[Lake] Comments on draft-ietf-lake-reqs-00
Ivaylo Petrov <ivaylo@ackl.io> Mon, 13 January 2020 22:44 UTC
Return-Path: <ivaylo@ackl.io>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4F1712006D for <lake@ietfa.amsl.com>; Mon, 13 Jan 2020 14:44:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ackl-io.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DTdoEVIBf8kY for <lake@ietfa.amsl.com>; Mon, 13 Jan 2020 14:44:13 -0800 (PST)
Received: from mail-wr1-x433.google.com (mail-wr1-x433.google.com [IPv6:2a00:1450:4864:20::433]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 25B3612004C for <lake@ietf.org>; Mon, 13 Jan 2020 14:44:13 -0800 (PST)
Received: by mail-wr1-x433.google.com with SMTP id c9so10315420wrw.8 for <lake@ietf.org>; Mon, 13 Jan 2020 14:44:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ackl-io.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=c89MHJKVeRpfCqrsbSuSnbzFYNS/+ERAmbL2hepio+o=; b=zS0/OIfBWZsAOrDh60d11wKWX4Bx9/pA5ajiYQclyNKq6XY9LTlHl5Qk4iHSHmJyUk OZyYmh5MtZDAQQYFE47wwyitNySDO6L1OQX8ZBkYwisXxJ+T/mtEVMaJGh32tH3A6915 WjyzOLh7pb+ANa2bAxx1pdV5SlyMTWfpUMixgofFxw2c83R7wAuC0nKLDFRs27j90njv 9IahOUUyb32dZXf/8Yz+6q85x5sqxe/g8wXe69rBl1H/7wAjLrPAipgWaR8fUPC+f9+d 2Vu57OXjb9O33x0YWTJ1pA7W7fnvy5LiDnMhRcNKbqab1+GkZpkR54+hkz1W4DU1yuSG r8cQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=c89MHJKVeRpfCqrsbSuSnbzFYNS/+ERAmbL2hepio+o=; b=SgCPNBuBU+q1mBiMLpmeI2x3wLhD6PHaaNHauP2HMhFwk3YVSUy+mY4zIQwJATQhZL S8Is0OQjswulT35S4SFBWUcPC7c3B+v3am0IFswbbgpxWmo+H1P0gAtgMFzqfjbmraWo KSjeSCpEMsWvJD8oAYV3TsfmUJmzgHIKpqyyu/eeEed5j9qkGGAxWM6jI3QEELEYKlwD Zj9EJZ4NOz09ymWCaiGboyLzIpHjztwdr59xD+bMIXC2myQPds5ggZiS7JAsu694/c0V YizUHvAuyFhArNNr6fYXXF/KlU/caFFMCYliy16dmEqEb+DmWOA3ebvwXzIrEKoJacXj pzsQ==
X-Gm-Message-State: APjAAAUi4837SMY7EvL2IB7KvZP66EDO1xf+IlbuoTjk3fbl4LuHl7WF GgNOWDMZi4zvCd6aQXVdfMttbEzHgHDnq8af+0Ovz6PryXg3Pw==
X-Google-Smtp-Source: APXvYqyggR9E0IjS2JSCuskQFUxxm2kzM+9fsqmTbCLzQ3k2b9iVkdh58mlOYZirKbEZPc7KNLRYHQKX5gBqyMn8gAg=
X-Received: by 2002:adf:f850:: with SMTP id d16mr21599143wrq.161.1578955449976; Mon, 13 Jan 2020 14:44:09 -0800 (PST)
MIME-Version: 1.0
From: Ivaylo Petrov <ivaylo@ackl.io>
Date: Mon, 13 Jan 2020 23:43:44 +0100
Message-ID: <CAJFkdRyaWtqvG=SRjP7cPSi68B+aiLRfGNeekyeest3E+MO34w@mail.gmail.com>
To: lake@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/r1X4VyMkFTstWLjd4dPkL3H7UvQ>
Subject: [Lake] Comments on draft-ietf-lake-reqs-00
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Jan 2020 22:44:18 -0000
Dear all, I have reviewed this document and overall I believe it is well written, easy to follow and provides a good amount of information about the requirements the AKE protocol needs to meet in order to be truly useful in combination with OSCORE. Here I will try to avoid repeating points that others have brought up already or that are present in the github issue tracker. I believe we will discuss those in the interim meeting. Here are a few comments and questions: sec 2.5 The AKE is required to protect the identity against active attackers of one of the peers and protection against passive attackers of the other peer in the case of public key identities. Seems difficult to read. It feels like due to an attempt to be concise, I needed to read it a few times to understand it. sec 2.9: Increased power consumption is unavoidable in poor network conditions, such as most wide-area settings including LoRaWAN. While I agree that poor network conditions would increase power consumption at least on average, I am not sure how this is connected to this happening on a wide-area setting and whether there is a specific reason only LoRaWAN to be specifically named here. The formulation of the sentence makes me wonder if I am missing something here. sec 2.9.1: LoRaWAN employs unlicensed radio frequency bands in the 868 MHz ISM band. As a case in point, we focus here on deployment in Europe, where this is regulated by ETSI EN 300 220. I think possibly in an attempt for brevity those statements could be misleading. In current deployments in Europe LoRaWAN uses 868 MHz ISM band. There is the possibility to use LoRaWAN on a licensed band, but I am not aware of anyone doing it. At the same time in the US, where I believe LoRaWAN is still a bit less popular, it uses 902 to 928 MHz band, it is regulated by another organization and has different size limits and rules for sharing the spectrum than the ones described here. I would suggest pointing out in the first sentence that reflecting deployment reality as of now, only European regulation is described in the following paragraphs. This way there will be no confusion. For LoRaWAN the most relevant metric is the Time-on-Air, which determines the back-off times and can be used as an indicator to calculate energy consumption. I am not aware of a term back-off time in relation to duty cycle (I have heard it often for retries). If this is not a common term, a suggested rephrasing is: For LoRaWAN the most relevant metric is the Time-on-Air, which also determines the period before the next communication can occur and which can be used as an indicator to calculate energy consumption. sec 2.9.1.1 LoRaWAN has a header size of 13 bytes, This is not considering fopts, which could be fine, maybe just adding some word like "generally" could make it much more correct formulation. While I did try not to look too closely at the language usage as long as the text is understandable, here is a nit that caught my attention: * sec 2.4: s/the all COSE/all the COSE/ Best regards, Ivaylo
- [Lake] Comments on draft-ietf-lake-reqs-00 Ivaylo Petrov
- Re: [Lake] Comments on draft-ietf-lake-reqs-00 Göran Selander