > ARO option to include some additional fields > > > necessary to distinguish duplicate addresses > from > > > nodes that have moved networks when there are > > > mulitple LLNs linked over a backbone. > > > > > > -- > > > > -------------------------------------------------+---------------------- > > > -------------------------------------------------+--- > > > Reporter: Michael Richardson | Owner: > > > <mcr+ietf@sandelman.ca> | pthubert@cisco.com > > > Type: defect | Status: new > > > Priority: major | Milestone: > > > Component: terminology | Version: > > > Severity: Active WG Document | Keywords: > > > > -------------------------------------------------+---------------------- > > > -------------------------------------------------+--- > > > > > > Ticket URL: <http://trac.tools.ietf.org/wg/6tisch/trac/ticket/32> > > > 6tisch <http://tools.ietf.org/6tisch/> > > > > _______________________________________________ > > 6tisch mailing list > > 6tisch@ietf.org > > https://www.ietf.org/mailman/listinfo/6tisch > > _______________________________________________ > 6tisch mailing list > 6tisch@ietf.org > https://www.ietf.org/mailman/listinfo/6tisch >
- Re: [6tisch] #32 (terminology): New terms for sec… Pascal Thubert (pthubert)
- Re: [6tisch] #32 (terminology): New terms for sec… Pascal Thubert (pthubert)
- Re: [6tisch] #32 (terminology): New terms for sec… Thomas Watteyne
- Re: [6tisch] #32 (terminology): New terms for sec… Qin Wang
- Re: [6tisch] #32 (terminology): New terms for sec… Rene Struik
- Re: [6tisch] #32 (terminology): New terms for sec… Michael Richardson
- Re: [6tisch] #32 (terminology): New terms for sec… Pat Kinney
- Re: [6tisch] #32 (terminology): New terms for sec… Michael Richardson
- Re: [6tisch] #32 (terminology): New terms for sec… Pat Kinney