On Wed, Aug 21, 2019 at 08:18:03AM +0000, Pascal Thubert (pthubert) wrote: > Hello Michael > > I agree that the details of how it is done in practice belong to minimal > security. > My expectation would be that we discuss times when it is appropriate to > rekey, and what it takes to do that. > > Out of my hat (but please come back with cases that I missed) I can see that: > > - we need to rekey to expel undesired nodes. > - we need to rekey if a short address is reassigned to avoid nonce-replay > attacks with an ASN in the past > - the ASN-based nonce never wraps in practice, but should we reset ASN -or > allow it to go back in time - for whatever reason, we'd need to rekey as well. > - based on Mirja's comment - seconded by Benjamin - minimal security should > be a normative reference since it expands on the security considerations > > I think it does not hurt to have a word on that in the architecture, even if > more details are found in minimal security
That basically matches up with what I was thinking. (And thanks to those who pointed out 802.15.9; I had forgotten that was an option, albeit not necessarily a good one for all cases.) -Ben _______________________________________________ 6tisch mailing list [email protected] https://www.ietf.org/mailman/listinfo/6tisch
