Re: [Roll] security for multi-link subnets

Ulrich Herberg <ulrich@herberg.name> Tue, 12 March 2013 18:31 UTC

Return-Path: <ulrich@herberg.name>
X-Original-To: roll@ietfa.amsl.com
Delivered-To: roll@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CCF9311E8164 for <roll@ietfa.amsl.com>; Tue, 12 Mar 2013 11:31:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.977
X-Spam-Level:
X-Spam-Status: No, score=-2.977 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qT8-Rpgez2xB for <roll@ietfa.amsl.com>; Tue, 12 Mar 2013 11:31:46 -0700 (PDT)
Received: from mail-vc0-f175.google.com (mail-vc0-f175.google.com [209.85.220.175]) by ietfa.amsl.com (Postfix) with ESMTP id A65E411E8165 for <roll@ietf.org>; Tue, 12 Mar 2013 11:31:45 -0700 (PDT)
Received: by mail-vc0-f175.google.com with SMTP id p1so80593vcq.6 for <roll@ietf.org>; Tue, 12 Mar 2013 11:31:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herberg.name; s=dkim; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=3QDnNIGtnL7IyVT4Gy42llRn27yRE/3V0bWL7fcyi7w=; b=Gun6wHuC6D5RkcF5MNyqhnQ1Xl62IAurV6crJ7lV3jYKthD1GBy/k+hALFQ/JaFY9C nwlZ5y4Tbz6epqKAXFwHFj7gHE53VYqPeZF7i69kNEsQRx+mdntJBI1xyIkjbqaHQX0r yfY1mTvUNtjxYTCgxIgooa+FOKdgZbUYDegP0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type:x-gm-message-state; bh=3QDnNIGtnL7IyVT4Gy42llRn27yRE/3V0bWL7fcyi7w=; b=SbokIpcD3jmkw2RIZzL5B3TsH/h8BWsIHa+VA7ayOPt38GqDoAegIhLRZwB7O6WsEz Y2uVoBlSogdg9GPYbhmVfaOYgTKR5OLQGqNJn3+wNpvw6fNYcUkoBx/6FYyBhA+le6/s WPd+u4gImxS92NatSCyGJ5Xcscnnyoit74fYN9607qwPMOBF+GMiYNeIb0135A1lwjxn 8AYBytxwjHCPvvfEaUtWXrecfZCuhcPIKR8gYYgCNi8FwsNCfK3ljrmOhgSQcW70sZbh aKxPjDJQPrLVfwsEW6iCnJNwAZaPtQsFtJV6XybYqseLdMU1mND9QsHw93UIZYqrLg8E 3CQA==
MIME-Version: 1.0
X-Received: by 10.52.29.136 with SMTP id k8mr6015520vdh.40.1363113105105; Tue, 12 Mar 2013 11:31:45 -0700 (PDT)
Received: by 10.220.106.202 with HTTP; Tue, 12 Mar 2013 11:31:44 -0700 (PDT)
In-Reply-To: <12252.1363112423@sandelman.ca>
References: <12252.1363112423@sandelman.ca>
Date: Tue, 12 Mar 2013 14:31:44 -0400
Message-ID: <CAK=bVC9YV3nEtGe1LTUkg3AztiKG6dCJe8Bd4L-UkKLeuj1urg@mail.gmail.com>
From: Ulrich Herberg <ulrich@herberg.name>
To: Michael Richardson <mcr+ietf@sandelman.ca>
Content-Type: text/plain; charset=ISO-8859-1
X-Gm-Message-State: ALoCoQkqHH9ulT4/ZgU3IvigPpmSv6+kRQ9+I+hvq+FwzLeQZ2mLAgmUiaN1iywbp6forGIgeRwS
Cc: roll@ietf.org, Ted Lemon <mellon@fugue.com>, saag@ietf.org, Ralph Droms <rdroms@cisco.com>
Subject: Re: [Roll] security for multi-link subnets
X-BeenThere: roll@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Routing Over Low power and Lossy networks <roll.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/roll>, <mailto:roll-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/roll>
List-Post: <mailto:roll@ietf.org>
List-Help: <mailto:roll-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/roll>, <mailto:roll-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Mar 2013 18:31:47 -0000

Michael,

I think it is also worth mentioning RFC4903, in particular:

"A multi-link subnet model should be avoided.  IETF working groups
   using, or considering using, multi-link subnets today should
   investigate moving to one of the other models."

Have the issues mentioned in RFC4903 been sufficiently addressed?

Best regards
Ulrich

On Tue, Mar 12, 2013 at 2:20 PM, Michael Richardson
<mcr+ietf@sandelman.ca>; wrote:
>
> It was pointed out in a private discussion that the inclusion of
> security parameters in the ROLL applicability statements might be
> surprising to some.  For those who want a quick look:
>   http://datatracker.ietf.org/doc/draft-ietf-roll-applicability-template/
>   http://datatracker.ietf.org/doc/draft-ietf-roll-rpl-industrial-applicability/
>   http://datatracker.ietf.org/doc/draft-brandt-roll-rpl-applicability-home-building/
>
> Specifically, people wouldn't not normally think to look at
> applicability statements for a routing protocol to see that it is
> specifying not just security parameters for the routing protocol
> itself, but in some cases, requirements on access to the LLN as well.
>
> I agreed that perhaps this needed additional socialization, which I'm
> trying to do with this email.
>
> Some of my logic of what we are doing is that by (securely) assembling
> a bunch of links into a multi-link subnet, that in effect the ROLL
> applicability statements are in effect a kind of IP-over-FOO document.
>
> To parallel it to other IP-over-FOO documents better, they often specify
> things like how to encapsulate, and how to do address resolution on the
> subnet.
>
> RPL LLNs do not use stock-ND/ARP (which normally would be specified in an
> IP-over-FOO document), but rather use the RPL messages to discover other
> nodes on the subnet.     I have asked that the applicability statements
> be clear about if they use RFC6775 (6lowpan-ND), and if so, how.
>
> It was suggested really, we never did that before: specify security of
> the network in IP-over-FOO documents.  Well, that's true, because we
> never did a an IP-over-802.11, because it was ethernet.
>
> When WIFI's various incarnations happened (remember borrowing 2Mb/s *FH*
> wireless PCICIA cards back at IETF46?), they tried hard to make it look
> like ethernet, with ethernet-like physical security (WEP == "Wired Equivalent
> Privacy").  It's too bad that we didn't get more involved at the time,
> in the end, we did EAP and keyprov in great part to get that part done
> right.  I still think that the 802.11 security is largely a disaster.
>
> It is possible that the problem is the word "applicability", and perhaps
> we should have a different term.  I would welcome discussion here, or
> even just +1 that this is the right approach.
>
>
>
>
> --
> Michael Richardson <mcr+IETF@sandelman.ca>;, Sandelman Software Works
> IETF ROLL WG co-chair.    http://datatracker.ietf.org/wg/roll/charter/
>
>
> _______________________________________________
> Roll mailing list
> Roll@ietf.org
> https://www.ietf.org/mailman/listinfo/roll
>