[Roll] [roll] #160 (security-threats): draft-ietf-roll-security-threats-07--Nits to fix

"roll issue tracker" <trac+roll@trac.tools.ietf.org> Mon, 14 July 2014 11:02 UTC

Return-Path: <trac+roll@trac.tools.ietf.org>
X-Original-To: roll@ietfa.amsl.com
Delivered-To: roll@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0FC21A03AB for <roll@ietfa.amsl.com>; Mon, 14 Jul 2014 04:02:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.551
X-Spam-Level:
X-Spam-Status: No, score=-2.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.651] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rGPrRUtx4Ssg for <roll@ietfa.amsl.com>; Mon, 14 Jul 2014 04:02:34 -0700 (PDT)
Received: from zinfandel.tools.ietf.org (zinfandel.tools.ietf.org [IPv6:2001:1890:123a::1:2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DD2811A03A9 for <roll@ietf.org>; Mon, 14 Jul 2014 04:02:34 -0700 (PDT)
Received: from localhost ([::1]:42949 helo=zinfandel.tools.ietf.org) by zinfandel.tools.ietf.org with esmtp (Exim 4.82_1-5b7a7c0-XX) (envelope-from <trac+roll@trac.tools.ietf.org>) id 1X6e1b-0006TH-Nu; Mon, 14 Jul 2014 04:02:27 -0700
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: "roll issue tracker" <trac+roll@trac.tools.ietf.org>
X-Trac-Version: 0.12.3
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.12.3, by Edgewall Software
To: mcr+ietf@sandelman.ca, mariainesrobles@gmail.com
X-Trac-Project: roll
Date: Mon, 14 Jul 2014 11:02:27 -0000
X-URL: http://tools.ietf.org/wg/roll/
X-Trac-Ticket-URL: http://trac.tools.ietf.org/wg/roll/trac/ticket/160
Message-ID: <067.c837f6a66878301368eb32307147f5d6@trac.tools.ietf.org>
X-Trac-Ticket-ID: 160
X-SA-Exim-Connect-IP: ::1
X-SA-Exim-Rcpt-To: mcr+ietf@sandelman.ca, mariainesrobles@gmail.com, robert.cragie@gridmerge.com, roll@ietf.org
X-SA-Exim-Mail-From: trac+roll@trac.tools.ietf.org
X-SA-Exim-Scanned: No (on zinfandel.tools.ietf.org); SAEximRunCond expanded to false
Archived-At: http://mailarchive.ietf.org/arch/msg/roll/SEtBwU-CeqUsx-8JaOmoDTMAqr8
Cc: roll@ietf.org
Subject: [Roll] [roll] #160 (security-threats): draft-ietf-roll-security-threats-07--Nits to fix
X-BeenThere: roll@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: roll@ietf.org
List-Id: Routing Over Low power and Lossy networks <roll.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/roll>, <mailto:roll-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/roll/>
List-Post: <mailto:roll@ietf.org>
List-Help: <mailto:roll-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/roll>, <mailto:roll-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Jul 2014 11:02:36 -0000

#160: draft-ietf-roll-security-threats-07--Nits to fix

 Robert Cragie on 2014-07-14 wrote:

 "Just a few comments remaining (mostly nits):

 Section 4.2: "applied to RPL; in particular" -> "applied to RPL in
 particular"
 Section 4.2: "In the context of RPL" -> "In the context of RPL:"
 Section 6.1: "An attacker can assert an arbitrary identity," -> "An
 attacker that can assert an arbitrary identity,". I actually think the
 whole sentence is unnecessary.
 Section 6.1.3: "join a network with any identify" -> "join a network using
 any identity"
 Section 6.1.3: "battery, ram, bandwidth" -> "battery, RAM, bandwidth"
 Section 6.2: "This threat results" -> "These attacks may result"
 "Figure 4: sinkhole attack" -> "Figure 4: Sinkhole attack"
 Section 7.1.2: "well-equiped" -> "well-equipped"
 Section 7.1.2 "particularly vulnerable to passive (and active) attacks
 through compromises of nodes" -> "vulnerable to passive (and active)
 routing attacks through compromises of nodes (see Section 8.2)." Slight
 modification and add reference.
 Section 8: "endemnic to this field" -> "endemic in this field"
 Section 8: General comment - much tidier, good job!
 Section 8.2: "However, some RPL messages are broadcast, and even when per-
 node layer-2 security mechanisms are used, the integrity and origin
 authentication of broadcast messages can not be as securely known". How so
 - due to using a group/network wide key? If so, maybe state that.
 Suggested change: "However, some RPL messages are broadcast and even when
 per-node layer-2 security mechanisms are used, the integrity and origin
 authentication of broadcast messages cannot be as trusted due to the
 proliferation of the key used to secure them."
 Section 8.2:
 "RPL has two specific messages which are broadcast: the DODAG Information
 Object (DIO), and the DODAG Information Solicitation (DIS).  The purpose
 of the DIS is to cause potential parents to reply with a DIO, so the
 integrity of the DIS is not of great concern.  The DIS may also be
 unicast"

 These are not actually messages; there is only one RPL Control Message.
 Therefore need to rephrase:

 "RPL has two specific options which are present in broadcast RPL Control
 Messages: the DODAG Information Object (DIO), and the DODAG Information
 Solicitation (DIS).  The purpose of the DIS is to cause potential parents
 to reply with an RPL Control Message containing a DIO, so the integrity of
 the DIS is not of great concern.  The DIS may also be unicast"

 "RPL provides for assymetric authentication at layer-3 of the DIO, and
 this may be waranteed in some deployments." -> "RPL provides for
 asymmetric authentication at layer 3 of the RPL Control Message carrying
 the DIO and this may be warranted in some deployments."

 Section 8.3 still doesn't read right.

 Section 11: "Robert Craigie" -> "Robert Cragie" :-) "

-- 
---------------------------------------+-----------------------------------
 Reporter:  mariainesrobles@gmail.com  |      Owner:  mcr+ietf@sandelman.ca
     Type:  defect                     |     Status:  new
 Priority:  minor                      |  Milestone:
Component:  security-threats           |    Version:
 Severity:  Active WG Document         |   Keywords:
---------------------------------------+-----------------------------------

Ticket URL: <http://trac.tools.ietf.org/wg/roll/trac/ticket/160>
roll <http://tools.ietf.org/wg/roll/>