Re: [dtn-interest] review of draft-irtf-dtnrg-bundle-security-12 (was Re: [IRSG] DTNRG review assignments)
Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 27 January 2010 14:52 UTC
Received: from mail.newbay.com (87-198-172-198.ptr.magnet.ie [87.198.172.198]) by maillists.intel-research.net (8.13.8/8.13.8) with ESMTP id o0REqfgt014199 for <dtn-interest@mailman.dtnrg.org>; Wed, 27 Jan 2010 06:52:41 -0800
Received: from localhost (localhost [127.0.0.1]) by mail.newbay.com (Postfix) with ESMTP id DA34A36007F; Wed, 27 Jan 2010 14:52:41 +0000 (GMT)
X-Virus-Scanned: amavisd-new at newbay.com
Received: from mail.newbay.com ([127.0.0.1]) by localhost (mail.newbay.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CqwYalAULWVS; Wed, 27 Jan 2010 14:52:38 +0000 (GMT)
Received: from mail01.newbay.com (mail01.newbay.com [192.168.12.25]) by mail.newbay.com (Postfix) with ESMTP id 9A597360079; Wed, 27 Jan 2010 14:52:37 +0000 (GMT)
Received: from localhost (localhost.localdomain [127.0.0.1]) by mail01.newbay.com (Postfix) with ESMTP id 795797C316; Wed, 27 Jan 2010 14:52:37 +0000 (GMT)
X-Virus-Scanned: amavisd-new at newbay.com
Received: from mail01.newbay.com ([127.0.0.1]) by localhost (mail01.newbay.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yLZXtlPzfjnA; Wed, 27 Jan 2010 14:52:32 +0000 (GMT)
Received: from [193.156.105.113] (unknown [193.156.105.113]) by mail01.newbay.com (Postfix) with ESMTP id 3D1047C315; Wed, 27 Jan 2010 14:52:31 +0000 (GMT)
Message-ID: <4B60532D.60500@cs.tcd.ie>
Date: Wed, 27 Jan 2010 14:52:29 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Thunderbird 2.0.0.23 (X11/20090812)
MIME-Version: 1.0
To: Andrei Gurtov <gurtov@hiit.fi>
References: <4B0A9264.2040602@cs.tcd.ie> <4B201A38.7040004@bbn.com> <4B20DD38.6080303@hiit.fi> <4B2106C7.3050806@bbn.com> <4B215BC8.7080303@dial.pipex.com> <4B3CBF6F.1050003@hiit.fi>
In-Reply-To: <4B3CBF6F.1050003@hiit.fi>
X-Enigmail-Version: 0.96.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: DTN <dtn-interest@mailman.dtnrg.org>, Elwyn Davies <elwynd@dial.pipex.com>
Subject: Re: [dtn-interest] review of draft-irtf-dtnrg-bundle-security-12 (was Re: [IRSG] DTNRG review assignments)
X-BeenThere: dtn-interest@maillists.intel-research.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Delay Tolerant Networking Interest List <dtn-interest.maillists.intel-research.net>
List-Unsubscribe: <http://maillists.intel-research.net/mailman/listinfo/dtn-interest>, <mailto:dtn-interest-request@maillists.intel-research.net?subject=unsubscribe>
List-Archive: <http://maillists.intel-research.net/pipermail/dtn-interest>
List-Post: <mailto:dtn-interest@maillists.intel-research.net>
List-Help: <mailto:dtn-interest-request@maillists.intel-research.net?subject=help>
List-Subscribe: <http://maillists.intel-research.net/mailman/listinfo/dtn-interest>, <mailto:dtn-interest-request@maillists.intel-research.net?subject=subscribe>
X-List-Received-Date: Wed, 27 Jan 2010 14:52:42 -0000
Hi Andrei, Thanks for the review, glad you found the document (almost) ready. We've (actually, Peter) done an update that I think takes all those into account. [1] As to your questions about ECC, firstly anyone can define new ciphersuites for ECC if they're interesting, so it can be added later. Secondly, we basically picked the most IPR-clean and widely implemented algorithms for this spec, and ECC is unfortunately not top of the list in either respect. And yes, there's an implementation, done by Peter Lovell. I guess the next step if you're happy with -14 is for you to mail the irsg list to say that, then Elwyn can update the ticket and start the irsg poll. Thanks again, Stephen. [1] http://tools.ietf.org/html/draft-irtf-dtnrg-bundle-security Andrei Gurtov wrote: > > Hi Elwyn, > > I've read the document through several times and I think it's ready to > publish. The document is very well written and apparently has been > already reviewed thoroughly by the RG since the text is quite clear and > generally bug-free. The document structure is intuitive and proposed > solutions appear very reasonable. Having a generic ASB in other block > descriptions seems neat (could be called a common header in other > terminology). > > Some security experts might want to see an attack model to be explicitly > stated in the beginning of the document. I.e. it's assumed that attacker > could eavesdrop or modify the messages in transit but not directly > compromise DTN nodes, etc. > > The presently defined 4 cryptographic suits include traditional RSA and > SHA algorithms with larger key sizes. However those take plenty of space > and processing time and ECC is better almost an order of magnitude both > in space and processing time. This might be important for resource- and > bandwidth- restricted environments where DTNs could operate. It would be > good to see some discussion on this issue, and why not make ECC the > default suites. There are some IPR issues perhaps, but at least latest > openssl library includes free open-source ecc code. > > In fig 2 and other similar ones there is no numbering of bits > traditionally present in RFCs. It would be perhaps a good idea to > include those, especially since the bit numbering could be from right to > left in some cases (if I understood correctly from other examples). > > Fig 6 and 7 look exactly the same, are both of them needed? > > Has someone actually implemented this specification? It would be nice to > have a summary of their experiences/pointers to the code, or is this > planned for a separate document? > > Some minor nits and typos are also marked on the attached PDF. > > Best regards > Andrei > > > > Elwyn Davies wrote: >> Aaron Falk wrote: >>> Yes, please! >>> >>> I'll send a note to Lachlan. >>> >>> >> Hi, Andrei. >> Thanks for agreeing to review this draft. > >> I hope to see your review in the first week of 2010 if that is possible >> given the holidays. > >> Regards, >> Elwyn Davies >> Document Shepherd > > >>> --aaron >>> >>> On 12/10/09 6:36 AM, Andrei Gurtov wrote: >>> >>>> Hi, >>>> >>>> I've agreed earlier to review the security draft, which I read a couple >>>> times already. Do you want me still to write the review? >>>> >>>> Andrei >>>> >>>> Aaron Falk wrote: >>>> >>>>> Hi Folks- >>>>> Here are the reviewer assignments for the DTNRG docs listed >>>>> below. >>>>> Andrew, L >>>>> lachlan.andrew@gmail.com >>>>> http://tools.ietf.org/html/draft-irtf-dtnrg-bundle-security >>>>> Arbaugh, W >>>>> waa@cs.umd.edu >>>> http://tools.ietf.org/html/draft-irtf-dtnrg-sdnv >>>> >>>>> Braden, R >>>>> braden@isi.edu >>>> http://tools.ietf.org/html/draft-irtf-dtnrg-cbhe >>>> >>>>> Wroclawski, J >>>>> jtw@isi.edu >>>>> http://tools.ietf.org/html/draft-irtf-dtnrg-bundle-previous-hop-block >>>>> Zhang, L >>>>> lixia@cs.ucla.edu >>>>> http://tools.ietf.org/html/draft-irtf-dtnrg-bundle-metadata-block >>>>> >>>> >>>>> Please send a confirmation that you will agree to do the reviews. If >>>>> you haven't confirmed by Monday, 12/14/09, Elwyn should start chasing >>>>> after you. Reviews should be done in 2-3 weeks but given the holiday, >>>>> you might want to pick a date that is reasonably convenient and confirm >>>>> for that date. >>>>> Remember, the reviews are scoped as follows >>>>> (http://trac.tools.ietf.org/group/irtf/trac/wiki/IRTF-RFCs#Reviews): >>>>> Reviews >>>>> The purpose of the IRSG review is to ensure consistent >>>>> editorial and >>>>> technical quality for IRTF publications. IRSG review is not a deep >>>>> technical review. (This should take place within the RG.) At least >>>>> one IRSG member other than the chair of the RG bringing the work >>>>> forth must review the document and the RG's editorial process. >>>>> IRSG reviewers should look for clear, cogent, and consistent >>>>> writing. An important aspect of the review is to gain a critical >>>>> reading from reviewers who are not subject matter experts and, in >>>>> the process, assure the document will be accessible to those beyond >>>>> the authoring research group. Also, reviewers should assess whether >>>>> sufficient editorial and technical review has been conducted and >>>>> the >>>>> requirements of this process document, such as those described in >>>>> Group Preparation >>>>> >>>>> <http://trac.tools.ietf.org/group/irtf/trac/wiki/IRTF-RFCs#Research> >>>>> have been met. Finally, reviewers should check that appropriate >>>>> citations to related research literature have been made. >>>>> Reviews should be written to be public. Review comments >>>>> should be >>>>> sent to the IRSG and RG mailing lists and entered into the tracker. >>>>> All IRSG review comments must be addressed. However, the RG need >>>>> not >>>>> accept every comment. It is the responsibility of the shepherd to >>>>> understand the comments and ensure that the RG considers them >>>>> including adequate dialog between the reviewer and the author >>>>> and/or >>>>> RG. Reviews and their resolution should be entered into the tracker >>>>> by the document shepherd. >>>>> --aaron >>>>> On 11/23/09 8:47 AM, Stephen Farrell wrote: >>>>> >>>>>> Hi all, >>>>>> >>>>>> DTNRG have finished 5 drafts, with one more hopefully >>>>>> coming this week. (I'll send a separate note when >>>>>> that's ready.) >>>>>> >>>>>> We're looking for reviewers for these, so if you'd >>>>>> like to volunteer, please let Elwyn know (he's agreed >>>>>> to shepherd these for us) and he'll update the >>>>>> tickets. Otherwise I guess Aaron will allocate people >>>>>> using his round-robin scheme. >>>>>> >>>>>> The drafts are: >>>>>> >>>>>> http://tools.ietf.org/html/draft-irtf-dtnrg-bundle-security >>>>>> http://tools.ietf.org/html/draft-irtf-dtnrg-sdnv >>>>>> http://tools.ietf.org/html/draft-irtf-dtnrg-cbhe >>>>>> http://tools.ietf.org/html/draft-irtf-dtnrg-bundle-metadata-block >>>>>> http://tools.ietf.org/html/draft-irtf-dtnrg-bundle-previous-hop-block >>>>>> >>>>>> The first one is by far the longest/most complex (hint, hint:-) >>>>>> >>>>>> Thanks, >>>>>> Stephen. >>>>>> >>>>>> _______________________________________________ >>>>>> IRSG mailing list >>>>>> IRSG@mailman.isi.edu >>>>>> http://mailman.isi.edu/mailman/listinfo/irsg >>>>>> >>>>>> >>>>> ------------------------------------------------------------------------ >>>>> >>>>> _______________________________________________ >>>>> IRSG mailing list >>>>> IRSG@mailman.isi.edu >>>>> http://mailman.isi.edu/mailman/listinfo/irsg >>>>> >>>> >>> > >
- Re: [dtn-interest] review of draft-irtf-dtnrg-bun… Stephen Farrell
- [dtn-interest] [Fwd: review of draft-irtf-dtnrg-b… Elwyn Davies