Dear all: We have published 09 of AP-ND. We think it is ready for SEC-DIR review, as discussed in Bangkok at IETF 103.
Dear ADs: could you please ask help from security area to make the review happen? Note to Russ and all: Our initial work included EDCSA with a hash but Russ indicated that the rest of the IETF work uses PureEdDSA (with no hash). We followed the recommendation but René expressed concern and added text in the security section. Bottom line is that the hash prevents potential attacks. We expect SEC-Dir to provide a global recommendation that this draft and other pieces of work would align to, whether that means hash or no hash. All the best, Pascal -----Original Message----- From: [email protected] <[email protected]> Sent: jeudi 13 décembre 2018 17:37 To: Mohit Sethi <[email protected]>; Pascal Thubert (pthubert) <[email protected]>; Rene Struik <[email protected]>; Behcet Sarikaya <[email protected]> Subject: New Version Notification for draft-ietf-6lo-ap-nd-09.txt A new version of I-D, draft-ietf-6lo-ap-nd-09.txt has been successfully submitted by Pascal Thubert and posted to the IETF repository. Name: draft-ietf-6lo-ap-nd Revision: 09 Title: Address Protected Neighbor Discovery for Low-power and Lossy Networks Document date: 2018-12-13 Group: 6lo Pages: 23 URL: https://www.ietf.org/internet-drafts/draft-ietf-6lo-ap-nd-09.txt Status: https://datatracker.ietf.org/doc/draft-ietf-6lo-ap-nd/ Htmlized: https://tools.ietf.org/html/draft-ietf-6lo-ap-nd-09 Htmlized: https://datatracker.ietf.org/doc/html/draft-ietf-6lo-ap-nd Diff: https://www.ietf.org/rfcdiff?url2=draft-ietf-6lo-ap-nd-09 Abstract: This document specifies an extension to 6LoWPAN Neighbor Discovery (ND) defined in RFC6775 and updated in [I-D.ietf-6lo-rfc6775-update]. The new extension is called Address Protected Neighbor Discovery (AP- ND) and it protects the owner of an address against address theft and impersonation attacks in a low-power and lossy network (LLN). Nodes supporting this extension compute a cryptographic identifier (Crypto- ID) and use it with one or more of their Registered Addresses. The Crypto-ID identifies the owner of the Registered Address and can be used to provide proof of ownership of the Registered Addresses. Once an address is registered with the Crypto-ID and a proof-of-ownership is provided, only the owner of that address can modify the registration information, thereby enforcing Source Address Validation. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat _______________________________________________ 6lo mailing list [email protected] https://www.ietf.org/mailman/listinfo/6lo
