IETF Logo Mail Archive

Re: [6lo] Alissa Cooper's No Objection on draft-ietf-6lo-ap-nd-17: (with COMMENT)

"Pascal Thubert (pthubert)" <pthubert@cisco.com> Wed, 05 February 2020 13:14 UTC

Return-Path: <pthubert@cisco.com>
X-Original-To: 6lo@ietfa.amsl.com
Delivered-To: 6lo@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4831012080C; Wed, 5 Feb 2020 05:14:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=NqTxVGTK; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=Jt0VxnHD
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xqCAilNSb6OA; Wed, 5 Feb 2020 05:14:05 -0800 (PST)
Received: from rcdn-iport-8.cisco.com (rcdn-iport-8.cisco.com [173.37.86.79]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5926212080A; Wed, 5 Feb 2020 05:14:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4989; q=dns/txt; s=iport; t=1580908445; x=1582118045; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=vprVJrnBAKMe6tyyiZB3RhRmN4n62l71Bb2u86ewNCc=; b=NqTxVGTKYQMXUQWlV/ltd1ZAEjEloit1ksiBlr1FEt1xvNFhwRc/9phg ojlfbyYhbx3kN+1qmLMtOlpWGHH8S4dqKnQFIp/2SXpqOIRZCGOAUZeXp iG3ehnIi2rGN/ZIeRjIajvS/5wcMaq+pr6VXmmV7zo05fXdsQSJIjC1nl 4=;
IronPort-PHdr: 9a23:JMXa5hb9OMv5TGTQ34MRtfP/LSx94ef9IxIV55w7irlHbqWk+dH4MVfC4el20gabRp3VvvRDjeee87vtX2AN+96giDgDa9QNMn1NksAKh0olCc+BB1f8KavycywnFslYSHdu/mqwNg5eH8OtL1A=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0DxAADRvjpe/5ldJa1lHQEBAQkBEQUFAYFpBgELAYFTJCwFbFggBAsqh1sDiniCX5gSgS6BJANUCQEBAQwBARgLCgIBAYRAAoI6JDYHDgIDDQEBBAEBAQIBBQRthTcMhWYBAQEBAgEBARAoBgEBLAsBBAsCAQg2ECcLJQIEAQ0FCBqDBYJKAw4gAQIMoDECgTmIYoIngn8BAQWBLwEDAoNfGIIMAwaBOAGFHYVBgUMagUE/gRFHgkw+gmQBAQIagRMgGINAgiyNYpJSjkZwCoI6ll6CSIgPi2yERo5imx8CBAIEBQIOAQEFgVkBMYFCDghwFTuCbFAYDY4dCwEXFYM7hRSFP3SBKYpkgkIBAQ
X-IronPort-AV: E=Sophos;i="5.70,405,1574121600"; d="scan'208";a="715617122"
Received: from rcdn-core-2.cisco.com ([173.37.93.153]) by rcdn-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 05 Feb 2020 13:14:04 +0000
Received: from XCH-ALN-005.cisco.com (xch-aln-005.cisco.com [173.36.7.15]) by rcdn-core-2.cisco.com (8.15.2/8.15.2) with ESMTPS id 015DE4m3004253 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 5 Feb 2020 13:14:04 GMT
Received: from xhs-aln-001.cisco.com (173.37.135.118) by XCH-ALN-005.cisco.com (173.36.7.15) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 5 Feb 2020 07:14:03 -0600
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by xhs-aln-001.cisco.com (173.37.135.118) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 5 Feb 2020 07:13:58 -0600
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Wed, 5 Feb 2020 07:13:58 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=G540ZCG52Alwv9fpCVN0lBqr+tvhmLiyavFaV4FTj31K9vN81a4L9aVRF68Thnmep2pxuNqlvW2eOpk2k4BSfCDT/z7Fk7mnRxNkku+GvUFOEg9a3z0Lrl0qYzcdC5poyf2iRRxrBMwqpZlb/c2YkAwTSlz3QLkqQmhb67ZNNOAmSqiCPEOLhpTn8mE3cs5EjBWPL9i0Kiv1dnZPpGxVtEyMyuj8rTk/tL1b7lCsWTpGakbOUKxqTRYBQU1SNgx6K3xb7ZCizArw6627N5fbhiwuyb4JWACDuMGViItTZICyfI1wLZtTeALCK7WEWtP9afkBA+FPsO+uleNW75qKnA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xBNbjWWMsCJzH1iKgTK3wZvt9srRgu73ba7qjiYqpoI=; b=faYDMlDCS6DcI4DrQ9TuaBjDWoFO1SJI9NFptK/ShFZqaJk3CLoMVEXbIw/d2tR5jyu1+J0/euBR0aNzzEsMlPL1OVkBBpNcc3DdTxFXpPL4vldnQmab6PDzH598L67wFdcqkvIUtbbKjziJx+6SFdgl3m96MqTo3yKPc19ClDfpXtz8TmxJvI0SpBuI78FKDYpZyEeh97udJtQ8FNnOFrLeEYjTsfkXnHDu0wDfFJEeVn4iRAO55oOQgJ4v1ndZAFoMAaeITin/KVtLh0vbXx44qjo3mva4uWrU0P/dQY22wPmsyLgvlstV/3tf9+34g8t2aoo2ZizpNpZF5T3nhg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xBNbjWWMsCJzH1iKgTK3wZvt9srRgu73ba7qjiYqpoI=; b=Jt0VxnHDdcTFaWXJyVG1wGUG8TsU6lOf58knPHdjobIjsoleo0McKr7FxQXFVW+2ZrbG+pHubjabLDxmKhOjrSlRyDTR6hQ11uJYYa+EkJVeZgJhOAZ/Cj8fvVnED0/IVe9NkFdS+HJnIXxYdSZSCD8Sedc7IeuBbodZtS51/n4=
Received: from MN2PR11MB3565.namprd11.prod.outlook.com (20.178.250.159) by MN2PR11MB4509.namprd11.prod.outlook.com (52.135.39.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32; Wed, 5 Feb 2020 13:13:57 +0000
Received: from MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::fd76:1534:4f9a:452a]) by MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::fd76:1534:4f9a:452a%3]) with mapi id 15.20.2707.020; Wed, 5 Feb 2020 13:13:57 +0000
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: Alissa Cooper <alissa@cooperw.in>, The IESG <iesg@ietf.org>
CC: "draft-ietf-6lo-ap-nd@ietf.org" <draft-ietf-6lo-ap-nd@ietf.org>, "6lo-chairs@ietf.org" <6lo-chairs@ietf.org>, "Shwetha Bhandari (shwethab)" <shwethab@cisco.com>, "6lo@ietf.org" <6lo@ietf.org>
Thread-Topic: [6lo] Alissa Cooper's No Objection on draft-ietf-6lo-ap-nd-17: (with COMMENT)
Thread-Index: AQHV23knBmDVRV29KEi3tCo/h4siZ6gMZthw
Date: Wed, 05 Feb 2020 13:13:43 +0000
Deferred-Delivery: Wed, 5 Feb 2020 13:13:12 +0000
Message-ID: <MN2PR11MB3565EDDA22348B4D9C0E576CD8020@MN2PR11MB3565.namprd11.prod.outlook.com>
References: <158083399701.15807.1665931503969495479.idtracker@ietfa.amsl.com>
In-Reply-To: <158083399701.15807.1665931503969495479.idtracker@ietfa.amsl.com>
Accept-Language: fr-FR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pthubert@cisco.com;
x-originating-ip: [2001:420:44f3:1300:41e7:7725:e525:b2e8]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 028c58d3-d862-46da-8b67-08d7aa3d41fb
x-ms-traffictypediagnostic: MN2PR11MB4509:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <MN2PR11MB45097DAE52BEA37C4F2ACFD9D8020@MN2PR11MB4509.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0304E36CA3
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(396003)(136003)(366004)(346002)(376002)(199004)(189003)(9686003)(76116006)(55016002)(4326008)(54906003)(6506007)(110136005)(316002)(966005)(478600001)(186003)(7696005)(6666004)(81156014)(86362001)(8936002)(64756008)(66946007)(2906002)(66476007)(66446008)(66556008)(71200400001)(8676002)(81166006)(33656002)(52536014)(5660300002); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB4509; H:MN2PR11MB3565.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 1gcfsVBNWATIXoBMSOco+05cIe5eEQoNnJALtcSYWIbsj6wPjK0OQ8ozGsgLICF2izdRitRloOilaANSXOo1tcuGVhS5vhDMOAkor/WnYKYcJ3hnRX4Wa2vOo2XXhUpLBp1C1Dg3UiP4Cxd1OkRxZPwMp03oBDqWygrehgZiSBFKX1FdGxBuEXMhrmlGSA6WFQqtHuXRGCKI1W2jmNqTRAlZDKz4mAcSx81JZpOs5ARxnwpMWMxvWMBrCXhRs0E39bEhGB1jCkP/in1gLiGkWV4gu/9j4/rXkUvikprWGXVmvUkEZzG2iGDasKG+LwOL6ibFfsvPRkl+W5KbLsv7oVV+y7iOGgvtnzUZFlzlSpI8vlDfdmW6Zfyv91AheYR2D73uv6LkwqMOxnjSuAQ6R+/WI0VZEu3QPgEGKwuxVhOGEdmdo0cJ0NcrZbg1tVoIMcxtZrmoBEGJ6ipYsw9BGkqe9jpruROleB0Q+wLntvBcKbKCDNka2hJh8biiACGXfQdwZBfsFTcYLBP4qwkUNw==
x-ms-exchange-antispam-messagedata: fypYUtAF3JCYec2P24OjU6jBKjkgKlfRYeoqpzQWoU+aGI501l+J84hl1PstUrGqvPiq3Ss++7sK/WAEfEoERL10OKBJwVEVS07yQkbppH0o0gh1OvBfgUsVZbyNjTRkSraoImSPsYdiXFJoEbFk+kn1pT2CkvsKJJ9lqqRFqB9tEK1oYezVc60KudpZpnAGNuwCXgZacb8VCtMtziOSgw==
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 028c58d3-d862-46da-8b67-08d7aa3d41fb
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Feb 2020 13:13:57.2046 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: QF1yoknBqO+7MfhN8f0dr00MK36cAAkUtPcQj7E9wXfGwot1vNKd5txqhD9XhfHoRGtBLhe3kKrTAXjkKoc37w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4509
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.15, xch-aln-005.cisco.com
X-Outbound-Node: rcdn-core-2.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/6lo/CaDeF9TiGqerb9ZyVd9emM74ZOA>
Subject: Re: [6lo] Alissa Cooper's No Objection on draft-ietf-6lo-ap-nd-17: (with COMMENT)
X-BeenThere: 6lo@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Mailing list for the 6lo WG for Internet Area issues in IPv6 over constrained node networks." <6lo.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6lo>, <mailto:6lo-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6lo/>
List-Post: <mailto:6lo@ietf.org>
List-Help: <mailto:6lo-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6lo>, <mailto:6lo-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Feb 2020 13:14:07 -0000

Hello Alissa

Many thanks for your review !

I committed the proposed changes as -18 so you can review them in the final version, but we can certainly adapt and do more, see https://www.ietf.org/rfcdiff?url2=draft-ietf-6lo-ap-nd-18 . Note that the commit also adds text to answer a DISCUSS by Benjamin.

Please see below for the discussion:

 
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
> 
> Section 4.4:
> 
> "If it is
>    not present, it can be found in an abstract table that was created by
>    a previous message and indexed by the hash."
> 
> Reading the document top to bottom, I was confused about what this was
> referencing when I first came across it. Given that this is explained later, a
> forward section reference might help.

Probably a lack of clarity in the first sentence of that section. Added "as hash" in:

"
   As opposed to the RSA Signature Option (RSAO) defined in section 5.2.
   of SEND [RFC3971], the NDPSO does not have a key hash field.
   Instead, the leftmost 128 bits of the ROVR field in the EARO are used
   as hash to retrieve the CIPO that contains the key material used for
   signature verification, left-padded if needed.
"

I shared that impression when rereading but moving the sentence you quote up right below the above would have cut another logical chain and created the same problem.


-------------------

> Section 7:
> 
> I think somewhere in here there should be a brief discussion about how use of
> this specification could facilitate correlation attacks by providing an identifier
> that allows traffic from multiple source addresses to be tied back to the same
> node via the Crypto-ID. That is, if a node intends to use multiple addresses to
> defend against the 6LR or being able to correlate traffic originating with each
> address, it should not use the mechanism specified in this document. (I'm
> assuming this is a corner case for these kinds of deployments but it's worth
> saying anyway. Also, if there is some other cross-address identifier that the 6LR
> always has anyway, this isn't actually a
> problem.)

I believe I see your point, and there's more to it: 

If you look at the definition of the Modifier in section 4.3, this is explicitly why we introduced it. 
See also the thread with Benjamin about selecting the right size for that information.

"
   Modifier:  8-bit unsigned integer.  Set to an arbitrary value by the
      creator of the Crypto-ID.  The role of the modifier is to enable
      the formation of multiple Crypto-IDs from a same key pair, which
      reduces the traceability and thus improves the privacy of a
      constrained node that could not maintain many key-pairs.
" 

Proposal is to add:
"
7.7.  Correlating Registrations

   The ROVR field in the EARO introduced in [RFC8505] extends the EUI-64
   field of the ARO defined in [RFC6775].  One of the drawbacks of using
   an EUI-64 as ROVR is that an attacker that is aware of the
   registrations can correlate traffic for a same 6LN across multiple
   addresses.  Section 3 of [RFC8505] indicates that the ROVR and the
   address being registered are decoupled.  A 6LN may use a same ROVR
   for multiple registrations or a different ROVR per registration, and
   the IID must not derive from the ROVR.  In theory different 6LNs
   could use a same ROVR as long as they do not attempt to register the
   same address.

   The Modifier used in the computation of the Crypto-ID enables a 6LN
   to build different Crypto-IDs for different addresses with a same
   keypair.  Using that facility improves the privacy of the 6LN as the
   expense of storage in the 6LR, which will need to store multiple
   CIPOs that contain the same private key.  Note that if the attacker
   is the 6LR, then the Modifier alone does not provide a protection,
   and the 6LN would need to use different keys and MAC addresses in an
   attempt to obfuscate its multiple ownership.

"

> 
> Section 8.3:
> 
> Are there protocol-specific reasons why "IESG Approval" is a valid registration
> policy for this registry? Specification Required on its own seems appropriate to
> me.
> 

See also the discussion with IANA and Benjamin. The idea is that if someone wants to add a curve or a hash function, but following the method in this draft. Do we really need an RFC or is the IANA registry the reference? The idea is that the IESG should be able to determine that the new curve provides benefits without the need for an RFC. Do we have it wrong?

 Again, many thanks for your time and your review!

Pascal



> 
> _______________________________________________
> 6lo mailing list
> 6lo@ietf.org
> https://www.ietf.org/mailman/listinfo/6lo

v2.23.0 | Report a Bug | By Email