Mališa Vučinić <[email protected]> wrote: > Michael,
> With class 100, I was referring to the (common) 3 most significant bits
> in AF43, AF42 (and AF41) values.
Ah, okay. Got it.
I think you studied RFC2597 harder than I did :-)
> If I can summarize, by tagging join request with AF43 and join response
> with AF42, we achieve that:
> (1) join requests do not trigger cell allocation
> (2) join responses may trigger cell allocation
> (3) join responses have priority in nodes’ buffers over join requests
I agree with your summary.
> - Any particular reason why you chose class 100 i.e. (AF43 and AF42)
> and not any other class from RFC2597?
I believed at the time that AF1x would have priority over AF2x, etc.
but that's not the correct.
> - What should the zero-touch traffic be tagged with? Zero-touch traffic
> refers to *all* packets exchanged *before* minimal-security is
> executed. Having (3) for zero-touch does not seem to make much sense
> since both upwards and downwards packets could be induced by an
> attack. With that, I don’t see the need of differentiating between
> upward and downward. Should it all be tagged with AF43?
So, some of the zero-touch response traffic can be induced by an attacker,
but there is a point where the JRC knows that the node is legitimate, and it
can switch from AF43 to AF42. That point is just prior to the transfer of
the voucher, which is a ~100 byte object from JRC to pledge.
--
Michael Richardson <[email protected]>, Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ 6tisch mailing list [email protected] https://www.ietf.org/mailman/listinfo/6tisch
