[Roll] [roll] #154: draft-ietf-roll-security-threats - Add further clarification/information - Section 7
"roll issue tracker" <trac+roll@trac.tools.ietf.org> Sun, 23 February 2014 20:17 UTC
Return-Path: <trac+roll@trac.tools.ietf.org>
X-Original-To: roll@ietfa.amsl.com
Delivered-To: roll@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD7691A06FA for <roll@ietfa.amsl.com>; Sun, 23 Feb 2014 12:17:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.253
X-Spam-Level:
X-Spam-Status: No, score=0.253 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RP_MATCHES_RCVD=-0.547] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RCOI_OJUM1Mw for <roll@ietfa.amsl.com>; Sun, 23 Feb 2014 12:17:34 -0800 (PST)
Received: from grenache.tools.ietf.org (grenache.tools.ietf.org [IPv6:2a01:3f0:1:2::30]) by ietfa.amsl.com (Postfix) with ESMTP id A4CF81A06F9 for <roll@ietf.org>; Sun, 23 Feb 2014 12:17:34 -0800 (PST)
Received: from localhost ([127.0.0.1]:48971 helo=grenache.tools.ietf.org ident=www-data) by grenache.tools.ietf.org with esmtp (Exim 4.80) (envelope-from <trac+roll@trac.tools.ietf.org>) id 1WHfUN-000379-8Z; Sun, 23 Feb 2014 21:17:27 +0100
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: roll issue tracker <trac+roll@trac.tools.ietf.org>
X-Trac-Version: 0.12.3
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.12.3, by Edgewall Software
To: draft-ietf-roll-trickle-mcast@tools.ietf.org, mariainesrobles@gmail.com
X-Trac-Project: roll
Date: Sun, 23 Feb 2014 20:17:27 -0000
X-URL: http://tools.ietf.org/wg/roll/
X-Trac-Ticket-URL: http://trac.tools.ietf.org/wg/roll/trac/ticket/154
Message-ID: <067.2d07e9ce6d260fdbb979a3c0574587a5@trac.tools.ietf.org>
X-Trac-Ticket-ID: 154
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Rcpt-To: draft-ietf-roll-trickle-mcast@tools.ietf.org, mariainesrobles@gmail.com, robert.cragie@gridmerge.com, roll@ietf.org
X-SA-Exim-Mail-From: trac+roll@trac.tools.ietf.org
X-SA-Exim-Scanned: No (on grenache.tools.ietf.org); SAEximRunCond expanded to false
Resent-To: jonhui@cisco.com, richard.kelsey@silabs.com
Archived-At: http://mailarchive.ietf.org/arch/msg/roll/emKp_FUjOi4X2J1SkfIANlkdF48
Cc: roll@ietf.org
Subject: [Roll] [roll] #154: draft-ietf-roll-security-threats - Add further clarification/information - Section 7
X-BeenThere: roll@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: roll@ietf.org
List-Id: Routing Over Low power and Lossy networks <roll.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/roll>, <mailto:roll-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/roll/>
List-Post: <mailto:roll@ietf.org>
List-Help: <mailto:roll-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/roll>, <mailto:roll-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 23 Feb 2014 20:17:37 -0000
#154: draft-ietf-roll-security-threats - Add further clarification/information -
Section 7
Reported by Robert Cragie - 02/17/2014
Section 7 Confidentiality Features
The assessments and analysis in Section 5 examined all areas of
threats and attacks that could impact routing, and the
countermeasures presented in Section 6 were reached without confining
the consideration to means only available to routing. This section
puts the results into perspective and provides a framework for
addressing the derived set of security objectives that must be met by
the routing protocol(s) specified by the RPL Working Group.
<rcc>I thought the idea was there was no framework being presented in this
security threats draft? There is no RPL working group</rcc>
7.2. Integrity Features
While logging is critical, it is often impossible.
<rcc>Why is it "often impossible"? Where is the justification for such a
claim?</rcc>
Section 7.3. Availability Features
o MAY restrict neighborhood cardinality;
...
o MAY use geographic information for flow control.
<rcc>What "MAY" do all the above things? Routing? It doesn't read
correctly.</rcc>
Section 7.4. Key Management
While RPL has secure modes, but some modes are impractical without use
of public key cryptography believed to be too expensive by many. RPL
layer-3 security will often depend upon existing LLN layer-2 security
mechanisms, which provides for node authentication, but
little in the way of node authorization.
<rcc>Not necessarily - again, I do not understand why L2 security implies
"something less". If anything, L2 security is better as the integrity code
covers more of the PDU (i.e. the MAC addresses) making e.g. wormhole
attacks harder as it is harder to spoof addresses.</rcc>
--
-------------------------------------+-------------------------------------
Reporter: | Owner: draft-ietf-roll-
mariainesrobles@gmail.com | trickle-mcast@tools.ietf.org
Type: defect | Status: new
Priority: major | Milestone:
Component: security-threats | Version:
Severity: In WG Last Call | Keywords:
-------------------------------------+-------------------------------------
Ticket URL: <http://trac.tools.ietf.org/wg/roll/trac/ticket/154>
roll <http://tools.ietf.org/wg/roll/>
- [Roll] [roll] #154: draft-ietf-roll-security-thre… roll issue tracker
- Re: [Roll] [roll] #154: draft-ietf-roll-security-… roll issue tracker
- Re: [Roll] [roll] #154 (security-threats): draft-… roll issue tracker
- Re: [Roll] [roll] #154 (security-threats): draft-… roll issue tracker