Re: [babel] Extension of Call for WG adoption of draft-ovsienko-babel-rfc7298bis through 2018-05-28
Juliusz Chroboczek <jch@irif.fr> Fri, 18 May 2018 12:55 UTC
Return-Path: <jch@irif.fr>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9829C12D88A; Fri, 18 May 2018 05:55:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E8p5EH1ZS_Iy; Fri, 18 May 2018 05:55:14 -0700 (PDT)
Received: from korolev.univ-paris7.fr (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 15C0D12D887; Fri, 18 May 2018 05:55:13 -0700 (PDT)
Received: from potemkin.univ-paris7.fr (potemkin.univ-paris7.fr [IPv6:2001:660:3301:8000::1:1]) by korolev.univ-paris7.fr (8.14.4/8.14.4/relay1/75695) with ESMTP id w4ICtBCF003209 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 18 May 2018 14:55:11 +0200
Received: from mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [81.194.30.253]) by potemkin.univ-paris7.fr (8.14.4/8.14.4/relay2/75695) with ESMTP id w4ICtDaZ010925; Fri, 18 May 2018 14:55:13 +0200
Received: from mailhub.math.univ-paris-diderot.fr (localhost [127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTP id 228AFEB98E; Fri, 18 May 2018 14:55:11 +0200 (CEST)
X-Virus-Scanned: amavisd-new at math.univ-paris-diderot.fr
Received: from mailhub.math.univ-paris-diderot.fr ([127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id pSh1T7ApXdQD; Fri, 18 May 2018 14:55:10 +0200 (CEST)
Received: from trurl.irif.fr (unknown [78.194.40.74]) (Authenticated sender: jch) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTPSA id EC942EB984; Fri, 18 May 2018 14:55:09 +0200 (CEST)
Date: Fri, 18 May 2018 14:55:09 +0200
Message-ID: <877eo1jf82.wl-jch@irif.fr>
From: Juliusz Chroboczek <jch@irif.fr>
To: Donald Eastlake <d3e3e3@gmail.com>
Cc: Babel at IETF <babel@ietf.org>, babel-chairs@ietf.org
In-Reply-To: <CAF4+nEGV94Vwdoo+gG_-x-nyQcjjJtv9+JMaM_m3YuZ511_e5g@mail.gmail.com>
References: <CAF4+nEGV94Vwdoo+gG_-x-nyQcjjJtv9+JMaM_m3YuZ511_e5g@mail.gmail.com>
User-Agent: Wanderlust/2.15.9
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]); Fri, 18 May 2018 14:55:11 +0200 (CEST)
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (potemkin.univ-paris7.fr [194.254.61.141]); Fri, 18 May 2018 14:55:13 +0200 (CEST)
X-Miltered: at korolev with ID 5AFECD2F.000 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)!
X-Miltered: at potemkin with ID 5AFECD31.000 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)!
X-j-chkmail-Enveloppe: 5AFECD2F.000 from potemkin.univ-paris7.fr/potemkin.univ-paris7.fr/null/potemkin.univ-paris7.fr/<jch@irif.fr>
X-j-chkmail-Enveloppe: 5AFECD31.000 from mailhub.math.univ-paris-diderot.fr/mailhub.math.univ-paris-diderot.fr/null/mailhub.math.univ-paris-diderot.fr/<jch@irif.fr>
X-j-chkmail-Score: MSGID : 5AFECD2F.000 on korolev.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000
X-j-chkmail-Score: MSGID : 5AFECD31.000 on potemkin.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000
X-j-chkmail-Status: Ham
X-j-chkmail-Status: Ham
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/L-gQdAIZRpmbj9dcbENo4bfUXpY>
Subject: Re: [babel] Extension of Call for WG adoption of draft-ovsienko-babel-rfc7298bis through 2018-05-28
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 May 2018 12:55:17 -0000
> This is a reminder that there is an ongoing call for adopt of
> draft-ovsienko-babel-rfc7298bis. This message extends the deadline for
> responding through 28 May. Please indicate if you think this draft
> should or should not be adopted as a starting point by the BABEL WG.
I have mixed feelings, and therefore do not know whether I do or don't
support adoption at the current time.
On the one hand:
- I am convinced that Babel needs a simple, comprehensible,
implementable auth mechanism that introduces no heavy dependencies
(possibly in addition to any heavier mechanism, such as DTLS);
- Denis' draft is a good starting point for obtaining the above.
On the other hand:
- as described on the list, the protocol appears to be vulnerable to
replay, due to an unfortunate confusion between symmetric reachability
(as defined by 6126bis) and security association. I have a plan for
fixing the vulnerability (by removing the confusion), but I'd like to
have a chance to explain my ideas in order to see if they work;
- the document (as opposed to the protocol) is very difficult to work
with. Three reasons for that: (1) an almost complete lack of
rationale and human-readable intuitions, (2) a tendency to repeat the
same points multiple times, and (3) a tendency to repeat what is
already in 6126bis. This is bad for a security document, and is
especially worrying since the author has a poor track record of
listening to stylistic (as opposed to technical) criticisms.
Should the stylistic issues with the document be fixed, and should my
ideas for fixing the vulnerability work out, I'd support adoption with no
hesitation. As it currently stands, and since I do not trust the author
to fix the editorial issues once the document is adopted, I'm not sure.
-- Juliusz
- [babel] Extension of Call for WG adoption of draf… Donald Eastlake
- Re: [babel] Extension of Call for WG adoption of … Juliusz Chroboczek
- Re: [babel] Extension of Call for WG adoption of … STARK, BARBARA H
- Re: [babel] Extension of Call for WG adoption of … Juliusz Chroboczek
- Re: [babel] Extension of Call for WG adoption of … Donald Eastlake
- Re: [babel] Extension of Call for WG adoption of … Denis Ovsienko
- Re: [babel] Extension of Call for WG adoption of … Donald Eastlake
- Re: [babel] Extension of Call for WG adoption of … Denis Ovsienko
- Re: [babel] Extension of Call for WG adoption of … Donald Eastlake
- Re: [babel] Extension of Call for WG adoption of … Juliusz Chroboczek
- Re: [babel] Extension of Call for WG adoption of … Denis Ovsienko
- Re: [babel] Extension of Call for WG adoption of … Denis Ovsienko