[Roll] [roll] #154: draft-ietf-roll-security-threats - Add further clarification/information - Section 7
"roll issue tracker" <trac+roll@trac.tools.ietf.org> Sun, 23 February 2014 20:17 UTC
Return-Path: <trac+roll@trac.tools.ietf.org>
X-Original-To: roll@ietfa.amsl.com
Delivered-To: roll@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD7691A06FA for <roll@ietfa.amsl.com>; Sun, 23 Feb 2014 12:17:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.253
X-Spam-Level:
X-Spam-Status: No, score=0.253 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RP_MATCHES_RCVD=-0.547] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RCOI_OJUM1Mw for <roll@ietfa.amsl.com>; Sun, 23 Feb 2014 12:17:34 -0800 (PST)
Received: from grenache.tools.ietf.org (grenache.tools.ietf.org [IPv6:2a01:3f0:1:2::30]) by ietfa.amsl.com (Postfix) with ESMTP id A4CF81A06F9 for <roll@ietf.org>; Sun, 23 Feb 2014 12:17:34 -0800 (PST)
Received: from localhost ([127.0.0.1]:48971 helo=grenache.tools.ietf.org ident=www-data) by grenache.tools.ietf.org with esmtp (Exim 4.80) (envelope-from <trac+roll@trac.tools.ietf.org>) id 1WHfUN-000379-8Z; Sun, 23 Feb 2014 21:17:27 +0100
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: roll issue tracker <trac+roll@trac.tools.ietf.org>
X-Trac-Version: 0.12.3
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.12.3, by Edgewall Software
To: draft-ietf-roll-trickle-mcast@tools.ietf.org, mariainesrobles@gmail.com
X-Trac-Project: roll
Date: Sun, 23 Feb 2014 20:17:27 -0000
X-URL: http://tools.ietf.org/wg/roll/
X-Trac-Ticket-URL: http://trac.tools.ietf.org/wg/roll/trac/ticket/154
Message-ID: <067.2d07e9ce6d260fdbb979a3c0574587a5@trac.tools.ietf.org>
X-Trac-Ticket-ID: 154
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Rcpt-To: draft-ietf-roll-trickle-mcast@tools.ietf.org, mariainesrobles@gmail.com, robert.cragie@gridmerge.com, roll@ietf.org
X-SA-Exim-Mail-From: trac+roll@trac.tools.ietf.org
X-SA-Exim-Scanned: No (on grenache.tools.ietf.org); SAEximRunCond expanded to false
Resent-To: jonhui@cisco.com, richard.kelsey@silabs.com
Archived-At: http://mailarchive.ietf.org/arch/msg/roll/emKp_FUjOi4X2J1SkfIANlkdF48
Cc: roll@ietf.org
Subject: [Roll] [roll] #154: draft-ietf-roll-security-threats - Add further clarification/information - Section 7
X-BeenThere: roll@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: roll@ietf.org
List-Id: Routing Over Low power and Lossy networks <roll.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/roll>, <mailto:roll-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/roll/>
List-Post: <mailto:roll@ietf.org>
List-Help: <mailto:roll-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/roll>, <mailto:roll-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 23 Feb 2014 20:17:37 -0000
#154: draft-ietf-roll-security-threats - Add further clarification/information - Section 7 Reported by Robert Cragie - 02/17/2014 Section 7 Confidentiality Features The assessments and analysis in Section 5 examined all areas of threats and attacks that could impact routing, and the countermeasures presented in Section 6 were reached without confining the consideration to means only available to routing. This section puts the results into perspective and provides a framework for addressing the derived set of security objectives that must be met by the routing protocol(s) specified by the RPL Working Group. <rcc>I thought the idea was there was no framework being presented in this security threats draft? There is no RPL working group</rcc> 7.2. Integrity Features While logging is critical, it is often impossible. <rcc>Why is it "often impossible"? Where is the justification for such a claim?</rcc> Section 7.3. Availability Features o MAY restrict neighborhood cardinality; ... o MAY use geographic information for flow control. <rcc>What "MAY" do all the above things? Routing? It doesn't read correctly.</rcc> Section 7.4. Key Management While RPL has secure modes, but some modes are impractical without use of public key cryptography believed to be too expensive by many. RPL layer-3 security will often depend upon existing LLN layer-2 security mechanisms, which provides for node authentication, but little in the way of node authorization. <rcc>Not necessarily - again, I do not understand why L2 security implies "something less". If anything, L2 security is better as the integrity code covers more of the PDU (i.e. the MAC addresses) making e.g. wormhole attacks harder as it is harder to spoof addresses.</rcc> -- -------------------------------------+------------------------------------- Reporter: | Owner: draft-ietf-roll- mariainesrobles@gmail.com | trickle-mcast@tools.ietf.org Type: defect | Status: new Priority: major | Milestone: Component: security-threats | Version: Severity: In WG Last Call | Keywords: -------------------------------------+------------------------------------- Ticket URL: <http://trac.tools.ietf.org/wg/roll/trac/ticket/154> roll <http://tools.ietf.org/wg/roll/>
- [Roll] [roll] #154: draft-ietf-roll-security-thre… roll issue tracker
- Re: [Roll] [roll] #154: draft-ietf-roll-security-… roll issue tracker
- Re: [Roll] [roll] #154 (security-threats): draft-… roll issue tracker
- Re: [Roll] [roll] #154 (security-threats): draft-… roll issue tracker