Re: [manet] WG adoption of NHDP-sec
"Dearlove, Christopher (UK)" <Chris.Dearlove@baesystems.com> Tue, 03 May 2011 08:28 UTC
Return-Path: <Chris.Dearlove@baesystems.com>
X-Original-To: manet@ietfa.amsl.com
Delivered-To: manet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 96353E06F9 for <manet@ietfa.amsl.com>; Tue, 3 May 2011 01:28:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ULFzJ2rZ5pN0 for <manet@ietfa.amsl.com>; Tue, 3 May 2011 01:28:26 -0700 (PDT)
Received: from ukmta3.baesystems.com (ukmta3.baesystems.com [20.133.40.55]) by ietfa.amsl.com (Postfix) with ESMTP id 5818CE06F4 for <manet@ietf.org>; Tue, 3 May 2011 01:28:26 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.64,308,1301871600"; d="scan'208";a="131170382"
Received: from unknown (HELO baemasodc004.greenlnk.net) ([10.108.36.11]) by Baemasodc001ir.sharelnk.net with ESMTP; 03 May 2011 09:28:19 +0100
Received: from glkms1103.GREENLNK.NET (glkms1103.greenlnk.net [10.108.36.194]) by baemasodc004.greenlnk.net (Switch-3.4.3/Switch-3.4.3) with ESMTP id p438SIr3031470; Tue, 3 May 2011 09:28:19 +0100
Received: from GLKMS2100.GREENLNK.NET ([10.15.184.93]) by glkms1103.GREENLNK.NET with Microsoft SMTPSVC(6.0.3790.4675); Tue, 3 May 2011 09:28:18 +0100
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 03 May 2011 09:28:16 +0100
Message-ID: <ABE739C5ADAC9A41ACCC72DF366B719D04265164@GLKMS2100.GREENLNK.NET>
In-reply-to: <7A7D1783-E567-4970-965C-ED138BD4EF79@herberg.name>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [manet] WG adoption of NHDP-sec
Thread-Index: AcwBohHD0Y9BbPMiRym13y0oA3rbsgHyaoDA
References: <02F6C412-BA94-4319-B05B-FF0B5AD343DC@nrl.navy.mil> <ABE739C5ADAC9A41ACCC72DF366B719D042645C1@GLKMS2100.GREENLNK.NET> <7A7D1783-E567-4970-965C-ED138BD4EF79@herberg.name>
From: "Dearlove, Christopher (UK)" <Chris.Dearlove@baesystems.com>
To: Ulrich Herberg <ulrich@herberg.name>
X-OriginalArrivalTime: 03 May 2011 08:28:18.0765 (UTC) FILETIME=[0E4877D0:01CC096C]
Cc: Ulrich Herberg <ulrich.herberg@polytechnique.edu>, MANET IETF <manet@ietf.org>, Thomas Heide Clausen <thomas@thomasclausen.org>
Subject: Re: [manet] WG adoption of NHDP-sec
X-BeenThere: manet@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Mobile Ad-hoc Networks <manet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/manet>, <mailto:manet-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/manet>
List-Post: <mailto:manet@ietf.org>
List-Help: <mailto:manet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/manet>, <mailto:manet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 May 2011 08:28:27 -0000
Apologies for that, I put this together in a hurry just before leaving for a long week off, and these are, as Ulrich deduced, about packetbb-sec. I didn't get to NHDP-sec in time, though I still plan to take a look at it. -- Christopher Dearlove Technology Leader, Communications Group Communications and Networks Capability BAE Systems Advanced Technology Centre West Hanningfield Road, Great Baddow, Chelmsford, CM2 8HN, UK Tel: +44 1245 242194 Fax: +44 1245 242124 BAE Systems (Operations) Limited Registered Office: Warwick House, PO Box 87, Farnborough Aerospace Centre, Farnborough, Hants, GU14 6YU, UK Registered in England & Wales No: 1996687 -----Original Message----- From: Ulrich Herberg [mailto:ulrich@herberg.name] Sent: 23 April 2011 11:35 To: Dearlove, Christopher (UK) Cc: Joe Macker; MANET IETF; Thomas Heide Clausen; Ulrich Herberg Subject: Re: [manet] WG adoption of NHDP-sec *** WARNING *** This message has originated outside your organisation, either from an external partner or the Global Internet. Keep this in mind if you answer this message. Chris, before I will reply to your comments, I have a general question: Do your comments apply to packetbb-sec or to NHDP-sec? It seems to me they apply to packetbb-sec, rather than NHDP-sec... Ulrich On Apr 21, 2011, at 17:17, "Dearlove, Christopher (UK)" <Chris.Dearlove@baesystems.com> wrote: > Brief version: I think there's a two part change that should > be included before finishing WGLC. > > My apologies in advance in that should this spark a discussion, > I'll be out of the loop for a week and a half and no able to > contribute. (The UK is largely shutting down, we have for a > combination of rare reasons, two four day weekends, with a > three day gap. Many of us are taking those three days off too.) > > My main concern over this document is that it specifies a > signature as the composition of a hash function and a > cryptographic function, in that order. There are other ways > of constructing signatures that do not correspond to such > a decomposition. > > The obvious response to that is to pick a new type extension > for such. This can't be normative text in this document, but > I think it should be described in the applicability statement, > which should say that this specification describes a general > approach to signatures (much of the document, such as how to > traety hop counts/limits is not specific to this decomposition) > and then a specific approach to signatures, and should provide > the comment that other mathematical forms of signature are > possible, and should be handled by use of alternative type > extensions. In the main body of the specification, a bit more > clarity on what is form-specific and what is not would then > help. > > This then leads to the question a to whether the form described > should be the privileged type extension = 0 case. Actually I > would suggest it should be type extension = 1, with 0 reserved > for "I'm not providing any information on algorithms, this is > defined out of band, not in each packet. The reason I suggest > that as type 0 (and including it in this document) is that it > puts the two lowest-overhead options together (type extension 0, > which can be omitted, and no algorithm information). > > Note that for timestamp, what other type extensions may be is > alraedy covered, but not so for signatures, and timestamp uses > the type extension 0 for the analogous case I suggest for type > extension 0 for signature, i.e. detertmined otherwise (should > the phrase "administrative action" be used in both cases?) > > I think there should be another iteration before going to > SECDIR and IESG, as I think it will avoid work further down the > line, as well as being a better specification this way. > > -- > Christopher Dearlove > Technology Leader, Communications Group > Communications and Networks Capability > BAE Systems Advanced Technology Centre > West Hanningfield Road, Great Baddow, Chelmsford, CM2 8HN, UK > Tel: +44 1245 242194 Fax: +44 1245 242124 > > BAE Systems (Operations) Limited > Registered Office: Warwick House, PO Box 87, > Farnborough Aerospace Centre, Farnborough, Hants, GU14 6YU, UK > Registered in England & Wales No: 1996687 > > -----Original Message----- > From: manet-bounces@ietf.org [mailto:manet-bounces@ietf.org] On Behalf > Of Joe Macker > Sent: 07 April 2011 17:17 > To: MANET IETF > Subject: [manet] WG adoption of NHDP-sec > > > *** WARNING *** > > This message has originated outside your organisation, > either from an external partner or the Global Internet. > Keep this in mind if you answer this message. > > > As discussed in Prague we are presently considering adoption of NHDP > security related document as a WG document. > > reference is draft-herberg-manet-nhdp-sec-01 > > Please comment if you have an opinion. > > -Joe > _______________________________________________ > manet mailing list > manet@ietf.org > https://www.ietf.org/mailman/listinfo/manet > > > ******************************************************************** > This email and any attachments are confidential to the intended > recipient and may also be privileged. If you are not the intended > recipient please delete it from your system and notify the sender. > You should not copy it or use it for any purpose nor disclose or > distribute its contents to any other person. > ******************************************************************** >
- [manet] WG adoption of NHDP-sec Joe Macker
- Re: [manet] WG adoption of NHDP-sec Thomas Heide Clausen
- Re: [manet] WG adoption of NHDP-sec Joe Macker
- Re: [manet] WG adoption of NHDP-sec Dearlove, Christopher (UK)
- Re: [manet] WG adoption of NHDP-sec Ulrich Herberg
- Re: [manet] WG adoption of NHDP-sec Dearlove, Christopher (UK)