Telechat Review of draft-ietf-lwig-crypto-sensors-05
review-ietf-lwig-crypto-sensors-05-opsdir-telechat-vyncke-2018-02-16-00

Request Review of draft-ietf-lwig-crypto-sensors
Requested rev. no specific revision (document currently at 06)
Type Telechat Review
Team Ops Directorate (opsdir)
Deadline 2018-02-20
Requested 2018-02-05
Draft last updated 2018-02-16
Completed reviews Secdir Early review of -04 by Christian Huitema (diff)
Intdir Early review of -04 by Tim Chown (diff)
Iotdir Early review of -04 by Samita Chakrabarti (diff)
Opsdir Telechat review of -05 by Éric Vyncke (diff)
Rtgdir Telechat review of -05 by Emmanuel Baccelli (diff)
Genart Last Call review of -05 by Dan Romascanu (diff)
Secdir Last Call review of -05 by Christian Huitema (diff)
Assignment Reviewer Éric Vyncke
State Completed
Review review-ietf-lwig-crypto-sensors-05-opsdir-telechat-vyncke-2018-02-16
Reviewed rev. 05 (document currently at 06)
Review result Has Issues
Review completed: 2018-02-16

Review
review-ietf-lwig-crypto-sensors-05-opsdir-telechat-vyncke-2018-02-16

Reviewer: Eric Vyncke
Review result: ok minor issue (key renewal)

I have been asked to review draft-ietf-lwig-crypto-sensors-05 on behalf of the Ops Directorate.

This informational draft is about the challenges associated with securing resource-constrained smart object devices (such as those using CoAP).  It describes a possible deployment model and some preliminary experiences. It is part of a set of documents (draft- arkko-core-security-arch).

The challenges section includes many operational aspects: provisioning, scalability, ... The document proposes a simple system to generate the device identity based on its public key.

The authors made some tests using 6 different crypto-libraries on Arduino 8-bit processors, this is the main part of the document. Finally, sections 7 and 8 describe a simple test application and some considerations about implementations.

So, a rather practical document.

*My only regret is that ‘key pair renewal’ is mentioned twice in the document (section 4.1 and 8.1) but without any detail... Key renewal is a big operational issue and it deserves more text or be explicitly cited as a non-goal in the abstract.*

Final note, I enjoyed reading the document

-éric