Re: [Roll] [roll] #144 (applicability-home-building): Missing discussion of link encryption and group keys

"roll issue tracker" <trac+roll@trac.tools.ietf.org> Wed, 23 April 2014 03:13 UTC

Return-Path: <trac+roll@trac.tools.ietf.org>
X-Original-To: roll@ietfa.amsl.com
Delivered-To: roll@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE9431A02CC for <roll@ietfa.amsl.com>; Tue, 22 Apr 2014 20:13:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.172
X-Spam-Level:
X-Spam-Status: No, score=-2.172 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.272] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WJO6KYs-atU5 for <roll@ietfa.amsl.com>; Tue, 22 Apr 2014 20:13:49 -0700 (PDT)
Received: from grenache.tools.ietf.org (grenache.tools.ietf.org [IPv6:2a01:3f0:1:2::30]) by ietfa.amsl.com (Postfix) with ESMTP id 385271A000C for <roll@ietf.org>; Tue, 22 Apr 2014 20:13:49 -0700 (PDT)
Received: from localhost ([127.0.0.1]:44066 helo=grenache.tools.ietf.org ident=www-data) by grenache.tools.ietf.org with esmtp (Exim 4.80) (envelope-from <trac+roll@trac.tools.ietf.org>) id 1Wcncp-0002si-SL; Wed, 23 Apr 2014 05:13:33 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: "roll issue tracker" <trac+roll@trac.tools.ietf.org>
X-Trac-Version: 0.12.3
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.12.3, by Edgewall Software
To: draft-ietf-roll-applicability-home-building@tools.ietf.org, mariainesrobles@gmail.com
X-Trac-Project: roll
Date: Wed, 23 Apr 2014 03:13:31 -0000
X-URL: http://tools.ietf.org/wg/roll/
X-Trac-Ticket-URL: http://trac.tools.ietf.org/wg/roll/trac/ticket/144#comment:2
Message-ID: <086.8f390b0fa9965d81f2652a4f0acd22a5@trac.tools.ietf.org>
References: <071.aa142153295054714a8b618b84a00f2b@trac.tools.ietf.org>
X-Trac-Ticket-ID: 144
In-Reply-To: <071.aa142153295054714a8b618b84a00f2b@trac.tools.ietf.org>
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Rcpt-To: draft-ietf-roll-applicability-home-building@tools.ietf.org, mariainesrobles@gmail.com, roll@ietf.org
X-SA-Exim-Mail-From: trac+roll@trac.tools.ietf.org
X-SA-Exim-Scanned: No (on grenache.tools.ietf.org); SAEximRunCond expanded to false
Resent-To: abr@sdesigns.dk, consultancy@vanderstok.org, emmanuel.baccelli@inria.fr, robert.cragie@gridmerge.com
Archived-At: http://mailarchive.ietf.org/arch/msg/roll/6UEJvjFpo_mVPX8A_dHB9W1LzUY
Cc: roll@ietf.org
Subject: Re: [Roll] [roll] #144 (applicability-home-building): Missing discussion of link encryption and group keys
X-BeenThere: roll@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: roll@ietf.org
List-Id: Routing Over Low power and Lossy networks <roll.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/roll>, <mailto:roll-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/roll/>
List-Post: <mailto:roll@ietf.org>
List-Help: <mailto:roll-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/roll>, <mailto:roll-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Apr 2014 03:13:52 -0000

#144: Missing discussion of link encryption and group keys


Comment (by mariainesrobles@gmail.com):

 Catherine Meadows comment - 04/22/2014

 "My comment had been that a comparison of link and group key encryption
 was needed.  It looks like
 what you have instead is a summary of the recommended practice for
 wireless/mesh networks, which is to
 use link encryption in which all links are encrypted with the same key,
 which is also used for authentication,
 so that unauthorized nodes can’t join the network, with reference to the
 appropriate RFC’s.  That is fine.

 I had another comment about the danger of having critical components (e.g.
 burglar alarms) sharing keys with non-critical and
 easily misplaced components (such as remotes).  But that is really
 irrelevant to whether you are using link encryption or group keys.  It
 would be better in such a situation to have the two components on separate
 networks.  This is now touched upon in the Deployment Scenario
 Section (last paragraph before 2.1), so I don’t see any reason to bring it
 up here.  However, you might want to mention in the last paragraph
 before 2.1 that having non-critical functions such as gaming on a separate
 network from the control is also a good idea from the point of view
 of security and reliability of the control network.

 Nits:

 Section 6.1

 Wireless networks are typically secured at the link-layer to prevent
    unauthorized parties to access

 should be

 Wireless networks are typically secured at the link-layer in order to
 prevent
    unauthorized parties from accessing"

-- 
-------------------------------------+-------------------------------------
 Reporter:                           |       Owner:  draft-ietf-roll-
  yvonneanne.pignolet@gmail.com      |  applicability-home-
     Type:  defect                   |  building@tools.ietf.org
 Priority:  major                    |      Status:  new
Component:  applicability-home-      |   Milestone:
  building                           |     Version:
 Severity:  Active WG Document       |  Resolution:
 Keywords:  Security Review          |
-------------------------------------+-------------------------------------

Ticket URL: <http://trac.tools.ietf.org/wg/roll/trac/ticket/144#comment:2>
roll <http://tools.ietf.org/wg/roll/>