Actually LLCs for PANA in 802.15.9 section D.2 can be link-layer keys that are independent of pair-wise key established between JN and JCE. In this case, we might need a key confirmation protocol (such as MLE 3-way handshake ) used as an 802.15.9 KMP between JN and JA.
Yoshihiro Ohba -----Original Message----- From: 6tisch [mailto:[email protected]] On Behalf Of Tero Kivinen Sent: Monday, November 09, 2015 9:06 AM To: [email protected] Cc: Malisa Vucinic; Michael Richardson; [email protected]; Rafa Marin Lopez Subject: Re: [6tisch] Directions on the join process Robert Cragie writes: > provide the secure session with which to transport the data. So I > think Tero has this wrong - PANA definitely can be used to distribute > keys and be used for rekeying, however I mean this independent of the > pairwise key established as part of the authentication between JN and JCE. That might be true for general case, but in the 802.15.9 annex D says: D.2 Use Cases The main use of PANA in 802.15.9 is for provisioning the link-layer credentials (LLCs) to the joining node, where the LLCs can be of any type including shared key and public key credentials. LLCs are used for secure link establishment between adjacent 802.15.9-capable nodes. The process of provisioning the LLCs is also referred to as bootstrapping. Bootstrapping can also be used for renewing the LLCs. A KMP used for bootstrapping is referred to as a bootstrapping KMP. A KMP used to secure link establishment is referred to as a link-establishment KMP. While PANA can be used for both bootstrapping and link-establishment, this document provides the guidelines for the use of PANA as a bootstrapping KMP. I.e. for some reason 802.15.9 annex was written in a way where it only describes how it is used as a bootstrapping KMP. And no, I do not know why it was written that way. -- [email protected] _______________________________________________ 6tisch mailing list [email protected] https://www.ietf.org/mailman/listinfo/6tisch _______________________________________________ 6tisch mailing list [email protected] https://www.ietf.org/mailman/listinfo/6tisch
