[Roll] [roll] #161 (security-threats): AD review
"roll issue tracker" <trac+roll@trac.tools.ietf.org> Wed, 13 August 2014 23:16 UTC
Return-Path: <trac+roll@trac.tools.ietf.org>
X-Original-To: roll@ietfa.amsl.com
Delivered-To: roll@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 938781A0394 for <roll@ietfa.amsl.com>; Wed, 13 Aug 2014 16:16:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.093
X-Spam-Level:
X-Spam-Status: No, score=-0.093 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.668, URI_OBFU_WWW=2.475] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NN2ancU3me_U for <roll@ietfa.amsl.com>; Wed, 13 Aug 2014 16:16:47 -0700 (PDT)
Received: from zinfandel.tools.ietf.org (zinfandel.tools.ietf.org [IPv6:2001:1890:123a::1:2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 252711A0379 for <roll@ietf.org>; Wed, 13 Aug 2014 16:16:47 -0700 (PDT)
Received: from localhost ([::1]:37916 helo=zinfandel.tools.ietf.org) by zinfandel.tools.ietf.org with esmtp (Exim 4.82_1-5b7a7c0-XX) (envelope-from <trac+roll@trac.tools.ietf.org>) id 1XHhmD-0007MZ-Pj; Wed, 13 Aug 2014 16:16:17 -0700
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: roll issue tracker <trac+roll@trac.tools.ietf.org>
X-Trac-Version: 0.12.3
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.12.3, by Edgewall Software
To: draft-ietf-roll-security-threats@tools.ietf.org, mcr@sandelman.ca
X-Trac-Project: roll
Date: Wed, 13 Aug 2014 23:16:17 -0000
X-URL: http://tools.ietf.org/wg/roll/
X-Trac-Ticket-URL: http://trac.tools.ietf.org/wg/roll/trac/ticket/161
Message-ID: <058.7be8c643f06932abb6e79142aa12d356@trac.tools.ietf.org>
X-Trac-Ticket-ID: 161
X-SA-Exim-Connect-IP: ::1
X-SA-Exim-Rcpt-To: draft-ietf-roll-security-threats@tools.ietf.org, mcr@sandelman.ca, roll@ietf.org
X-SA-Exim-Mail-From: trac+roll@trac.tools.ietf.org
X-SA-Exim-Scanned: No (on zinfandel.tools.ietf.org); SAEximRunCond expanded to false
Resent-To: angel.lozano@upf.edu, mcr+ietf@sandelman.ca, mischa.dohler@cttc.es, roger.alexander@cooperindustries.com, tzeta.tsao@cooperindustries.com, vanesa.daza@upf.edu
Archived-At: http://mailarchive.ietf.org/arch/msg/roll/b38BURxrXU3TTlLxw-f8GEPv8QM
Cc: roll@ietf.org
Subject: [Roll] [roll] #161 (security-threats): AD review
X-BeenThere: roll@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: roll@ietf.org
List-Id: Routing Over Low power and Lossy networks <roll.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/roll>, <mailto:roll-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/roll/>
List-Post: <mailto:roll@ietf.org>
List-Help: <mailto:roll-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/roll>, <mailto:roll-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Aug 2014 23:16:48 -0000
#161: AD review {{{ Return-Path: <draft-alias-bounces@tools.ietf.org> Received: from tuna.sandelman.ca [2607:f0b0:f:3:216:3eff:fe7c:d1f3] by obiwan.sandelman.ca with IMAP (fetchmail-6.3.21) for <mcr@sandelman.ca> (single-drop); Fri, 08 Aug 2014 16:30:03 -0400 (EDT) Received: from tuna.sandelman.ca ([unix socket]) by tuna (Cyrus v2.4.16-Debian-2.4.16-4+deb7u1) with LMTPA; Fri, 08 Aug 2014 13:03:30 -0400 X-Sieve: CMU Sieve 2.4 Received: from colo4.roaringpenguin.com (colo4.roaringpenguin.com [174.142.115.36]) by tuna.sandelman.ca (Postfix) with ESMTPS id AC73120028 for <mcr+ietf@sandelman.ca>; Fri, 8 Aug 2014 13:03:30 -0400 (EDT) Received: from zinfandel.tools.ietf.org (zinfandel.tools.ietf.org [64.170.98.42]) by colo4.roaringpenguin.com (8.14.3/8.14.3/Debian-9.4) with ESMTP id s78H0odl032055 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT) for <mcr+ietf@sandelman.ca>; Fri, 8 Aug 2014 13:00:52 -0400 Resent-Date: Fri, 8 Aug 2014 13:00:52 -0400 Resent-From: draft-alias-bounces@tools.ietf.org Resent-Message-Id: <201408081700.s78H0odl032055@colo4.roaringpenguin.com> Received: from asmtp2.iomartmail.com ([62.128.201.249]:59423) by zinfandel.tools.ietf.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.82_1-5b7a7c0-XX) (envelope-from <adrian@olddog.co.uk>) id 1XFnX2-0007W6-Bm for draft-ietf-roll-security-threats@tools.ietf.org; Fri, 08 Aug 2014 10:00:46 -0700 Received: from asmtp2.iomartmail.com (localhost.localdomain [127.0.0.1]) by asmtp2.iomartmail.com (8.13.8/8.13.8) with ESMTP id s78H0Xht019353; Fri, 8 Aug 2014 18:00:33 +0100 Received: from 950129200 (dsl-sp-81-140-15-32.in-addr.broadbandscope.com [81.140.15.32]) (authenticated bits=0) by asmtp2.iomartmail.com (8.13.8/8.13.8) with ESMTP id s78H0WHH019345 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Fri, 8 Aug 2014 18:00:32 +0100 Reply-To: <adrian@olddog.co.uk> From: "Adrian Farrel" <adrian@olddog.co.uk> To: <draft-ietf-roll-security-threats@tools.ietf.org> Cc: <roll@ietf.org> Date: Fri, 8 Aug 2014 18:00:31 +0100 Message-ID: <039901cfb32a$4396fa40$cac4eec0$@olddog.co.uk> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Outlook 14.0 Thread-Index: Ac+zKjbjWAt8/OXPR76hTX4S1nHWDg== Content-Language: en-gb X-TM-AS-MML: disable X-TM-AS-Product-Ver: IMSS-7.1.0.1576-7.5.0.1018-20868.000 X-TM-AS-Result: No--10.129-10.0-31-10 X-imss-scan-details: No--10.129-10.0-31-10 X-TMASE-MatchedRID: uM/FAQ+OoQfLLefpbEkxkJmug812qIbzbv16+gil4jc3Z3efQH+wj0j8 AtVpDcmg30nY8d71auJnI/RGosR8EpVSBURTFYjQoMo9pWsaF6VlrsuS5tC+P/W2znIlYDjDRiX 6fzbAQPUvK5dSZworPLHR1wcQzR2o06P6nK44odAItCy6ZX/lLx852jgffnmI+yNYYwngrxbvv/ IA2HPk+OByqm2JX7QD3Fu/vVUHOxojc2rIhESDRt35+5/2Rxqmbb9qvlMXO4Kyd65qZFFPk2mCt i+JzZB1MzGNNFA7dQEbZLZQawUR5v3oDYuWRaGYEhGH3CRdKUUHZg6HZbmAcfgnJH5vm2+g1BoO 0FXL0sgf8ff5tbWyxfcKXYM536/nF0rpaZ47th8SuhBXNJb1dEyQ5fRSh265BMjYv8ffQVVnKwn YEuaPmLjObRk3pjhHg8SU+T+Au5YzjsQsSbMmptcd9O3aJYmbRtu4vtjjtzQJW4Re2U2py2Rkbo 3bzUFsYu0aFyYZk872vyDIp/5VLuVHGbcDbAq6OX/V8P8ail3Yr6U3ZlQkdsRB0bsfrpPIfiAqr jYtFiQXY+x/7KhI2QdJb2/QOA/yhaNhoUTlUMsjarW1v8ENY37cGd19dSFd X-SA-Exim-Connect-IP: 62.128.201.249 X-SA-Exim-Rcpt-To: draft-ietf-roll-security-threats@tools.ietf.org X-SA-Exim-Mail-From: adrian@olddog.co.uk X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on zinfandel.tools.ietf.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=3.0 tests=BAYES_00,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2 autolearn=no autolearn_force=no version=3.4.0 Subject: AD review of draft-ietf-roll-security-threats X-SA-Exim-Version: 4.2.1 (built Mon, 26 Dec 2011 16:24:06 +0000) X-SA-Exim-Scanned: Yes (on zinfandel.tools.ietf.org) Resent-To: angel.lozano@upf.edu, mcr+ietf@sandelman.ca, mischa.dohler@cttc.es, roger.alexander@cooperindustries.com, tzeta.tsao@cooperindustries.com, vanesa.daza@upf.edu List-ID: <draft-ietf-roll-security-threats@tools.ietf.org> X-Bayes-Prob: 0.0001 (Score 0, tokens from: mcr, @@RPTN) X-Spam-Score: -0.10 () [Hold at 5.10] SPF(none:0),DKIM(none:0),RBL(rp- good:-0.1) X-CanIt-Geo: ip=64.170.98.42; country=US; latitude=38.0000; longitude=-97.0000; http://maps.google.com/maps?q=38.0000,-97.0000&z=6 X-CanItPRO-Stream: sandelman-ca:mcr (inherits from sandelman-ca:default ,rp-customers:default,base:default) X-Canit-Stats-ID: 02MAh0PnT - 101c2b520d28 - 20140808 X-Antispam-Training-Forget: https://antispam.roaringpenguin.com/canit/b.php?i=02MAh0PnT&m=101c2b520d28&t=20140808&c=f X-Antispam-Training-Nonspam: https://antispam.roaringpenguin.com/canit/b.php?i=02MAh0PnT&m=101c2b520d28&t=20140808&c=n X-Antispam-Training-Spam: https://antispam.roaringpenguin.com/canit/b.php?i=02MAh0PnT&m=101c2b520d28&t=20140808&c=s X-CanIt-Archive-Cluster: irqpXI7aJGyo4Ewta7qVH399FOg X-Scanned-By: CanIt (www . roaringpenguin . com) on 174.142.115.36 Hi authors, I have conducted my usual AD review of your document having received a publication request. The purpose of the review is to make sure that the document is in the best possible shape to go through IETF last call and IESG evaluation. Thank you for taking the time and investing the effort on this important document. I find the content readable and easy to understand (thank you). I'm not a security expert, but what you have written is clear and credible. Good job! There is just a small set of editorial issues that I would like you to clean up before I run the IETF last call. I'll put the document into "Revised I-D Needed" state and wait for you to post a revision. Thanks for the work, Adrian ===- The references are a mess as indicated by idnits and the Shepherd write-up. http://www.ietf.org/tools/idnits?url=http://www.ietf.org/archive/id/draft- ietf-r oll-security-threats-08.txt The point here is that you can't just include something in the references section because you think it is a fine document or you are friends with the author :-) If a document is worth reading in the context of this I-D, then there should be a mention of it somewhere (appropriate) in the text. If there is nowhere that you find it appropriate to mention the reference, then remove it from the references section. [I-D.ietf-roll-terminology] is now RFC 7102. --- A few abbreviations are used without expansion. I found MPLS, ESSID/PAN, CCM, PANA, EAP-TLS, DODAG. --- Your one use of RFC 2119 language outside Section 8 is unnecessary. RPL uses multicast as part of it's protocol, and therefore mechanisms which RPL uses to secure this traffic MAY be applicable to MPL control traffic as well: the important part is that the threats are similiar. s/it's/its/ s/MAY/might also/ s/similiar/similar/ Furthermore, while your use of 2119 in Section 8 is fine with me, it is not in harmony with the boilerplate you have included after the Abstract. I suggest you move it to Section 3, and have it read... Although this is not a protocol specification, the key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119] in order to clarify and emphasize the guidance and directions to implementers and deployers of LLN nodes that utilize RPL. --- 4.3 is a helpful way to present things. I think that "Limited energy, memory, and processing node resources" also needs to highlight the increased susceptibility of LLN nodes to denial of service attacks since it is not only easier o swamp such nodes, but they can be exhausted to the extent that they are never able to function again! Such an attack may be mounted through the routing plane (and impact both routing and data forwarding) or through the data plane (to impact both forwarding and routing). Thus, there is also an interdependency between the two planes that may be tighter in LLNs than in other networks. }}} -- -------------------------+------------------------------------------------- Reporter: | Owner: draft-ietf-roll-security- mcr@sandelman.ca | threats@tools.ietf.org Type: enhancement | Status: new Priority: major | Milestone: milestone1 Component: security- | Version: threats | Keywords: Severity: Submitted | WG Document | -------------------------+------------------------------------------------- Ticket URL: <http://trac.tools.ietf.org/wg/roll/trac/ticket/161> roll <http://tools.ietf.org/wg/roll/>
- [Roll] [roll] #161 (security-threats): AD review roll issue tracker
- Re: [Roll] [roll] #161 (security-threats): AD rev… roll issue tracker
- Re: [Roll] [roll] #161 (security-threats): AD rev… roll issue tracker
- Re: [Roll] [roll] #161 (security-threats): AD rev… roll issue tracker
- Re: [Roll] [roll] #161 (security-threats): AD rev… roll issue tracker
- Re: [Roll] [roll] #161 (security-threats): AD rev… roll issue tracker