Re: [Anima-signaling] Concern about GRASP Flood message
Toerless Eckert <eckert@cisco.com> Thu, 21 July 2016 07:51 UTC
Return-Path: <eckert@cisco.com>
X-Original-To: anima-signaling@ietfa.amsl.com
Delivered-To: anima-signaling@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 11BB912DB7D
for <anima-signaling@ietfa.amsl.com>; Thu, 21 Jul 2016 00:51:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.808
X-Spam-Level:
X-Spam-Status: No, score=-15.808 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01,
RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.287, SPF_PASS=-0.001,
USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key)
header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id N-8sQH3ekYSF for <anima-signaling@ietfa.amsl.com>;
Thu, 21 Jul 2016 00:51:02 -0700 (PDT)
Received: from rcdn-iport-7.cisco.com (rcdn-iport-7.cisco.com [173.37.86.78])
(using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 5068E12DAC9
for <anima-signaling@ietf.org>; Thu, 21 Jul 2016 00:51:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
d=cisco.com; i=@cisco.com; l=2412; q=dns/txt; s=iport;
t=1469087462; x=1470297062;
h=date:from:to:cc:subject:message-id:references:
mime-version:content-transfer-encoding:in-reply-to;
bh=qjYupWa0R5/DMY910m0QV6YzKTAEqsBHjau3MEfsJEQ=;
b=SsyTVA2eJ5+qZoc5NQIEZsKB3s96za8qKiyogZ7ZY1A96OcpXUBUxwb2
ALD7WIjuI4tLN/nHFdJV/jA4WJxypRsIFuvC9QBxtb75X+YjsGcBKn1T0
AShWbEBGtPoB8sDdFsL3tsvEWHW3a8iAcg9ADYLsfYqr81bdJ0iaJzZLJ I=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0AtAwACfpBX/5JdJa1dgz9WfLhigXsih?=
=?us-ascii?q?XgCgSw4FAEBAQEBAQFlJ0EOAYQNAQUBATABOwsQCxgJJQ8FEzYTiDAOvR8BAQE?=
=?us-ascii?q?BAQEBAQEBAQEBAQEBAQEBAQEXBYp3ihsFjwGEPIVpjmEKjzqQIR42hBMcMoRag?=
=?us-ascii?q?n4BAQE?=
X-IronPort-AV: E=Sophos;i="5.28,398,1464652800"; d="scan'208";a="126482131"
Received: from rcdn-core-10.cisco.com ([173.37.93.146])
by rcdn-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
21 Jul 2016 07:51:01 +0000
Received: from mcast-linux1.cisco.com (mcast-linux1.cisco.com [172.27.244.121])
by rcdn-core-10.cisco.com (8.14.5/8.14.5) with ESMTP id u6L7p1oL029686
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
Thu, 21 Jul 2016 07:51:01 GMT
Received: from mcast-linux1.cisco.com (localhost.cisco.com [127.0.0.1])
by mcast-linux1.cisco.com (8.13.8/8.13.8) with ESMTP id u6L7p0e0018475;
Thu, 21 Jul 2016 00:51:00 -0700
Received: (from eckert@localhost)
by mcast-linux1.cisco.com (8.13.8/8.13.8/Submit) id u6L7p0v4018474;
Thu, 21 Jul 2016 00:51:00 -0700
Date: Thu, 21 Jul 2016 00:51:00 -0700
From: Toerless Eckert <eckert@cisco.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <20160721075059.GJ7377@cisco.com>
References: <77afcc64-ca15-003d-661b-a31ed4866149@gmail.com>
<579073DB.50505@tzi.org> <00b894f9-61ca-c5cf-b8d8-aae1a8262c04@gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <00b894f9-61ca-c5cf-b8d8-aae1a8262c04@gmail.com>
User-Agent: Mutt/1.4.2.2i
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-signaling/bj-0qXgEeDXcZLPcYKillqftPZI>
Cc: Carsten Bormann <cabo@tzi.org>,
Anima signaling DT <anima-signaling@ietf.org>
Subject: Re: [Anima-signaling] Concern about GRASP Flood message
X-BeenThere: anima-signaling@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the signaling design team of the ANIMA WG
<anima-signaling.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-signaling>,
<mailto:anima-signaling-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-signaling/>
List-Post: <mailto:anima-signaling@ietf.org>
List-Help: <mailto:anima-signaling-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-signaling>,
<mailto:anima-signaling-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Jul 2016 07:51:04 -0000
If we had in the future ASA that can come from different vendors, eg: lightblub ASAs from two different lightning system vendors, and they want to trust objectives from other ASAs of the same vendor differently than those from other vendors, then it would certainly become interesting to have per-objective authentication. Would be an interesting GRASP CBOR layer question if you want to take the relevant part of the objective/synchronization payload and create a signature for the CBOR representation of that and then add that signature to the CBOR message. Alas, this is a long way off. We'd first need to have models for per-ASA keying material. Like at least eg: certificates for apps like android/iOS stores have them. and then expand from there. On Thu, Jul 21, 2016 at 07:31:19PM +1200, Brian E Carpenter wrote: > On 21/07/2016 19:03, Carsten Bormann wrote: > > Is there going to be any security? > > Or is a flood message authenticated by the group key protecting the ASA? > > No, it will be implicitly authenticated by arriving via the ACP. > (Unless used in a insecure instance of GRASP, but I don't think we will > want that.) > > > If there is data origin authentication, this already provides a source. > > Right, we had that sort of approach in the old TLV version of the protocol, > but removed it when the ACP came along. > > Regards > Brian > > > > > Grüße, Carsten > > > > > > Brian E Carpenter wrote: > >> During various discussions this week, I decided there is an issue to decide > >> around the GRASP Flood message. > >> > >> As it's currently defined, the node/ASA that receives a flooded objective > >> doesn't know where it came from; the flood relaying mechanism simply > >> loses the original source locator. > >> > >> Is this a problem? Does the recipient of a flooded objective sometimes > >> need to know the source? > >> > >> If so, we'd have to add a field to the Flood message. For example, we could > >> allow it to carry a Locator option. > >> > >> BTW, flooded objectives have no lifetime - they are valid until overwritten > >> by a subsequent Flood message. > >> > >> Comments? > >> > > > > _______________________________________________ > Anima-signaling mailing list > Anima-signaling@ietf.org > https://www.ietf.org/mailman/listinfo/anima-signaling -- --- Toerless Eckert, eckert@cisco.com
- Re: [Anima-signaling] Concern about GRASP Flood m… Brian E Carpenter
- Re: [Anima-signaling] Concern about GRASP Flood m… Toerless Eckert
- Re: [Anima-signaling] Concern about GRASP Flood m… Brian E Carpenter
- Re: [Anima-signaling] Concern about GRASP Flood m… Brian E Carpenter
- Re: [Anima-signaling] Concern about GRASP Flood m… Brian E Carpenter
- Re: [Anima-signaling] Concern about GRASP Flood m… Carsten Bormann
- Re: [Anima-signaling] Concern about GRASP Flood m… Carsten Bormann
- Re: [Anima-signaling] Concern about GRASP Flood m… Brian E Carpenter
- Re: [Anima-signaling] Concern about GRASP Flood m… Toerless Eckert
- Re: [Anima-signaling] Concern about GRASP Flood m… Toerless Eckert
- Re: [Anima-signaling] Concern about GRASP Flood m… Brian E Carpenter
- Re: [Anima-signaling] Concern about GRASP Flood m… Carsten Bormann
- [Anima-signaling] Concern about GRASP Flood messa… Brian E Carpenter
- Re: [Anima-signaling] Concern about GRASP Flood m… Toerless Eckert