Re: [6tisch] Updates to minimal-security-06

2018-05-24 Thread Mališa Vučinić
All, I resolved the issues we had open on minimal-security and reworked editorially the document quite heavily. Since the protocol we define is quite generic, I renamed it to "Constrained Join Protocol (CoJP)", suggested pronunciation as "cojeep". Let me know if you dislike the new name, or if

Re: [6tisch] Updates to minimal-security-06

2018-04-10 Thread Mališa Vučinić
Hi Thomas, See inline. Mališa On Mon, Mar 26, 2018 at 9:00 AM Thomas Watteyne wrote: > There are two seperated discussions going on in this thread. @Malisa, if > you agree, let's split the thread. > I have clarifying questions about both. > > *About OBSERVE* > > The

Re: [6tisch] Updates to minimal-security-06

2018-03-26 Thread peter van der Stok
Michael Richardson schreef op 2018-03-24 23:31: peter van der Stok wrote: > No semantic difference that I know. You expressed a worry about addressing > the joining node from JRC. > Not sure any more, but do you use the IP-in-IP proxy? If yes, maintaining the

Re: [6tisch] Updates to minimal-security-06

2018-03-26 Thread Thomas Watteyne
There are two seperated discussions going on in this thread. @Malisa, if you agree, let's split the thread. I have clarifying questions about both. *About OBSERVE* The issue raised is that, during the join request/response exchange between the pledge and the JRC, the JRC never learns the IPv6

Re: [6tisch] Updates to minimal-security-06

2018-03-26 Thread peter van der Stok
which I prefer to pulling in the > whole COMI machinery, as is suggested in the minimal-rekey draft. I agree, we don't need COMI, just the text about when to start using the new key. Shall I suggest some text it github? Fine with me. Peter

Re: [6tisch] Updates to minimal-security-06

2018-03-24 Thread Michael Richardson
Mališa Vučinić wrote: mcr> I think that the mechanism that was explained at: mcr>   https://tools.ietf.org/html/draft-richardson-6tisch-minimal-rekey-02# mcr> section-4 mcr> is a better workable solution.  Deploy all the new keys (it may take some mcr>

Re: [6tisch] Updates to minimal-security-06

2018-03-24 Thread Michael Richardson
peter van der Stok wrote: > No semantic difference that I know. You expressed a worry about addressing > the joining node from JRC. > Not sure any more, but do you use the IP-in-IP proxy? If yes, maintaining the > encapsulation in all following traffic seems

Re: [6tisch] Updates to minimal-security-06

2018-03-24 Thread Michael Richardson
Mališa Vučinić wrote: >> One doubt I have is how does the JRC send the Observe response to the >> joined node, when the request came over a Join Proxy. Essentially, the >> JRC needs to send the response to the global IPv6 address of the >> joined node,

Re: [6tisch] Updates to minimal-security-06

2018-03-23 Thread Mališa Vučinić
On Thu, Mar 22, 2018 at 5:39 PM Michael Richardson wrote: > > Mališa Vučinić wrote: > > in the network. Other than adding the Observe option, together with > the > > new link-layer key we also need to carry the ASN at which this key is >

Re: [6tisch] Updates to minimal-security-06

2018-03-23 Thread Mališa Vučinić
On Thu, Mar 22, 2018 at 5:42 PM peter van der Stok wrote: > > No semantic difference that I know. You expressed a worry about > addressing the joining node from JRC. > Not sure any more, but do you use the IP-in-IP proxy? If yes, > maintaining the encapsulation in all

Re: [6tisch] Updates to minimal-security-06

2018-03-22 Thread peter van der Stok
Mališa Vučinić schreef op 2018-03-22 18:15: On Thu, Mar 22, 2018 at 5:03 PM peter van der Stok wrote: One doubt I have is how does the JRC send the Observe response to the joined node, when the request came over a Join Proxy. Essentially, the JRC needs to send the

Re: [6tisch] Updates to minimal-security-06

2018-03-22 Thread Michael Richardson
Mališa Vučinić wrote: > in the network. Other than adding the Observe option, together with the > new link-layer key we also need to carry the ASN at which this key is > scheduled to be rolled out. What COSE parameter the ASN will be I disagree with this

Re: [6tisch] Updates to minimal-security-06

2018-03-22 Thread Mališa Vučinić
On Thu, Mar 22, 2018 at 5:03 PM peter van der Stok wrote: > > > One doubt I have is how does the JRC send the Observe response to the > > joined node, when the request came over a Join Proxy. Essentially, the > > JRC needs to send the response to the global IPv6 address of

Re: [6tisch] Updates to minimal-security-06

2018-03-22 Thread peter van der Stok
One doubt I have is how does the JRC send the Observe response to the joined node, when the request came over a Join Proxy. Essentially, the JRC needs to send the response to the global IPv6 address of the joined node, that it never used before, but it is able to construct it, as it knows the

[6tisch] Updates to minimal-security-06

2018-03-22 Thread Mališa Vučinić
All, We had a couple of side discussions during IETF 101 on the updates to the minimal security draft. We need to (1) support extensibility to allow future specs to add additional parameters to the join response structure, and it seems that (2) we can cover link-layer rekeying easily through the