For network layer security, two models are applicable: end-to-end
security, e.g. using IPsec transport mode, or security that is
limited to the wireless portion of the network, e.g. using a security
gateway and IPsec tunnel mode. The disadvantage of the latter is the
larger header size, which is significant at the 6lowpan frame MTUs.
To simplify
I am not in favor of security gateway, but if we do, it will not
necessarily increase the
packet overhead of lowpan becuase I assume the security gateway will be
at the edge
of the lowpan network - right ?
If we implement IPSec tunnel mode - in lowpan then there is a
significant overhead which
is not desirtable. Should we even consider IPSec tunnel mode within the
6lowpan network? Or does the above mean that the IPSec tunnel at the
security gateway?
In conjunction with IPSec, we also need to mention that 6lowpan will
need to choose an
appropriate key-management scheme applicable for 6lowpan characteristics.
Sorry, I don't have a replacement text prepared to provide right away.
Regards,
-Samita
6lowpan implementations, it would be beneficial to identify a
preferred set of ciphersuites that are appropriate given the 6lowpan
constraints.
_______________________________________________
6lowpan mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/6lowpan
_______________________________________________
6lowpan mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/6lowpan
