[homenet] Kathleen Moriarty's Discuss on draft-ietf-homenet-hncp-09: (with DISCUSS)

"Kathleen Moriarty" <Kathleen.Moriarty.ietf@gmail.com> Tue, 17 November 2015 23:50 UTC

Return-Path: <Kathleen.Moriarty.ietf@gmail.com>
X-Original-To: homenet@ietf.org
Delivered-To: homenet@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 372751B359A; Tue, 17 Nov 2015 15:50:34 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: "Kathleen Moriarty" <Kathleen.Moriarty.ietf@gmail.com>
To: "The IESG" <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.10.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20151117235034.24927.22561.idtracker@ietfa.amsl.com>
Date: Tue, 17 Nov 2015 15:50:34 -0800
Archived-At: <http://mailarchive.ietf.org/arch/msg/homenet/7BxmiN9Jh3Et6fGbLOI9eK0vlsA>
Cc: homenet-chairs@ietf.org, homenet@ietf.org, mark@townsley.net, draft-ietf-homenet-hncp@ietf.org
Subject: [homenet] Kathleen Moriarty's Discuss on draft-ietf-homenet-hncp-09: (with DISCUSS)
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.15
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Nov 2015 23:50:34 -0000

Kathleen Moriarty has entered the following ballot position for
draft-ietf-homenet-hncp-09: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)

Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.

The document, along with other ballot positions, can be found here:


I have a couple of pints to discuss that should be pretty easy to resolve
as I wasn't clear on the first because of wording (should be very simple)
and would like to chat about the second.  Thanks.

1. I'm not clear on one of the bullets in section 3, 
  o  HNCP nodes MUST use the leading 64 bits of MD5 [RFC1321] as DNCP
      non-cryptographic hash function H(x).

Is this meant to use a message digest (RFC1321) or a cryptographic hash
for authentication (RFC2104)?  If it's the former, can you make this more
clear in the bullet?  If it's the latter, can you update the reference
and the number of bits to use for truncation is 80 for the minimum.  You
do explicitly mention HMACs later on for PSKs using SHA256, so maybe the
reference is correct and the wording should just be a bit more clear?

2. Can you explain why DTLS is a SHOULD and not a MUST?  The bullet in
section 3 reads as if this is for use, not implementation.  Is there a
MUST for implementation (I didn't see one, but maybe I missed that)? 

Could you add a reference to RFC7525 to help with configuration and
cipher suite recommendations?  This could be in section 12, security