[solace] Notes from the SOLACE ad-hoc at IETF85
Carsten Bormann <cabo@tzi.org> Sun, 04 November 2012 21:52 UTC
Return-Path: <cabo@tzi.org>
X-Original-To: solace@ietfa.amsl.com
Delivered-To: solace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18E9D21F8667 for <solace@ietfa.amsl.com>; Sun, 4 Nov 2012 13:52:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.249
X-Spam-Level:
X-Spam-Status: No, score=-106.249 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cw4oW2irnj-O for <solace@ietfa.amsl.com>; Sun, 4 Nov 2012 13:52:15 -0800 (PST)
Received: from informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) by ietfa.amsl.com (Postfix) with ESMTP id EF24421F85FD for <solace@ietf.org>; Sun, 4 Nov 2012 13:52:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de
Received: from smtp-fb3.informatik.uni-bremen.de (smtp-fb3.informatik.uni-bremen.de [134.102.224.120]) by informatik.uni-bremen.de (8.14.3/8.14.3) with ESMTP id qA4Lq6Nf009837 for <solace@ietf.org>; Sun, 4 Nov 2012 22:52:06 +0100 (CET)
Received: from dhcp-9336.meeting.ietf.org (dhcp-9336.meeting.ietf.org [130.129.11.54]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by smtp-fb3.informatik.uni-bremen.de (Postfix) with ESMTPSA id BAF5D6E4; Sun, 4 Nov 2012 22:52:05 +0100 (CET)
From: Carsten Bormann <cabo@tzi.org>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Date: Sun, 04 Nov 2012 16:52:04 -0500
To: "solace@ietf.org" <solace@ietf.org>
Message-Id: <105963F3-4106-43D4-8F63-5478B617BE36@tzi.org>
Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\))
X-Mailer: Apple Mail (2.1499)
Subject: [solace] Notes from the SOLACE ad-hoc at IETF85
X-BeenThere: solace@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "\"Smart Object Lifecycle Architecture for Constrained Environments\" discussion list" <solace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/solace>, <mailto:solace-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/solace>
List-Post: <mailto:solace@ietf.org>
List-Help: <mailto:solace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/solace>, <mailto:solace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 04 Nov 2012 21:52:16 -0000
Sunday 2012-11-04 15:10-16:10 Salon E Attendance: Behcet Sarikaya Carsten Bormann Jürgen Schönwälder Kerry Lynn Mehmet Ersue Paul Chilton Ulrich Herberg Yoshihiro Ohba This was an informal meeting that was intended to move forward our common understanding of what the SOLACE activity is going to be. Carsten went quickly through the slides from the Vancouver IETF (http://www.ietf.org/proceedings/84/slides/slides-84-roll-11.pdf) He stressed that the near term focus of SOLACE is soliciting contributions that provide a fleshed out view of the lifecycle, the players/roles and the security objectives of a specific scenario, together with the security protocols that can be used between specific roles to achieve these objectives. We then mainly discussed two topics: 1) What is the best home for SOLACE? One approach is to find a home in IRTF. Several participants agreed: -- this spans a couple of areas -- IRTF can work in a relatively "sheltered" way -- there may less of a need to go through an excruciating chartering process before we really understand the specific shape of the result that we can achieve Other participants pointed out: -- an IETF activity may be more focused on directly usable results -- there are specific gaps such as the OLSRv2 security model that need input soon -- there might even be a new M2M area in the IETF Clearly, there wasn't consensus yet, but some more people leaned towards the IRTF approach. This requires further discussion. Ulrich, Yoshihiro, and Carsten volunteered for working on a potential charter for a new group. 2) What are the specific questions we want to ask for the contributions? Questions that we would like to see covered in the contributions (in no particular order): -- What are the specific roles in this scenario? Groups of nodes may differ in their trust relationships, in their role in running the lifecycle, in their security domain, in their constrainedness, ... (e.g., in SEP2 a "meter" appears to be a very special role, having a trusted relationship to the backend, ...) -- what is the topology between these roles? (This may include both a security-focused point of view and a view based on physical, link-layer or network layer topology) -- What is the trust model? Specifically, what is the chain of trust needed for the system to operate, how do the different roles relate to the trust model; are there classes of trust based on some specific property (such as "inside"/"outside" something)? -- Is there anything done to secure group communications (multicast/broadcast)? -- What are the elements of your lifecycle? Do you handle events like an entire building changing hands? -- How does your security really work, which security protocols are being used? -- What gaps are there? Where do we need additional specifications? -- Constrainedness? What are the resource requirements on the specific roles? What groups of nodes are there? We should try to obtain contributions at least from the following groups/for the following scenarios: -- SEP2 (may need to be fleshed out wrt key management) -- A simple home scenario that can be realized with PSKs -- Cullen's Mothership scenario -- ETSI M2M, maybe related to the EAP/PANA I-D and ETSI GBA -- MANET scenarios such as that addressed by OLSRv2 -- AMI networking Besides the I-Ds already identified, Kerry also has co-authored an interesting NIST paper that he will provide a reference to. At the SAAG meeting Thu 1510-1710, we have a short presentation slot. We should try to narrow down the set of choices so we can present something coherent to SAAG. The intention is providing a heads-up of the activity, and make it clear that this activity is not trying to threaten any specific security area work but tries to benefit as much as possible from existing results. Please send corrections and additions to these notes to the list. Grüße, Carsten
- Re: [solace] Notes from the SOLACE ad-hoc at IETF… Juergen Schoenwaelder
- [solace] Notes from the SOLACE ad-hoc at IETF85 Carsten Bormann
- Re: [solace] Notes from the SOLACE ad-hoc at IETF… Keoh, Sye Loong
- Re: [solace] Notes from the SOLACE ad-hoc at IETF… Carsten Bormann
- Re: [solace] Notes from the SOLACE ad-hoc at IETF… Ulrich Herberg
- Re: [solace] Notes from the SOLACE ad-hoc at IETF… Carsten Bormann
- Re: [solace] Notes from the SOLACE ad-hoc at IETF… Keoh, Sye Loong
- Re: [solace] Notes from the SOLACE ad-hoc at IETF… Michael Richardson
- Re: [solace] Notes from the SOLACE ad-hoc at IETF… Eggert, Lars
- Re: [solace] Notes from the SOLACE ad-hoc at IETF… Ersue, Mehmet (NSN - DE/Munich)
- Re: [solace] Notes from the SOLACE ad-hoc at IETF… Carsten Bormann
- Re: [solace] Notes from the SOLACE ad-hoc at IETF… Carsten Bormann
- Re: [solace] Notes from the SOLACE ad-hoc at IETF… Carsten Bormann