Re: [manet] WG adoption of NHDP-sec
"Dearlove, Christopher (UK)" <Chris.Dearlove@baesystems.com> Tue, 03 May 2011 08:28 UTC
Return-Path: <Chris.Dearlove@baesystems.com>
X-Original-To: manet@ietfa.amsl.com
Delivered-To: manet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 96353E06F9 for <manet@ietfa.amsl.com>; Tue, 3 May 2011 01:28:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ULFzJ2rZ5pN0 for <manet@ietfa.amsl.com>; Tue, 3 May 2011 01:28:26 -0700 (PDT)
Received: from ukmta3.baesystems.com (ukmta3.baesystems.com [20.133.40.55]) by ietfa.amsl.com (Postfix) with ESMTP id 5818CE06F4 for <manet@ietf.org>; Tue, 3 May 2011 01:28:26 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.64,308,1301871600"; d="scan'208";a="131170382"
Received: from unknown (HELO baemasodc004.greenlnk.net) ([10.108.36.11]) by Baemasodc001ir.sharelnk.net with ESMTP; 03 May 2011 09:28:19 +0100
Received: from glkms1103.GREENLNK.NET (glkms1103.greenlnk.net [10.108.36.194]) by baemasodc004.greenlnk.net (Switch-3.4.3/Switch-3.4.3) with ESMTP id p438SIr3031470; Tue, 3 May 2011 09:28:19 +0100
Received: from GLKMS2100.GREENLNK.NET ([10.15.184.93]) by glkms1103.GREENLNK.NET with Microsoft SMTPSVC(6.0.3790.4675); Tue, 3 May 2011 09:28:18 +0100
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 03 May 2011 09:28:16 +0100
Message-ID: <ABE739C5ADAC9A41ACCC72DF366B719D04265164@GLKMS2100.GREENLNK.NET>
In-reply-to: <7A7D1783-E567-4970-965C-ED138BD4EF79@herberg.name>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [manet] WG adoption of NHDP-sec
Thread-Index: AcwBohHD0Y9BbPMiRym13y0oA3rbsgHyaoDA
References: <02F6C412-BA94-4319-B05B-FF0B5AD343DC@nrl.navy.mil> <ABE739C5ADAC9A41ACCC72DF366B719D042645C1@GLKMS2100.GREENLNK.NET> <7A7D1783-E567-4970-965C-ED138BD4EF79@herberg.name>
From: "Dearlove, Christopher (UK)" <Chris.Dearlove@baesystems.com>
To: Ulrich Herberg <ulrich@herberg.name>
X-OriginalArrivalTime: 03 May 2011 08:28:18.0765 (UTC) FILETIME=[0E4877D0:01CC096C]
Cc: Ulrich Herberg <ulrich.herberg@polytechnique.edu>, MANET IETF <manet@ietf.org>, Thomas Heide Clausen <thomas@thomasclausen.org>
Subject: Re: [manet] WG adoption of NHDP-sec
X-BeenThere: manet@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Mobile Ad-hoc Networks <manet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/manet>, <mailto:manet-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/manet>
List-Post: <mailto:manet@ietf.org>
List-Help: <mailto:manet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/manet>, <mailto:manet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 May 2011 08:28:27 -0000
Apologies for that, I put this together in a hurry just before
leaving for a long week off, and these are, as Ulrich deduced,
about packetbb-sec. I didn't get to NHDP-sec in time, though I
still plan to take a look at it.
--
Christopher Dearlove
Technology Leader, Communications Group
Communications and Networks Capability
BAE Systems Advanced Technology Centre
West Hanningfield Road, Great Baddow, Chelmsford, CM2 8HN, UK
Tel: +44 1245 242194 Fax: +44 1245 242124
BAE Systems (Operations) Limited
Registered Office: Warwick House, PO Box 87,
Farnborough Aerospace Centre, Farnborough, Hants, GU14 6YU, UK
Registered in England & Wales No: 1996687
-----Original Message-----
From: Ulrich Herberg [mailto:ulrich@herberg.name]
Sent: 23 April 2011 11:35
To: Dearlove, Christopher (UK)
Cc: Joe Macker; MANET IETF; Thomas Heide Clausen; Ulrich Herberg
Subject: Re: [manet] WG adoption of NHDP-sec
*** WARNING ***
This message has originated outside your organisation,
either from an external partner or the Global Internet.
Keep this in mind if you answer this message.
Chris,
before I will reply to your comments, I have a general question: Do your
comments apply to packetbb-sec or to NHDP-sec? It seems to me they apply
to packetbb-sec, rather than NHDP-sec...
Ulrich
On Apr 21, 2011, at 17:17, "Dearlove, Christopher (UK)"
<Chris.Dearlove@baesystems.com> wrote:
> Brief version: I think there's a two part change that should
> be included before finishing WGLC.
>
> My apologies in advance in that should this spark a discussion,
> I'll be out of the loop for a week and a half and no able to
> contribute. (The UK is largely shutting down, we have for a
> combination of rare reasons, two four day weekends, with a
> three day gap. Many of us are taking those three days off too.)
>
> My main concern over this document is that it specifies a
> signature as the composition of a hash function and a
> cryptographic function, in that order. There are other ways
> of constructing signatures that do not correspond to such
> a decomposition.
>
> The obvious response to that is to pick a new type extension
> for such. This can't be normative text in this document, but
> I think it should be described in the applicability statement,
> which should say that this specification describes a general
> approach to signatures (much of the document, such as how to
> traety hop counts/limits is not specific to this decomposition)
> and then a specific approach to signatures, and should provide
> the comment that other mathematical forms of signature are
> possible, and should be handled by use of alternative type
> extensions. In the main body of the specification, a bit more
> clarity on what is form-specific and what is not would then
> help.
>
> This then leads to the question a to whether the form described
> should be the privileged type extension = 0 case. Actually I
> would suggest it should be type extension = 1, with 0 reserved
> for "I'm not providing any information on algorithms, this is
> defined out of band, not in each packet. The reason I suggest
> that as type 0 (and including it in this document) is that it
> puts the two lowest-overhead options together (type extension 0,
> which can be omitted, and no algorithm information).
>
> Note that for timestamp, what other type extensions may be is
> alraedy covered, but not so for signatures, and timestamp uses
> the type extension 0 for the analogous case I suggest for type
> extension 0 for signature, i.e. detertmined otherwise (should
> the phrase "administrative action" be used in both cases?)
>
> I think there should be another iteration before going to
> SECDIR and IESG, as I think it will avoid work further down the
> line, as well as being a better specification this way.
>
> --
> Christopher Dearlove
> Technology Leader, Communications Group
> Communications and Networks Capability
> BAE Systems Advanced Technology Centre
> West Hanningfield Road, Great Baddow, Chelmsford, CM2 8HN, UK
> Tel: +44 1245 242194 Fax: +44 1245 242124
>
> BAE Systems (Operations) Limited
> Registered Office: Warwick House, PO Box 87,
> Farnborough Aerospace Centre, Farnborough, Hants, GU14 6YU, UK
> Registered in England & Wales No: 1996687
>
> -----Original Message-----
> From: manet-bounces@ietf.org [mailto:manet-bounces@ietf.org] On Behalf
> Of Joe Macker
> Sent: 07 April 2011 17:17
> To: MANET IETF
> Subject: [manet] WG adoption of NHDP-sec
>
>
> *** WARNING ***
>
> This message has originated outside your organisation,
> either from an external partner or the Global Internet.
> Keep this in mind if you answer this message.
>
>
> As discussed in Prague we are presently considering adoption of NHDP
> security related document as a WG document.
>
> reference is draft-herberg-manet-nhdp-sec-01
>
> Please comment if you have an opinion.
>
> -Joe
> _______________________________________________
> manet mailing list
> manet@ietf.org
> https://www.ietf.org/mailman/listinfo/manet
>
>
> ********************************************************************
> This email and any attachments are confidential to the intended
> recipient and may also be privileged. If you are not the intended
> recipient please delete it from your system and notify the sender.
> You should not copy it or use it for any purpose nor disclose or
> distribute its contents to any other person.
> ********************************************************************
>
- [manet] WG adoption of NHDP-sec Joe Macker
- Re: [manet] WG adoption of NHDP-sec Thomas Heide Clausen
- Re: [manet] WG adoption of NHDP-sec Joe Macker
- Re: [manet] WG adoption of NHDP-sec Dearlove, Christopher (UK)
- Re: [manet] WG adoption of NHDP-sec Ulrich Herberg
- Re: [manet] WG adoption of NHDP-sec Dearlove, Christopher (UK)