Hi Stan,
Am 19.02.2016 um 15:35 schrieb Stan Ratliff <ratliffstan@xxxxxxxxx>:
Hi there!
<snip>
Some additional remarks:
* “Encryption
will not only protect against unauthorized devices obtaining
information about network topology [...]”
Is that always fully the case? As I understand it,
If messages are encrypted, a malicious observer would have
to monitor the entire to see who's communicating with whom, and even then,
due to the hop by hop nature of the protocol and the fact that messages are
regenerated, it'd be hard to "trace" say, a RREP if there's enough other
(AODVv2)
traffic in the network... While if they're not encrypted, you can listen
at some (key) points of the network and get a good idea of topology &
traffic flow.
Is that correct? If so, I'll propose some additional text to make that
more clear.
Yes, I think you are correct, and some additional text to clear that up would
be helpful.
* Vicky comments in another thread about time synchronization got me
thinking...
Should we write down hoe these timestamps have to be generated? it would be
nice
if they were interoperable across implementations, but otoh I'm hesitant to
open that can of worms…
I think trying to accomplish time synchronization is a bad thing - it will
bog us down.
* ”However, since the sender of the RERR
message with erroneous information MAY be presumed to be either
malicious or broken, it is better that such routes not be used
anyway.”
To be honest, I don't really get what this sentence is trying to say.
I think it's a (pretty formal) way of saying "Since the guy sent you crap,
assume he's either busted, or he's trying to subvert the network, so don't
use the route." ;-)
OK - This is the *perfect* example of a discussion we should probably be
having on manet@xxxxxxxx. What I'd like to see is to take the text that Lotte
has already formatted, plus the text she proposes for clearing up encryption,
*and posting*, along with a short description of what we've done.
My discussion with Justin last night revealed a bit of a "chicken and egg"
scenario - with DLEP (and I suspect with AODVv2 as well), there's something
of a "I'm not going to review the document, because there's an error in the
document". That is, I couldn't get reviews & gather information on the DLEP
Security Considerations section, because there was an issue with the DLEP
Security Considerations...
Somebody has to "break the cycle" - so let us do it! We can post, along with
an email synopsis of this very thread, basically saying "OK gang, here's or
current best take - help us make it better."
Regards,
Stan
[snip]