[RTG-DIR] RtgDir review of draft-ietf-lwig-crypto-sensors-05.txt
Emmanuel Baccelli <Emmanuel.Baccelli@inria.fr> Wed, 21 February 2018 09:36 UTC
Return-Path: <emmanuel.baccelli@gmail.com>
X-Original-To: rtg-dir@ietfa.amsl.com
Delivered-To: rtg-dir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B22F012E888; Wed, 21 Feb 2018 01:36:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R_IaIoGs7nVY; Wed, 21 Feb 2018 01:35:59 -0800 (PST)
Received: from mail-vk0-x22a.google.com (mail-vk0-x22a.google.com [IPv6:2607:f8b0:400c:c05::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 96C38120047; Wed, 21 Feb 2018 01:35:59 -0800 (PST)
Received: by mail-vk0-x22a.google.com with SMTP id o17so560268vke.7; Wed, 21 Feb 2018 01:35:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:from:date:message-id:subject:to:cc; bh=Gx5/FpQgWnWzegDNkY+zWpS3dikvli1Z58CkqLyOKs0=; b=mpQt0KXeWcC1F9n0+5/dqryGaNYbiPXbj/4WJqiLGZBnI6zvS0V5aRp45D7Z4KEM43 0h/+7tLNxZH0kAUt7o2yXkuie6u3EO3eZ/QmhsomDc/nWhaBA+Zu6MCNWrPHTnYNtJSb Gm58YZ/1Mv3Xozs+PLxbm3vjU/sGNW3kAXFYB/y591V+qerGFGh5Sy8/gRXoXvrtKRm/ wsG/6IKb9BZGzNbzyAmf9SVXGBmeQgXMdkWB6pW6kZXh+XCnVhrlnwjq4n6kWQ1WptfN 7UCAnncyuU0R3DXzKthjyawU9UqtAEbrDhSxGzpz6hU6BR43sEr3+WqJL9xrkGHymzd4 TmoA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:from:date:message-id:subject :to:cc; bh=Gx5/FpQgWnWzegDNkY+zWpS3dikvli1Z58CkqLyOKs0=; b=kItE4XhtMojt42obMk1eUdCDK5mD0LyHJSyhyiy+h00nBVpy/SfamuLUVW1sJTn7uE tystDK1TpV2SB4AQDjsAMBHtsDDq2alYA2SSIEayw0PvTbBW6VKWihzfsP/rsy+c1y48 s3rL1HqxHfiR54jHg5E5AQVVwiB4/MAL8xnT4A9Aliux3v9U7N//bYH2h5HzZPyiDEBU UzG+UTpbON7iQ3NP+N6beCCDj5Zt7DynrDpXiftHiN4nJOb/JfjouIbldhGyuRdNCF0m Qig9f0iYUeBsgfSyP0u/AQ6uQkOT6u7moVEoJAY425yTc4qSwUHozF+Jj1BtDDHM4peb aGBg==
X-Gm-Message-State: APf1xPD+bygvhPpCcaZ/rgyOl1iIiPNRk8kkBOy4YOv4SQPb2Rt4870Y NFLLk6o5tfRQOwOGi5SnIDsbu285z7nrGpL7E4dYwg==
X-Google-Smtp-Source: AH8x224StyG5S//L1WsLsrVGx/zH2zx2fJa6wk7dV5b2+Z22W2KigoJEG0xMDQ8k/U2wmWWTHjQzihCnYdPn24VVzGk=
X-Received: by 10.31.90.15 with SMTP id o15mr2065310vkb.100.1519205758186; Wed, 21 Feb 2018 01:35:58 -0800 (PST)
MIME-Version: 1.0
Sender: emmanuel.baccelli@gmail.com
Received: by 10.176.3.146 with HTTP; Wed, 21 Feb 2018 01:35:37 -0800 (PST)
From: Emmanuel Baccelli <Emmanuel.Baccelli@inria.fr>
Date: Wed, 21 Feb 2018 10:35:37 +0100
X-Google-Sender-Auth: jDbIyH_PdsqA8YI3WJyOmvgsrYk
Message-ID: <CANK0pbY5gcnnxZgpSVHQZgSTEBqThdK4JDnyBXwD8D4-Tx=Ubw@mail.gmail.com>
To: "<rtg-ads@ietf.org>" <rtg-ads@ietf.org>
Cc: rtg-dir@ietf.org, draft-ietf-lwig-crypto-sensors.all@ietf.org, lwip@ietf.org
Content-Type: multipart/alternative; boundary="f403043694a28eb86f0565b5a7e8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-dir/csz-Bs4L0iLMMF50aOZmxrIDLbA>
Subject: [RTG-DIR] RtgDir review of draft-ietf-lwig-crypto-sensors-05.txt
X-BeenThere: rtg-dir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Routing Area Directorate <rtg-dir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-dir>, <mailto:rtg-dir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-dir/>
List-Post: <mailto:rtg-dir@ietf.org>
List-Help: <mailto:rtg-dir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-dir>, <mailto:rtg-dir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Feb 2018 09:36:02 -0000
Hello, I have been selected as the Routing Directorate reviewer for this draft. The Routing Directorate seeks to review all routing or routing-related drafts as they pass through IETF last call and IESG review, and sometimes on special request. The purpose of the review is to provide assistance to the Routing ADs. For more information about the Routing Directorate, please see http://trac.tools.ietf.org/area/rtg/trac/wiki/RtgDir Although these comments are primarily for the use of the Routing ADs, it would be helpful if you could consider them along with any other IETF Last Call comments that you receive, and strive to resolve them through discussion or by updating the draft. Document: draft-ietf-lwig-crypto-sensors-05.txt Reviewer: Emmanuel Baccelli Review Date: 20/02/2018 Intended Status: Informational Summary: This document is basically ready for publication, but has nits that should be considered prior to publication. Comments: The draft's content are solid and relevant, the readability is good. I have a few suggestions on how to further improve readability. Major Issues: No major issues found. Minor Issues: In section 8.3, concerning network layer security, it would be more complete to also mention specific routing security aspects, e.g. cases where multi-hop is needed in a LoWPAN, and mechanisms (such as topology authentication) should be used to mitigate sinkhole attacks etc. In the end summary, maybe it would also make sense to add something like: "If push comes to shove, strong security is also possible on 8-bit and 16-bit". I think it is important to send the message that even some "legacy" IoT hardware could be made secure. Nits: # Section 3: the "network configuration" bullet point is somewhat unclear, hinting at different issues. Would it not make sense to split it in 2 different bullet points? # Section 4.1: it would be clearer if the main principles used for provisionning are gathered and stated upfront in this section. I mean a short list like "only identities are provisionned", "identities are self-securing". # Section 4.1 in the part on group identity: at first sight it is not straightforward what is n and what is m, and why they might be differ. Some explicit mention would be useful. # Section 4.1 in the part on group identity: does the model require each device to be provided with the identities of all the other devices in the group at commissionning time? It is unclear in the text, an explicit mention would be useful here too. # Section 5: it is somewhat awkward to find an OS within a list of crypto libraries. However, I agree it is important to point to available operating systems in this space. I suggest a separate paragraph on operating systems and citing a survey such as: O. Hahm et al. "Operating Systems for Low-end Devices in the Internet of Things: a Survey." IEEE Internet of Things Journal 3.5 (2016): 720-734. As a side note, it would be great to have an equivalent survey to point to for available light-weight crypto libraries... # Section 6: in the beginning of the section, it is not clear that the measurements are on Arduino Uno (right?). I suggest stating this explicitly. # Section 6: "The Arduino board only provides ... the random() function call." I think this sentence is somewhat misleading. The main point here is what there is (or what there isn't) behind this function call. I suggest rephrasing the bullet point with something like: "some boards (e.g. Arduino Uno) do not provide a hardware random number generator. On such boards, obtaining crypto-quality randomness is an issue." # Spotted typos: in Section 6 "results for for all the 128" in Section 7 "enough power to be stay on"
- [RTG-DIR] RtgDir review of draft-ietf-lwig-crypto… Emmanuel Baccelli