[secdir] Secdir review of draft-ietf-roll-applicability-home-building-01
Catherine Meadows <catherine.meadows@nrl.navy.mil> Fri, 06 December 2013 23:20 UTC
Return-Path: <catherine.meadows@nrl.navy.mil>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55FDF1ADF93; Fri, 6 Dec 2013 15:20:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZZPceIdwCIsv; Fri, 6 Dec 2013 15:20:45 -0800 (PST)
Received: from ccs.nrl.navy.mil (mx0.ccs.nrl.navy.mil [IPv6:2001:480:20:118:118::211]) by ietfa.amsl.com (Postfix) with ESMTP id 459441ADF63; Fri, 6 Dec 2013 15:20:45 -0800 (PST)
Received: from ashurbanipal.fw5540.net (fw5540.nrl.navy.mil [132.250.196.100]) by ccs.nrl.navy.mil (8.14.4/8.14.4) with ESMTP id rB6NKejv028611 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Fri, 6 Dec 2013 18:20:41 -0500
From: Catherine Meadows <catherine.meadows@nrl.navy.mil>
Content-Type: multipart/alternative; boundary="Apple-Mail=_67FB33E7-99BC-41B1-AF32-4036087030D1"
Date: Fri, 06 Dec 2013 18:22:41 -0500
Message-Id: <5174B75F-0026-4A8E-B1C4-7A094371B7BD@nrl.navy.mil>
To: secdir@ietf.org, iesg@ietf.org, draft-ietf-roll-applicability-home-building.all@tools.ietf.org
Mime-Version: 1.0 (Mac OS X Mail 7.0 \(1822\))
X-Mailer: Apple Mail (2.1822)
X-CCS-MailScanner: No viruses found.
X-CCS-MailScanner-Info: See: http://www.nrl.navy.mil/ccs/support/email
Subject: [secdir] Secdir review of draft-ietf-roll-applicability-home-building-01
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Dec 2013 23:20:48 -0000
This is a resend of my review. I had incorrectly entered the alias for the authors and it got bounced. My apologies to everyone who receives this twice. I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This ID gives recommendations on the use of the RPL protocol in building and home environments, which are characterized as relatively small networks that integrate a number of different devices, many including computers, alarm systems, light switches, remote controls ,etc. Many of the network components are resource and power-constrained. The ID characterizes the different types of networks that can arise in these environments, and gives recommendations such as which versions of the protocol to use and how to set the parameters, depending on the type of home network. For the security considerations the authors mainly refer the reader to RFC6997, RFC6550, and I-D.ietf-roll-trickle-mcast. However, there is one issue that these documents do not cover. RPL makes the assumption that all the members of the network share a key, but intentionally does not give any information as to how the key gets there. Thus this document includes a section on Security Considerations for distribution of certificates required by RPL. It explains that for RPL the credential is a shared key, and then goes on to say: Therefore, there MUST be a mechanism in place which allows secure distribution of a shared key and configuration of network identity. Both MAY be done using (i) pre-installation using an out-of-band method, (ii) delivered securely when a device is introduced into the network or (iii) delivered securely by a trusted neighboring device. The shared key MUST be stored in a secure fashion which makes it difficult to be read by an unauthorized party. An example of a method whereby this can be achieved is detailed in [SmartObj] I found the wording of this confusing. I took the “this” in the last sentence to refer to the storage of a key in a secure fashion, and wondered why it there were no references to means of achieving secure key distribution. It wasn’t until I looked at the SmartOb reference that I found that it actually was such a reference. This should be made more clear, e.g. "An example of a method whereby this secure key distribution can be achieved in detailed in [SmatObj]." I notice also that the SmartObj paper does not seem to be finished (there are several sections labeled TODO), and that it also appears to be intended as an Internet Draft. What is the status of it? Is it intended to be developed in tandem with this I-D? Also, it would be good to be more specific about what is meant by “securely” here. For example, the key must be authenticated and kept secret between its intended users, and must not be repeated (replay protection). It might also be helpful to include of a discussion as to when it is more advantageous to use link encryption or group keys. In the case that a network consists of both highly security-relevant and well-protected devices (such as alarm systems), and non-security relevant and not so well-protected devices (such as TV remotes), group keying means that either the remote must be as well-protected as the alarm system, or the entire network must be rekeyed if the remote is lost. I don’t whether or not it would be necessary to give any MUST or SHOULD recommendations, but it would be helpful to give the reader an understanding of the issues involved when making decisions about link encryption versus group keys. As far as I can see this subject is not addressed in any of the documents cited at the beginning of the security considerations. Cathy Meadows Catherine Meadows Naval Research Laboratory Code 5543 4555 Overlook Ave., S.W. Washington DC, 20375 phone: 202-767-3490 fax: 202-404-7942 email: catherine.meadows@nrl.navy.mil
- [secdir] Secdir review of draft-ietf-roll-applica… Catherine Meadows
- [secdir] Secdir review of draft-ietf-roll-applica… Catherine Meadows