[secdir] Security review of draft-ietf-6tisch-minimal-security-12
"Hilarie Orman" <hilarie@purplestreak.com> Mon, 14 October 2019 16:30 UTC
Return-Path: <hilarie@purplestreak.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 24D4A12081C; Mon, 14 Oct 2019 09:30:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wqv2O-f1m_QE; Mon, 14 Oct 2019 09:30:54 -0700 (PDT)
Received: from out02.mta.xmission.com (out02.mta.xmission.com [166.70.13.232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AEE2412007C; Mon, 14 Oct 2019 09:30:54 -0700 (PDT)
Received: from in01.mta.xmission.com ([166.70.13.51]) by out02.mta.xmission.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.87) (envelope-from <hilarie@purplestreak.com>) id 1iK3FF-0004Z1-Io; Mon, 14 Oct 2019 10:30:53 -0600
Received: from [166.70.232.207] (helo=rumpleteazer.rhmr.com) by in01.mta.xmission.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.87) (envelope-from <hilarie@purplestreak.com>) id 1iK3FE-0007Po-LL; Mon, 14 Oct 2019 10:30:53 -0600
Received: from rumpleteazer.rhmr.com (localhost [127.0.0.1]) by rumpleteazer.rhmr.com (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id x9EGQmWq011554; Mon, 14 Oct 2019 10:26:48 -0600
Received: (from hilarie@localhost) by rumpleteazer.rhmr.com (8.14.4/8.14.4/Submit) id x9EGQlwi011553; Mon, 14 Oct 2019 10:26:47 -0600
Date: Mon, 14 Oct 2019 10:26:47 -0600
Message-Id: <201910141626.x9EGQlwi011553@rumpleteazer.rhmr.com>
From: Hilarie Orman <hilarie@purplestreak.com>
Reply-To: Hilarie Orman <hilarie@purplestreak.com>
To: iesg@ietf.org, secdir@ietf.org
Cc: draft-ietf-6tisch-minimal-security.all@tools.ietf.org
X-XM-SPF: eid=1iK3FE-0007Po-LL; ; ; mid=<201910141626.x9EGQlwi011553@rumpleteazer.rhmr.com>; ; ; hst=in01.mta.xmission.com; ; ; ip=166.70.232.207; ; ; frm=hilarie@purplestreak.com; ; ; spf=none
X-XM-AID: U2FsdGVkX19tqvC2vPS8AjFBMrb3G7RQ
X-SA-Exim-Connect-IP: 166.70.232.207
X-SA-Exim-Mail-From: hilarie@purplestreak.com
X-Spam-DCC: XMission; sa08 1397; Body=1 Fuz1=1 Fuz2=1
X-Spam-Combo: **;iesg@ietf.org, secdir@ietf.org
X-Spam-Relay-Country:
X-Spam-Timing: total 389 ms - load_scoreonly_sql: 0.08 (0.0%), signal_user_changed: 3.5 (0.9%), b_tie_ro: 2.4 (0.6%), parse: 0.69 (0.2%), extract_message_metadata: 3.1 (0.8%), get_uri_detail_list: 0.88 (0.2%), tests_pri_-1000: 2.6 (0.7%), tests_pri_-950: 1.50 (0.4%), tests_pri_-900: 1.25 (0.3%), tests_pri_-90: 21 (5.3%), check_bayes: 19 (4.9%), b_tokenize: 4.3 (1.1%), b_tok_get_all: 6 (1.6%), b_comp_prob: 2.2 (0.6%), b_tok_touch_all: 2.9 (0.7%), b_finish: 0.89 (0.2%), tests_pri_0: 345 (88.8%), check_dkim_signature: 0.45 (0.1%), check_dkim_adsp: 6 (1.6%), poll_dns_idle: 0.71 (0.2%), tests_pri_10: 2.2 (0.6%), tests_pri_500: 6 (1.4%), rewrite_mail: 0.00 (0.0%)
X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600)
X-SA-Exim-Scanned: Yes (on in01.mta.xmission.com)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/9_GJuOAENV4KUqgnJiTAib85Rfk>
Subject: [secdir] Security review of draft-ietf-6tisch-minimal-security-12
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Oct 2019 16:30:56 -0000
Security review of Minimal Security Framework for 6TiSCH draft-ietf-6tisch-minimal-security-12 Do not be alarmed. I generated this review of this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written with the intent of improving security requirements and considerations in IETF drafts. Comments not addressed in last call may be included in AD reviews during the IESG review. Document editors and WG chairs should treat these comments just like any other last call comments. Nodes can join a 6TiSCH (IPv6 over the TSCH mode of IEEE 802.15.4e) network) by issuing a request that is validated using pre-shared keys. The document defines the Constrained Join Protocol and its data structures. The security considerations section has been done well. The "short identifier" space consideration on page 34 might be problematic under extreme conditions. If almost all values have been used, a set of nodes might cause trouble by constantly sending join requests. The JRC(s) would have to time out their previous information, and there might be long delays before a short identifier could be freed up. Perhaps there should be a rate limit on join requests from any single node. (If there is such a limit I didn't see it). Page 20 and page 23 mention "the user", but it is unclear what "user" means in this framework. Page 34 says that "the loss of security properties is eminent". That intended word was probably "imminent". I suggest rephrasing. Page 37 asks the reader to recall a "well-known" Bluetooth problem, but there is no citation for it. Either document it or remove it. Hilarie Orman
- [secdir] Security review of draft-ietf-6tisch-min… Hilarie Orman