IETF Logo Mail Archive

Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 encryption at MAC or above LLC?

William Whyte <wwhyte@securityinnovation.com> Fri, 03 February 2017 13:51 UTC

Return-Path: <wwhyte@securityinnovation.com>
X-Original-To: its@ietfa.amsl.com
Delivered-To: its@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA05C1293DA for <its@ietfa.amsl.com>; Fri, 3 Feb 2017 05:51:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=securityinnovation.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2hHEnxV74t4D for <its@ietfa.amsl.com>; Fri, 3 Feb 2017 05:51:46 -0800 (PST)
Received: from mail-io0-x235.google.com (mail-io0-x235.google.com [IPv6:2607:f8b0:4001:c06::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 82109129CFA for <its@ietf.org>; Fri, 3 Feb 2017 05:51:46 -0800 (PST)
Received: by mail-io0-x235.google.com with SMTP id j18so17682619ioe.2 for <its@ietf.org>; Fri, 03 Feb 2017 05:51:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=securityinnovation.com; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=tRhvNcnruqdFrQfJx3+LzUFq57cZ3pFhgAJU3T0tGMk=; b=ctZSCoQBGeXCl+G2jiSLu2CvhT1xHJpz/4zkfVvzp0EeDZs8v93ScTc8pnxY9ALxPd U5f3zuOoTtvxIjItD0OfMuFhCBoCA5GjazNRNXmO+aMC/XN/CxZntAnlc5ZRmpx89qeS NuDwIcpiUFV7/ddjJJuZ7myu1SpWC8Jv+yEpc=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=tRhvNcnruqdFrQfJx3+LzUFq57cZ3pFhgAJU3T0tGMk=; b=HFvWL8xqCgvOT1f0MYH3TvyUY9ZyV/6KXiUdyopDCyedw3NC4erv80J85Do1A/ikXv ikJcWlnsxuVtrRvgeLJ0vTHrCedvVLEE2PBM51/SNoADNBUNIOY8gi8lh4mu4Exry9ck d4qozzTMI+u5kqKHGZHho/+l9AFV/Q0S6V/fmDYc3OhjxiBISuj7Gq8wUdIL958mTu3R XROUD68r/OvcI5QMO6YhGsM5dGsIv8qLfoQ8KoUbaHjV9cBGPi6hm747P8djWEM7AnKx sFIBQFJOu1YemZvFTy9eapA7R98ftI3jShJsmD3yzZMq5dckG2tHn4oyp4a1ZoTJ2DQ2 zakw==
X-Gm-Message-State: AIkVDXIXFPf6fie7Ikot0rETqruoupU0f1nkPqM9Ls6iTErnQ0fOTbYeywivJQNlLsgYnAJlLXV77j20wWFb7FLT
X-Received: by 10.107.56.6 with SMTP id f6mr11627195ioa.58.1486129905719; Fri, 03 Feb 2017 05:51:45 -0800 (PST)
MIME-Version: 1.0
Received: by 10.107.27.142 with HTTP; Fri, 3 Feb 2017 05:51:44 -0800 (PST)
In-Reply-To: <8a65d141-4e77-c7db-93ee-59ac08421685@cea.fr>
References: <148052970170.9607.12043916621198119260.idtracker@ietfa.amsl.com> <8a65d141-4e77-c7db-93ee-59ac08421685@cea.fr>
From: William Whyte <wwhyte@securityinnovation.com>
Date: Fri, 03 Feb 2017 08:51:44 -0500
Message-ID: <CACz1E9pEoqE2bOghCze6kZstNhu32ajr-0F_Q07DEmFhScQuKQ@mail.gmail.com>
To: Alexandre Petrescu <alexandre.petrescu@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/its/-WxccYQCtjT44yOL3BbfQLNKG5I>
Cc: "its@ietf.org" <its@ietf.org>
Subject: Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 encryption at MAC or above LLC?
X-BeenThere: its@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IPWAVE - IP Wireless Access in Vehicular Environments WG at IETF <its.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/its>, <mailto:its-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/its/>
List-Post: <mailto:its@ietf.org>
List-Help: <mailto:its-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/its>, <mailto:its-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Feb 2017 13:51:49 -0000

Is this an area where IP over WAVE would differ from any other form of
IP? I worry that if we start listing things that MAY happen, we start
to imply that things we leave out of the list aren't allowed even if
they were just forgotten.

It might be better to say "Any security mechanism at the IP layer or
above that may be carried out for the general case of IPv6 may also be
carried out for IPWAVE".

Cheers,

William

On Fri, Feb 3, 2017 at 7:55 AM, Alexandre Petrescu
<alexandre.petrescu@gmail.com> wrote:
> draft-ietf-ipwave-ipv6-over-80211ocb-00
> encryption at MAC or above LLC?
>
> Hello IPWAVErs,
>
> A question was raised about whether encryption would take place at MAC layer
> or above the LLC layer (i.e. IP layer)?
>
> My answer is that encryption should be performed at at least at the IP
> layer, namely IPsec and Encapsulated Security Payload (ESP) header.
>
> The details about how the encryption is performed should be described in a
> different I-D.
>
> But in the IPv6/OCB draft we can tell that "encryption MAY be performed at
> least in the IPsec layer (and potentially in the MAC layer as well)".
>
> Alex
>
>
> _______________________________________________
> its mailing list
> its@ietf.org
> https://www.ietf.org/mailman/listinfo/its
>

v2.23.0 | Report a Bug | By Email