Re: [secdir] Secdir telechat review of draft-ietf-6lo-use-cases-14
Yong-Geun Hong <yonggeun.hong@gmail.com> Tue, 14 March 2023 11:06 UTC
Return-Path: <yonggeun.hong@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B75C7C15154A; Tue, 14 Mar 2023 04:06:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.093
X-Spam-Level:
X-Spam-Status: No, score=-2.093 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1K72koCxjCi1; Tue, 14 Mar 2023 04:06:28 -0700 (PDT)
Received: from mail-lf1-x134.google.com (mail-lf1-x134.google.com [IPv6:2a00:1450:4864:20::134]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6C79C151520; Tue, 14 Mar 2023 04:06:25 -0700 (PDT)
Received: by mail-lf1-x134.google.com with SMTP id n2so19428511lfb.12; Tue, 14 Mar 2023 04:06:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1678791984; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=UhFa40IkAwX4AtYatF78i1TUxWg//fD82IF0vh+XfaI=; b=KIUIrgzC3hT2H43cUC3nigSLj/oZx4cnfcTD3/7lMqxvZ7PpHanIwc3ALasQ4jKXHg RiE0OIL9V84d+9Oqrh7nYORJYHIM3SHWI1ViBPwiL31enBVjDvTXUI4o0l4vGU1v2q7I l1KAmRAGAQ+4KO70LcrmC+VPkGZ9G0Bkk8DyP7pj4OmbAQRZfhe3eq7ulWkqia06wltN rV00xN8FVPRSfxCDEDvj+OiOu/5VJ3cIrS747xWOFJ9rXtoT2vyoyIHNmWN2F8BAeCy+ ogNL2jYcTm1bGXUiCECerr7BFp+BfYvDVV0frEOqbDqTFO9JkCkEdaqO88HHyscuJYvG e59g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1678791984; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=UhFa40IkAwX4AtYatF78i1TUxWg//fD82IF0vh+XfaI=; b=fsEJn1pSiRwPRzw8yOU4jv4r3rhoHs/1YxTttOTcTQ8QpRQnkDzSIBt1R+fcguOuxb Yny8Rybs4fCiORXKg9xD2Cbo5JOHSUD3MCHsbPvLcHu2GIxU8Ny9WRi85mJHAsYjwYjf SCiM2BTPrdxHguQHhe3Aq7aYqKcR/qbwFBzCD6z5muqsNrqjvv80ZhYT9aM5OPwr0DFQ ZofO3z6m0zJUDhgFo85t9dZx+B0DqUrblhAjd8Uj4SvkwDjLfYzhs/F58hzvJtLD620t Lui5rh5GrKj99QSURs5MIuXipEcn32fAEEr4O8jT9vNuTDTSjVpVtjWNgl2bYb6q+bjG 0OAg==
X-Gm-Message-State: AO0yUKVLwxzW0WQVr9eDBaxJPML8r4gQDZsm3wXq9OpVDydEKXt9Hp0t XHa0pkaOjNqCtzzaY01dydxzSy9vYW5trDLXzibY4PJJzDE=
X-Google-Smtp-Source: AK7set/dUDBx/dDNy5YCRW+YJG9Ji8jqnIAtBPqMAszHWQVHOHJo81isdeiwrOMKj1xpKxrfwtX87Pyqq2vQt99Bcqw=
X-Received: by 2002:ac2:43c2:0:b0:4d5:ca32:6aed with SMTP id u2-20020ac243c2000000b004d5ca326aedmr582319lfl.13.1678791983940; Tue, 14 Mar 2023 04:06:23 -0700 (PDT)
MIME-Version: 1.0
References: <166870297061.63316.5675193722863739658@ietfa.amsl.com>
In-Reply-To: <166870297061.63316.5675193722863739658@ietfa.amsl.com>
From: Yong-Geun Hong <yonggeun.hong@gmail.com>
Date: Tue, 14 Mar 2023 20:06:11 +0900
Message-ID: <CACt2foH5GKnq-q7ztnJDouncuRabXRBUsKiDGa8w7bLYEWdOgg@mail.gmail.com>
To: Robert Sparks <rjsparks@nostrum.com>
Cc: secdir@ietf.org, 6lo@ietf.org, draft-ietf-6lo-use-cases.all@ietf.org, last-call@ietf.org
Content-Type: multipart/alternative; boundary="000000000000dac9f305f6da3743"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/ZOyPEGOLYmrRrYDw9PrvljZe4sQ>
Subject: Re: [secdir] Secdir telechat review of draft-ietf-6lo-use-cases-14
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Mar 2023 11:06:32 -0000
Dear Robert Sparks. Thanks for your valuable comments and sorry for the late response. To resolve your comments, I updated the related paragraph as follows. - Security and Encryption: Though 6LoWPAN basic specifications do not address security at the network layer, the assumption is that L2 security must be present. Nevertheless, care must be taken since specific L2 technologies may exhibit security gaps. Typically, 6lo L2 technologies (see Section 2) offer security properties such as confidentiality and/or message authentication. In addition, end-to-end security is highly desirable. Protocols such as DTLS/TLS, as well as object security are being used in the constrained-node network domain [ I-D.ietf-lwig-security-protocol-comparison <https://www.ietf.org/archive/id/draft-ietf-6lo-use-cases-15.html#I-D.ietf-lwig-security-protocol-comparison> ]. The relevant IETF working groups should be consulted for application and transport level security. The IETF has worked on address authentication [RFC8928 <https://www.ietf.org/archive/id/draft-ietf-6lo-use-cases-15.html#RFC8928> ] and secure bootstrapping is also being discussed in the IETF. However, there may be other security mechanisms available in a deployment through other standards such as hardware-level security or certificates for the initial booting process. In order to use security mechanisms, the implementation needs to afford it in terms of processing capabilities and energy consumption. And, I submitted the revision draft based on your comments. https://www.ietf.org/archive/id/draft-ietf-6lo-use-cases-15.html It is appreciated to check again and let me know any missing points. Best regards. Yong-Geun. 2022년 11월 18일 (금) 오전 1:36, Robert Sparks via Datatracker <noreply@ietf.org>님이 작성: > Reviewer: Robert Sparks > Review result: Ready > > I have reviewed this document as part of the security directorate's ongoing > effort to review all IETF documents being processed by the IESG. These > comments > were written primarily for the benefit of the security area directors. > Document > editors and WG chairs should treat these comments just like any other > review > comments. > > This document is ready for publication as an Informational RFC > > Thanks for addressing my Last Call comments. The new Security > Considerations > text is helpful (though I would have preferred even more). > > I'll point to one last potential problem spot (as a nit) that you may wish > to > reconsider. See Section 3 at: > > "Encryption is important if the implementation can afford it." > > >From the rest of the document, it's clear that Encryption is important > even if > the implementation _can't_ afford it (and what does "afford it" even mean > in > this context)? > > Please try to find more specific text to convey what you are trying to say. > > >
- [secdir] Secdir telechat review of draft-ietf-6lo… Robert Sparks via Datatracker
- Re: [secdir] Secdir telechat review of draft-ietf… Yong-Geun Hong
- Re: [secdir] Secdir telechat review of draft-ietf… Yong-Geun Hong