From: Carsten Bormann <[email protected]>
Date: Tue, 9 Jun 2009 23:06:17 +0200
On Jun 9, 2009, at 22:21, Richard Kelsey wrote:
> I've got one word for you: counterfeiting.
>
> I'm sorry, I don't follow you. What kind of counterfeiting
> does the whiteboard detect? I would think that would
> require security mechanisms beyond those mentioned in the ND
> draft, e.g. certificates of some kind.
This is not about security.
Let's say Vendor E smoke detectors become really popular, and every US
household wants one.
So some black-hat operation in some country starts to build cheap
counterfeits.
These would be commissioned somewhere with all that a Vendor E smoke
detector needs, even a fake EUI-64 with Vendor E's OUI so the network
monitors tell you the device is a Genuine Vendor E smoke detector.
I would argue that the last part shows that this is a
security issue, in that the network monitors are accepting
unauthenticated information as gospel.
But I do agree that it isn't a security issue that 6LoWPAN
should be worried about. Manufacturers of counterfeit
devices are not going to go through the usual process of
obtaining their own, traceable, EUI64s. This increases the
odds of there being EUI64 collisions and we need to take
this into account.
Oh and all that paranoia aside, manufacturing errors have
happened and do happen. The Whiteboard does not help
much in detecting counterfeiting, but it does help in
detecting IID (and thus EUI-64) collisions.
It comes down to the tradeoff between the costs and benefits
of having a whiteboard. It isn't clear to me that the
benefits so outweight the costs that 6LoWPAN ND should
require a whiteboard, especially if only EUI64 are being
used.
-Richard Kelsey
_______________________________________________
6lowpan mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/6lowpan
