Meeting : IETF105 Thursday July 25th, 2019 Venue : Fairmont The Queen Elizabeth Montreal Time : 17:40 to 19:10, during Afternoon session III (90 minutes) Location : https://datatracker.ietf.org/meeting/105/floor-plan?room=duluth#2nd-floor Chairs : Pascal Thubert pthubert@cisco.com Mališa Vučinić malisa.vucinic@inria.fr Thomas Watteyne thomas.watteyne@inria.fr (remote) Responsible AD : Suresh Krishnan Live minutes : https://etherpad.ietf.org/p/notes-ietf-105-6tisch Live feeds : https://datatracker.ietf.org/meeting/agenda/ Other URLs : https://tools.ietf.org/wg/6tisch/ : https://datatracker.ietf.org/wg/6tisch/ : https://www.ietf.org/mailman/listinfo/6tisch : https://bitbucket.org/6tisch 17:40 Intro and Status (Chairs) [10mn] * Note-Well, Blue Sheets, Scribes, Agenda Bashing * Status Documents * Status 6lo / ROLL * Milestones * Action Plan 17:50 Architecture * draft-ietf-6tisch-architecture (Pascal Thubert) [10mn] 18:00 Minimal Security * draft-ietf-6tisch-minimal-security (Malisa Vucinic) [30mn] 18:30 Michael's drafts (Michael Richardson) * draft-ietf-6tisch-dtsecurity-zerotouch-join [ 5mn] * draft-ietf-6tisch-enrollment-enhanced-beacon [ 5mn] 18:40 Dynamic Scheduling * draft-ietf-6tisch-msf (Yasuyuki Tanaka) [10mn] * draft-tiloca-6tisch-robust-scheduling (Marco Tiloca) [10mn] Any Other Business (Chairs) [ QS ] Volunteers ========== * notetaker 1: **Yasuyuki Tanaka** * notetaker 2: **Dominique Barthel** Action items ============ * ask Pat Kinney about feature in IEEE to support ... Summary ======= (This summary is also posted in the INT area wiki, https://trac.ietf.org/trac/int/wiki/IETF105 6TiSCH met for 90 minutes at PM3 on Thursday. A status was made that indicates that all work items are complete or reaching completion. The WG meeting covered 6 drafts: * `draft-ietf-6tisch-architecture` has completed the telechat review cycle and is ready for the RFC Editor phase. * `draft-ietf-6tisch-minimal-security` was submitted for publication. New work happened to avoid attacks against ASN. * `draft-ietf-6tisch-msf` Authors fixed comments, 2 discussion items remaining and then will be ready for WGLC by fall. * `draft-tiloca-6tisch-robust-scheduling` was presented again. Raised a large interest but is mostly IEEE work, just needs a change in minimal security to carry an additional key. We need to contact IEEE and assess interest on thier side * An update of `draft-ietf-6tisch-dtsecurity-zerotouch-join` was presented by Michael Richardson. Most of the work is now taking place in a normative reference `draft-ietf-anima-constrained-voucher`. The work would easily be transferred should the WG conclude. * Michael Richardson also presented `draft-ietf-6tisch-enrollment-enhanced-beacon`. The draft is ready. WGLC will be issued. The WG will meet again in Singapore to conclude work on MSF. At this time, we plan to conclude. Depending on the discussions at RAW, it is also possible to recharter for Track Provisioning describing flows and data models that describe the setting of a the state in intermediate nodes, and teh G-MPLS-like operation of forwarding based on cells. Minutes ======= * [17:42, expected 17.40] Meeting starts * Note well is shown. * Agenda. Some time allocated to technical presentation of security. * TODO: Link to etherpad in the slides and in the agenda needs to be corrected (https://etherpad.ietf.org/p/notes-ietf-105-6tisch) * Marco's presentation moved to the end of the session. * Pascal presents progress of drafts. Question about informational vs. standard track, creating a DownRef. Suresh'es opnion sought. * many milestones are green (achieved). Recently added enhanced beacon. * WG will have completed its job by Singapore. Either close WG or work on GMPLS scheduling. * new work at some time thought to potentially go to ROLL, but Pascal now beleives best to carry on within 6TiSCH. * [17:49] draft-ietf-6tisch-architecture (**Pascal Thubert**) * Architecture draft passed all IESG reviews. Soon in RFC Editor queue. * security section much updated during IESG review. * (no comments; no questions) * [17:51] draft-ietf-6tisch-minimal-security (**Malisa Vucinic**) * presnets the updates to the draft since Prague as well as recent discussions on the ML * recent issue popped-up: Join Request replay attack * describes the situation (JRC failure, looses some state) and the solution: * JRC detects nonce re-use, responds with 4.01 and new kid_context, which triggers the pledge sending a new Join Request. * Situation described by Christiam Amsuess on ML. Solution is Unsupported param response from pledge to JRC. * Randy Turner: question on the scenario in slide-3 * Michael Richardson: describes real world situation where this could happen. * Tero: since network went away, all nodes will restart anyway. * MCR: and this makes sure everything continues. * Malisa: not quite. if JRC lost all the states, ... * MCR: * Tero: (when JRC is co-located at coordinator) time coordinator will probably go away as well, all nodes will lose connectivity and drop out of the network. * Now to the latest discussion on ML, two issues open. * Background info on 15.4 L3 nonce. Build with ASN and address (either EUI-64 or build with short address). * If ASN is reused, nonce is reused. * Pledge selects one of advertising nodes, sends Join Request using ASN it heard with no way of verifying it. * Scenario is attacker sends EB with old ASM, pledge sends JR including old ASN. After Join process, pledge's time is offset, nonce could be a reuse. * Proposed solution involves cross layer operation: authenticate Join Response at Layer 2. Pledge validates authenticity with key received in same message. * This needs to operate in promiscuous mode. * Tero: 15.4 next year will have "frame received, key unknown" signal to upper layer. Currently, looks like as nothing received; if you don't have a key for a protected frame, you don't process the frame. * Pascal: could also solve problem at Join Proxy's (add an option with ... ), to avoid bouncing the packet back and forth between layers. * Malisa: would be possible, but should use different keys. * Tero: upper layer does not know what the ASN is going to be used to protect a sending frame. * Malisa: agree. * still problem: Join Response Frame is unicast, needs an Ack. No time given the computation needed. Propose Enheanced-ACK. * Tero: .. retransission ... * Pascal: now sure instead of guessing * comment by Tero that CCM* security proof don't apply to TSCH mode. Proof of CCM does apply with restriction to fixed-length auth tags. * Suresh: make these changes whenever you can, I will review next week * [18:25] draft-ietf-6tisch-dtsecurity-zerotouch-join (**Michael Richardson**) * no slides. * new rev of draft, shorter because lot of text in other docs. BREWSKI doc at IESG review. * DTLS removed as well, can be debated. * Text that was in -minimal-security also removed. * test is no longer redundant. * Pascal: what's the future of this doc? * MCR: goal is to make the other docs this one depends on, through. * EDHOC in LAKE would allow to advance. * Pascal: if 6TiSCH shuts down, this draft would be the last work to be completed. Could get help. * MCR: content of this doc not specific to 6TiSCH anymore. Anything specific went into -minimal. * [18:30] draft-ietf-6tisch-enrollment-enhanced-beacon (**Michael Richardson**) * explains the problem: which network to join? Spending time for a network that is not going to accept you is a bad idea. * applies to the Joining node, but also to the sleepy nodes who have the keys but want to rejoin. * This EB solves the problem. * Pascal reviewed, all comments taken care of. * Ready for WGLC. * Pascal: will check. Expect to see the WGLC soon. * [18:35] draft-ietf-6tisch-msf (**Yasuyuki Tanaka**) * Yatch presenting on behalf of the authors. Slides prepared by Tengfei. * Changes since 104. * First main change is use of Autonomous Cells. Two new cells types: AutoTxCells and AutoRxCells. * cell computed based on neighbor MAC address. * Second major change is allocation of dedicated Rx cell to parent (in addition to Tx cell). * Pascal: depends on type of network. For very large meshes, thousands of nodes, all synchronised, high chances of cell collisions. Before using this cell, do CCA to assert it's free. Currently only reactive, after collision. This may involve a bit more resource, but beneficial in these case. * Tero: 15.4 only listens for frames sent to you. Could use promiscuous, or send a broadcast, listen for ACK. * Pascal: if we want to do sort of CCA, request to MLME to provide something. * Tero: CCA is done before the frame is sent. Would need to do CCA out of synch (irregular offset). * Pascal: let's take this to the mailing list. We have a need. * Tengfei (remote): as Tero said, CCA will not work. Could set the cell as Rx, listen for a while, then set it as Tx to use it later. * Tengfei (remote):To perform the listening before talk, we need to kind of changing the TX to Rx cell for a while to listen frame in the air. If nothing heard, then the cell is going to change to TX cell. * msf implementation in OpenWSN and MSF for Contiki-NG is available. * Tengfei and Yatch are planning to have a little interop test to make sure draft is ready. * Pascal: please move on with the two discussion items so that we can move on. Bring them to the ML. We want to do WGLC in Fall. * [18:50] draft-tiloca-6tisch-robust-scheduling (**Marco Tiloca**) * describes the jamming scenario. Selective to one node because node schedule is repeated and therefore easily observed. * goes through the reviews and comments. * updates: Cost of computation for shuffling. Not recommend shuffling in time anymore. * MCR: looks cool, will read tomorrow and comment. * Permutation keys in CoJP Join Response. * When to switch permutation keys? Signal? Discussion going on on the ML. Could be in an EB. * Conclusion: one open point remaining. WG adoption? * Pascal: adoption is for the chairs to call. Depends on whether WG continues or folds down. * Pascal: question to Tero, ... * Tero: this should be done at the MAC, upper layer does not know, can't coordinate. * Tero: in pure sw implementation, you could do it. * Pascal: should we propose this to IEEE? * Tero: could be new mode of TSCH. Need a PAR, justify for a wide market that justifies for it. * Tero: Pat Kinney is the right person to ask. * [expected 19:02] meeting is dismissed