Re: [6tisch] [6tisch-security] proposed security text for architecture draft
Michael Richardson <mcr+ietf@sandelman.ca> Wed, 12 November 2014 23:36 UTC
Return-Path: <mcr@sandelman.ca>
X-Original-To: 6tisch@ietfa.amsl.com
Delivered-To: 6tisch@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9244A1A1B68; Wed, 12 Nov 2014 15:36:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.495
X-Spam-Level:
X-Spam-Status: No, score=-2.495 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.594, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pkkHdvpzaxFP; Wed, 12 Nov 2014 15:36:05 -0800 (PST)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 89ED11A1B51; Wed, 12 Nov 2014 15:36:05 -0800 (PST)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 15EFB20098; Wed, 12 Nov 2014 18:38:13 -0500 (EST)
Received: by sandelman.ca (Postfix, from userid 179) id C6A18637F4; Wed, 12 Nov 2014 18:36:04 -0500 (EST)
Received: from sandelman.ca (localhost [127.0.0.1]) by sandelman.ca (Postfix) with ESMTP id AE3D4637F2; Wed, 12 Nov 2014 18:36:04 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: yoshihiro.ohba@toshiba.co.jp
In-Reply-To: <674F70E5F2BE564CB06B6901FD3DD78B272A8EFA@TGXML210.toshiba.local>
References: <20507.1415811045@sandelman.ca> <674F70E5F2BE564CB06B6901FD3DD78B272A8EFA@TGXML210.toshiba.local>
X-Mailer: MH-E 8.2; nmh 1.3-dev; GNU Emacs 23.4.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha1"; protocol="application/pgp-signature"
Date: Wed, 12 Nov 2014 18:36:04 -0500
Message-ID: <5854.1415835364@sandelman.ca>
Sender: mcr@sandelman.ca
Archived-At: http://mailarchive.ietf.org/arch/msg/6tisch/vDRt9v-rzF5UqK9AvyfoYAAH0ZQ
Cc: 6tisch@ietf.org, 6tisch-security@ietf.org
Subject: Re: [6tisch] [6tisch-security] proposed security text for architecture draft
X-BeenThere: 6tisch@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discuss link layer model for Deterministic IPv6 over the TSCH mode of IEEE 802.15.4e, and impacts on RPL and 6LoWPAN such as resource allocation" <6tisch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tisch>, <mailto:6tisch-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/6tisch/>
List-Post: <mailto:6tisch@ietf.org>
List-Help: <mailto:6tisch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tisch>, <mailto:6tisch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Nov 2014 23:36:07 -0000
<yoshihiro.ohba@toshiba.co.jp> wrote:
> I am still in the middle of understanding how loose source routes for
> joining nodes that have only link-local address can work. Another
> option that is not mentioned in the text below is relaying
> authentication at join assistant node.
Yoshihiro has correctly pointed out that in IPv6 some of the loose source
route options are not as rich as we envisioned; and we need to think which
exact option is appropriate. I think this is a detail, and I think that we
can deal with this.
> The authentication relay model
> is proven to work in ZigBee IP.
I can not comment directly; some contributors felt that this would not work
for them. Too much single use code, too much total byte count, packets too big.
> I have a reservation on JCE-initiated TLS session as opposed to what
> existing 802.1X/PANA with EAP-TLS do where TLS session is initiated by
> joining node. An obvious downside of JCE-initiated TLS session is that
> it is difficult to use AAA infrastructure.
Perhaps you can more clearly say what kind of EAP methods you would propose.
Username+password? SIM or AKA authentication? Kerberos/NTLM(ActiveDirectory)?
What else is there?
The TLS methods do not count, as they are usually used just to create a
secure container for a username/password, and in the situations where the
certificate is relevant, the *DTLS* method proposed can use certificates in
the same way.
> Beacon security issue should be investigated more. Integrity
> protecting beacons with a well-known key can allow attackers to easily
> launch a DoS attack on already connected nodes by advertising forged
> ASN as attackers know the well-known key. Shouldn't network-specific
> dynamic key also be needed for protecting beacons for already-connected
> nodes?
Already connected nodes listen to beacons sent under the production key,
none of this text not changes that: can you offer some edits to make that
clearer.
--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
-= IPv6 IoT consulting =-
- [6tisch] proposed security text for architecture … Michael Richardson
- Re: [6tisch] [6tisch-security] proposed security … Pascal Thubert (pthubert)
- Re: [6tisch] [6tisch-security] proposed security … yoshihiro.ohba
- Re: [6tisch] [6tisch-security] proposed security … Rene Struik
- Re: [6tisch] [6tisch-security] proposed security … Michael Richardson
- Re: [6tisch] [6tisch-security] proposed security … Subir Das
- Re: [6tisch] [6tisch-security] proposed security … Pascal Thubert (pthubert)
- Re: [6tisch] [6tisch-security] proposed security … Michael Richardson
- Re: [6tisch] [6tisch-security] proposed security … Michael Richardson
- [6tisch] (procedural) Re: [6tisch-security] propo… Rene Struik
- Re: [6tisch] [6tisch-security] proposed security … Michael Richardson
- Re: [6tisch] [6tisch-security] proposed security … yoshihiro.ohba
- Re: [6tisch] [6tisch-security] proposed security … Pascal Thubert (pthubert)
- Re: [6tisch] [6tisch-security] proposed security … Michael Richardson
- Re: [6tisch] [6tisch-security] proposed security … Michael Richardson
- Re: [6tisch] [6tisch-security] proposed security … Pascal Thubert (pthubert)
- Re: [6tisch] [6tisch-security] proposed security … Michael Richardson
- Re: [6tisch] [6tisch-security] proposed security … yoshihiro.ohba
- Re: [6tisch] [6tisch-security] proposed security … yoshihiro.ohba
- Re: [6tisch] [6tisch-security] proposed security … Michael Richardson
- Re: [6tisch] [6tisch-security] proposed security … Michael Richardson
- Re: [6tisch] [6tisch-security] proposed security … yoshihiro.ohba
- Re: [6tisch] [6tisch-security] proposed security … Rafa Marin Lopez
- Re: [6tisch] [6tisch-security] proposed security … Subir Das
- Re: [6tisch] [6tisch-security] proposed security … Pascal Thubert (pthubert)
- Re: [6tisch] [6tisch-security] proposed security … yoshihiro.ohba
- Re: [6tisch] [6tisch-security] proposed security … Michael Richardson
- Re: [6tisch] [6tisch-security] proposed security … Michael Richardson
- Re: [6tisch] [6tisch-security] proposed security … Michael Richardson
- Re: [6tisch] [6tisch-security] proposed security … yoshihiro.ohba
- Re: [6tisch] [6tisch-security] proposed security … yoshihiro.ohba
- Re: [6tisch] [6tisch-security] proposed security … Rafa Marin Lopez
- Re: [6tisch] [6tisch-security] proposed security … Michael Richardson
- Re: [6tisch] [6tisch-security] proposed security … yoshihiro.ohba
- Re: [6tisch] [6tisch-security] proposed security … Michael Richardson
- Re: [6tisch] [6tisch-security] proposed security … Michael Richardson
- Re: [6tisch] [6tisch-security] proposed security … yoshihiro.ohba