Re: [Roll] Stephen Farrell's Discuss on draft-ietf-roll-applicability-home-building-11: (with DISCUSS and COMMENT)

Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 15 July 2015 09:52 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: roll@ietfa.amsl.com
Delivered-To: roll@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C92E1A0248; Wed, 15 Jul 2015 02:52:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Level:
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a7TSm_xjtaiB; Wed, 15 Jul 2015 02:51:58 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F23DF1A017F; Wed, 15 Jul 2015 02:51:57 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id EF843BE32; Wed, 15 Jul 2015 10:51:55 +0100 (IST)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3scune8pw-rz; Wed, 15 Jul 2015 10:51:55 +0100 (IST)
Received: from [134.226.36.180] (stephen-think.dsg.cs.tcd.ie [134.226.36.180]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id A3304BDF9; Wed, 15 Jul 2015 10:51:55 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1436953915; bh=/TW20FV48PbVGZOlIwKBmPc3KSPlNioYfHLS35koJe0=; h=Date:From:To:CC:Subject:References:In-Reply-To:From; b=ESVXvGk9GPwatXnUqLyQVM2q79TUKkVq9iRkyEwyz1gA8xDIzJzegk+4ISVLZEIRU D8N2Y/K7Fee76KPuOFZcpB92azBn8zjAKHEBxGDOIhPrW0zXtuH9LHP+RRGIbMokxo LxZXSTlT0FSq6d3OOZmKns4bOjpPh6kUwzJ6/s1g=
Message-ID: <55A62D3B.7070002@cs.tcd.ie>
Date: Wed, 15 Jul 2015 10:51:55 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: robert.cragie@gridmerge.com
References: <20150713215425.24718.94967.idtracker@ietfa.amsl.com> <CADrU+dK0tx-QGersyDUBTuOxOWF1kZgfTxx8AqMC_AY_c4r4bQ@mail.gmail.com> <55A58EF4.9020700@cs.tcd.ie> <CADrU+dLnz0X+wz5LBDpQN+T6wJyA=zEHegYdJ4aBTUbmuOFioA@mail.gmail.com>
In-Reply-To: <CADrU+dLnz0X+wz5LBDpQN+T6wJyA=zEHegYdJ4aBTUbmuOFioA@mail.gmail.com>
OpenPGP: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/roll/J56qVbw6bQbcUwDw2o_PApJM5uE>
Cc: roll-chairs@ietf.org, Routing Over Low power and Lossy networks <roll@ietf.org>, draft-ietf-roll-applicability-home-building.ad@ietf.org, draft-ietf-roll-applicability-home-building@ietf.org, draft-ietf-roll-applicability-home-building.shepherd@ietf.org, Yvonne-Anne Pignolet <yvonneanne.pignolet@gmail.com>, The IESG <iesg@ietf.org>
Subject: Re: [Roll] Stephen Farrell's Discuss on draft-ietf-roll-applicability-home-building-11: (with DISCUSS and COMMENT)
X-BeenThere: roll@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: Routing Over Low power and Lossy networks <roll@ietf.org>
List-Id: Routing Over Low power and Lossy networks <roll.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/roll>, <mailto:roll-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/roll/>
List-Post: <mailto:roll@ietf.org>
List-Help: <mailto:roll-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/roll>, <mailto:roll-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jul 2015 09:52:03 -0000

Hiya,

On 15/07/15 10:23, Robert Cragie wrote:
> On 14 Jul 2015 23:36, "Stephen Farrell" <stephen.farrell@cs.tcd.ie>; wrote:
> 
> Hi Stephen,
> 
> The text before 4.1.8.2 doesn't imply that some nodes are not using
> security, it only implies that symmetric key scope used by nodes may be
> less than the whole network. 

Well, I'm still not getting it sorry;-) Unless you mean that
the n/w might accept/use >1 group symmetric key? If that's it
then just saying it that way would be good.

> I will add clarification regarding this point.

Grand - I'm sure clarification is all that's needed.

Cheers,
S.

> 
> Robert
> 
>>
>> Hiya,
>>
>> On 14/07/15 23:17, Robert Cragie wrote:
>>> Hi Stephen,
>>>
>>> Thanks for your further review. Answers and comments inline, bracketed by
>>> <RCC></RCC>
>>>
>>> Robert
>>>
>>> 1) This could be my ignorance of zigbee, but how can we
>>>> use layer 2 security for only some network nodes?  (In
>>>> other words, I don't see how 4.1.8.2 works.)
>>>>
>>>
>>> <RCC>All network nodes use L2 security once they have joined the network.
>>> Prior to that, they communicate using an authentication protocol which is
>>> unsecured at L2. Enforcement points police unsecured traffic to ensure it
>>> is only related to authentication, thus preventing data or other control
>>> plane traffic unsecured at L2 from being allowed into the network. So, to
>>> your point, the only traffic allowed unsecured at L2 is authentication
>>> traffic and those nodes are not yet participating in the network.</RCC>
>>
>> Right, that's what I thought. So I can't see how the text that
>> implies that only a subset of nodes on the network are using l2
>> security works which seems to be implied by the bullet just
>> before the start of 4.1.8.2.
>>
>> [snip]
> 
> 
>>
>>
>