Re: [6lo] Magnus Westerlund's No Objection on draft-ietf-6lo-fragment-recovery-12: (with COMMENT)
"Pascal Thubert (pthubert)" <pthubert@cisco.com> Mon, 09 March 2020 07:58 UTC
Return-Path: <pthubert@cisco.com>
X-Original-To: 6lo@ietfa.amsl.com
Delivered-To: 6lo@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 147653A0964; Mon, 9 Mar 2020 00:58:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.6
X-Spam-Level:
X-Spam-Status: No, score=-9.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=CujzxzRe; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=Nl65pfTl
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5_PrXgKeFz98; Mon, 9 Mar 2020 00:58:39 -0700 (PDT)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 729863A095D; Mon, 9 Mar 2020 00:58:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4102; q=dns/txt; s=iport; t=1583740719; x=1584950319; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=JSbrJ8jbzqyEAUFBhgtoDqErlrZKtYG1biR7K1LY69w=; b=CujzxzReWfKqQQ5JSmnymvXqYJXkoVhaSpHHBsYiT2H617Yie9KcEhRt RK/gNFfsFcgBOrL5eKDAIFMVsJe+nXBu7byrUlfn9T4+Z85X/72E24CPe QyBPpbcGILiPsCbn41IV7FtWXPEgIE28+gaY2ORFjGDf9zLQEEcGQ5Hx6 w=;
IronPort-PHdr: 9a23:lG6CHhbpmUS4DeO3d4Ms/2b/LSx94ef9IxIV55w7irlHbqWk+dH4MVfC4el20gabRp3VvvRDjeee87vtX2AN+96giDgDa9QNMn1NksAKh0olCc+BB1f8KavycywnFslYSHdu/mqwNg5eH8OtL1A=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AECABU9mVe/4UNJK1kHQEBAQkBEQUFAYF7gVRQBYFEIAQLKoQVg0YDimuadIFCgRADVAkBAQEMAQEtAgQBAYRDAheBdyQ4EwIDAQELAQEFAQEBAgEFBG2FVgyFZAIBAxIREQwBATcBDwIBCBoCJgICAjAVEAIEAQ0NGoVPAy4BnB0CgTmIYnWBMoJ/AQEFhQMYggwJgQ4qhSGHCxqBQT+BEUeCTT6EDUCDDzKCLI1zgnWQAY5PcAqCPI0fiWOCSYghi36ETY52m1ECBAIEBQIOAQEFgWkigVhwFYMnUBgNjh04gzuKVXSBKY1AAQE
X-IronPort-AV: E=Sophos;i="5.70,532,1574121600"; d="scan'208";a="444276037"
Received: from alln-core-11.cisco.com ([173.36.13.133]) by alln-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 09 Mar 2020 07:58:38 +0000
Received: from XCH-RCD-004.cisco.com (xch-rcd-004.cisco.com [173.37.102.14]) by alln-core-11.cisco.com (8.15.2/8.15.2) with ESMTPS id 0297wceb023914 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 9 Mar 2020 07:58:38 GMT
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by XCH-RCD-004.cisco.com (173.37.102.14) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 9 Mar 2020 02:58:38 -0500
Received: from xhs-aln-003.cisco.com (173.37.135.120) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 9 Mar 2020 02:58:38 -0500
Received: from NAM04-BN3-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-003.cisco.com (173.37.135.120) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Mon, 9 Mar 2020 02:58:37 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PL4feEXfNMcJp2b3o5JGt4V/ug3D8Ui6eTADcXUyxgOMCurqkZpCHFlc8aeQAON2dXa/nkHi7DToJ6wtGOnEwakrjsZe6htiZnTKjdhqznjNEQLK1/YF91oScPrXS6SmQluqMd+l16zGI8k7ZeM5cFIO3q1s5/giw8QEEvaAig5IO/IHldTnWZmN20alNqu/R4kBdiAUihwNnqT0azzVSftXsWiQhgPPBobf+x+U0j3ocrnbeLSP4qYSkqmSEJyZ1+uBQnwmonqVbueXpaaf52wJkWyZa4as4QgeR6KN0tmG7sGZANbRz1DbflLNTYor2JzosmpX66dGJpZRZb+g5A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;bh=JSbrJ8jbzqyEAUFBhgtoDqErlrZKtYG1biR7K1LY69w=; b=Fc00jUAWNd6mRecntqc+YeSzYCBeIW9yl3F31hC5qZYD0ydc+gvvAZM31/osI1U9ir2WnxUaGUIGJVmbQg0KtUWS5GOZMw9lP/SWLuvtw5+SNbfDzS1oamuU5KkqwGQhtlAMnzErHz8LYofnHrLSC6UEa9ip7eGZuysVcoTNFHA6HJe9M855sDYhE+0IAw5fdbhVb00hzI4nLFRmg4rsg6+a1Jf3E2QNEh5KlDFmB2G93r7IljwoT9j2y4Q6wdRUDSS/8uH9Tf4IEWGBvDKYPYwIZzcltQVWBUOeb5mbWOPPiyCQSTJOsDT/qnWkdfG19YZfYhA4HjeFy9TP/l4vgw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JSbrJ8jbzqyEAUFBhgtoDqErlrZKtYG1biR7K1LY69w=; b=Nl65pfTlCmHPN3E6jQ8GEVhZE9viInjgvBFbgMTS3xKs2UkgiIV4+WUtjfSUhCAFBTMlDHfyC9aReIAvumZ/hxOhSrn4aE8D0NOsDVyCLXD4vunsa3ZoOh0T03pNfMORctIBGd0zgjdk0c6dTaS1JoVdeyUxL977zr/gGFOmEv0=
Received: from MN2PR11MB3565.namprd11.prod.outlook.com (2603:10b6:208:ea::31) by MN2PR11MB3853.namprd11.prod.outlook.com (2603:10b6:208:ea::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2793.17; Mon, 9 Mar 2020 07:58:37 +0000
Received: from MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::edba:2b0f:7341:2c24]) by MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::edba:2b0f:7341:2c24%6]) with mapi id 15.20.2793.013; Mon, 9 Mar 2020 07:58:37 +0000
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: Magnus Westerlund <magnus.westerlund@ericsson.com>, The IESG <iesg@ietf.org>
CC: "draft-ietf-6lo-fragment-recovery@ietf.org" <draft-ietf-6lo-fragment-recovery@ietf.org>, Carles Gomez <carlesgo@entel.upc.edu>, "6lo-chairs@ietf.org" <6lo-chairs@ietf.org>, "6lo@ietf.org" <6lo@ietf.org>
Thread-Topic: Magnus Westerlund's No Objection on draft-ietf-6lo-fragment-recovery-12: (with COMMENT)
Thread-Index: AQHV5m78XYMUSa8LRUKDZiyvF1Lozag/7kmw
Date: Mon, 09 Mar 2020 07:58:22 +0000
Deferred-Delivery: Mon, 9 Mar 2020 07:57:39 +0000
Message-ID: <MN2PR11MB3565E64BFF404C9992CBCB3ED8FE0@MN2PR11MB3565.namprd11.prod.outlook.com>
References: <158203922796.14034.11972445891648310968.idtracker@ietfa.amsl.com>
In-Reply-To: <158203922796.14034.11972445891648310968.idtracker@ietfa.amsl.com>
Accept-Language: fr-FR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pthubert@cisco.com;
x-originating-ip: [2a01:cb1d:4ec:2200:a8c7:7af1:ca74:7a0c]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 22319991-54d0-4cd5-87ff-08d7c3ffac67
x-ms-traffictypediagnostic: MN2PR11MB3853:
x-microsoft-antispam-prvs: <MN2PR11MB3853D3377F3DDCD16F338BB6D8FE0@MN2PR11MB3853.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0337AFFE9A
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(396003)(136003)(346002)(376002)(366004)(39860400002)(199004)(189003)(6666004)(66946007)(76116006)(33656002)(9686003)(55016002)(52536014)(2906002)(5660300002)(7696005)(478600001)(4326008)(6506007)(66476007)(54906003)(110136005)(316002)(86362001)(66446008)(64756008)(66556008)(71200400001)(8936002)(81166006)(81156014)(186003)(8676002); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB3853; H:MN2PR11MB3565.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 8jx5ouQ2cT9KUW3wQgeuclavrMdrRUlg1h2CNh7Cn1Ca6FobZDt2D0gL96P/weUG1cvatw8hYVQHI8Fvx/+cRqlKdzKuEDcUBeFr6+2uK1/tiV1ptN2lMa8YGmySbwzpoWlTxrynAzwhEWOVpJdmLqSKtHtVUGjaK44vEZ54LGZxCegJut2PZ9AXNUl9cOSGGWc7BHvmsIGnHegJGSgZ8AgjuvmVBcWEek8Owv9GKCWqZtLAiplFoM7q7m1aljpLDm3Nn+Vaty7ps2jyc6TFNAzLxgBX2WYPSyDtRcCV15GfD/dqZG48HHgJAqGL8qR4aUABqE3HppD+266F/qnNsn8k2PmvwBRAkheEIzD7Lsp31VKJmShOsD+lMu9ZNLJ3XmgenKWw7W00wEuFEViOK7iRK3c420npjvk/DXL6B4648idkKgCK5rJ7DuMmrGdq
x-ms-exchange-antispam-messagedata: xFyQH5N7cUqETtrjyws8Xtpi5kFbN7FXEU/Jnw4ZrcJwahvWsGE8T/uO+qh7MbXfaKGjejAycQqGFVpEiBJH1Iq9kOnKaMBhcAbDo/0/KnuVabTms65KWaBRHjGl63G3Y1tVAd7Fz54bbWZBke7xqsC0yhu/WMDw6ZCK3yhKeRonIJRfxqfaYNrflfqdAwcH/EUWjyNFNp30UD7SQNeKXw==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 22319991-54d0-4cd5-87ff-08d7c3ffac67
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Mar 2020 07:58:37.1388 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: AKUUl+Gok1TW7jtq5MnBtqA95/lqZR6DCTQP82o+xcSAqfXkCKtrXP+gXzC/5fT7qxf42TC1l+xIAryANE4hdQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB3853
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.14, xch-rcd-004.cisco.com
X-Outbound-Node: alln-core-11.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/6lo/yOHRgk4UcUKXgA5dyi2i8QrEx_o>
Subject: Re: [6lo] Magnus Westerlund's No Objection on draft-ietf-6lo-fragment-recovery-12: (with COMMENT)
X-BeenThere: 6lo@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Mailing list for the 6lo WG for Internet Area issues in IPv6 over constrained node networks." <6lo.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6lo>, <mailto:6lo-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6lo/>
List-Post: <mailto:6lo@ietf.org>
List-Help: <mailto:6lo-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6lo>, <mailto:6lo-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Mar 2020 07:58:41 -0000
Hello Magnus: Many thanks for your review! Let's see below: > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > I am uncertain if there is security risk that is poorly noted. I don't think it is > significant as an intermediate node will in many other ways be able to interfere > with the transmission of the fragments. However, it appears to me that the > below formulation potentially allow a fragment sender to go into an interesting > state by acknowledging fragments prior to even have received them, causing > the sender to abort the transmission prematurely? > > When all the fragments are received, the receiving endpoint > reconstructs the packet, passes it to the upper layer, sends an RFRAG > Acknowledgment on the reverse path with a FULL bitmap, and arms a > short timer, e.g., in the order of an average round-trip delay in the > network. As the timer runs, the receiving endpoint absorbs the > fragments that were still in flight for that datagram without > creating a new state. The receiving endpoint abort the communication > if it keeps going on beyond the duration of the timer. > > Could the author please comment on this aspect of what would occur in the > fragment sender if it receives an RFRAG-ACK will full bitmap prior to having > send all fragments, and also what would happen if this is received very shortly > after having sent the last fragment? > An attacker that is on path can indeed do many things. The ones that you point out could be detected by the transmitter. Others cannot. A critical aspect in 6LoWPANs is to keep the implementation concise and simple. So yes, a "rich" implementation can detect some situations and report, provided that it has extra memory and bandwidth to do so. But the recommendation stays the same, inherited from [FRAG-FWD]. We need a secure join and a link layer security that prevents rogue access. I suggest to add the second paragraph below: " This document specifies an instantiation of a 6LoWPAN Fragment Forwarding technique. [FRAG-FWD] provides the generic description of Fragment Forwarding and this specification inherits from it. The generic considerations in the Security sections of [FRAG-FWD] apply equally to this document. In addition to the threats detailed therein, an attacker that is on- path can prematurely end the transmission of a datagram by sending a RFRAG Acknowledgment to the sender. It can also cause extra transmissions of fragments by resetting bits in the RFRAG Acknowledgment bitmap, and of RFRAG Acknowledgments by forcing the Ack-Request bit in fragments that it forwards. As indicated in [FRAG-FWD], Secure joining and the Link-Layer security are REQUIRED to protect against those attacks. " Is that enough? Many thanks again; Pascal
- [6lo] Magnus Westerlund's No Objection on draft-i… Magnus Westerlund via Datatracker
- Re: [6lo] Magnus Westerlund's No Objection on dra… Pascal Thubert (pthubert)