1. 6tisch Avatar 6tisch
  2. specs
  3. draft-ietf-6tisch-minimal-security
  4. Issues

Nits from Göran's review

Issue #33 resolved
Mališa Vučinić created an issue

Tag: WGLC

Göran Selander wrote (https://mailarchive.ietf.org/arch/msg/6tisch/fWK4i3bs3r4VmFCkSoGzgtlWSuo):

General:

The term "role" is used in three different ways: whether node is pledge, JP or JRC; whether pledge is 6LBR or not; and whether (6LBR) pledge is CoAP client or CoAP server. Not necessarily an issue, but maybe worth reconsidering.

Hmmm... good point. Not sure how to resolve this though..

Section 8.1

OLD: "the Master Salt MUST be empty." NEW: "the Master Salt MUST be the empty byte string."

OK

OLD: the ID of the pledge MUST be set to the byte string 0x00. This identifier is used as the OSCORE Sender ID in the security context derivation, as the pledge initially plays the role of a CoAP client.

NEW: the ID of the pledge MUST be set to the byte string 0x00. This identifier is used as the OSCORE Sender ID of the pledge in the security context > derivation, as the pledge initially plays the role of a CoAP client.

OK

OLD: the ID of the JRC MUST be set to the byte string 0x4a5243 ("JRC" in ASCII). This identifier is used as the OSCORE Recipient ID in the security context derivation, as the JRC initially plays the role of a CoAP server.

NEW: the ID of the JRC MUST be set to the byte string 0x4a5243 ("JRC" in ASCII). This identifier is used as the OSCORE Recipient ID of the pledge in the security context derivation, as the JRC initially plays the role of a CoAP server.

OK

Section 8.1.1

OLD: detailed in Section 6.5.1 of [I-D.ietf-core-object-security]

NEW: detailed in Section 7.5.1 of [I-D.ietf-core-object-security]

OK

Section 9.1.1

"The OSCORE security context used is the one derived in Section 8.1. The OSCORE kid context is set to the ID context, which in turn is set to the pledge identifier. The OSCORE kid context allows the JRC to retrieve the security context for a given pledge."

Aestethical remark: The middle sentence is redundant. The purpose of the COSE parameter 'kid context' is used to transport the ID Context, and Section 8.1 specifies that "the ID Context MUST be set to the pledge identifier”. (You may want to keep it for clarification though.)

OK, see above the text on not transporting kid context to save bytes.

Comments (5)

  6. Log in to comment
Assignee
Type
enhancement
Priority
trivial
Status
resolved
Votes
0
Watchers
1
Jira: the preferred issue tracker for Bitbucket. Join the team!