Re: [secdir] SecDir Review of draft-ietf-roll-rpl-industrial-applicability

"Pascal Thubert (pthubert)" <pthubert@cisco.com> Fri, 20 December 2013 17:13 UTC

Return-Path: <pthubert@cisco.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E9A431AD669 for <secdir@ietfa.amsl.com>; Fri, 20 Dec 2013 09:13:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.039
X-Spam-Level:
X-Spam-Status: No, score=-10.039 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.538, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Yb7DYmZZOkkx for <secdir@ietfa.amsl.com>; Fri, 20 Dec 2013 09:13:52 -0800 (PST)
Received: from alln-iport-4.cisco.com (alln-iport-4.cisco.com [173.37.142.91]) by ietfa.amsl.com (Postfix) with ESMTP id 34CBF1ADFC1 for <secdir@ietf.org>; Fri, 20 Dec 2013 09:13:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3219; q=dns/txt; s=iport; t=1387559628; x=1388769228; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=Na9sj9viOkAiz+m+72PGAe1oYSsG+BsBou2F9Afd/2E=; b=c5fRrMiJrwePdCM2PtPT9ENKxI2VGs8SGnbsH8IviKGc9FEn05c0Zuxr eWcsmTvZjdw2uIwHUKO9vNFewKJZUXznlOi0BP6uVIGiFQgQwJ3PwPB+q UNZR1lIsBMR4P30ZZUb3WxbgoqzX6R++CrHW7sVIGO2/oYMU0QQiBmFKK 8=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgMFAPJ5tFKtJXHA/2dsb2JhbABZgwuBDbk2gR4WdIIlAQEBBHkMBAIBCBEEAQELHQcyFAkIAgQBDQUIh3zKSReOOicxBwaDHYETAQOJC6EfgyuBaEI
X-IronPort-AV: E=Sophos;i="4.95,522,1384300800"; d="scan'208";a="8215298"
Received: from rcdn-core2-5.cisco.com ([173.37.113.192]) by alln-iport-4.cisco.com with ESMTP; 20 Dec 2013 17:13:47 +0000
Received: from xhc-rcd-x12.cisco.com (xhc-rcd-x12.cisco.com [173.37.183.86]) by rcdn-core2-5.cisco.com (8.14.5/8.14.5) with ESMTP id rBKHDlmW009529 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Fri, 20 Dec 2013 17:13:47 GMT
Received: from xmb-rcd-x01.cisco.com ([169.254.1.179]) by xhc-rcd-x12.cisco.com ([173.37.183.86]) with mapi id 14.03.0123.003; Fri, 20 Dec 2013 11:13:47 -0600
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: Alexey Melnikov <alexey.melnikov@isode.com>, "draft-ietf-roll-rpl-industrial-applicability.all@tools.ietf.org" <draft-ietf-roll-rpl-industrial-applicability.all@tools.ietf.org>, Michael Richardson <mcr+ietf@sandelman.ca>
Thread-Topic: SecDir Review of draft-ietf-roll-rpl-industrial-applicability
Thread-Index: AQHO/YV9o9lCIwsv2kKoXlizQBGqsZpdUiQQ
Date: Fri, 20 Dec 2013 17:13:47 +0000
Deferred-Delivery: Fri, 20 Dec 2013 17:13:00 +0000
Message-ID: <E045AECD98228444A58C61C200AE1BD8416520D9@xmb-rcd-x01.cisco.com>
References: <52B442CA.8090909@isode.com>
In-Reply-To: <52B442CA.8090909@isode.com>
Accept-Language: fr-FR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.55.22.2]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Mailman-Approved-At: Thu, 26 Dec 2013 12:00:43 -0800
Cc: "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] SecDir Review of draft-ietf-roll-rpl-industrial-applicability
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Dec 2013 17:13:54 -0000

Thanks a lot Alexey!

We'll dig into that, though probably after Christmas now : )

Cheers,

Pascal


> -----Original Message-----
> From: Alexey Melnikov [mailto:alexey.melnikov@isode.com]
> Sent: vendredi 20 décembre 2013 14:15
> To: draft-ietf-roll-rpl-industrial-applicability.all@tools.ietf.org; Michael
> Richardson
> Cc: secdir@ietf.org
> Subject: SecDir Review of draft-ietf-roll-rpl-industrial-applicability
> 
> Hi,
> 
> I have reviewed this document as part of the security directorate's ongoing
> effort to review all IETF documents being processed by the IESG.  These
> comments were written primarily for the benefit of the security area directors.
> Document editors and WG chairs should treat these comments just like any
> other last call comments.
> 
> The document is well written and was quite educational for me. However the
> Security Considerations section is incomplete and not quite ready.
> 
>  >    This document does not specify operations that could introduce new
>  >    threats.  Security considerations for RPL deployments are to be
>  >    developed in accordance with recommendations laid out in, for
>  >    example, [I-D.tsao-roll-security-framework].
> 
> This document got obsoleted by a WG document. I am not entirely sure whether
> this is intended to be draft-ietf-roll-security-threats or draft-ietf-roll-security-
> framework. Please update your draft to point to the latest document.
> 
>  >    Industrial automation networks are subject to stringent security
>  >    requirements as they are considered a critical infrastructure
>  >    component.  At the same time, since they are composed of large
>  >    numbers of resource- constrained devices inter-connected with
>  >    limited-throughput links, many available security mechanisms are
>  >    not practical for use in such networks.  As a result, the choice of
>  >    security mechanisms is highly dependent on the device and network
>  >    capabilities characterizing a particular deployment.
> 
> While this sounds plausible, this is not very helpful for deployments.
> Are there any documents (maybe even research papers) that talk about different
> types of deployments and suitable security mechanisms for them?
> 
>  >    In contrast to other types of LLNs, in industrial automation
>  >    networks centralized administrative control and access to
>  >    a permanent secure infrastructure is available.
>  >    As a result link-layer, transport-layer
>  >    and/or application-layer security mechanisms are typically in place
>  >    and may make use of RPL's secure mode unnecessary.
> 
> Pointing to RFC 6550 and describing how RPL security services described there
> can be replaced by link/transport/application-layer technologies would be
> helpful as well.
> 
>  > 6.1.  Security Considerations during initial deployment  >  > 6.2.  Security
> Considerations during incremental deployment
> 
> These sections need completing. Looking at draft-ietf-roll-applicability-
> template-03, I can see there a useful pointer to a document about getting initial
> keys and trust anchors.