IETF Logo Mail Archive

Re: [ipwave] Roman Danyliw's Discuss on draft-ietf-ipwave-ipv6-over-80211ocb-49: (with DISCUSS and COMMENT)

Nabil Benamar <n.benamar@est.umi.ac.ma> Thu, 11 July 2019 13:50 UTC

Return-Path: <n.benamar@est.umi.ac.ma>
X-Original-To: its@ietfa.amsl.com
Delivered-To: its@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E8AE1201EC for <its@ietfa.amsl.com>; Thu, 11 Jul 2019 06:50:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.601
X-Spam-Level:
X-Spam-Status: No, score=-0.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, PDS_NO_HELO_DNS=1.295, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=est-umi-ac-ma.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RCSFLF-KvmWD for <its@ietfa.amsl.com>; Thu, 11 Jul 2019 06:50:17 -0700 (PDT)
Received: from mail-io1-xd2b.google.com (mail-io1-xd2b.google.com [IPv6:2607:f8b0:4864:20::d2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 92A20120120 for <its@ietf.org>; Thu, 11 Jul 2019 06:50:11 -0700 (PDT)
Received: by mail-io1-xd2b.google.com with SMTP id f4so12665017ioh.6 for <its@ietf.org>; Thu, 11 Jul 2019 06:50:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=est-umi-ac-ma.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=LHftG1Zim/UXWHEgQaWPIyz6x29YYqWpLkGwzKxTp8M=; b=z8tb0Jb78HRdUHVAbrVwKuIpS4ax4CzfAaOfKhVIsnn7fmCD5HVwa4uIZOaO0jEpVC hmdZHcxVNkmZStfGahxt/tQFQlLeOnpS6rE1SEH7KQXKTL06Wx2QfD0u3xd/8IBVGod3 wpw7B3/00+Sg+aF8ZVjZJg+7H0cDjBePnIJh3+wErZV3lh3U6oHAFi0khtVv4AEsZvQ2 EIZg1pl2V7ScGCa4kzKShYLLu5NCVLY9Pw65jCeKbU9mRqYGNeRCPWQ9HLOoqtatWWRf tutrkDt9P3tGDBZBHkW5tgopRhEZIomWqeqZLLAP1tv3007hx4WTM6c1+DpqhGgFT+At +rNg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=LHftG1Zim/UXWHEgQaWPIyz6x29YYqWpLkGwzKxTp8M=; b=N9OGKE3uD8lvokJbJ0CgfbmXTdwrLmXkyt9of0mt6qGLwBnqo/+Iq46s1txFvvXy6L 27FHe09lzOSx3gqilPJObAoByVijbwpkmATkSnHCdx4DFRuoaoO8gVCB7iST+hlRYNw7 l+csrGm2cgmQ1Iou0WDncXMQPj02ent6BjS5HCPcWdCia3ctlORNjx0zyWakiv2Acw35 4resE72vO8XX9zhpFTMLrInOERUwaaWUB289BrJx/REtq4lASXW8CFC3NxOnVo1BGCwC tJqo/EajysHVhu/d7cLXUuZKKDg8XbA1hQAbVCoavs9FADoH0irIqEVxvu2SXxD1x8p8 eVqg==
X-Gm-Message-State: APjAAAX9uoRH4KwrTb4+ayeHNskVtOIxbRzFbG+JeOXDCbzFm++i38hr XhS/ep8fkGVzkGXuCQkg4jovgDuXAxqZizEHyvxFnA==
X-Google-Smtp-Source: APXvYqxYGSvy5iIa/bQTKYbCBk3Wz5WeDQ4aAX6JSVjk8PvP0AAyeixjz5ZbtoEqP2ZwFT55Ll0KAyB4/2oBrphZXoE=
X-Received: by 2002:a02:bb05:: with SMTP id y5mr4470736jan.93.1562853010742; Thu, 11 Jul 2019 06:50:10 -0700 (PDT)
MIME-Version: 1.0
References: <156270262382.15819.8454309099280995022.idtracker@ietfa.amsl.com>
In-Reply-To: <156270262382.15819.8454309099280995022.idtracker@ietfa.amsl.com>
From: Nabil Benamar <n.benamar@est.umi.ac.ma>
Date: Thu, 11 Jul 2019 14:49:59 +0100
Message-ID: <CAD8vqFcSq27+Uz=EZ1wfU+8LBY3F17DiNaeXM+i7guN_v8P9KQ@mail.gmail.com>
To: Roman Danyliw <rdd@cert.org>
Cc: The IESG <iesg@ietf.org>, draft-ietf-ipwave-ipv6-over-80211ocb@ietf.org, Carlos Bernardos <cjbc@it.uc3m.es>, ipwave-chairs@ietf.org, its@ietf.org
Content-Type: multipart/alternative; boundary="0000000000008abafc058d6812d2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/its/obtDie03EfAuuRUvXy6WOXC4we4>
Subject: Re: [ipwave] Roman Danyliw's Discuss on draft-ietf-ipwave-ipv6-over-80211ocb-49: (with DISCUSS and COMMENT)
X-BeenThere: its@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IPWAVE - IP Wireless Access in Vehicular Environments WG at IETF <its.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/its>, <mailto:its-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/its/>
List-Post: <mailto:its@ietf.org>
List-Help: <mailto:its-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/its>, <mailto:its-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jul 2019 13:50:24 -0000

Hi Roman,

I would like to ask you if you are convinced by my answers, or I need to do
more?

Thank you.

On Tue, Jul 9, 2019 at 9:03 PM Roman Danyliw via Datatracker <
noreply@ietf.org> wrote:

> Roman Danyliw has entered the following ballot position for
> draft-ietf-ipwave-ipv6-over-80211ocb-49: Discuss
>
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
>
>
> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
>
>
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-ipwave-ipv6-over-80211ocb/
>
>
>
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
>
> A few items per the text in the Security Considerations (Section 5):
>
> (1) Section 5.  Per “A previous work at SAVI WG identifies some threats
> [RFC6959], while SeND presented in [RFC3971] and [RFC3972] is a solution
> against address theft but it is complex and not deployed.”, a few
> questions:
>
> ** What specific threats from RFC6959 are of concern?  Which mitigations
> for
> them are being proposed?
>
> ** Why mention SeND if it is “complex and not deployed”?
>
> (2) Section 5.  Per “More IETF protocols are available in the toolbox of
> the IP
> security protocol designer.  Some ETSI protocols related to security
> protocols
> in ITS are described in [ETSI-sec-archi].”:
>
> ** Are there specific protocols to mention here?  Would they be
> different/OCB-specific than what was already noted in the beginning of the
> section -- “Any security mechanism as the IP layer or above that may be
> carried
> out …”?
>
> ** What specific ETSI protocols are being recommended from
> [ETSI-sec-archi]?
>
> (3) Section 5.2.  Per “An Interface ID SHOULD be of length specified in
> other
> documents”, what other documents?
>
> (4) Section 5.3  I’m having trouble following this section – is this a
> discussion of a threat or mitigation?  The references to Section 4.4 and
> 5.0
> didn’t clarity this for me.
>
> ** What is meant by the drivers’ identity in this case?  What is the
> pseudonym
> scheme is being used to protect it or what requirements are being set for
> it?
>
> ** What are the specific challenges of concern around pseudo-anonymization
> approaches to which an allusion is made?
>
> ** Who is the trusted third parted needed?
>
>
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
> (5) Section 1.  Per “The resulting stack inherits from IPv6 over Ethernet
> [RFC2462], but operates over …”, what exactly is being inherited?  What
> does
> “inherited” mean in this case?
>
> (6) Section 4.3.  Per “Among these types of addresses only the IPv6
> link-local
> addresses can be formed using an EUI-64 identifier, in particular during
> transition time”, the meaning of the “in particular during transition time
> isn’t clear to me.
>
> (7) Section 5.  Per “The OCB operation is stripped off of …”, is this
> sentence
> saying that OCB operations doesn’t use 802.11 link layer security
> mechanisms,
> or does the OCB operation actively remove (i.e., strips) 802.11 link layer
> security mechanisms?  I’m getting caught up in the use of “stripped off”.
>
> (8) Section 5, Per “Any attacker can therefore just sit in the near range
> of
> vehicles ... and performs attacks without needing to physically break any
> wall”, I’d recommend revising this sentence to reflect that it isn’t just
> vehicles and that active attacks are possible:
>
> NEW:
> Therefore, an attacker can sniff or inject traffic while within range of a
> vehicle or IP-RSU (by setting an interface card’s frequency to the proper
> range).
>
> (9) Section 5.  What is “protected 802.11” mentioned in “Such a link is
> less
> protected …”?
>
> (10) Section 5.2.  SHA256 needs a reference.
>
> (11) Editorial Nits
> ** Table of Contents.  There is odd spacing in the title of Appendix C
>
> ** Section 1.  Typo.  s/Appendicies/Appendices/
>
> ** Section 1.  Typo.  s/Concretly/Concretely/
>
> ** Section 1.  Editorial.  s/[RFC1042], [RFC2464] ./[RFC1042 and
> [RFC2464]./
>
> ** Multiple sections. Editorial, to make an RFC citation a reference.
> s/RFC2464/[RFC2464]/ and s/RFC 7217/[RFC7217]/
>
> ** Section 4.5.  Typo.  s/.A  A future/.  A future/
>
> ** Section 4.6. Typo.  s/links; The/links.  The/
>
> ** Section 5.1.  Typo.  s/Futhermore/Furthermore/
>
> ** Section 5.1.  Typo.  s/pricavy/privacy/
>
> ** Section 5.2. Typo.  s/admninistered/ administered/
>
> ** Appendix B.  s/Ammendment/Amendment/
>
> ** Appendix H.  Duplicate word. s/section Section 2/Section 2/
>
> ** Appendix I.  Typo.  s/specificed/specified/
>
> ** Appendix I. Typo.  s/Moreoever/Moreover/
>
>
>

-- 

Best Regards

Nabil Benamar
Associate Professor
Department of Computer Sciences
School of Technology
Moulay Ismail University
Meknes. Morocco

v2.23.0 | Report a Bug | By Email