Re: [secdir] Security directorate review of draft-ietf-lwig-terminology-04
Carsten Bormann <cabo@tzi.org> Tue, 28 May 2013 06:58 UTC
Return-Path: <cabo@tzi.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 16D3221F8511; Mon, 27 May 2013 23:58:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.249
X-Spam-Level:
X-Spam-Status: No, score=-106.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HmfzcscmUGQu; Mon, 27 May 2013 23:58:46 -0700 (PDT)
Received: from informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) by ietfa.amsl.com (Postfix) with ESMTP id 6269421F9007; Mon, 27 May 2013 23:58:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de
Received: from smtp-fb3.informatik.uni-bremen.de (smtp-fb3.informatik.uni-bremen.de [134.102.224.120]) by informatik.uni-bremen.de (8.14.4/8.14.4) with ESMTP id r4S6wc9i018073; Tue, 28 May 2013 08:58:38 +0200 (CEST)
Received: from [192.168.217.105] (p54894213.dip0.t-ipconnect.de [84.137.66.19]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by smtp-fb3.informatik.uni-bremen.de (Postfix) with ESMTPSA id 5E90334A4; Tue, 28 May 2013 08:58:38 +0200 (CEST)
Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\))
Content-Type: text/plain; charset="iso-8859-1"
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <CABrd9SQuTy-5dDBfmYa3vJCTi7a-U2nx5-b0Zfa9tKCDHxNV6Q@mail.gmail.com>
Date: Tue, 28 May 2013 08:58:36 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <3CD078EF-9CBB-4C19-A5F6-DFC21C522EAA@tzi.org>
References: <CABrd9SQuTy-5dDBfmYa3vJCTi7a-U2nx5-b0Zfa9tKCDHxNV6Q@mail.gmail.com>
To: Ben Laurie <benl@google.com>
X-Mailer: Apple Mail (2.1503)
Cc: draft-ietf-lwig-terminology.all@tools.ietf.org, The IESG <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] Security directorate review of draft-ietf-lwig-terminology-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 May 2013 06:58:52 -0000
On May 23, 2013, at 13:48, Ben Laurie <benl@google.com> wrote: > I would > suggest that this section could usefully contain a summary of the > security implications of the various constraints discussed. Ben, thanks for reminding us. Interestingly, I just put in something like this as a new subsection 11.6 in draft-ietf-core-coap-17, which I have reproduced below. That section is focused on three specific considerations. I would expect security considerations to be more actionable when discussed in the context of a specific protocol, as opposed to the terminology that is used for describing the constraints. Doing a more extensive discussion of security implications of constrainedness would be a great document on its own, which maybe we should start looking into in the LWIG WG. There is also an activity to work on using DTLS properly in constrained environments, which would also benefit from such a document. So I'm not sure how much we should be putting in the terminology document, but the WG will certainly need to discuss this. I'm opening a ticket for now. Grüße, Carsten 11.6. Constrained node considerations Implementers on constrained nodes often find themselves without a good source of entropy [RFC4086]. If that is the case, the node MUST NOT be used for processes that require good entropy, such as key generation. Instead, keys should be generated externally and added to the device during manufacturing or commissioning. Due to their low processing power, constrained nodes are particularly susceptible to timing attacks. Special care must be taken in implementation of cryptographic primitives. Large numbers of constrained nodes will be installed in exposed environments and will have little resistance to tampering, including recovery of keying materials. This needs to be considered when defining the scope of credentials assigned to them. In particular, assigning a shared key to a group of nodes may make any single constrained node a target for subverting the entire group.
- [secdir] Security directorate review of draft-iet… Ben Laurie
- Re: [secdir] Security directorate review of draft… Carsten Bormann
- Re: [secdir] Security directorate review of draft… Ben Laurie