Re: [6tisch] I-D Action: draft-ietf-6tisch-minimal-security-07.txt
Jim Schaad <ietf@augustcellars.com> Sat, 27 October 2018 22:17 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: 6tisch@ietfa.amsl.com
Delivered-To: 6tisch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 87374126F72 for <6tisch@ietfa.amsl.com>; Sat, 27 Oct 2018 15:17:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oSo6DXHRsWBh for <6tisch@ietfa.amsl.com>; Sat, 27 Oct 2018 15:17:28 -0700 (PDT)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 688731274D0 for <6tisch@ietf.org>; Sat, 27 Oct 2018 15:17:27 -0700 (PDT)
Received: from Jude (192.168.1.162) by mail2.augustcellars.com (192.168.1.201) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Sat, 27 Oct 2018 15:12:34 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: 'Mališa Vučinić' <malisa.vucinic@inria.fr>, 'Göran Selander' <goran.selander@ericsson.com>, 'Xavi Vilajosana Guillen' <xvilajosana@uoc.edu>, 'Tero Kivinen' <kivinen@iki.fi>, 'Tengfei Chang' <tengfei.chang@inria.fr>, 'Klaus Hartke' <klaus.hartke@ericsson.com>, 'William Vignat' <wvignat@zii.aero>
CC: 6tisch@ietf.org
References: <154027458402.13510.6626746365533128943@ietfa.amsl.com> <CANDGjyfu5frC=yufcAOa9Wbg12-uj+j+pnDmqmgwRgGdWpKsJA@mail.gmail.com>
In-Reply-To: <CANDGjyfu5frC=yufcAOa9Wbg12-uj+j+pnDmqmgwRgGdWpKsJA@mail.gmail.com>
Date: Sat, 27 Oct 2018 15:17:15 -0700
Message-ID: <02d401d46e42$d352c1a0$79f844e0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_02D5_01D46E08.26F6A8C0"
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQBRH4ulIV/JBqQJDi4njOUGb5KrGgLs9/lFqCLJGwA=
Content-Language: en-us
X-Originating-IP: [192.168.1.162]
Archived-At: <https://mailarchive.ietf.org/arch/msg/6tisch/X-qTIEPU_dQl51zBpsHOuiXpjuM>
Subject: Re: [6tisch] I-D Action: draft-ietf-6tisch-minimal-security-07.txt
X-BeenThere: 6tisch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discuss link layer model for Deterministic IPv6 over the TSCH mode of IEEE 802.15.4e, and impacts on RPL and 6LoWPAN such as resource allocation" <6tisch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tisch>, <mailto:6tisch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6tisch/>
List-Post: <mailto:6tisch@ietf.org>
List-Help: <mailto:6tisch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tisch>, <mailto:6tisch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 27 Oct 2018 22:17:30 -0000
Mališa, I am happy with the changes that were made to address my original comments. Here are a couple of nits you may want to address. jim 1. In section 2 use the updated reference to RFC 8174 2. In section 4 – You might want to make it explicit as one of the item that the pledge identifier is provisioned. From: Mališa Vučinić <malisa.vucinic@inria.fr> Sent: Tuesday, October 23, 2018 7:07 AM To: Göran Selander <goran.selander@ericsson.com>; Xavi Vilajosana Guillen <xvilajosana@uoc.edu>; Tero Kivinen <kivinen@iki.fi>; Jim Schaad <ietf@augustcellars.com>; Tengfei Chang <tengfei.chang@inria.fr>; Klaus Hartke <klaus.hartke@ericsson.com>; William Vignat <wvignat@zii.aero> Cc: 6tisch@ietf.org Subject: Re: [6tisch] I-D Action: draft-ietf-6tisch-minimal-security-07.txt Dear WGLC reviewers, working group, We submitted a new version of minimal security incorporating the resolution of most of the issues raised during WGLC. There are two remaining issues that still need to be resolved, and I hope to publish these in an additional version after the draft submission cutoff period has passed. I will discuss the resolutions during the Bangkok meeting but please go ahead an take a look, and let me know if you are happy or not with the resolutions. List of issues with referenced changesets is available at: https://bitbucket.org/6tisch/draft-ietf-6tisch-minimal-security/issues?responsible=malishav Mališa On Tue, Oct 23, 2018 at 8:03 AM <internet-drafts@ietf.org <mailto:internet-drafts@ietf.org> > wrote: A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the IPv6 over the TSCH mode of IEEE 802.15.4e WG of the IETF. Title : Minimal Security Framework for 6TiSCH Authors : Malisa Vucinic Jonathan Simon Kris Pister Michael Richardson Filename : draft-ietf-6tisch-minimal-security-07.txt Pages : 45 Date : 2018-10-22 Abstract: This document describes the minimal framework required for a new device, called "pledge", to securely join a 6TiSCH (IPv6 over the TSCH mode of IEEE 802.15.4e) network. The framework requires that the pledge and the JRC (join registrar/coordinator, a central entity), share a symmetric key. How this key is provisioned is out of scope of this document. Through a single CoAP (Constrained Application Protocol) request-response exchange secured by OSCORE (Object Security for Constrained RESTful Environments), the pledge requests admission into the network and the JRC configures it with link-layer keying material and other parameters. The JRC may at any time update the parameters through another request-response exchange secured by OSCORE. This specification defines the Constrained Join Protocol and its CBOR (Concise Binary Object Representation) data structures and configures the rest of the 6TiSCH communication stack for this join process to occur in a secure manner. Additional security mechanisms may be added on top of this minimal framework. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-6tisch-minimal-security/ There are also htmlized versions available at: https://tools.ietf.org/html/draft-ietf-6tisch-minimal-security-07 https://datatracker.ietf.org/doc/html/draft-ietf-6tisch-minimal-security-07 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-6tisch-minimal-security-07 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org <http://tools.ietf.org> . Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ 6tisch mailing list 6tisch@ietf.org <mailto:6tisch@ietf.org> https://www.ietf.org/mailman/listinfo/6tisch
- [6tisch] I-D Action: draft-ietf-6tisch-minimal-se… internet-drafts
- Re: [6tisch] I-D Action: draft-ietf-6tisch-minima… Mališa Vučinić
- Re: [6tisch] I-D Action: draft-ietf-6tisch-minima… Göran Selander
- Re: [6tisch] I-D Action: draft-ietf-6tisch-minima… Michael Richardson
- Re: [6tisch] I-D Action: draft-ietf-6tisch-minima… Jim Schaad
- Re: [6tisch] I-D Action: draft-ietf-6tisch-minima… Göran Selander
- Re: [6tisch] I-D Action: draft-ietf-6tisch-minima… Mališa Vučinić
- Re: [6tisch] I-D Action: draft-ietf-6tisch-minima… Mališa Vučinić