Hello folks,
Here is some discussion about Chris's responses. Your thoughts?
On 9/15/2015 2:57 AM, Dearlove, Christopher (UK) wrote:
A few observations on some of Victoria’s comments on Thomas’s comments.
I’m not convinced by the moreover. In some systems, maybe. In others, notAlso, will a remote device be able to learn that IP1 and IP2 really are “the- Not by using AODVv2. Moreover, for privacy reasons this is a good thing.
same device” (or even, “the same interface”)?
convinced.
I would also disagree with the original statement. At best it is sometimes true,I strongly disagree with the assertion that in emergency and disaster relief
scenarios “the ability to communicate is more important than being assured of
secure operations” — I think that that’s an unfortunate and incorrect claim to
make.
but I’m not aware of the sometimes. If we are talking about formal emergency
services, I would expect all three legs of the tripod – integrity, confidentiality
and availability – to be regarded as essential. The system would have whatever
cryptographic means needing to support I&C required and implemented, and the
system as a whole engineered to do the best possible for availability. (Or to
enable the likelihood of best possible in unknown circumstances.)
- Our security is hop-by-hop and so the above doesn't seem to apply. We doIt would appear hop by hop is the only option, so that and its implications
mention that encryption provides confidentiality.
need to be summarised. With regard to confidentiality I think it’s important to
be clear what is confidential, data or the (AODVv2 and other) signalling.
Except by using a single shared secret, confidential routing signalling is
hard. (Though not impossible.)
Consequently, saying “use 6621 to reduce multicast overhead” is insufficient …- We tried not to go too far into this earlier, but after Last Call begins we
would be happy to craft some text or perhaps another document for this purpose.
But the clarifying specification text will be very small, we think.
I think ensuring interoperability is something important before Last Call, not
after Last Call. I think the idea that that’s very small is optimistic. But if
it is very small, then before Last Call should be easy, and if it’s not it
needs to be before Last Call. Or you could take out and postpone to an
extension document. Drawback with that is that backward compatibility might
turn out to be a problem (unless you say “everyone must do this or not do
this”, whose acceptability could be discussed).
