Minutes IETF105: 6tisch
IPv6 over the TSCH mode of IEEE 802.15.4e
||Minutes IETF105: 6tisch
Meeting : IETF105 Thursday July 25th, 2019
Venue : Fairmont The Queen Elizabeth Montreal
Time : 17:40 to 19:10, during Afternoon session III (90 minutes)
Chairs : Pascal Thubert email@example.com
Mališa Vučinić firstname.lastname@example.org
Thomas Watteyne email@example.com (remote)
Responsible AD : Suresh Krishnan
Live minutes : https://etherpad.ietf.org/p/notes-ietf-105-6tisch
Live feeds : https://datatracker.ietf.org/meeting/agenda/
Other URLs : https://tools.ietf.org/wg/6tisch/
17:40 Intro and Status (Chairs) [10mn]
* Note-Well, Blue Sheets, Scribes, Agenda Bashing
* Status Documents
* Status 6lo / ROLL
* Action Plan
* draft-ietf-6tisch-architecture (Pascal Thubert) [10mn]
18:00 Minimal Security
* draft-ietf-6tisch-minimal-security (Malisa Vucinic) [30mn]
18:30 Michael's drafts (Michael Richardson)
* draft-ietf-6tisch-dtsecurity-zerotouch-join [ 5mn]
* draft-ietf-6tisch-enrollment-enhanced-beacon [ 5mn]
18:40 Dynamic Scheduling
* draft-ietf-6tisch-msf (Yasuyuki Tanaka) [10mn]
* draft-tiloca-6tisch-robust-scheduling (Marco Tiloca) [10mn]
Any Other Business (Chairs) [ QS ]
* notetaker 1: **Yasuyuki Tanaka**
* notetaker 2: **Dominique Barthel**
* ask Pat Kinney about feature in IEEE to support ...
(This summary is also posted in the INT area wiki,
6TiSCH met for 90 minutes at PM3 on Thursday. A status was made that indicates
that all work items are complete or reaching completion.
The WG meeting covered 6 drafts:
* `draft-ietf-6tisch-architecture` has completed the telechat review cycle and
is ready for the RFC Editor phase. * `draft-ietf-6tisch-minimal-security` was
submitted for publication. New work happened to avoid attacks against ASN. *
`draft-ietf-6tisch-msf` Authors fixed comments, 2 discussion items remaining
and then will be ready for WGLC by fall. *
`draft-tiloca-6tisch-robust-scheduling` was presented again. Raised a large
interest but is mostly IEEE work, just needs a change in minimal security to
carry an additional key. We need to contact IEEE and assess interest on thier
side * An update of `draft-ietf-6tisch-dtsecurity-zerotouch-join` was presented
by Michael Richardson. Most of the work is now taking place in a normative
reference `draft-ietf-anima-constrained-voucher`. The work would easily be
transferred should the WG conclude. * Michael Richardson also presented
`draft-ietf-6tisch-enrollment-enhanced-beacon`. The draft is ready. WGLC will
The WG will meet again in Singapore to conclude work on MSF. At this time, we
plan to conclude. Depending on the discussions at RAW, it is also possible to
recharter for Track Provisioning describing flows and data models that describe
the setting of a the state in intermediate nodes, and teh G-MPLS-like operation
of forwarding based on cells.
* [17:42, expected 17.40] Meeting starts
* Note well is shown.
* Agenda. Some time allocated to technical presentation of security.
* TODO: Link to etherpad in the slides and in the agenda needs to be
corrected (https://etherpad.ietf.org/p/notes-ietf-105-6tisch) * Marco's
presentation moved to the end of the session. * Pascal presents progress of
drafts. Question about informational vs. standard track, creating a
DownRef. Suresh'es opnion sought. * many milestones are green (achieved).
Recently added enhanced beacon. * WG will have completed its job by
Singapore. Either close WG or work on GMPLS scheduling. * new work at some
time thought to potentially go to ROLL, but Pascal now beleives best to
carry on within 6TiSCH.
* [17:49] draft-ietf-6tisch-architecture (**Pascal Thubert**)
* Architecture draft passed all IESG reviews. Soon in RFC Editor queue.
* security section much updated during IESG review.
* (no comments; no questions)
* [17:51] draft-ietf-6tisch-minimal-security (**Malisa Vucinic**)
* presnets the updates to the draft since Prague as well as recent
discussions on the ML * recent issue popped-up: Join Request replay attack
* describes the situation (JRC failure, looses some state) and the
solution: * JRC detects nonce re-use, responds with 4.01 and new
kid_context, which triggers the pledge sending a new Join Request. *
Situation described by Christiam Amsuess on ML. Solution is Unsupported
param response from pledge to JRC. * Randy Turner: question on the scenario
in slide-3 * Michael Richardson: describes real world situation where this
could happen. * Tero: since network went away, all nodes will restart
anyway. * MCR: and this makes sure everything continues. * Malisa: not
quite. if JRC lost all the states, ... * MCR: * Tero: (when JRC is
co-located at coordinator) time coordinator will probably go away as well,
all nodes will lose connectivity and drop out of the network. * Now to the
latest discussion on ML, two issues open. * Background info on 15.4 L3
nonce. Build with ASN and address (either EUI-64 or build with short
address). * If ASN is reused, nonce is reused. * Pledge selects one of
advertising nodes, sends Join Request using ASN it heard with no way of
verifying it. * Scenario is attacker sends EB with old ASM, pledge sends JR
including old ASN. After Join process, pledge's time is offset, nonce could
be a reuse. * Proposed solution involves cross layer operation:
authenticate Join Response at Layer 2. Pledge validates authenticity with
key received in same message. * This needs to operate in promiscuous mode.
* Tero: 15.4 next year will have "frame received, key unknown" signal to
upper layer. Currently, looks like as nothing received; if you don't have a
key for a protected frame, you don't process the frame. * Pascal: could
also solve problem at Join Proxy's (add an option with ... ), to avoid
bouncing the packet back and forth between layers. * Malisa: would be
possible, but should use different keys. * Tero: upper layer does not know
what the ASN is going to be used to protect a sending frame. * Malisa:
agree. * still problem: Join Response Frame is unicast, needs an Ack. No
time given the computation needed. Propose Enheanced-ACK. * Tero: ..
retransission ... * Pascal: now sure instead of guessing * comment by Tero
that CCM* security proof don't apply to TSCH mode. Proof of CCM does apply
with restriction to fixed-length auth tags. * Suresh: make these changes
whenever you can, I will review next week
* [18:25] draft-ietf-6tisch-dtsecurity-zerotouch-join (**Michael
* no slides.
* new rev of draft, shorter because lot of text in other docs. BREWSKI doc
at IESG review. * DTLS removed as well, can be debated. * Text that was in
-minimal-security also removed. * test is no longer redundant. * Pascal:
what's the future of this doc? * MCR: goal is to make the other docs this
one depends on, through. * EDHOC in LAKE would allow to advance. * Pascal:
if 6TiSCH shuts down, this draft would be the last work to be completed.
Could get help. * MCR: content of this doc not specific to 6TiSCH anymore.
Anything specific went into -minimal.
* [18:30] draft-ietf-6tisch-enrollment-enhanced-beacon (**Michael
* explains the problem: which network to join? Spending time for a network
that is not going to accept you is a bad idea. * applies to the Joining
node, but also to the sleepy nodes who have the keys but want to rejoin. *
This EB solves the problem. * Pascal reviewed, all comments taken care of.
* Ready for WGLC. * Pascal: will check. Expect to see the WGLC soon.
* [18:35] draft-ietf-6tisch-msf (**Yasuyuki Tanaka**)
* Yatch presenting on behalf of the authors. Slides prepared by Tengfei.
* Changes since 104.
* First main change is use of Autonomous Cells. Two new cells types:
AutoTxCells and AutoRxCells. * cell computed based on neighbor MAC address.
* Second major change is allocation of dedicated Rx cell to parent (in
addition to Tx cell). * Pascal: depends on type of network. For very large
meshes, thousands of nodes, all synchronised, high chances of cell
Before using this cell, do CCA to assert it's free. Currently only
reactive, after collision. This may involve a bit more resource, but
beneficial in these case.
* Tero: 15.4 only listens for frames sent to you. Could use promiscuous, or
send a broadcast, listen for ACK. * Pascal: if we want to do sort of CCA,
request to MLME to provide something. * Tero: CCA is done before the frame
is sent. Would need to do CCA out of synch (irregular offset). * Pascal:
let's take this to the mailing list. We have a need. * Tengfei (remote): as
Tero said, CCA will not work. Could set the cell as Rx, listen for a while,
then set it as Tx to use it later. * Tengfei (remote):To perform the
listening before talk, we need to kind of changing the TX to Rx cell for a
while to listen frame in the air. If nothing heard, then the cell is
going to change to TX cell. * msf implementation in OpenWSN and MSF for
Contiki-NG is available. * Tengfei and Yatch are planning to have a little
interop test to make sure draft is ready. * Pascal: please move on with the
two discussion items so that we can move on. Bring them to the ML. We want
to do WGLC in Fall.
* [18:50] draft-tiloca-6tisch-robust-scheduling (**Marco Tiloca**)
* describes the jamming scenario. Selective to one node because node
schedule is repeated and therefore easily observed. * goes through the
reviews and comments. * updates: Cost of computation for shuffling. Not
recommend shuffling in time anymore. * MCR: looks cool, will read tomorrow
and comment. * Permutation keys in CoJP Join Response. * When to switch
permutation keys? Signal? Discussion going on on the ML. Could be in an EB.
* Conclusion: one open point remaining. WG adoption? * Pascal: adoption is
for the chairs to call. Depends on whether WG continues or folds down. *
Pascal: question to Tero, ... * Tero: this should be done at the MAC, upper
layer does not know, can't coordinate. * Tero: in pure sw implementation,
you could do it. * Pascal: should we propose this to IEEE? * Tero: could be
new mode of TSCH. Need a PAR, justify for a wide market that justifies for
it. * Tero: Pat Kinney is the right person to ask.
* [expected 19:02] meeting is dismissed