[6tisch] Opsdir last call review of draft-ietf-6tisch-minimal-security-12

Linda Dunbar via Datatracker <noreply@ietf.org> Fri, 04 October 2019 23:54 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: 6tisch@ietf.org
Delivered-To: 6tisch@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 4257C120086; Fri, 4 Oct 2019 16:54:09 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Linda Dunbar via Datatracker <noreply@ietf.org>
To: <ops-dir@ietf.org>
Cc: 6tisch@ietf.org, ietf@ietf.org, draft-ietf-6tisch-minimal-security.all@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.104.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Linda Dunbar <linda.dunbar@futurewei.com>
Message-ID: <157023324915.1400.10416689027865506912@ietfa.amsl.com>
Date: Fri, 04 Oct 2019 16:54:09 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/6tisch/j6g1ieOg55VuX_xK3oEzM0BpnLg>
Subject: [6tisch] Opsdir last call review of draft-ietf-6tisch-minimal-security-12
X-BeenThere: 6tisch@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "Discuss link layer model for Deterministic IPv6 over the TSCH mode of IEEE 802.15.4e, and impacts on RPL and 6LoWPAN such as resource allocation" <6tisch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tisch>, <mailto:6tisch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6tisch/>
List-Post: <mailto:6tisch@ietf.org>
List-Help: <mailto:6tisch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tisch>, <mailto:6tisch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Oct 2019 23:54:10 -0000

Reviewer: Linda Dunbar
Review result: Has Nits

Reviewer: Linda Dunbar
Review result: Has Nits  & with comment

I am the assigned Ops area reviewer for this draft. The Ops directorate reviews
all IETF documents being processed by the IESG for the IETF Chair.  Please
treat these comments just like any other last call comments.

This document is written very clear, specifying a framework for a new device to
securely join a 6TiSCH network.

One question: the document assumes that there is pre-shared key (PSK) between
the device and the controller. The Security Consideration does describe the
common pitfall of  a single PSK shared among a group of devices. Is there any
way to prevent it? Is it necessary to require the Key to be periodically
changed?

Another  suggestion:
Section 5.1 introduces an acronym ASN to represent "Absolute slot number".

Can you use a different acronym because ASN has been widely used in networking
as the Autonomous System Number.
---
An autonomous system number (ASN) is a unique number that's available globally
to identify an autonomous system and which enables that system to exchange
exterior routing information with other neighboring autonomous systems.

Thank you.

Linda Dunbar