[Roll] Roman Danyliw's Discuss on draft-ietf-roll-aodv-rpl-10: (with DISCUSS and COMMENT)
Roman Danyliw via Datatracker <noreply@ietf.org> Wed, 21 April 2021 23:03 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: roll@ietf.org
Delivered-To: roll@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C15F3A3A5A; Wed, 21 Apr 2021 16:03:58 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-roll-aodv-rpl@ietf.org, roll-chairs@ietf.org, roll@ietf.org, Ines Robles <mariainesrobles@googlemail.com>, aretana.ietf@gmail.com, mariainesrobles@googlemail.com
X-Test-IDTracker: no
X-IETF-IDTracker: 7.28.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Roman Danyliw <rdd@cert.org>
Message-ID: <161904623841.17653.13314629547868546211@ietfa.amsl.com>
Date: Wed, 21 Apr 2021 16:03:58 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/roll/gfALknH6QoAf3S7kmZYcjQ0ouhI>
Subject: [Roll] Roman Danyliw's Discuss on draft-ietf-roll-aodv-rpl-10: (with DISCUSS and COMMENT)
X-BeenThere: roll@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Routing Over Low power and Lossy networks <roll.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/roll>, <mailto:roll-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/roll/>
List-Post: <mailto:roll@ietf.org>
List-Help: <mailto:roll-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/roll>, <mailto:roll-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Apr 2021 23:03:59 -0000
Roman Danyliw has entered the following ballot position for draft-ietf-roll-aodv-rpl-10: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-roll-aodv-rpl/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- ** Section 10 If a rogue router knows the key for the Security Configuration in use, it can join the secure AODV-RPL route discovery and cause various types of damage. Such a rogue router could advertise false information in its DIOs in order to include itself in the discovered route(s). It could generate bogus RREQ-DIO, and RREP-DIO messages carrying bad routes or maliciously modify genuine RREP-DIO messages it receives. A rogue router acting as the OrigNode could launch denial-of-service attacks against the LLN deployment by initiating fake AODV-RPL route discoveries. In this type of scenario, RPL's preinstalled mode of operation, where the key to use for a P2P-RPL route discovery is preinstalled, SHOULD be used. Can the normative language in the last sentence please be clarified. The entire paragraph prior is describing the behavior of the attacker. Is this last sentence is suggesting a particular mode of operation? If the router is rogue, how is the fact that the key is pre-installed inhibit the behavior of the attacker? ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- ** I support John’s DISUSS. My feedback are also around clarifying what AODV-RPL inherits from RPL. ** Section 10. Per “In general, the security considerations for the operation of AODV-RPL are similar to those for the operation of RPL”, to be clear do all of the considerations from RFC6550 apply? The caveat of “In general …” doesn’t necessarily suggest that to me. ** Section 10. Unless AODV-RPL is upgrading the requirements of RPL, I believe all of the referenced security framework is optional. I would recommend being clear on that: OLD: Sections 6.1 and 10 of [RFC6550] describe RPL's security framework, which provides data confidentiality, authentication, replay protection, and delay protection services. NEW: Sections 6.1 and 10 of [RFC6550] describe RPL's optional security framework, which AODV-RPL rely on to provides data confidentiality, authentication, replay protection, and delay protection services. ** Section 10. Per “A router can join a temporary DAG … only if it can support the Security Configuration in use, which also specifies the key I use”: -- Is “Security Configuration” a term of art in RPL to be capitalized? I'm not sure if this is editorial feedback or a reference to some RPL mechanism. -- Is this section referring to the processes described in Section 10.2 of RFC6550? I ask because couldn’t there be an RPL configuration which doesn’t use secure join (i.e., “unsecured mode” per Section 10.1 of RFC6550)? ** Section 10. This section introduces a new acronym “P2P-RPL” not used in any other part of the document
- [Roll] Roman Danyliw's Discuss on draft-ietf-roll… Roman Danyliw via Datatracker
- Re: [Roll] Roman Danyliw's Discuss on draft-ietf-… Charles Perkins
- Re: [Roll] Roman Danyliw's Discuss on draft-ietf-… Alvaro Retana
- Re: [Roll] Roman Danyliw's Discuss on draft-ietf-… Roman Danyliw