Early Review of draft-ietf-roll-enrollment-priority-10
review-ietf-roll-enrollment-priority-10-secdir-early-shekh-yusef-2024-01-29-00
| Request | Review of | draft-ietf-roll-enrollment-priority-10 |
|---|---|---|
| Requested revision | 10 (document currently at 15) | |
| Type | Early Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2024-02-09 | |
| Requested | 2024-01-25 | |
| Requested by | Ines Robles | |
| Authors | Michael Richardson , Rahul Jadhav , Pascal Thubert , Konrad Iwanicki | |
| I-D last updated | 2026-02-20 (Latest revision 2026-01-24) | |
| Completed reviews |
Rtgdir Early review of -10
by Ron Bonica
(diff)
Secdir Early review of -10 by Rifaat Shekh-Yusef (diff) |
|
| Comments |
Hello, We kindly request a review of this Draft from the perspectives of both the Routing Directorate and the Security Directorate. Many thanks, Ines and Dominique |
|
| Assignment | Reviewer | Rifaat Shekh-Yusef |
| State | Completed | |
| Request | Early review on draft-ietf-roll-enrollment-priority by Security Area Directorate Assigned | |
| Posted at | https://mailarchive.ietf.org/arch/msg/secdir/KcWJIYxxvDz9GDjeXhx2Q21xYsE | |
| Reviewed revision | 10 (document currently at 15) | |
| Result | Has issues | |
| Completed | 2024-01-29 |
review-ietf-roll-enrollment-priority-10-secdir-early-shekh-yusef-2024-01-29-00
The following is a quote from the Security Consideration section of the draft: "The use of layer-2 or layer-3 security for RPL control messages prevents the two aforementioned attacks, by preventing malicious nodes from becoming part of the control plane." The following quote is from RFC7416, section 7.1.2: "A number of deployments, such as [ZigBeeIP] specify no Layer 3 (L3) / RPL encryption or authentication and rely upon similar security at Layer 2 (L2). These networks are immune to outside wiretapping attacks but are vulnerable to passive (and active) routing attacks through compromises of nodes (see Section 8.2)." The draft seems to suggest layer-2 security might be sufficient protection, while RFC7416 seems to suggest that solely relying on layer-2 might not be enough. RFC7416, section 8.2 states: "RPL provides for asymmetric authentication at L3 of the RPL Control Message carrying the DIO, and this may be warranted in some deployments." I feel that this should be discussed here to make it clear that in some deployments, layer-2 by itself might not be sufficient and the use of asymmetric authentication at L3 might be required.