[Roll] [roll] #176 (applicability-ami): Security items to consider for applicability-ami draft - IESG Evaluation-
"roll issue tracker" <trac+roll@trac.tools.ietf.org> Fri, 13 May 2016 11:25 UTC
Return-Path: <trac+roll@trac.tools.ietf.org>
X-Original-To: roll@ietfa.amsl.com
Delivered-To: roll@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E711D12D146; Fri, 13 May 2016 04:25:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.896
X-Spam-Level:
X-Spam-Status: No, score=-7.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.996] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x3Zhw8Q_Pdoo; Fri, 13 May 2016 04:25:03 -0700 (PDT)
Received: from zinfandel.tools.ietf.org (zinfandel.tools.ietf.org [IPv6:2001:1890:123a::1:2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C76712D14C; Fri, 13 May 2016 04:25:03 -0700 (PDT)
Received: from localhost ([::1]:40449 helo=zinfandel.tools.ietf.org) by zinfandel.tools.ietf.org with esmtp (Exim 4.82_1-5b7a7c0-XX) (envelope-from <trac+roll@trac.tools.ietf.org>) id 1b1BDK-0000nU-Io; Fri, 13 May 2016 04:25:02 -0700
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: roll issue tracker <trac+roll@trac.tools.ietf.org>
X-Trac-Version: 0.12.5
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.12.5, by Edgewall Software
To: draft-ietf-roll-applicability-ami@ietf.org, mariainesrobles@gmail.com
X-Trac-Project: roll
Date: Fri, 13 May 2016 11:25:02 -0000
X-URL: https://tools.ietf.org/wg/roll/
X-Trac-Ticket-URL: https://tools.ietf.org/wg/roll/trac/ticket/176
Message-ID: <068.f82ce53591c9bd896c9f7c9c9ddf7e60@trac.tools.ietf.org>
X-Trac-Ticket-ID: 176
X-SA-Exim-Connect-IP: ::1
X-SA-Exim-Rcpt-To: draft-ietf-roll-applicability-ami@ietf.org, mariainesrobles@gmail.com, roll@ietf.org
X-SA-Exim-Mail-From: trac+roll@trac.tools.ietf.org
X-SA-Exim-Scanned: No (on zinfandel.tools.ietf.org); SAEximRunCond expanded to false
Resent-To: draft-ietf-roll-applicability-ami@ietf.org
Resent-Message-Id: <20160513112503.2C76712D14C@ietfa.amsl.com>
Resent-Date: Fri, 13 May 2016 04:25:03 -0700
Resent-From: trac+roll@trac.tools.ietf.org
Archived-At: <http://mailarchive.ietf.org/arch/msg/roll/tvdU4s3ikVFDyCQYDZLbQmp4e4U>
Cc: roll@ietf.org
Subject: [Roll] [roll] #176 (applicability-ami): Security items to consider for applicability-ami draft - IESG Evaluation-
X-BeenThere: roll@ietf.org
X-Mailman-Version: 2.1.17
Reply-To: roll@ietf.org
List-Id: Routing Over Low power and Lossy networks <roll.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/roll>, <mailto:roll-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/roll/>
List-Post: <mailto:roll@ietf.org>
List-Help: <mailto:roll-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/roll>, <mailto:roll-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 May 2016 11:25:05 -0000
#176: Security items to consider for applicability-ami draft - IESG Evaluation- I have two things I'd like to chat about, given that these applicability documents are where the roll WG has iirc said it'd address security and privacy issues with RPL: (1) 7.1.7: Don't you need to turn that "may not need" around and say that AMI deployments of RPL REQUIRE implementation (and maybe use) of link layer and higher layer security features? (You almost say that in 9.3 I think, so it'd maybe be good to be crystal clear. (2) Why are there no privacy considerations? I think this document needs that. For example, an AMI mesh based purely on link layer security could be a total privacy nightmare. And part of that is down to RPL - if I can cause lots of folks' traffic to be sent to me, that is RPL's issue. That I can then see the application layer content is not RPL's fault, but is still relevant. I think this section is important to include because the authors here are presumably the ones who know the application layer information. And the sensitive information might not only be readings, it could include packet size, if larger packets are caused by activity such as turning on heating, then larger packets indicate presence and smaller ones absence, depending on weather. I am also concerned that there may be privacy issues arising from the various identifiers in use here. Did the WG consider these issues and their potential impact on how it is or is not safe to use RPL? (While the analysis might sound complex, I'd bet that not much new text would be needed, but who knows until the analysis has been done.) - 1.3: what's the 3rd bullet mean? It's worded very ambiguously. With s/(vs. non-storing)// it'd be clear. - section 3: "a potentially significant portion of which is taken up by protocol and encryption overhead" seems overstated to me - are there numbers to back that up? - 5.1, last sentence: why is it important to note that? explaining would be good - 7.2.3: I don't get what you're telling me here that assists in security or interop? - section 9: please provide references to back up the assertion that "many available security mechanisms are not practical for use in such networks" for some relevant security mechanisms. The problem is that such assertions are used to justify doing nothing at all so they ought not be blithely made. - 9.1: "are unique per device" etc is the only sensible thing and would be nice if always true, but that is often not the case - why state what's known to not be true? Or are you trying to say something else? - 9.2: "it is replaced" - again that's not true, only devices known to be compromised would be replaced, which is by no means all compromised devices - 9.3: "already existing" - you really should have a reference there. -- -------------------------------------+------------------------------------- Reporter: | Owner: draft-ietf-roll- mariainesrobles@gmail.com | applicability-ami@ietf.org Type: defect | Status: new Priority: major | Milestone: Component: applicability-ami | Version: Severity: In WG Last Call | Keywords: -------------------------------------+------------------------------------- Ticket URL: <https://tools.ietf.org/wg/roll/trac/ticket/176> roll <https://tools.ietf.org/wg/roll/>
- [Roll] [roll] #176 (applicability-ami): Security … roll issue tracker