Re: [6tisch] #32 (terminology): New terms for security
Pat Kinney <pat.kinney@kinneyconsultingllc.com> Fri, 19 December 2014 17:22 UTC
Return-Path: <pat.kinney@kinneyconsultingllc.com>
X-Original-To: 6tisch@ietfa.amsl.com
Delivered-To: 6tisch@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 73FEF1A8954 for <6tisch@ietfa.amsl.com>; Fri, 19 Dec 2014 09:22:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nBs1JfuXqkyH for <6tisch@ietfa.amsl.com>; Fri, 19 Dec 2014 09:22:22 -0800 (PST)
Received: from p3plsmtpa07-05.prod.phx3.secureserver.net (p3plsmtpa07-05.prod.phx3.secureserver.net [173.201.192.234]) by ietfa.amsl.com (Postfix) with ESMTP id DA8941A1B73 for <6tisch@ietf.org>; Fri, 19 Dec 2014 09:22:21 -0800 (PST)
Received: from [10.0.1.55] ([50.172.118.112]) by p3plsmtpa07-05.prod.phx3.secureserver.net with id VVNK1p0052RbJC201VNK6M; Fri, 19 Dec 2014 10:22:21 -0700
Content-Type: multipart/alternative; boundary="Apple-Mail=_342EE991-7C0A-4E00-BEF4-013D8D91E477"
Mime-Version: 1.0 (Mac OS X Mail 8.1 \(1993\))
From: Pat Kinney <pat.kinney@kinneyconsultingllc.com>
In-Reply-To: <54944001.3060109@gmail.com>
Date: Fri, 19 Dec 2014 11:22:13 -0600
Message-Id: <8E899FE5-F69D-4B27-83D8-16F481F1BA15@kinneyconsultingllc.com>
References: <E045AECD98228444A58C61C200AE1BD848A9DF4C@xmb-rcd-x01.cisco.com> <E045AECD98228444A58C61C200AE1BD848A9DFB0@xmb-rcd-x01.cisco.com> <CADJ9OA9ULEn+Y7j+WanwN68aNEPh-4CM0Q50eMU=-AJenYGf2A@mail.gmail.com> <54944001.3060109@gmail.com>
To: Rene Struik <rstruik.ext@gmail.com>
X-Mailer: Apple Mail (2.1993)
Archived-At: http://mailarchive.ietf.org/arch/msg/6tisch/wDOCal0CGLBhsc1Y5GQz7s1deFw
Cc: Thomas Watteyne <watteyne@eecs.berkeley.edu>, Thubert Pascal <pthubert@cisco.com>, "6tisch@ietf.org" <6tisch@ietf.org>
Subject: Re: [6tisch] #32 (terminology): New terms for security
X-BeenThere: 6tisch@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discuss link layer model for Deterministic IPv6 over the TSCH mode of IEEE 802.15.4e, and impacts on RPL and 6LoWPAN such as resource allocation" <6tisch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tisch>, <mailto:6tisch-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/6tisch/>
List-Post: <mailto:6tisch@ietf.org>
List-Help: <mailto:6tisch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tisch>, <mailto:6tisch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Dec 2014 17:22:26 -0000
I agree with a number of Rene’s issues: - joining node The newly unboxed constrained node that needs to join a network I think “unboxed” isn’t the correct term, but I have questions as to what was intended a) device that has never been a node within the desired network or b) device that is not currently a node in the desired network? Selection of a) or b) would lead us to the correct term. - production network A 802.15.4e network whose encryption/authentication keys are determined by some algorithm/protocol. There may have network-wide group keys, or per-link keys I believe that the terminology "production network” was intended to identify the permanent (non-ephemeral) operational network that is performing a desired function. Since production has a somewhat narrow meaning, perhaps using a term like “purposed” might be better. Pat Pat Kinney Kinney Consulting LLC IEEE 802.15 WG vice chair, TG chair ISA100.11a WG chair O: +1.847.960.3715 pat.kinney@kinneyconsultingllc.com <mailto:pat.kinney@kinneyconsultingllc.com> On 19, Dec2014, at 9:10, Rene Struik <rstruik.ext@gmail.com> wrote: Hi Thomas: I think adding these terms right now is somewhat premature (sometimes: really premature). Some comments below. Rene On 12/19/2014 7:56 AM, Thomas Watteyne wrote: > +1 on Pascal's suggestions. > > Maria Rita, are those definitions you would have time to add to the draft? > > On Sat, Dec 6, 2014 at 1:22 AM, Pascal Thubert (pthubert) <pthubert@cisco.com <mailto:pthubert@cisco.com>> wrote: > My own revue: > > Cheers > > > > JCE the Join Coordination Entity. This acronym is > > > chosen to parallel the PCE. > > [PT] I'd remove "This acronym is chosen to parallel the PCE." And say that this is a central entity like the PCE that is in charge of authorization in the network and providing security material to the joining devices. > > > > joining node The newly unboxed constrained node that needs to > > > join a network. > RS>> The notion of "newly unboxed" is incorrect: a joining node is just a node that would like to be admitted to the network and be able to consume bandwidth resources. This could be a device just out of shrink wrap, but also a device that moves from one network to the next, does join n+1, etc. <<RS > [PT] The joining node (JN) leverages the JA and the JCE to learn or refresh its knowledge of the network operational state, typically the TSCH schedule, and to obtain security material such as keys, so as to participate to the production network. > RS>> There is no such thing as a production network. <<RS > > > > join protocol the protocol which secures initial communication > > > between the joining node and the JCE > > > RS>> The join protocol is more refined than this, since includes three stages (authentication, authorization, and configuration steps). See also draft-struik-6tisch-security-architecture-elements-00. <<RS > > > join assistant A constrained node near the joining node that > > > will act as it's first 6LR, and will relay > > > traffic to/from the joining node. > > > RS>> There is no conclusion yet as to whether the join assistant is simply a relay or not. This is still being discussed at the 6tisch security calls (came up during the call of last Tue, Dec 16, 2014, 5pm EST). <<RS > [PT] Again, add the acronym > > > > unique join key a key shared between a newly joining node, and > > > the JCE. This key supports smaller installations > > > for which asymmetric methods are considered too > > > large RS>> This would conflict need to support heterogeneous deployment. Again, never discussed on security calls to have this mode. This may needlessly complicate the design, except when evidence to the contrary is provided. <<RS > > > > > > production network A 802.15.4e network whose encryption/ > > > authentication keys are determined by some > > > algorithm/protocol. There may have network-wide > > > group keys, or per-link keys. RS>> This definition is meaningless. <<RS > > > > > > production network key A L2-key known by all authorized nodes, used > > > for multicast messages > > > RS>> This seems to refer to a network-wide key, as 802.15.4 defines with KeyIdMode unequal to 0x00. However, term is very imprecise. <<RS > > > per-peer L2 key a key that results from an exchange (such as MLE) > > > that creates a pair-wise L2 key which is known > > > only to the two nodes involved, > > > [I-D.piro-6tisch-security-issues] calls this a > > > LinkKey RS>> The term link key is defined in 802.15.4-2006 onwards. No need for new definitions. <<RS > > > > > > The following terms are used in this document and come from other > > > documents: > > > > > > DevID [IEEE.802.1AR] defines the secure DEVice > > > IDentifier as a device identifier that is > > > cryptographically bound to the device and is > > > composed of the Secure Device Identifier Secret > > > and the Secure Device Identifier Credential. > > > RS>> Completely premature to bake in 802.1ar certs. <<RS > > > IDevID The Initial secure DEVice IDentifier (IDevID) is > > > the Device Identifier which was installed on the > > > device by the manufacturer. RS>> Completely premature again. Besides, model promotes lock-in and very negative press. Issue has not been addressed so far. <<RS > > > > > > LDevID A Locally significant secure DEVice IDentifiers > > > (LDevIDs) is a Secure Device Identifier > > > credential that is unique in the local > > > administrative domain in which the device is > > > used. The LDevID is usually a new certificate > > > provisioned by some local means, such as the 6top > > > mechanism defined in this document. > > > RS>> Again, completely premature to drop something in that has not been ironed out. <<RS > > > CoAP The CoAP protocol, defined in [RFC7252] is an > > > HTTP-like resource access protocol. CoAP runs > > > over UDP. > > > > > > DTLS The datagram version of TLS, defined in > > > [RFC6347], and which can be used to secure CoAP > > > in the same way that TLS secures HTTP. > > > > > > ARO [RFC6775]defines a number of new Neighbor > > > Discovery options including the Address > > > Registration Option > > > > > > DAR/DAC [RFC6775]defines the Duplicate Address Request > > > and Duplicate Address Confirmation options to > > > turn the multicasted Duplicate Address Detection > > > protocol into a client/server process > > > > > > EARO [I-D.thubert-6lo-rfc6775-update-reqs]extends the > > > ARO option to include some additional fields > > > necessary to distinguish duplicate addresses from > > > nodes that have moved networks when there are > > > mulitple LLNs linked over a backbone. > > > > > > -- > > > -------------------------------------------------+---------------------- > > > -------------------------------------------------+--- > > > Reporter: Michael Richardson | Owner: > > > <mcr+ietf@sandelman.ca <mailto:mcr%2Bietf@sandelman.ca>> | pthubert@cisco.com <mailto:pthubert@cisco.com> > > > Type: defect | Status: new > > > Priority: major | Milestone: > > > Component: terminology | Version: > > > Severity: Active WG Document | Keywords: > > > -------------------------------------------------+---------------------- > > > -------------------------------------------------+--- > > > > > > Ticket URL: <http://trac.tools.ietf.org/wg/6tisch/trac/ticket/32 <http://trac.tools.ietf.org/wg/6tisch/trac/ticket/32>> > > > 6tisch <http://tools.ietf.org/6tisch/ <http://tools.ietf.org/6tisch/>> > > > > _______________________________________________ > > 6tisch mailing list > > 6tisch@ietf.org <mailto:6tisch@ietf.org> > > https://www.ietf.org/mailman/listinfo/6tisch <https://www.ietf.org/mailman/listinfo/6tisch> > > _______________________________________________ > 6tisch mailing list > 6tisch@ietf.org <mailto:6tisch@ietf.org> > https://www.ietf.org/mailman/listinfo/6tisch <https://www.ietf.org/mailman/listinfo/6tisch> > > > _______________________________________________ > 6tisch mailing list > 6tisch@ietf.org <mailto:6tisch@ietf.org> > https://www.ietf.org/mailman/listinfo/6tisch <https://www.ietf.org/mailman/listinfo/6tisch> -- email: rstruik.ext@gmail.com <mailto:rstruik.ext@gmail.com> | Skype: rstruik cell: +1 (647) 867-5658 | US: +1 (415) 690-7363 _______________________________________________ 6tisch mailing list 6tisch@ietf.org https://www.ietf.org/mailman/listinfo/6tisch
- Re: [6tisch] #32 (terminology): New terms for sec… Pascal Thubert (pthubert)
- Re: [6tisch] #32 (terminology): New terms for sec… Pascal Thubert (pthubert)
- Re: [6tisch] #32 (terminology): New terms for sec… Thomas Watteyne
- Re: [6tisch] #32 (terminology): New terms for sec… Qin Wang
- Re: [6tisch] #32 (terminology): New terms for sec… Rene Struik
- Re: [6tisch] #32 (terminology): New terms for sec… Michael Richardson
- Re: [6tisch] #32 (terminology): New terms for sec… Pat Kinney
- Re: [6tisch] #32 (terminology): New terms for sec… Michael Richardson
- Re: [6tisch] #32 (terminology): New terms for sec… Pat Kinney