IETF Logo Mail Archive

Re: [babel] Éric Vyncke's Discuss on draft-ietf-babel-applicability-07: (with DISCUSS and COMMENT)

"Eric Vyncke (evyncke)" <evyncke@cisco.com> Mon, 05 August 2019 13:07 UTC

Return-Path: <evyncke@cisco.com>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5AC16120072; Mon, 5 Aug 2019 06:07:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=k+a2FtrA; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=Sb0hCCQV
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rhyQulTKN7xG; Mon, 5 Aug 2019 06:07:10 -0700 (PDT)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 14FF51201CA; Mon, 5 Aug 2019 06:07:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=5782; q=dns/txt; s=iport; t=1565010430; x=1566220030; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=gdWY5Rk1atCfzUVJtZU7ZczfPipDO6NiHCfRrcjnLzI=; b=k+a2FtrAsluYNMqavxhE+yiEPTCGk3X6weK53Ij1A+92xTTwxsE5v4hF 8a4aR+KZYYoucPHQb8soB9f+ZfFr4HEbL0WWEUbgkTiQ9vL6IA+tN4C5v Zu+9N3RNXU12YTnEF1yfQTLENOlNT8gQda1aCpeQq4oqK+rkwJZ1xp+YL Q=;
IronPort-PHdr: 9a23:0hrzahPDHIZJk+hq+s8l6mtXPHoupqn0MwgJ65Eul7NJdOG58o//OFDEu60/l0fHCIPc7f8My/HbtaztQyQh2d6AqzhDFf4ETBoZkYMTlg0kDtSCDBj2Mu/sZC83NM9DT1RiuXq8NBsdFQ==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CiAAALKUhd/5BdJa1mHAEBAQQBAQcEAQGBVQUBAQsBgURQA4FCIAQLKoQeg0cDiy2CW5dZgS4UgRADVAkBAQEMAQEtAgEBhD8CF4JYIzYHDgEDAQEEAQECAQZthR4MhUsBAQECARIREQwBASoNAQ8CAQgODAImAgICMBUFCwIEDgUigwCBawMODwECoFICgTiIYHGBMoJ6AQEFhQQYghMJgQwoAYtiF4FAP4ERJx+CTD6EDE+CdDKCJo5YMY15jTUGZwkCghuLUYhNFAeCL4csjk6DKqINAgQCBAUCDgEBBYFXCCmBWHAVGiEqAYJBgkI3gzqKU3KBKY0TAQE
X-IronPort-AV: E=Sophos;i="5.64,350,1559520000"; d="scan'208";a="391549240"
Received: from rcdn-core-8.cisco.com ([173.37.93.144]) by rcdn-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 05 Aug 2019 13:07:08 +0000
Received: from XCH-ALN-014.cisco.com (xch-aln-014.cisco.com [173.36.7.24]) by rcdn-core-8.cisco.com (8.15.2/8.15.2) with ESMTPS id x75D788m026675 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 5 Aug 2019 13:07:08 GMT
Received: from xhs-aln-002.cisco.com (173.37.135.119) by XCH-ALN-014.cisco.com (173.36.7.24) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 5 Aug 2019 08:07:07 -0500
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by xhs-aln-002.cisco.com (173.37.135.119) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 5 Aug 2019 08:07:02 -0500
Received: from NAM05-BY2-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Mon, 5 Aug 2019 08:07:02 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CEdgYR7Tazr/g1R+oNQT3OSuMaEJ6F0t1VHI8CGLB13ojprYBK1VhJanqZ28vpE1K9lxo4jtjTPaRyH2TjxiR9/WdYStzahTXfYCcC+bnzhzybppo7hjxdDgytstRPejs5pV7WwqdUczZ0ZQ5BeC8Dh4wvlr1Hj8lq+GbS6KCZkDXlw/vdct6PZSfKAdX7BJf2yWmKjG9sg+jNCP5i0+eI5PTMH4aobYCiXO2MRCEG57FYJXKu48HOQB33SRZAQn0FYFH1KNTi6wmGx9j9WeC06CMJBsxWQksH6UeZjDGIiIyZbhYYOrOJXq0px3A2r0JN/0vdBxBjZ1O37X++uU3g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gdWY5Rk1atCfzUVJtZU7ZczfPipDO6NiHCfRrcjnLzI=; b=dchwtljV88jeBoPX+b6GZwjl8HoBG1xLPbEnrBex+iRke7B+u845+OPJxwZwO1O1gFVCkUtsBCEgJ7nGKyUnxx784ApPlb6JKTMENBSmvV5hSaEfnFlXkRWy2dbuNBjtEsezlhU+5m/XR2ODGsjiVLXdVi6ck5aD9W7veUUOr04sWzdBBTPpZ1gS2kh16DjJ4toUT8VB+87GOlmG67VfXeRKsKFeXtsqj3wKYfVzvj9JflrzboRMvZrYSyjffUTAl8wlIn2vegUU+MwSBLqTiqXLsf7nTyfXJeVdsTBHqea9wIqLuDWq+8bg3tZbzlNn+VmNWFJ7uKtE8aRNuiVH+w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=cisco.com;dmarc=pass action=none header.from=cisco.com;dkim=pass header.d=cisco.com;arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gdWY5Rk1atCfzUVJtZU7ZczfPipDO6NiHCfRrcjnLzI=; b=Sb0hCCQV8uUnE54BKxi7s23CGn+7mF+4nElV/m7qJZjFidIIRg8X5l3jSyPo0WtTZd80xZrV39YTCUtI+ZAxvAA8EmNOEgHrYz6j3egicG2Rz5LiyNEJR6GlBmYOYPO3Iw5Q4uj4FPys7FcFEGSdE8Ph6T8BnnwlUTb+uZV4/nY=
Received: from MN2PR11MB4144.namprd11.prod.outlook.com (20.179.150.210) by MN2PR11MB4237.namprd11.prod.outlook.com (10.255.90.27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2136.16; Mon, 5 Aug 2019 13:07:01 +0000
Received: from MN2PR11MB4144.namprd11.prod.outlook.com ([fe80::cc02:dc35:1f73:653c]) by MN2PR11MB4144.namprd11.prod.outlook.com ([fe80::cc02:dc35:1f73:653c%7]) with mapi id 15.20.2136.018; Mon, 5 Aug 2019 13:07:01 +0000
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: Juliusz Chroboczek <jch@irif.fr>
CC: The IESG <iesg@ietf.org>, "draft-ietf-babel-applicability@ietf.org" <draft-ietf-babel-applicability@ietf.org>, Donald Eastlake <d3e3e3@gmail.com>, "babel-chairs@ietf.org" <babel-chairs@ietf.org>, "babel@ietf.org" <babel@ietf.org>
Thread-Topic: Éric Vyncke's Discuss on draft-ietf-babel-applicability-07: (with DISCUSS and COMMENT)
Thread-Index: AQHVS4yC9IRr9kOJFkyEIZoqBpjKFKbsp7uA
Date: Mon, 05 Aug 2019 13:07:01 +0000
Message-ID: <EE29B993-073A-4CC5-B59B-8279B8832FDD@cisco.com>
References: <156500498261.24571.204581663078651704.idtracker@ietfa.amsl.com> <87tvavlqrt.wl-jch@irif.fr>
In-Reply-To: <87tvavlqrt.wl-jch@irif.fr>
Accept-Language: fr-BE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1b.0.190715
authentication-results: spf=none (sender IP is ) smtp.mailfrom=evyncke@cisco.com;
x-originating-ip: [2001:420:c0c1:36:94cc:3600:4eda:dc83]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 9b60d928-ca97-47ea-e7ab-08d719a5ce13
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:MN2PR11MB4237;
x-ms-traffictypediagnostic: MN2PR11MB4237:
x-microsoft-antispam-prvs: <MN2PR11MB42377A841FE2F8AFB40C6774A9DA0@MN2PR11MB4237.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 01208B1E18
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(979002)(4636009)(346002)(376002)(396003)(366004)(39860400002)(136003)(189003)(199004)(86362001)(46003)(14454004)(33656002)(66574012)(6116002)(6916009)(36756003)(5660300002)(6246003)(7736002)(305945005)(58126008)(316002)(53936002)(68736007)(478600001)(6486002)(6506007)(76176011)(54906003)(224303003)(102836004)(99286004)(8936002)(186003)(229853002)(4326008)(6512007)(91956017)(2906002)(76116006)(81166006)(81156014)(6436002)(25786009)(14444005)(256004)(71190400001)(71200400001)(66946007)(476003)(64756008)(11346002)(446003)(66476007)(66556008)(486006)(2616005)(66446008)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB4237; H:MN2PR11MB4144.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: b6PejG/PkRaAXgFPJ0vgauQ151OJhVx7XfldK1qiIIIqxAn0ZYZNdIhIyj/01DPz6ABvMYICCQzpbUwpUxDGO6iQS8MvpWkl99L1mLB9t55FVf9bWcU4QQ/6PvspLEVryLucP1CWoCOlGgWPrA0FlQ8r5OGBmUcwsZKLVsfUYbON8faFsWoyy4iYnfRxrewLJfJ5yfJerv/tEJ9foPEZ+bt8q9wzGgUwAIDiy7dfECU2u3LTiorEuQBNll7OoF3VAIDT+W9rMRafhTcWlMASSlosED2jVQypLj+u3dX9/hZ6WOv4Z5JivRj138f7enQQmNr6vjdmYRGOhKRlBWKHB1mP3bXLbPGGZBzoLF0Fwqg639dBzJjyXsgs1o5CBbIkuFEB/a+/qgtpE0kXf79R/nd2zJ9prbcAP+8muiJqvhM=
Content-Type: text/plain; charset="utf-8"
Content-ID: <A289DF68FE755E4EA933A1D88E3126A9@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 9b60d928-ca97-47ea-e7ab-08d719a5ce13
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Aug 2019 13:07:01.1794 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: evyncke@cisco.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4237
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.24, xch-aln-014.cisco.com
X-Outbound-Node: rcdn-core-8.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/hxvAt5DKvdU9zxZd4zEjVvB5OGM>
Subject: Re: [babel] Éric Vyncke's Discuss on draft-ietf-babel-applicability-07: (with DISCUSS and COMMENT)
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Aug 2019 13:07:13 -0000

About my DISCUSS, the explanatory text is good but it is 'just an explanation' and not a proven property of Babel. If you remove the 'robust wrt bugs' from the list below the assertation of protocol robustness then I will be satisfied and will remove the DISCUSS. Simply add the text below the enumeration bullets and starts with "Experience gained in implementation interoperation testing shows that ....".

For the text about security, what about something like:
"     Babel-HMAC [HMAC] is a simple and easy to implement mechanism that
       only guarantees authenticity, integrity, and anti-replay of the routing traffic,
       and only supports symmetric keying with a small number of keys
       (typically just one or two).  Babel-DTLS [DTLS] is a more complex
       mechanism, that requires some minor changes to be made to a typical
       Babel implementation and depends on a DTLS stack being available, but
       inherits all of the features of DTLS, notably authenticity, integrity,  confidentiality, and the
       ability to use asymmetric keys.
"   (unsure about anti-replay of DTLS though)


-éric



On 05/08/2019, 14:51, "Juliusz Chroboczek" <jch@irif.fr> wrote:

    Dear Eric,
    
    Thanks for your review.
    
    > == DISCUSS ==
    
    > -- Section 2.2 --
    
    > The 'bug resistance' property of Babel was perhaps learned during the
    > implementation, but, I wonder whether the document may simply state 'robust
    > with respect to bugs', this is quite a strong statement that needs to be backed
    > by facts or proof.
    
    Would you be satisfied if I added the following paragraph?  Or would you
    prefer some other resolution?
    
      For example, an early version of the reference implementation would very
      occasionally corrupt the contents of its receive buffer.  With high
      probability, the bug would corrupt the destination address of an IPv6
      host route, which would cause a spurious "martian" route to be announced
      to the network and then silently time out, with no ill effects.
    
    (For the sake of old times, I'll recall that I was the guilty party, and
    that the bug was fixed by Grégoire Henry and Julien Cristau who spent
    almost a whole night observing a Babel node.  They weren't pleased.)
    
    > The title of the document is about 'applicability'; but, should it also
    > include 'use cases' in the title ?
    
    I prefer shorter titles, but I don't feel strongly either way.  Perhaps
    the list can chime in?
    
    > Section 3.1
    
    > The 2nd paragraph is too dense: should explain why Babel is a good fit.
    
    Agreed, I'll reword.
    
    > -- Section 5 --
    
    > Comparison between HMAC & DTLS variants is probably irrelevant in this
    > document. Though, a use case with security in mind would be benefitial.
    
    There are no known use cases.  Our users run Babel over secure link
    layers, and nobody has requested security mechanisms embedded within the
    protocol.  The security mechanisms were designed solely in order to
    satisfy IETF requirements.  (To be fair, it was a lot of fun.)
    
    > Also, the comparison should include all aspects including confidentiality and
    > anti-reply for both HMAC & DTLS.
    
    The document currently says:
    
       Babel-HMAC [HMAC] is a simple and easy to implement mechanism that
       only guarantees authenticity and integrity of the routing traffic,
       and only supports symmetric keying with a small number of keys
       (typically just one or two), but is invulnerable to replay even in
       the absence of persistent state.  Babel-DTLS [DTLS] is a more complex
       mechanism, that requires some minor changes to be made to a typical
       Babel implementation and depends on a DTLS stack being available, but
       inherits all of the features of DTLS, notably confidentiality and the
       ability to use asymmetric keys.
    
    Please let me know if you feel that this paragraph needs to be expanded or
    otherwise reworded, and, if so, in what way.
    
    Thanks again,
    
    -- Juliusz

v2.23.0 | Report a Bug | By Email