Re: [core] Last Call: <draft-ietf-core-block-18.txt> (Block-wise transfers in CoAP) to Proposed Standard

Ludwig Seitz <ludwig@sics.se> Tue, 02 February 2016 10:24 UTC

Return-Path: <ludwig@sics.se>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB2091ACE41 for <core@ietfa.amsl.com>; Tue, 2 Feb 2016 02:24:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Xt1l0Q2d-q9k for <core@ietfa.amsl.com>; Tue, 2 Feb 2016 02:24:18 -0800 (PST)
Received: from mail-lf0-x22c.google.com (mail-lf0-x22c.google.com [IPv6:2a00:1450:4010:c07::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 488A61ACE3F for <core@ietf.org>; Tue, 2 Feb 2016 02:24:18 -0800 (PST)
Received: by mail-lf0-x22c.google.com with SMTP id 78so66492209lfy.3 for <core@ietf.org>; Tue, 02 Feb 2016 02:24:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sics-se.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-type; bh=LFkb7N7AamtQ+QUmYpuzNaRDkRUPzGq3Bt24+TNHdfY=; b=KkbiEuLLForDiMtlnIhWFdblHwIO76XJPoSXEloMxZVbVRKVBipUTrUb/jYtdO8dNc VaXofvqOJteSm/z2qQaISYuZIxHxKK76ma1BKOBHY7IVyVOKubogGh9vdUQbIsHCDzrT JpDwoVqhclW2jokbKjuJvkD6DqwNNnmk0iwmwa0Ol56IzfLVWTulHP7Xb/zhDUtS8STb L05rsBQMyGOnEUI1QssdZ4Mm29jdRdapTGO+W0iAmUhprnDO/3Kj4HpaAkdatW/TyaZm kdZYG1teiuOqIy8WoxjoyjaEpKeWNChdP2ts9MP9FwZwkC3uFvHtC5T05ngDjQulFBvH PEDg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-type; bh=LFkb7N7AamtQ+QUmYpuzNaRDkRUPzGq3Bt24+TNHdfY=; b=Ibvjp9L/hFiJGBpIRF/Vhcf4nTFjiFhuSyduLpIFmi/6ebMcZ7IPunmyjVt+3qUz02 peLawtkk9AiMj69MpQBdo0FdJPDfl3wOAyLG1e3FWrszxC8MaXpFMl2Yyi4gl1LXclSI NxsJ6PiHDegzKAggiA8J5f0ZFNkok7/wbMpJQLb20lh67e6elvU8eqGFkdvCYP9cGvDB h4Wo8AZ3dIYAEmDicOAeDyLBPffYXmwn0Ug5eGV1OiL9+gaZ/M2VSZCsy2sUGePVx6dr ijs64Og3jF63uqd4MLgdvPEfkihJLdnvOLgWjwJrAStR9AQoA4f8LJxCYltponsGACyA z3GQ==
X-Gm-Message-State: AG10YOSUaatCBPzymyN7WKXUQz1qYnWFxmOXXj9BIcJ6jfKQAtP/RZ5EHe9gpQSpi9TkvbaA
X-Received: by 10.25.159.9 with SMTP id i9mr11282875lfe.109.1454408656499; Tue, 02 Feb 2016 02:24:16 -0800 (PST)
Received: from Hyperion.suse ([85.235.10.186]) by smtp.gmail.com with ESMTPSA id m64sm106151lfd.32.2016.02.02.02.24.15 for <core@ietf.org> (version=TLSv1/SSLv3 cipher=OTHER); Tue, 02 Feb 2016 02:24:15 -0800 (PST)
To: core@ietf.org
References: <20151120213250.32473.53283.idtracker@ietfa.amsl.com> <D27C68A8.3F21C%goran.selander@ericsson.com> <063a01d15a22$24099250$6c1cb6f0$@augustcellars.com> <56AB166F.9040404@tzi.org>
From: Ludwig Seitz <ludwig@sics.se>
Message-ID: <56B083CE.40307@sics.se>
Date: Tue, 02 Feb 2016 11:24:14 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.0
MIME-Version: 1.0
In-Reply-To: <56AB166F.9040404@tzi.org>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms060805060104030800060606"
Archived-At: <http://mailarchive.ietf.org/arch/msg/core/Nj7Yi4lUQyextSA8NjZaFKm5AUU>
Subject: Re: [core] Last Call: <draft-ietf-core-block-18.txt> (Block-wise transfers in CoAP) to Proposed Standard
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Feb 2016 10:24:21 -0000

On 01/29/2016 08:36 AM, Carsten Bormann wrote:
> Hi Jim,
>
> [...]  I think the biggest remaining question with this
> is what to do against an attacker polluting a cache with a bad block
> (creating a problem for availability, not integrity).  (In RFC7252's
> security model, DTLS prevents that from happening.)
>

I think that this is the point we were considering when we thought it 
would be good to protect individual fragments.

If you receive a fragment, you'd like to be able to verify that it is 
legit, before you store it, and before you request further fragments.

Otherwise it's just to easy to fill up the memory of a constrained 
device with junk.

/Ludwig



-- 
Ludwig Seitz, PhD
SICS Swedish ICT AB
Ideon Science Park
Building Beta 2
Scheelevägen 17
SE-223 70 Lund

Phone +46(0)70 349 9251
http://www.sics.se