Hi, I probably misread. If the goal of the document is to describe that the current upper layer security mechanism is too heavy to realize the 6lowpan security network, that is O.K. to me.
my concern at the meeting is that which mechanism we can use to realize the 6lowpan security when an application needs certain security. and the application needs inter-communication with the Internet. we have to consider any security mechanism in the upper layer of the 6lowpan. again, if the devices in the 6lowpan network need to securely communicate with the devices at the Internet, a secure layer is required upon the 6lowpan layer. ipsec could be the layer. but ipsec is not always required because there is other security layer like TLS which is most useful currently. but overhead of TLS is much bigger than ipsec. >>> http://www.ietf.org/internet-drafts/draft-daniel-6lowpan-security-analysis-02.txt >> In section 7.2: >> >>Thei fact that IPsec additionally requires another header (AH or >> ESP) >> >>in every packet, thus increasing per-packet header overhead, makes >> its >> >>use problematic in 6lowpan environments. >> I agree. Actually, ESP with AES-CCM requires additional 32 bytes. >> It is considerable. I attached my response to your analysis draft-01. >> There was an analysis of the overhead. >> >> However, the security overhead of the packet size depends on the 6lowpan >> application. It might be drastically decreased. we could define a transform which is less packet size than the transforms which had been standardized already so that the overhead of the packet could be half. but it maybe still considerable size. >> Security is highly considerable issue in the wireless area. >> I believe that what mechanism is the best depends on application. > > That's why we are now focusing on security analysis not proposing > solution itself. Can you elaborate on any examples of 6lowpan security > applications ? well, SP100 could be one of the application. but the specification assumed presence of the key management under the 6lowpan. regards, _______________________________________________ 6lowpan mailing list [email protected] https://www.ietf.org/mailman/listinfo/6lowpan
