Hello Mališa, (reviving the old thread because interest as sparked anew at the RIOT summit, and Michael helped me see some alternatives)
my previous mails in this thread were focused around syncing time in
some different way. Maybe this is all not necessary -- as long as the
nodes themselves keep a counter which they never ever reset.
In particular, RF9030 states that "But if the nonce derives from the
short address [...] then the JRC must ensure that it never assigns short
addresses that were already given [...]. In other words, the network
must be rekeyed before the JRC runs out of short addresses." -- to me
that reads like the possibility is being considered that devices send
explicit frame counter. (For otherwise, reuse of a short address would
be fine as long as they're not assigned during the same ASN).
So before going on with questions about "how would any of this be
signaled", my question is:
* Do RFCs 9030/9031 allow that a device uses an explicit frame counter,
which it increments in its own pace?
* If yes, shouldn't there be more stern words in 9031 about allowing a
new key to be used with the same EUI-64 (considering that the device
may not get a short identifier)?
(Plus all concerns about the use of OSCORE Appendix B.2 or its
replacement KUDOS would be relaxed, because if a device can use its
own frame counter, it could use the same facilities to not lose its
OSCORE sender sequence number).
* If no, why the strict statement about rekeying before reuse of short
identifiers?
I'd be happy with either answer, but it'd shape how and whether devices
that would explicitly use their own SSNs would communicate with the JRC.
Thanks
Christian
--
To use raw power is to make yourself infinitely vulnerable to greater powers.
-- Bene Gesserit axiom
signature.asc
Description: PGP signature
_______________________________________________ 6tisch mailing list [email protected] https://www.ietf.org/mailman/listinfo/6tisch
