Our disagreement exactly, Tero. I do not think minimal is the place to define what proper security is. This is use case dependent. If we are confident that 802.15.4 can be secured at layer-2, I'm all set. We need to indicate that it is so and let people use it.
If we want to define how that is done per use case, that's a Pandora box that I do not want to open with this draft. Cheers, Pascal > -----Original Message----- > From: Tero Kivinen [mailto:[email protected]] > Sent: mardi 26 mai 2015 11:26 > To: Pascal Thubert (pthubert) > Cc: Michael Richardson; [email protected] > Subject: Re: [6tisch] Shipping minimal > > Pascal Thubert (pthubert) writes: > > We thought there was, including René. I think the problem came up with > > the proposal by Kris and that's what we have been discussing. > > This discussion has forked but the title remains; we want to ship > > minimal and the only road block is security. > > I think the minimal is missing other things too. For example it is missing the > mapping from the K1 and K2 to the actual KeyIdMode, KeySource, KeyIndex used > on the wire. > > > We want to say is that minimal does not use L3 security (e.g. the > > optional one in RPL), and that it needs proper L2 security for both > > L2 itself (e.g. for the join process) and for L3 PDUs within the LLN. > > But well-known keys do NOT provide proper L2 security. > > > Can you please verify where/if/how the current text is wrong and > > propose a fix? > > I have done that in my other emails, see for example: > > http://www.ietf.org/mail-archive/web/6tisch/current/msg03362.html > http://www.ietf.org/mail-archive/web/6tisch/current/msg03268.html > > And there were my comments to the replacement text too: > > http://www.ietf.org/mail-archive/web/6tisch/current/msg03475.html > -- > [email protected] _______________________________________________ 6tisch mailing list [email protected] https://www.ietf.org/mailman/listinfo/6tisch
