Re: [6tsch] (my comments) Re: Security slides
<yoshihiro.ohba@toshiba.co.jp> Fri, 26 July 2013 04:08 UTC
Return-Path: <yoshihiro.ohba@toshiba.co.jp>
X-Original-To: 6tsch@ietfa.amsl.com
Delivered-To: 6tsch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix)
with ESMTP id E650721F8F07 for <6tsch@ietfa.amsl.com>;
Thu, 25 Jul 2013 21:08:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.788
X-Spam-Level:
X-Spam-Status: No, score=-4.788 tagged_above=-999 required=5 tests=[AWL=0.700,
BAYES_50=0.001, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265, HTML_MESSAGE=0.001,
RCVD_IN_DNSWL_HI=-8, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H2VAqVsBeZTb for
<6tsch@ietfa.amsl.com>; Thu, 25 Jul 2013 21:08:22 -0700 (PDT)
Received: from imx12.toshiba.co.jp (imx12.toshiba.co.jp [61.202.160.132]) by
ietfa.amsl.com (Postfix) with ESMTP id 0BE1421F89A5 for <6tsch@ietf.org>;
Thu, 25 Jul 2013 21:08:17 -0700 (PDT)
Received: from tsbmgw-mgw01.tsbmgw-mgw01.toshiba.co.jp ([133.199.232.103]) by
imx12.toshiba.co.jp with ESMTP id r6Q489Bq018902 (version=TLSv1/SSLv3
cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
Fri, 26 Jul 2013 13:08:09 +0900 (JST)
Received: from tsbmgw-mgw01 (localhost [127.0.0.1]) by
tsbmgw-mgw01.tsbmgw-mgw01.toshiba.co.jp (8.13.8/8.14.5) with ESMTP id
r6Q489ZR018035; Fri, 26 Jul 2013 13:08:09 +0900
Received: from localhost ([127.0.0.1]) by tsbmgw-mgw01 (JAMES SMTP Server
2.3.1) with SMTP ID 246; Fri, 26 Jul 2013 13:08:09 +0900 (JST)
Received: from arc11.toshiba.co.jp ([133.199.90.127]) by
tsbmgw-mgw01.tsbmgw-mgw01.toshiba.co.jp (8.13.8/8.14.5) with ESMTP id
r6Q489ft018029; Fri, 26 Jul 2013 13:08:09 +0900
Received: (from root@localhost) by arc11.toshiba.co.jp id r6Q48989000209;
Fri, 26 Jul 2013 13:08:09 +0900 (JST)
Received: from ovp11.toshiba.co.jp [133.199.90.148] by arc11.toshiba.co.jp
with ESMTP id PAA00206; Fri, 26 Jul 2013 13:08:09 +0900
Received: from mx2.toshiba.co.jp (localhost [127.0.0.1]) by
ovp11.toshiba.co.jp with ESMTP id r6Q488kv025819;
Fri, 26 Jul 2013 13:08:08 +0900 (JST)
Received: from TGXML330.toshiba.local by toshiba.co.jp id r6Q487St003288;
Fri, 26 Jul 2013 13:08:07 +0900 (JST)
Received: from TGXML338.toshiba.local ([169.254.4.201]) by
TGXML330.toshiba.local ([133.199.60.204]) with mapi id 14.03.0146.000;
Fri, 26 Jul 2013 13:08:07 +0900
From: <yoshihiro.ohba@toshiba.co.jp>
To: <rstruik.ext@gmail.com>
Thread-Topic: (my comments) Re: [6tsch] Security slides
Thread-Index: Ac6IuaunkMvKN4tXQsKhy38QPNUHiAAYcNcAABrKxcA=
Date: Fri, 26 Jul 2013 04:08:07 +0000
Message-ID: <674F70E5F2BE564CB06B6901FD3DD78B12D3FF36@tgxml338.toshiba.local>
References: <674F70E5F2BE564CB06B6901FD3DD78B12D3F92D@tgxml338.toshiba.local>
<51F171D8.1060702@gmail.com>
In-Reply-To: <51F171D8.1060702@gmail.com>
Accept-Language: ja-JP, en-US
Content-Language: ja-JP
x-originating-ip: [133.199.17.139]
msscp.transfermailtomossagent: 103
Content-Type: multipart/alternative;
boundary="_000_674F70E5F2BE564CB06B6901FD3DD78B12D3FF36tgxml338toshiba_"
MIME-Version: 1.0
Cc: 6tsch@ietf.org
Subject: Re: [6tsch] (my comments) Re: Security slides
X-BeenThere: 6tsch@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discuss link layer model for Deterministic IPv6 over the TSCH mode
of IEEE 802.15.4e,
and impacts on RPL and 6LoWPAN such as resource allocation" <6tsch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tsch>,
<mailto:6tsch-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/6tsch>
List-Post: <mailto:6tsch@ietf.org>
List-Help: <mailto:6tsch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tsch>,
<mailto:6tsch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Jul 2013 04:08:28 -0000
Hi Rene, Thank you very much for your comments. Please see my response below. From: Rene Struik [mailto:rstruik.ext@gmail.com] Sent: Friday, July 26, 2013 3:44 AM To: ohba yoshihiro(大場 義洋 ○RDC□NSL) Cc: 6tsch@ietf.org<mailto:6tsch@ietf.org> Subject: (my comments) Re: [6tsch] Security slides Hi Yoshi: I am not sure why ZigBee IP is mentioned on the slides, since ZigBee does not use TSCH. If mentioning a potential "user" at all, it seems more appropriate to mention w/HART or ISA SP100. (It is quite likely not needed, though, since covered elsewhere on general overview slides.) [YO] Sorry for confusion. ZigBee IP is mentioned because it is an existing wireless mesh standard that uses higher-layer (IP-layer and above) key management protocols to manage 802.15.4 link layer keys, and 6TSCH is also looking at higher-layer key management protocols as well. Having said that I would rather add the following bullet to make this point clear: “- ZIP uses higher-layer key management protocol (PANA) to distribute the network key.” Why not using the 802.15.4e specification as basis for security slides? Section 5.1.2.6 describes PAN formation. It would also help to have a few words on "basic" security features of 802.15.4, so that people get an idea what is in there. [YO] We can add a few words on "basic" security features of 802.15.4 based on your edits. BTW, 802.15.4e TSCH security is also mentioned in the original slides. 802.15.4e nodes use time-scheduling info to determine when to communicate (time scheduling) and on which communication channel (channel hopping). The 802.15.4e specification describes how this is done, based on available TSCH parameters, but does not describe how these TSCH parameters are set. That is where some of the work comes in, also for security. [YO] Your editing of Background (1/2) is covered by earlier presentations and we don’t need to reiterate it. I edited the slides you sent out for review, so as to reflect the above (please see attached). BTW - I did not delve into PAN formation as hinted at in 802.15.4e. As you can see, I suggest partitioning security work in two stages, where the second stage is conditional on rechartering. More importantly, though, I feel one needs to focus on understanding the space (and the "hooks" in 802.15.4e) first, before putting "solutions" on the table. In other words, first define the problem on which these solutions should be based. [YO] If we want to *explicitly* mention “two-stage” approach, it is better to change the security part of the text in the current charter accordingly. Your edits goes beyond the current charter text, which seems to contradict with your previous comment “I suggest to leave the current language in the draft charter as is right now.” I would rather stop at mentioning requirements & framework in the slides, and verbally mention two-stage approach. One interesting problem would be how to use 802.15.4e security, after a joining operation, but prior to getting a reliable Absolute Slot Number.. [YO] I am interested in knowing what exactly the problem you mention is. We can discuss more on the call tomorrow. [YO] I won’t be able to attend the call since I will be traveling to Berlin. Thanks, Yoshihiro Ohba Best regards, Rene On 7/24/2013 6:05 PM, yoshihiro.ohba@toshiba.co.jp<mailto:yoshihiro.ohba@toshiba.co.jp> wrote: Security slides are available at: https://bitbucket.org/6tsch/meetings/src/master/130730_ietf-87_berlin/3f_draft-ohba-6tsch-security.pptx Please review and send your feedback. Regards, Yoshihiro Ohba _______________________________________________ 6tsch mailing list 6tsch@ietf.org<mailto:6tsch@ietf.org> https://www.ietf.org/mailman/listinfo/6tsch -- email: rstruik.ext@gmail.com<mailto:rstruik.ext@gmail.com> | Skype: rstruik cell: +1 (647) 867-5658 | US: +1 (415) 690-7363
- [6tsch] Security slides yoshihiro.ohba
- [6tsch] (my comments) Re: Security slides Rene Struik
- Re: [6tsch] (my comments) Re: Security slides yoshihiro.ohba
- Re: [6tsch] (my comments) Re: Security slides Rene Struik
- Re: [6tsch] (my comments) Re: Security slides Rene Struik