[Roll] [roll] #142: Clarification of secure key distribution
"roll issue tracker" <trac+roll@trac.tools.ietf.org> Wed, 08 January 2014 15:52 UTC
Return-Path: <trac+roll@trac.tools.ietf.org>
X-Original-To: roll@ietfa.amsl.com
Delivered-To: roll@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A9261ADF35 for <roll@ietfa.amsl.com>; Wed, 8 Jan 2014 07:52:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.438
X-Spam-Level:
X-Spam-Status: No, score=-2.438 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.538] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qNVaDeo5P7Cj for <roll@ietfa.amsl.com>; Wed, 8 Jan 2014 07:52:41 -0800 (PST)
Received: from grenache.tools.ietf.org (grenache.tools.ietf.org [IPv6:2a01:3f0:1:2::30]) by ietfa.amsl.com (Postfix) with ESMTP id A01571AD627 for <roll@ietf.org>; Wed, 8 Jan 2014 07:52:41 -0800 (PST)
Received: from localhost ([127.0.0.1]:48941 helo=grenache.tools.ietf.org ident=www-data) by grenache.tools.ietf.org with esmtp (Exim 4.80) (envelope-from <trac+roll@trac.tools.ietf.org>) id 1W0vQZ-0007Q8-2J; Wed, 08 Jan 2014 16:52:19 +0100
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: roll issue tracker <trac+roll@trac.tools.ietf.org>
X-Trac-Version: 0.12.3
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.12.3, by Edgewall Software
To: draft-ietf-roll-applicability-home-building@tools.ietf.org, yvonneanne.pignolet@gmail.com
X-Trac-Project: roll
Date: Wed, 08 Jan 2014 15:52:18 -0000
X-URL: http://tools.ietf.org/wg/roll/
X-Trac-Ticket-URL: http://trac.tools.ietf.org/wg/roll/trac/ticket/142
Message-ID: <071.83a629a0f47b2e8cb70a862eb5b7f060@trac.tools.ietf.org>
X-Trac-Ticket-ID: 142
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Rcpt-To: draft-ietf-roll-applicability-home-building@tools.ietf.org, yvonneanne.pignolet@gmail.com, roll@ietf.org
X-SA-Exim-Mail-From: trac+roll@trac.tools.ietf.org
X-SA-Exim-Scanned: No (on grenache.tools.ietf.org); SAEximRunCond expanded to false
Resent-To: abr@sdesigns.dk, consultancy@vanderstok.org, emmanuel.baccelli@inria.fr, robert.cragie@gridmerge.com
Cc: roll@ietf.org
Subject: [Roll] [roll] #142: Clarification of secure key distribution
X-BeenThere: roll@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: roll@ietf.org
List-Id: Routing Over Low power and Lossy networks <roll.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/roll>, <mailto:roll-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/roll/>
List-Post: <mailto:roll@ietf.org>
List-Help: <mailto:roll-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/roll>, <mailto:roll-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jan 2014 15:52:43 -0000
#142: Clarification of secure key distribution This document includes a section on Security Considerations for distribution of certificates required by RPL. It explains that for RPL the credential is a shared key, and then goes on to say: "Therefore, there MUST be a mechanism in place which allows secure distribution of a shared key and configuration of network identity. Both MAY be done using (i) pre-installation using an out-of-band method, (ii) delivered securely when a device is introduced into the network or (iii) delivered securely by a trusted neighboring device. The shared key MUST be stored in a secure fashion which makes it difficult to be read by an unauthorized party. An example of a method whereby this can be achieved is detailed in [SmartObj]" The wording of this paragraph is not always clear: 1. “this” in the last sentence can refer to the storage of a key in a secure fashion, and leave the reader wondering why there are no references to means of achieving secure key distribution. SmartOb reference is actually such a reference. This should be made more clear, e.g. "An example of a method whereby this secure key distribution can be achieved in detailed in [SmartObj]." 2. Also, it would be good to be more specific about what is meant by “securely” here. For example, writing if the key must be authenticated and kept secret between its intended users, must not be repeated (replay protection), etc. -- -------------------------------------+------------------------------------- Reporter: | Owner: draft-ietf-roll- yvonneanne.pignolet@gmail.com | applicability-home- Type: defect | building@tools.ietf.org Priority: minor | Status: new Component: applicability-home- | Milestone: building | Version: Severity: Active WG Document | Keywords: -------------------------------------+------------------------------------- Ticket URL: <http://trac.tools.ietf.org/wg/roll/trac/ticket/142> roll <http://tools.ietf.org/wg/roll/>
- [Roll] [roll] #142: Clarification of secure key d… roll issue tracker
- Re: [Roll] [roll] #142: Clarification of secure k… roll issue tracker
- Re: [Roll] [roll] #142 (applicability-home-buildi… roll issue tracker
- Re: [Roll] [roll] #142 (applicability-home-buildi… roll issue tracker
- Re: [Roll] [roll] #142 (applicability-home-buildi… roll issue tracker
- Re: [Roll] [roll] #142 (applicability-home-buildi… roll issue tracker