Re: [babel] Mirja Kühlewind's Discuss on draft-ietf-babel-hmac-08: (with DISCUSS and COMMENT)
Juliusz Chroboczek <jch@irif.fr> Wed, 07 August 2019 16:16 UTC
Return-Path: <jch@irif.fr>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D16C91205F5; Wed, 7 Aug 2019 09:16:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U6GBXU1SWFkh; Wed, 7 Aug 2019 09:16:36 -0700 (PDT)
Received: from korolev.univ-paris7.fr (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5D8BA1205E6; Wed, 7 Aug 2019 09:16:27 -0700 (PDT)
Received: from mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [81.194.30.253]) by korolev.univ-paris7.fr (8.14.4/8.14.4/relay1/82085) with ESMTP id x77GGMbJ031570; Wed, 7 Aug 2019 18:16:22 +0200
Received: from mailhub.math.univ-paris-diderot.fr (localhost [127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTP id 4C2152AA39; Wed, 7 Aug 2019 18:16:25 +0200 (CEST)
X-Virus-Scanned: amavisd-new at math.univ-paris-diderot.fr
Received: from mailhub.math.univ-paris-diderot.fr ([127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id cc1deQRL4k7r; Wed, 7 Aug 2019 18:16:24 +0200 (CEST)
Received: from pirx.irif.fr (unknown [78.194.40.74]) (Authenticated sender: jch) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTPSA id 5478F2AA37; Wed, 7 Aug 2019 18:16:24 +0200 (CEST)
Date: Wed, 07 Aug 2019 18:16:24 +0200
Message-ID: <87pnlhuf1j.wl-jch@irif.fr>
From: Juliusz Chroboczek <jch@irif.fr>
To: Mirja Kuehlewind <ietf@kuehlewind.net>
Cc: Donald Eastlake <d3e3e3@gmail.com>, babel-chairs@ietf.org, The IESG <iesg@ietf.org>, babel@ietf.org, draft-ietf-babel-hmac@ietf.org
In-Reply-To: <E66B43F6-AE00-4C58-A08C-4CC0264EDF29@kuehlewind.net>
References: <156518028058.8361.10940272410936686016.idtracker@ietfa.amsl.com> <87imr9hyqc.wl-jch@irif.fr> <48D085EC-8B31-47FB-A4E1-05BB5CB30829@kuehlewind.net> <87ef1xhx1j.wl-jch@irif.fr> <C3E6F178-3785-4B94-962B-AE8F3A9BCAA8@kuehlewind.net> <87a7clhtke.wl-jch@irif.fr> <E66B43F6-AE00-4C58-A08C-4CC0264EDF29@kuehlewind.net>
User-Agent: Wanderlust/2.15.9
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (korolev.univ-paris7.fr [194.254.61.138]); Wed, 07 Aug 2019 18:16:22 +0200 (CEST)
X-Miltered: at korolev with ID 5D4AF956.000 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)!
X-j-chkmail-Enveloppe: 5D4AF956.000 from mailhub.math.univ-paris-diderot.fr/mailhub.math.univ-paris-diderot.fr/null/mailhub.math.univ-paris-diderot.fr/<jch@irif.fr>
X-j-chkmail-Score: MSGID : 5D4AF956.000 on korolev.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000
X-j-chkmail-Status: Ham
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/AbNmap5648jV62jjp8Shcr2_J48>
Subject: Re: [babel] Mirja Kühlewind's Discuss on draft-ietf-babel-hmac-08: (with DISCUSS and COMMENT)
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Aug 2019 16:16:40 -0000
> Sorry I mean 300ms… (one important letter). Ah, ok. I think I undestand what you mean now. > But this is usually send every 4 seconds or so…? Not necessarily. The timers are configurable, and there can be multiple packets sent over a single hello interval (e.g. when the routing table doesn't fit in a single packet). The rate limiting here is going to limit how fast we can acquire new neighbours in the presence of packet loss. The value 300ms was chosen as being a compromise between the amount of traffic an attacker can cause with replayed packets, and the hard limit it imposes on neighbour acquisition in the presence of packet loss. This has nothing to do with congestion control, Mirja, it's solely about resistance to DoS. In normal operation (with no evil attacker replaying massive numbers of packets and in the absence of packet loss), there's going to be just two challenge/reply exchanges (one in each direction) for every neighbour acquisition. This implies that there is no opportunity to establish RTT state, and no useful opportunity to reset timers when a reply is received. -- Juliusz
- [babel] Mirja Kühlewind's Discuss on draft-ietf-b… Mirja Kühlewind via Datatracker
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Juliusz Chroboczek
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Mirja Kuehlewind
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Juliusz Chroboczek
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Mirja Kuehlewind
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Juliusz Chroboczek
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Mirja Kuehlewind
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Juliusz Chroboczek
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Mirja Kuehlewind