[secdir] SECDIR review of draft-ietf-6lowpan-usecases-09.txt
Donald Eastlake <d3e3e3@gmail.com> Mon, 28 February 2011 03:42 UTC
Return-Path: <d3e3e3@gmail.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AD4C03A6998; Sun, 27 Feb 2011 19:42:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -104.252
X-Spam-Level:
X-Spam-Status: No, score=-104.252 tagged_above=-999 required=5 tests=[AWL=-0.653, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yJWIyEJ4Pnmz; Sun, 27 Feb 2011 19:42:25 -0800 (PST)
Received: from mail-wy0-f172.google.com (mail-wy0-f172.google.com [74.125.82.172]) by core3.amsl.com (Postfix) with ESMTP id 7A9AD3A698D; Sun, 27 Feb 2011 19:42:24 -0800 (PST)
Received: by wyb42 with SMTP id 42so3558233wyb.31 for <multiple recipients>; Sun, 27 Feb 2011 19:43:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:from:date:message-id:subject:to :content-type:content-transfer-encoding; bh=05zEgxLRHDz7ysBRqkIIOzIm74JT4WWNG0DR4LVYHew=; b=DJUUh+dsZKHmX6daCLrZ5eV3m2Zuk0IRD3J+Ujw/fETq5m6KNxt5WyTgxAcoP0PFht KV1IofLhP4XJALdmg2iVHbM0x39Arn1EO2VCGPL0EIdgGOKSUhQW1bbgI2HeNWM7jseo s89G2IfsIPooQPouO8SsNq9r8K+dUUaQMzrY8=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:from:date:message-id:subject:to:content-type :content-transfer-encoding; b=xr3A4kbziAYoom34kMsBWMxNioSpP7AzbZ8k6u3zXprjPMaMQBh4qhvJJgq6UBtT7h HrS2ynu7ih22jO3bSUcKeXyKHG3lz6YJbDK5lqoMHeXdbqdZsCb/XAUm+kApdyziGRVR ZL2KtR15eFrPUWrSdMrcPGuKPq473YIFBgqDk=
Received: by 10.227.9.222 with SMTP id m30mr4461270wbm.211.1298864603160; Sun, 27 Feb 2011 19:43:23 -0800 (PST)
MIME-Version: 1.0
Received: by 10.227.68.140 with HTTP; Sun, 27 Feb 2011 19:43:03 -0800 (PST)
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Sun, 27 Feb 2011 22:43:03 -0500
Message-ID: <AANLkTikErRCyk5CryOvRXO-zz6OYd55KUDESf81gZQjv@mail.gmail.com>
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-6lowpan-usecases.all@tools.ietf.org
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Subject: [secdir] SECDIR review of draft-ietf-6lowpan-usecases-09.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Feb 2011 03:42:25 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. Document editors and WG chairs should treat these comments just like any other last call comments As you might guess from the draft name, this is an informational document describing a number of use cases for low-power wireless personal area networks. The security considerations section, reasonably enough, briefly indicates why different use cases may have considerably different security requirements and what some types of such security requirements could be. The thing that I think is lacking is some hint as to where to look to find possible mechanisms to meet those requirements. For this type of document, no detailed analysis of mechanisms is needed. But I would feel better if a sentence could be added such as follow (with some alternative wording in square brackets): "These varied security requirement [can commonly][are expected to] be met by the use of mechanisms such as IPsec and IKE, TLS, or 802.15.4 link security.". If there is an appropriate security mechanism survey document that would be fine. I did look at RFC 4919 as something that could be referenced and it seems too preliminary and tentative. RFC 4944 is only a little better. Perhaps there should be a reference to draft-qiu-6lowpan-secure-router at least as an example of work in progress in this area. Thanks, Donald ============================= Donald E. Eastlake 3rd +1-508-333-2270 (cell) 155 Beaver Street Milford, MA 01757 USA d3e3e3@gmail.com
- [secdir] SECDIR review of draft-ietf-6lowpan-usec… Donald Eastlake
- Re: [secdir] SECDIR review of draft-ietf-6lowpan-… Eunsook "Eunah" Kim