[secdir] Secdir review of draft-ietf-roll-p2p-measurement-09.txt
Alexey Melnikov <alexey.melnikov@isode.com> Wed, 06 February 2013 10:23 UTC
Return-Path: <alexey.melnikov@isode.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B1BF021F8793; Wed, 6 Feb 2013 02:23:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id shBDp9H3n+uI; Wed, 6 Feb 2013 02:23:36 -0800 (PST)
Received: from statler.isode.com (statler.isode.com [62.3.217.254]) by ietfa.amsl.com (Postfix) with ESMTP id 8D77221F8715; Wed, 6 Feb 2013 02:23:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1360146214; d=isode.com; s=selector; i=@isode.com; bh=ich5xI+lhgY3fBwK53gL37vdF4o/RUffwBdPGrbpa8s=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=D7768oi+stXmaCxgRj4QQOrk+6AlnZUAvh/ZVPJmGJMmc1UXvJ6DQQRa1hfUYNRxhwhpH+ wxHObjzZzss1DjKfZDrqte0XlVzwl19gjmw0AhH5dRllFPoPBpYrpZXWVqqRvWX1C+jO/w 7PaQ86H7eNNHGSoQt5/YZFs3Pj8YIxk=;
Received: from [172.16.1.29] (shiny.isode.com [62.3.217.250]) by statler.isode.com (submission channel) via TCP with ESMTPA id <URIvJAAYIVVf@statler.isode.com>; Wed, 6 Feb 2013 10:23:34 +0000
Message-ID: <51122F5E.4060804@isode.com>
Date: Wed, 06 Feb 2013 10:24:30 +0000
From: Alexey Melnikov <alexey.melnikov@isode.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:13.0) Gecko/20120614 Thunderbird/13.0.1
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-roll-p2p-measurement.all@tools.ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: [secdir] Secdir review of draft-ietf-roll-p2p-measurement-09.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Feb 2013 10:23:37 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document specifies a mechanism that enables an RPL router [RFC6550] to measure the aggregated values of given routing metrics along an existing route towards another RPL router, thereby allowing the router to decide if it wants to initiate the discovery of a better route. The Security Considerations section talks about compromised routers causing CPU overload in the routers in the network, draining their batteries and causing traffic congestion in the network. It also talks about using this extension to discover topological features of the LLN (such as the identity of the key routers in the topology) or the remaining energy levels [RFC6551] in the routers in order to attack LLN. It points to use of Secure Measurement Object as a way to provide authorization for performing such discovery operation. This looks adequate to me.
- [secdir] Secdir review of draft-ietf-roll-p2p-mea… Alexey Melnikov