Mališa Vučinić <malis...@gmail.com> wrote: mcr> I think that the mechanism that was explained at: mcr> https://tools.ietf.org/html/draft-richardson-6tisch-minimal-rekey-02# mcr> section-4
mcr> is a better workable solution. Deploy all the new keys (it may take some mcr> days on sleep networks), and then have nodes switch when they see traffic mcr> with the new key. > Thanks, Michael, for the reminder on this document, I have to say that I forgot > about it.. IIUC, the issue you have with the mechanism I proposed is that the > JRC in some cases may not know how long it could take to deploy the keys so > that it cannot properly set the ASN. I think that's a valid concern and that it > would indeed be better if we could decouple the JRC from the inner network > specifics as much as possible. Exactly. It does not have to change significantly what you have, it just has to include the (new) keyIndex. > To do this and support rekeying with your proposal, we need to differentiate > between "start using this key" and "install the key but don't start using it > until you see it being used in the network", for 6LBR and joined nodes to > follow, respectively. We can likely do this by extending the COSE_Key map with > an additional parameter for this purpose, which I prefer to pulling in the > whole COMI machinery, as is suggested in the minimal-rekey draft. I agree, we don't need COMI, just the text about when to start using the new key. Shall I suggest some text it github? > Essentially, the process would be: > - the JRC deploys the new key(s) to all the nodes except to the 6LBR. > - nodes will install them, but keep using the old keys because the new COSE_Key > parameter is set to "install the key but don't start using it until you see it > being used in the network". I'd say that you always do this with any new key if you have no keys. I don't think we need a flag. In fact, even for the "0th key", you would start using it as soon as you see something that passes with that key, such as authenticating the Beacon that you used to find the Proxy in the first place.... > - deploy the key to the 6LBR, with the COSE_Key parameter set to "start using > now". > - once a node sees the new key being used and the replay protection and the > authenticity check at L2 passes, it removes the old keys and starts using the > new key for all outgoing traffic Yes. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | network architect [ ] m...@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
signature.asc
Description: PGP signature
_______________________________________________ 6tisch mailing list 6tisch@ietf.org https://www.ietf.org/mailman/listinfo/6tisch