Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 Security of WSMP and WSA is FYI only
William Whyte <wwhyte@securityinnovation.com> Fri, 10 February 2017 16:31 UTC
Return-Path: <wwhyte@securityinnovation.com>
X-Original-To: its@ietfa.amsl.com
Delivered-To: its@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C30BC129A27 for <its@ietfa.amsl.com>; Fri, 10 Feb 2017 08:31:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=securityinnovation.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7SFvE0Se1ru1 for <its@ietfa.amsl.com>; Fri, 10 Feb 2017 08:31:42 -0800 (PST)
Received: from mail-io0-x230.google.com (mail-io0-x230.google.com [IPv6:2607:f8b0:4001:c06::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E4BEE129A26 for <its@ietf.org>; Fri, 10 Feb 2017 08:31:41 -0800 (PST)
Received: by mail-io0-x230.google.com with SMTP id v96so54501492ioi.0 for <its@ietf.org>; Fri, 10 Feb 2017 08:31:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=securityinnovation.com; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=794D7NTkcDibA8VMiIyijSF63reudwuPBW1ZrCzfuSg=; b=JGABZCB/wr5ax5/eH5LtuEh2AK76KsBC1yxsU6BT88iV1NmKJsl/PJne5WfEHEJji5 TvoTYbTRf50mRxMoGwppJ2CbvSGSOrBjv21SAFp+KJBDRhOPtJ0bJ1ayiXVcoI3RiBvP NGvZksMKkhzZRpiZqrTFEN87NnSGr+Q+zf2J8=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=794D7NTkcDibA8VMiIyijSF63reudwuPBW1ZrCzfuSg=; b=KAQNq1SVHM89FqvxBJIlOpju5kffC3TZ6V2plbGF5InEN5YHMMNvGOBHd+qmeEGyLb wM4nNryPotCdavJ7CXCj5kuyNE6euwvDIYtdRyQS7tyoSKpvsaJI5vGOIyxb6+6xY1TR haQY6BxDFAkfA4vHLiLFDnsxOosZR/xzR35qk3vPabDrKctI4aQFt/kisbg9obciZbQM Qco9ihzp908zocERhhbPCWsB62NIFFTVKzKRH9fqoZQtCXPE8yVuPr0R1S562+CVQMt9 KNF3Vu4foThzyGVlzbOyQP/e8qh3ZDEpx7fRhgF5tk850viEE4FpMhp0Tnf5rQRlgb2A 35jA==
X-Gm-Message-State: AMke39kfnY2r+IkzyvQf/lqPgl8AOtYao8XUFem46WFG+VaKdUhiaE6AqIQHNC0O90+zXmAfWEzs8zkrHw9f8DTV
X-Received: by 10.107.149.18 with SMTP id x18mr8947475iod.167.1486744301134; Fri, 10 Feb 2017 08:31:41 -0800 (PST)
MIME-Version: 1.0
Received: by 10.107.176.209 with HTTP; Fri, 10 Feb 2017 08:31:39 -0800 (PST)
In-Reply-To: <d5a73f15-9658-dc0d-3706-13dc11dd484f@cea.fr>
References: <148052970170.9607.12043916621198119260.idtracker@ietfa.amsl.com> <d5a73f15-9658-dc0d-3706-13dc11dd484f@cea.fr>
From: William Whyte <wwhyte@securityinnovation.com>
Date: Fri, 10 Feb 2017 08:31:39 -0800
Message-ID: <CACz1E9qAtpgt=ZMTZGpu7dXJBbTaP5bveOHc8WCfqvFfX7Y76g@mail.gmail.com>
To: Alexandre Petrescu <alexandre.petrescu@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/its/SjSRw7LVf297bO0-yL8hJ_tVdXw>
Cc: "its@ietf.org" <its@ietf.org>
Subject: Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 Security of WSMP and WSA is FYI only
X-BeenThere: its@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IPWAVE - IP Wireless Access in Vehicular Environments WG at IETF <its.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/its>, <mailto:its-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/its/>
List-Post: <mailto:its@ietf.org>
List-Help: <mailto:its-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/its>, <mailto:its-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Feb 2017 16:31:44 -0000
To be clear, WSMP has no inbuilt security. Higher layer entities that use WSMP may send secured payloads but this is part of the application specification, not provided by WSMP. WSA is an example of such a higher layer entity; 1609.3 specifies security mechanisms (from 1609.2) that are applied before sending the WSA over WSMP. Note that whether or not to use the 1609.3 security approach is up to individual deployments -- a private deployment, for example, could conceivably decide to use different security or no security, but the recommended approach is the one in 1609.3. Cheers, William On Fri, Feb 10, 2017 at 2:52 AM, Alexandre Petrescu <alexandre.petrescu@gmail.com> wrote: > draft-ietf-ipwave-ipv6-over-80211ocb-00 > Security of WSMP and WSA is FYI only > > Hello IPWAVErs, > > We received a comment suggesting that our mentioning of IEEE WSMP and > WSA being secure should be FYI only (i.e. not req on IEEE, nor a > statement about IEEE mechanism). As such I remove the following paragraph: > > old: >> >> The WAVE protocol stack provides for strong security when using the >> WAVE Short Message Protocol and the WAVE Service Advertisement >> [ieeep1609.2-D17]. > > > Alex > > > > _______________________________________________ > its mailing list > its@ietf.org > https://www.ietf.org/mailman/listinfo/its >
- [its] I-D Action: draft-petrescu-ipv6-over-80211p… internet-drafts
- Re: [its] I-D Action: draft-petrescu-ipv6-over-80… Alexandre Petrescu
- Re: [its] I-D Action: draft-petrescu-ipv6-over-80… Russ Housley
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Nabil BENAMAR
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Dr. Hans-Joachim Fischer
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Jérôme Härri
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Jérôme Härri
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Dr. Hans-Joachim Fischer
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Dr. Hans-Joachim Fischer
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… François Simon
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Nabil BENAMAR
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… John Kenney
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Jerome Haerri
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Jerome Haerri
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Jérôme Härri
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Jérôme Härri
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Russ Housley
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… John Kenney
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Jérôme Härri
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… François Simon
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… William Whyte
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Jérôme Härri
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Michelle Wetterwald
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Jérôme Härri
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… François Simon
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Rex Buddenberg
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Michelle Wetterwald
- [ipwave] ITS RDE and packet dumps Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Nabil Benamar
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Jérôme Härri
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Jérôme Härri
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Jérôme Härri
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Jérôme Härri
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Tony Li
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… William Whyte
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… William Whyte
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… John Kenney
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Rex Buddenberg
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… François Simon
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… William Whyte
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Jérôme Härri
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Jérôme Härri
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… William Whyte
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Rex Buddenberg
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… John Kenney
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Dr. Hans-Joachim Fischer
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Dr. Hans-Joachim Fischer
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… José Santa Lozano
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Jérôme Härri
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… José Santa Lozano
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Jérôme Härri
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… François Simon
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Jérôme Härri
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Dr. Hans-Joachim Fischer
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… François Simon
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Jérôme Härri
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… François Simon
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… José Santa Lozano
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Michelle Wetterwald
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… José Santa Lozano
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… François Simon
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb-00 … Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu
- Re: [ipwave] draft-ietf-ipwave-ipv6-over-80211ocb… Alexandre Petrescu