IETF Logo Mail Archive

Re: [babel] Extension of Call for WG adoption of draft-ovsienko-babel-rfc7298bis through 2018-05-28

Denis Ovsienko <denis@ovsienko.info> Tue, 22 May 2018 23:14 UTC

Return-Path: <denis@ovsienko.info>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D26B12D87F; Tue, 22 May 2018 16:14:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.601
X-Spam-Level:
X-Spam-Status: No, score=-0.601 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ovsienko.info
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 61shKj9RuydA; Tue, 22 May 2018 16:14:38 -0700 (PDT)
Received: from sender-of-o51.zoho.com (sender-of-o51.zoho.com [135.84.80.216]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 72670129C6D; Tue, 22 May 2018 16:14:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1527030871; s=zohomail; d=ovsienko.info; i=denis@ovsienko.info; h=Date:From:To:Message-ID:In-Reply-To:References:Subject:MIME-Version:Content-Type:Content-Transfer-Encoding; l=2364; bh=tNHLQgh2vB6gSJupXtIF7k0qmKxh8qGfECa/KCekDg0=; b=YAe0Y2h+w0m7cDESpRcAi4SkZxgbFWEdvJgBcrKvXiFjyw/Quym2tYWZsrNrbuzg fDx1gGpyM6tQ4e6Yk8rFhHXy6/5L/DKuUS6S5tse5iOGQhLWz1sknk+nLWWrg9Lwqeu DZA393SOGmXM6ZJi9esNCoCB/kuT1bl5ZNP5IHlk=
Received: from mail.zoho.com by mx.zohomail.com with SMTP id 1527030871851161.29908319198523; Tue, 22 May 2018 16:14:31 -0700 (PDT)
Date: Wed, 23 May 2018 00:14:31 +0100
From: Denis Ovsienko <denis@ovsienko.info>
To: Babel at IETF <babel@ietf.org>, "babel-chairs@ietf.org" <babel-chairs@ietf.org>
Message-ID: <1638a21f72a.f115e721115322.8073557499992170629@ovsienko.info>
In-Reply-To: <CAF4+nEEFfsMGTv9cp8Sbsp7=fsMKy1GejMgL+hGo3v84-tmKug@mail.gmail.com>
References: <CAF4+nEGV94Vwdoo+gG_-x-nyQcjjJtv9+JMaM_m3YuZ511_e5g@mail.gmail.com> <877eo1jf82.wl-jch@irif.fr> <2D09D61DDFA73D4C884805CC7865E6114DDC604A@GAALPA1MSGUSRBF.ITServices.sbc.com> <CAF4+nEEFfsMGTv9cp8Sbsp7=fsMKy1GejMgL+hGo3v84-tmKug@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Priority: Medium
User-Agent: Zoho Mail
X-Mailer: Zoho Mail
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/Rgpz8xOcgQBD1mv8SySdiPHFi08>
Subject: Re: [babel] Extension of Call for WG adoption of draft-ovsienko-babel-rfc7298bis through 2018-05-28
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 May 2018 23:14:41 -0000

Hello all.

Thank you for making your reasons, let me provide a digest of the main technical points of the proposed work item.

HMAC result(s) prove a packet was not modified in transit and was send by a speaker that has the shared secret. This will require adding the packet destination address into the HMAC input in 7298-bis as discussed.

RFC 7298 specifies a simple optional way to guarantee that the per-interface outgoing TS/PC number is strictly increasing over the lifetime of a speaker. 7298-bis will need to mandate this property. This way any speaker can tell if any other speaker's sequence of packets runs strictly uphill and never repeats itself.

In addition to the above, the IHU-specific TS/PC sub-TLV and the sent TS/PC numbers table in 7298-bis make it possible to tell if an IHU proves (because the local TS/PC number also runs strictly uphill and never repeats) freshness (not just uphill but roughly at the same elevation) that does not exceed the configured threshold. This threshold is specified in real time seconds but does not require the clocks to be synchronous.

The latest technical problem Juliusz had pointed out was that the main protocol instance could change its state in response to replayed/delayed [authentic, non-duplicate, in-order] packets with Update(s) but without IHU, and then a fresh IHU could activate those old routes regardless if the speaker currently intends to advertise respective prefixes. I suggested to let only Hello and IHU TLVs through before the first freshness proof occurs.

Having thought about it for some time, it seems to me this attack could also work _after_ the freshness has been proved for the first time, it just requires a long enough time span and many enough topology changes to prepare the Update(s) to be sent before the next IHU. At the moment it seems to me to make the most sense to maintain an age timer in 7298-bis for every proof of freshness (i.e. to add a column to ANM table and to use it to tell what TLVs can reach the main protocol instance).

Although the proposed concept has slightly moved ahead of the I-D, my understanding is the job is doable and the document is an OK work item. That said, the working group makes the decision, I just need to know what specifically it is to be able to plan my further contributions.

Thanks.

-- 
    Denis Ovsienko

v2.23.0 | Report a Bug | By Email