IETF Logo Mail Archive

Re: [6tisch] [6tisch-security] proposed security text for architecture draft

Michael Richardson <mcr+ietf@sandelman.ca> Sun, 16 November 2014 04:23 UTC

Return-Path: <mcr@sandelman.ca>
X-Original-To: 6tisch@ietfa.amsl.com
Delivered-To: 6tisch@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 260931A01A9; Sat, 15 Nov 2014 20:23:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.495
X-Spam-Level:
X-Spam-Status: No, score=-2.495 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.594, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eU1zaBGYY8wn; Sat, 15 Nov 2014 20:23:16 -0800 (PST)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 058831A00E2; Sat, 15 Nov 2014 20:23:16 -0800 (PST)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 93C1E20012; Sat, 15 Nov 2014 23:25:34 -0500 (EST)
Received: by sandelman.ca (Postfix, from userid 179) id 15142637F4; Sat, 15 Nov 2014 23:23:14 -0500 (EST)
Received: from sandelman.ca (localhost [127.0.0.1]) by sandelman.ca (Postfix) with ESMTP id E8FAF637EA; Sat, 15 Nov 2014 23:23:14 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Subir Das <subirdas21@gmail.com>
In-Reply-To: <CAFb8J8oahOV55yAV1etLhYVkhx7qH4NxUTy8bh6v7+qoeFUm=w@mail.gmail.com>
References: <20507.1415811045@sandelman.ca> <674F70E5F2BE564CB06B6901FD3DD78B272A8EFA@TGXML210.toshiba.local> <5854.1415835364@sandelman.ca> <674F70E5F2BE564CB06B6901FD3DD78B272A9108@TGXML210.toshiba.local> <12175.1415929463@sandelman.ca> <CAFb8J8oahOV55yAV1etLhYVkhx7qH4NxUTy8bh6v7+qoeFUm=w@mail.gmail.com>
X-Mailer: MH-E 8.2; nmh 1.3-dev; GNU Emacs 23.4.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha1"; protocol="application/pgp-signature"
Date: Sat, 15 Nov 2014 23:23:14 -0500
Message-ID: <10146.1416111794@sandelman.ca>
Sender: mcr@sandelman.ca
Archived-At: http://mailarchive.ietf.org/arch/msg/6tisch/g6ri-4Kaymv7w162Ux9I95-CFJM
Cc: 6tisch@ietf.org, 6tisch-security@ietf.org, "yoshihiro.ohba@toshiba.co.jp" <yoshihiro.ohba@toshiba.co.jp>
Subject: Re: [6tisch] [6tisch-security] proposed security text for architecture draft
X-BeenThere: 6tisch@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discuss link layer model for Deterministic IPv6 over the TSCH mode of IEEE 802.15.4e, and impacts on RPL and 6LoWPAN such as resource allocation" <6tisch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tisch>, <mailto:6tisch-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/6tisch/>
List-Post: <mailto:6tisch@ietf.org>
List-Help: <mailto:6tisch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tisch>, <mailto:6tisch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 16 Nov 2014 04:23:18 -0000

Subir Das <subirdas21@gmail.com> wrote:
    > 1) Can you explain why smart meters have to use EAP methods?

    >    It does not have to use but the reality is Advanced Metering
    > Networks is using EAP today.

Can you tell me how they are using EAP today (what method).
What is their authentication?    What happens after EAP?
Is there any kind of provisioning occuring?  How large is the EAP-TLS code?
How many packets does the EAP method take?  How long?   Are these electrical
meters, or water or gas? Battery or line powered?

The water meters in my neighbourhood are definitely not zero-touch, and 
the batteries can't even be replaced; the system is a pre-IP Itron system,
with the street lights being routers (I'm told). 
The electrical (we call it "hydro", which is really confusing to
non-Canadians) meters are Elster, also pre-IP, and apparently not encrypted
at all. see: <https://github.com/argilo/gr-elster> . Sure am glad they
are field upgradable.

-- 
]               Never tell me the odds!                 | ipv6 mesh networks [ 
]   Michael Richardson, Sandelman Software Works        | network architect  [ 
]     mcr@sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [

v2.37.1 | Report a Bug | By Email | System Status