Re: [dtn-interest] review of draft-irtf-dtnrg-bundle-security-12 (was Re: [IRSG] DTNRG review assignments)

[Stephen Farrell <stephen.farrell@cs.tcd.ie>]

Hi Andrei,

Thanks for the review, glad you found the document (almost)
ready. We've (actually, Peter) done an update that I think
takes all those into account. [1]

As to your questions about ECC, firstly anyone can define new
ciphersuites for ECC if they're interesting, so it can be
added later. Secondly, we basically picked the most IPR-clean
and widely implemented algorithms for this spec, and ECC is
unfortunately not top of the list in either respect.

And yes, there's an implementation, done by Peter Lovell.

I guess the next step if you're happy with -14 is for you
to mail the irsg list to say that, then Elwyn can update
the ticket and start the irsg poll.

Thanks again,
Stephen.

[1] http://tools.ietf.org/html/draft-irtf-dtnrg-bundle-security


Andrei Gurtov wrote:
> 
> Hi Elwyn,
> 
> I've read the document through several times and I think it's ready to
> publish. The document is very well written and apparently has been
> already reviewed thoroughly by the RG since the text is quite clear and
> generally bug-free. The document structure is intuitive and proposed
> solutions appear very reasonable. Having a generic ASB in other block
> descriptions seems neat (could be called a common header in other
> terminology).
> 
> Some security experts might want to see an attack model to be explicitly
> stated in the beginning of the document. I.e. it's assumed that attacker
> could eavesdrop or modify the messages in transit but not directly
> compromise DTN nodes, etc.
> 
> The presently defined 4 cryptographic suits include traditional RSA and
> SHA algorithms with larger key sizes. However those take plenty of space
>  and processing time and ECC is better almost an order of magnitude both
> in space and processing time. This might be important for resource- and
> bandwidth- restricted environments where DTNs could operate. It would be
> good to see some discussion on this issue, and why not make ECC the
> default suites. There are some IPR issues perhaps, but at least latest
> openssl library includes free open-source ecc code.
> 
> In fig 2 and other similar ones there is no numbering of bits
> traditionally present in RFCs. It would be perhaps a good idea to
> include those, especially since the bit numbering could be from right to
> left in some cases (if I understood correctly from other examples).
> 
> Fig 6 and 7 look exactly the same, are both of them needed?
> 
> Has someone actually implemented this specification? It would be nice to
> have a summary of their experiences/pointers to the code, or is this
> planned for a separate document?
> 
> Some minor nits and typos are also marked on the attached PDF.
> 
> Best regards
> Andrei
> 
> 
> 
> Elwyn Davies wrote:
>> Aaron Falk wrote:
>>> Yes, please!
>>>
>>> I'll send a note to Lachlan.
>>>
>>>   
>> Hi, Andrei.
>> Thanks for agreeing to review this draft.
> 
>> I hope to see your review in the first week of 2010 if that is possible
>> given the holidays.
> 
>> Regards,
>> Elwyn Davies
>> Document Shepherd
> 
> 
>>> --aaron
>>>
>>> On 12/10/09 6:36 AM, Andrei Gurtov wrote:
>>>  
>>>> Hi,
>>>>
>>>> I've agreed earlier to review  the security draft, which I read a couple
>>>> times already. Do you want me still to write the review?
>>>>
>>>> Andrei
>>>>
>>>> Aaron Falk wrote:
>>>>    
>>>>> Hi Folks-
>>>>>       Here are the reviewer assignments for the DTNRG docs listed
>>>>> below.
>>>>>       Andrew, L
>>>>>     lachlan.andrew@gmail.com    
>>>>> http://tools.ietf.org/html/draft-irtf-dtnrg-bundle-security
>>>>> Arbaugh, W
>>>>>     waa@cs.umd.edu             
>>>>  http://tools.ietf.org/html/draft-irtf-dtnrg-sdnv
>>>>    
>>>>> Braden, R
>>>>>     braden@isi.edu             
>>>>  http://tools.ietf.org/html/draft-irtf-dtnrg-cbhe
>>>>    
>>>>> Wroclawski, J
>>>>>     jtw@isi.edu    
>>>>> http://tools.ietf.org/html/draft-irtf-dtnrg-bundle-previous-hop-block
>>>>> Zhang, L
>>>>>     lixia@cs.ucla.edu    
>>>>> http://tools.ietf.org/html/draft-irtf-dtnrg-bundle-metadata-block
>>>>>       
>>>>    
>>>>> Please send a confirmation that you will agree to do the reviews.  If
>>>>> you haven't confirmed by Monday, 12/14/09, Elwyn should start chasing
>>>>> after you.  Reviews should be done in 2-3 weeks but given the holiday,
>>>>> you might want to pick a date that is reasonably convenient and confirm
>>>>> for that date.
>>>>>       Remember, the reviews are scoped as follows
>>>>> (http://trac.tools.ietf.org/group/irtf/trac/wiki/IRTF-RFCs#Reviews):
>>>>>           Reviews
>>>>>           The purpose of the IRSG review is to ensure consistent
>>>>> editorial and
>>>>>     technical quality for IRTF publications. IRSG review is not a deep
>>>>>     technical review. (This should take place within the RG.) At least
>>>>>     one IRSG member other than the chair of the RG bringing the work
>>>>>     forth must review the document and the RG's editorial process.
>>>>>           IRSG reviewers should look for clear, cogent, and consistent
>>>>>     writing. An important aspect of the review is to gain a critical
>>>>>     reading from reviewers who are not subject matter experts and, in
>>>>>     the process, assure the document will be accessible to those beyond
>>>>>     the authoring research group. Also, reviewers should assess whether
>>>>>     sufficient editorial and technical review has been conducted and
>>>>> the
>>>>>     requirements of this process document, such as those described in
>>>>>     Group Preparation
>>>>>    
>>>>> <http://trac.tools.ietf.org/group/irtf/trac/wiki/IRTF-RFCs#Research>
>>>>>     have been met. Finally, reviewers should check that appropriate
>>>>>     citations to related research literature have been made.
>>>>>           Reviews should be written to be public. Review comments
>>>>> should be
>>>>>     sent to the IRSG and RG mailing lists and entered into the tracker.
>>>>>     All IRSG review comments must be addressed. However, the RG need
>>>>> not
>>>>>     accept every comment. It is the responsibility of the shepherd to
>>>>>     understand the comments and ensure that the RG considers them
>>>>>     including adequate dialog between the reviewer and the author
>>>>> and/or
>>>>>     RG. Reviews and their resolution should be entered into the tracker
>>>>>     by the document shepherd.
>>>>>       --aaron
>>>>>       On 11/23/09 8:47 AM, Stephen Farrell wrote:
>>>>>      
>>>>>> Hi all,
>>>>>>
>>>>>> DTNRG have finished 5 drafts, with one more hopefully
>>>>>> coming this week. (I'll send a separate note when
>>>>>> that's ready.)
>>>>>>
>>>>>> We're looking for reviewers for these, so if you'd
>>>>>> like to volunteer, please let Elwyn know (he's agreed
>>>>>> to shepherd these for us) and he'll update the
>>>>>> tickets. Otherwise I guess Aaron will allocate people
>>>>>> using his round-robin scheme.
>>>>>>
>>>>>> The drafts are:
>>>>>>
>>>>>> http://tools.ietf.org/html/draft-irtf-dtnrg-bundle-security
>>>>>> http://tools.ietf.org/html/draft-irtf-dtnrg-sdnv
>>>>>> http://tools.ietf.org/html/draft-irtf-dtnrg-cbhe
>>>>>> http://tools.ietf.org/html/draft-irtf-dtnrg-bundle-metadata-block
>>>>>> http://tools.ietf.org/html/draft-irtf-dtnrg-bundle-previous-hop-block
>>>>>>
>>>>>> The first one is by far the longest/most complex (hint, hint:-)
>>>>>>
>>>>>> Thanks,
>>>>>> Stephen.
>>>>>>
>>>>>> _______________________________________________
>>>>>> IRSG mailing list
>>>>>> IRSG@mailman.isi.edu
>>>>>> http://mailman.isi.edu/mailman/listinfo/irsg
>>>>>>
>>>>>>         
>>>>> ------------------------------------------------------------------------
>>>>>
>>>>>       _______________________________________________
>>>>> IRSG mailing list
>>>>> IRSG@mailman.isi.edu
>>>>> http://mailman.isi.edu/mailman/listinfo/irsg
>>>>>       
>>>>     
>>>   
> 
>