Early Review of draft-ietf-roll-enrollment-priority-10
review-ietf-roll-enrollment-priority-10-secdir-early-shekh-yusef-2024-01-29-00
Request | Review of | draft-ietf-roll-enrollment-priority-10 |
---|---|---|
Requested revision | 10 (document currently at 10) | |
Type | Early Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2024-02-09 | |
Requested | 2024-01-25 | |
Requested by | Ines Robles | |
Authors | Michael Richardson , Rahul Jadhav , Pascal Thubert , Huimin She , Konrad Iwanicki | |
I-D last updated | 2024-01-29 | |
Completed reviews |
Rtgdir Early review of -10
by Ron Bonica
Secdir Early review of -10 by Rifaat Shekh-Yusef |
|
Comments |
Hello, We kindly request a review of this Draft from the perspectives of both the Routing Directorate and the Security Directorate. Many thanks, Ines and Dominique |
|
Assignment | Reviewer | Rifaat Shekh-Yusef |
State | Completed | |
Request | Early review on draft-ietf-roll-enrollment-priority by Security Area Directorate Assigned | |
Posted at | https://mailarchive.ietf.org/arch/msg/secdir/KcWJIYxxvDz9GDjeXhx2Q21xYsE | |
Reviewed revision | 10 | |
Result | Has issues | |
Completed | 2024-01-29 |
review-ietf-roll-enrollment-priority-10-secdir-early-shekh-yusef-2024-01-29-00
The following is a quote from the Security Consideration section of the draft: "The use of layer-2 or layer-3 security for RPL control messages prevents the two aforementioned attacks, by preventing malicious nodes from becoming part of the control plane." The following quote is from RFC7416, section 7.1.2: "A number of deployments, such as [ZigBeeIP] specify no Layer 3 (L3) / RPL encryption or authentication and rely upon similar security at Layer 2 (L2). These networks are immune to outside wiretapping attacks but are vulnerable to passive (and active) routing attacks through compromises of nodes (see Section 8.2)." The draft seems to suggest layer-2 security might be sufficient protection, while RFC7416 seems to suggest that solely relying on layer-2 might not be enough. RFC7416, section 8.2 states: "RPL provides for asymmetric authentication at L3 of the RPL Control Message carrying the DIO, and this may be warranted in some deployments." I feel that this should be discussed here to make it clear that in some deployments, layer-2 by itself might not be sufficient and the use of asymmetric authentication at L3 might be required.