Clone wiki

meetings / 141209_webex_security

Minutes Webex 09 December 2014, 6TiSCH Security Task Force

=== Dial-in information ===

English : New York Time 6tisch security
Tuesday, December 9, 2014 | 9:00 am Eastern Standard Time (GMT-05:00)
Meeting number:   641 709 118
Meeting password: joinjoin
Audio connection:
      1-877-668-4493 Call-in toll free number (US/Canada)
      1-650-479-3208 Call-in toll number (US/Canada)

Access code: 641 709 118
Meeting link:

The etherpad we have used is at:

=== Agenda ===

0) Agenda bashing

1) Join protocol details

    a) desired properties
    b) realizable properties

    #1a-b) focus on routing/communication flow related aspects join protocol (we discussed MAC-related join-relevant
    aspects during the conf call of Tue Dec 2, 2014, 9am EST). For slides, see (same slides as sent out
    prior to Dec 2, 2014, 9am EST call) Relevant slides: Slides 23-25 (contained in entire slide deck
    (ppt), but also in excerpt (pdf))

2) Next steps:
    a) consensus on 1#a and 1#b
        #2a): confirm consensus on MAC (as discussed last week) and routing/communication flow aspects
        #2c) {as consequence of two items above} what to squeeze into architecture draft
    b) form tiger team to work out details
        - project phases
        - communication of sub-results
    c) what to squeeze into architecture draft, etc.

=== Slides ===

=== Attending ===

  • Rene Struik
  • Guiseppe Piro
  • Michael Richardson
  • Mike Seewald
  • Pascal Thubert

=== Action item ===

  • ask Pat Kinney (whether in 2012 | to make sure that in 2015 ) we can send the Schedule IE in a data message e.g. an RA message from the JA to the KN, after the node obtained a key and sent a RS.

=== Minutes ===

  • Rene brings up Yoshi's e-mail on whether some piece of the beacon is encrypted. Can a joining node get enough information?
  • Ambiguous text in IEEE802.15.4. Rene brings up IEEE802.15.4-2012 TSCH with list of parameters. Time Slot IE is in the payload. If encrypted, a joining node will not see it.
  • Discussion about security vulnerability of exposing schedule to attacker. Pascal suggests that only enough schedule be exposed for join needs.