[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [manet] Security drafts

To: "'Dearlove, Christopher $UK$'" <Chris.Dearlove at baesystems.com>, "'Ulrich Herberg'" <ulrich at herberg.name>
Subject: Re: [manet] Security drafts
From: "Teco Boot" <teco at inf-net.nl>
Date: Thu, 19 Nov 2009 08:18:32 +0100
Cc: 'Rex Buddenberg' <budden at nps.navy.mil>, manet at ietf.org
Delivered-to: manet at core3.amsl.com
In-reply-to: <ABE739C5ADAC9A41ACCC72DF366B719D0275B38A at GLKMS2100.GREENLNK.NET>
List-archive: <http://www.ietf.org/mail-archive/web/manet>
List-help: <mailto:manet-request@ietf.org?subject=help>
List-id: Mobile Ad-hoc Networks <manet.ietf.org>
List-post: <mailto:manet@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/manet>, <mailto:manet-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/manet>, <mailto:manet-request@ietf.org?subject=unsubscribe>
References: <25c114b90911112143r6453c425h7386d76d1c77a0c7 at mail.gmail.com> <1258479872.17184.205.camel at localhost.localdomain> <25c114b90911171000s61af2462p5688ccfeb03fd9f3 at mail.gmail.com> <200911180745.48511.henning.rogge at fkie.fraunhofer.de> <009f01ca681d$7975bd20$6c613760$ at nl><25c114b90911180008n3055703fv9fc848205ccaac41 at mail.gmail.com> <003301ca685f$be9a1030$3bce3090$ at nl> <ABE739C5ADAC9A41ACCC72DF366B719D0275B38A at GLKMS2100.GREENLNK.NET>
Thread-index: AcpoJkdvWQbJbVKJSNK99ZmqYNAv4wANxpZQAASoW1AAHXDMIA==

>> It is all about trust. If the TC has traveled only trusted neighbors,
>> what is the problem?
>
>Is trust transitive? 

More thoughts on this, with TC in mind.
All nodes shall have synced LSDB, otherwise the network is loopy.
So all nodes shall accept or reject an invalid message.
So the neighbors of the node that corrupted the message shall
drop it on the floor. There is no olsr-sec draft yet, but I assume
such behavior written down.
Now we have some options what to do. Just drop the invalid messages?
Drop the whole packets? Invalidate the node that forwarded such 
messages, and tear down the links to such? Forever or hold-down 
period? Publish entries for revocation list?
I say the bad guy shall be isolated at least.

Now I see a benefit of signed messages. A node that is taken over
by the bad guys gang, and is transformed into an assassin, is to be 
isolated. Meanwhile, it can only cause some local damage.

Teco.

Follow-Ups:
- Re: [manet] Security drafts
  - From: Thomas Heide Clausen
- Re: [manet] Security drafts
  - From: Ulrich Herberg

References:
- [manet] Security drafts
  - From: Ulrich Herberg
- Re: [manet] Security drafts
  - From: Rex Buddenberg
- Re: [manet] Security drafts
  - From: Ulrich Herberg
- Re: [manet] Security drafts
  - From: Henning Rogge
- Re: [manet] Security drafts
  - From: Teco Boot
- Re: [manet] Security drafts
  - From: Ulrich Herberg
- Re: [manet] Security drafts
  - From: Teco Boot
- Re: [manet] Security drafts
  - From: Dearlove, Christopher (UK)

Prev by Date: Re: [manet] [6lowpan] SNMP optimizations
Next by Date: Re: [manet] Security drafts
Previous by thread: Re: [manet] Security drafts
Next by thread: Re: [manet] Security drafts
Index(es):
- Date
- Thread