Skip to main content

Last Call Review of draft-ietf-lwig-crypto-sensors-05

Request Review of draft-ietf-lwig-crypto-sensors
Requested revision No specific revision (document currently at 06)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2018-02-19
Requested 2018-02-05
Authors Mohit Sethi , Jari Arkko , Ari Keränen , Heidi-Maria Back
I-D last updated 2018-02-19
Completed reviews Secdir Early review of -04 by Christian Huitema (diff)
Intdir Early review of -04 by Tim Chown (diff)
Iotdir Early review of -04 by Samita Chakrabarti (diff)
Opsdir Telechat review of -05 by Éric Vyncke (diff)
Rtgdir Telechat review of -05 by Emmanuel Baccelli (diff)
Genart Last Call review of -05 by Dan Romascanu (diff)
Secdir Last Call review of -05 by Christian Huitema (diff)
Assignment Reviewer Christian Huitema
State Completed
Request Last Call review on draft-ietf-lwig-crypto-sensors by Security Area Directorate Assigned
Reviewed revision 05 (document currently at 06)
Result Ready
Completed 2018-02-19
I already reviewed the previous version of this draft. I like its practical
approach of implementations and the cost of various algorithms, and I think
that the data in the draft will be useful when discussing security approaches
for small devices. I am happy to see the feedback on privacy issues was taken
into account. The document now states clearly that "long-term static identities
makes it easy to track the devices (and their owners) when they move... (or)
across ownership changes."

I have just one small nit. I like the recommendation "to generate new
identities at appropriate times during their lifecycle.  For example, after a
factory reset or an ownership handover." I wish that it would be somehow listed
as one of the bullets in section 9, "Summary".