I am fine with the text in principle but I have a couple of final suggested changes on the text just for clarity purposes.
1) It is not entirely clear to the casual reader whether an EB only ever needs authentication or whether we are saying that is the only security treatment it will get. It is important to distinguish as the IEs are payload IEs which could indeed be encrypted but we choose not to. 2) I think the "6TiSCH minimal15" needs to be stated in an octet string form just to avoid any ambiguity with text encoding, terminating null etc. Therefore, I would suggest the following small changes. 1) Section 4 needs to revise "EBs are only authenticated and payload is not encrypted" to "EBs SHOULD be authenticated only, i.e. payload SHALL NOT be encrypted". 2) The security text would be a little clearer in my opinion as follows (it does not change the content): "This draft assumes the existence of two cryptographic keys, K1 and K2. EBs SHOULD be authenticated only, using key K1. DATA, ACKNOWLEDGEMENT, and MAC COMMAND frame types SHOULD be authenticated and encrypted using key K2. For early interoperability, K1 MAY be set to "6TiSCH minimal15" (0x36 0x54 0x69 0x53 0x43 0x48 0x20 0x6D 0x69 0x6E 0x69 0x6D 0x61 0x6C 0x31 0x35). K2 SHOULD be a randomly generated high entropy cryptographic key. Key distribution is out of scope." Notes: 1) I changed "with key" to "using key" as it is preferable language in my opinion 2) The subtle comma after "only" makes the two cases distinct: a) "authenticated only, using K1" can only be interpreted as "the EB only has authentication applied to it and K1 is used" (this is the case) b) "authenticated only using K1" could be interpreted as "the EB has authentication applied to it using K1 alone" (this is not the case) Robert On 11 May 2015 at 05:24, Xavier Vilajosana <[email protected]> wrote: > Dear all, > > after the last call we would like to close the security section in > minimal. We wrapped up all comments from the previous days and from the > meeting and here is our proposal: > > This draft assumes the existence of two cryptographic keys, K1 and > K2. EBs SHOULD be authenticated with key K1. DATA, ACKNOWLEDGEMENT, and > MAC COMMAND frame types SHOULD be authenticated and encrypted with key K2. > For early interoperability, K1 MAY be set to "6TiSCH minimal15". K2 SHOULD > be a randomly generated high entropy cryptographic key. Key distribution > is out of scope. > > I would like to encourage everybody to see if this texts covers all what > we want for minimal, and provide consensus. We need to move forward. > > kind regards, > Xavi > > _______________________________________________ > 6tisch mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/6tisch > >
_______________________________________________ 6tisch mailing list [email protected] https://www.ietf.org/mailman/listinfo/6tisch
