Re: [secdir] Fwd: FW: draft-ietf-roll-applicability-template

On 01/30/2013 10:44 AM, Ben Laurie wrote:
> I got that, but it seems impossible to answer without knowing a lot
> more about ROLL than that doc says. Or RPL, whatever that is (not
> defined in the doc).

True enough. Don't volunteer so:-)

If we have someone who knows RPL, (and its a bit of a monster)
it'd make more sense for them to take this.

The background here is that I inherited a DISCUSS from
Tim on a RPL document to the effect that they had
no automated key management (AKM) defined which BCP107
says they need. They argued (fairly I think) that the
method for AKM that you'd make mandatory to implement
might well differ for different applications using RPL
but eventually that draft ended up back in the WG.

So now they're trying to make sure they don't hit that
problem again via this template for applicability
statements.

So I hope any review we do says at least: "Add a
requirement that applicability statements MUST specify
an AKM method as MTI."

Given how complex RPL is though, there could well be
more to say, hence their request.

S.

> 
>>
>> S.
>>
>>>
>>> S.
>>>
>>> On 01/30/2013 10:00 AM, Ben Laurie wrote:
>>>> On 30 January 2013 00:31, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
>>>>>
>>>>> Hi all,
>>>>>
>>>>> The roll folks are looking for a review of this I-D.
>>>>> If someone feels the love, can you let Tero know and
>>>>> he'll capture that. If nobody does, then Tero, can
>>>>> you pick whoever's next in the rotation.
>>>>
>>>> Do you mean https://datatracker.ietf.org/doc/draft-richardson-roll-applicability-template/?include_text=1?
>>>> There doesn't appear to be a draft-ietf-
>>>>
>>>> If so, there's no info in it to base a security review on.
>>>>
>>>>>
>>>>> Thanks,
>>>>> S.
>>>>>
>>>>>
>>>>> -------- Original Message --------
>>>>> Subject: FW: draft-ietf-roll-applicability-template
>>>>> Date: Tue, 29 Jan 2013 17:59:36 -0000
>>>>> From: Adrian Farrel <adrian@olddog.co.uk>
>>>>> Reply-To: <adrian@olddog.co.uk>
>>>>> To: <turners@ieca.com>
>>>>> CC: <stephen.farrell@cs.tcd.ie>, <roll-chairs@tools.ietf.org>
>>>>>
>>>>> Copying Sean in just in case he is inclined to say something.
>>>>>
>>>>> A
>>>>>
>>>>>> -----Original Message-----
>>>>>> From: mcr@sandelman.ca [mailto:mcr@sandelman.ca] On Behalf Of Michael
>>>>>> Richardson
>>>>>> Sent: 27 January 2013 20:46
>>>>>> To: stephen.farrell@cs.tcd.ie
>>>>>> Cc: Adrian Farrel; jpv@cisco.com
>>>>>> Subject: draft-ietf-roll-applicability-template
>>>>>>
>>>>>>
>>>>>> I'm still looking for SEC Directorate review of the ROLL applicability
>>>>>> template.
>>>>>>
>>>>>> The idea is to make sure that security question will get addressed
>>>>>> earlier in the process, rather than at SEC Directorate review time.
>>>>>>
>>>>>> --
>>>>>> ]               Never tell me the odds!                 | ipv6 mesh networks [
>>>>>> ]   Michael Richardson, Sandelman Software Works        | network architect  [
>>>>>> ]     mcr@sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> secdir mailing list
>>>>> secdir@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/secdir
>>>>> wiki: http://tools.ietf.org/area/sec/trac/wiki/SecDirReview
>>>>
>>>>
>>> _______________________________________________
>>> secdir mailing list
>>> secdir@ietf.org
>>> https://www.ietf.org/mailman/listinfo/secdir
>>> wiki: http://tools.ietf.org/area/sec/trac/wiki/SecDirReview
>>>
>>>
> 
> 