Re: [babel] Roman Danyliw's Discuss on draft-ietf-babel-dtls-07: (with DISCUSS and COMMENT)
Roman Danyliw <rdd@cert.org> Mon, 12 August 2019 23:35 UTC
Return-Path: <rdd@cert.org>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7A4FC120019; Mon, 12 Aug 2019 16:35:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vXDX1uivnmcY; Mon, 12 Aug 2019 16:35:21 -0700 (PDT)
Received: from taper.sei.cmu.edu (taper.sei.cmu.edu [147.72.252.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BFDCA12000E; Mon, 12 Aug 2019 16:35:21 -0700 (PDT)
Received: from korb.sei.cmu.edu (korb.sei.cmu.edu [10.64.21.30]) by taper.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id x7CNZJ0m003884; Mon, 12 Aug 2019 19:35:20 -0400
DKIM-Filter: OpenDKIM Filter v2.11.0 taper.sei.cmu.edu x7CNZJ0m003884
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=yc2bmwvrj62m; t=1565652920; bh=OStF6Egf1YYMOWqwGwKyvtuTHSsnAwVS1U6pak65Lc4=; h=From:To:CC:Subject:Date:References:In-Reply-To:From; b=PuwdTB+Ffxsl+Xqnzm7A/1C9oKuCvrQGhZk89dtwQ7MMzvYLwgjoK7uUlBmIEd8So 94s1Vqx+WzH6hRbfNGHyoHEIOLGBffT9sLlJAHpERBehV54LYaqIuA2k+5L1LzNzH8 /Ls7Vf1ToIIGqzDd3oqTI7f61Jp2ZSfswWUc2Jmo=
Received: from CASCADE.ad.sei.cmu.edu (cascade.ad.sei.cmu.edu [10.64.28.248]) by korb.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id x7CNZI9m011380; Mon, 12 Aug 2019 19:35:18 -0400
Received: from MARCHAND.ad.sei.cmu.edu ([10.64.28.251]) by CASCADE.ad.sei.cmu.edu ([10.64.28.248]) with mapi id 14.03.0439.000; Mon, 12 Aug 2019 19:35:18 -0400
From: Roman Danyliw <rdd@cert.org>
To: David Schinazi <dschinazi.ietf@gmail.com>
CC: The IESG <iesg@ietf.org>, "draft-ietf-babel-dtls@ietf.org" <draft-ietf-babel-dtls@ietf.org>, Donald Eastlake <d3e3e3@gmail.com>, babel-chairs <babel-chairs@ietf.org>, Babel at IETF <babel@ietf.org>
Thread-Topic: Roman Danyliw's Discuss on draft-ietf-babel-dtls-07: (with DISCUSS and COMMENT)
Thread-Index: AQHVTVX/GUz1qFLfsU6ZzqI2Nk9MnqbyP5aAgAGAUwCABG7OgA==
Date: Mon, 12 Aug 2019 23:35:18 +0000
Message-ID: <359EC4B99E040048A7131E0F4E113AFC01B34054D4@marchand>
References: <156520596444.8244.649940515091541992.idtracker@ietfa.amsl.com> <CAPDSy+5fTinvfPeLMkMOx31SwCL6_Wuzkqif0xGR=BTCPLvBYA@mail.gmail.com> <CAPDSy+5h0-pOTJTiaR7cvr0w1Qc7_mrk20jxaVSW-eG-cirmEg@mail.gmail.com>
In-Reply-To: <CAPDSy+5h0-pOTJTiaR7cvr0w1Qc7_mrk20jxaVSW-eG-cirmEg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.64.22.6]
Content-Type: multipart/alternative; boundary="_000_359EC4B99E040048A7131E0F4E113AFC01B34054D4marchand_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/v-DTcrT5YkTBY6dw0oO1Cj7ftOk>
Subject: Re: [babel] Roman Danyliw's Discuss on draft-ietf-babel-dtls-07: (with DISCUSS and COMMENT)
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Aug 2019 23:35:25 -0000
Hi David! From: David Schinazi [mailto:dschinazi.ietf@gmail.com] Sent: Friday, August 9, 2019 7:40 PM To: Roman Danyliw <rdd@cert.org> Cc: The IESG <iesg@ietf.org>; draft-ietf-babel-dtls@ietf.org; Donald Eastlake <d3e3e3@gmail.com>; babel-chairs <babel-chairs@ietf.org>; Babel at IETF <babel@ietf.org> Subject: Re: Roman Danyliw's Discuss on draft-ietf-babel-dtls-07: (with DISCUSS and COMMENT) We've now submitted -08 which contains the changes discussed below. Thanks, David On Thu, Aug 8, 2019 at 5:44 PM David Schinazi <dschinazi.ietf@gmail.com<mailto:dschinazi.ietf@gmail.com>> wrote: Thanks for your review Roman! We've made changes on our git repository <https://github.com/jech/babel-drafts> and will submit a revised draft shortly. Detailed responses inline. Thanks, David On Wed, Aug 7, 2019 at 12:26 PM Roman Danyliw via Datatracker <noreply@ietf.org<mailto:noreply@ietf.org>> wrote: ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- (1) Section 1. These are different than the ones listed in Section 6 of draft-ietf-babel-rfc6126bis and Section 1 of draft-ietf-babel-dtls. As DTLS and HMAC are mitigations for attacks in draft-ietf-babel-rfc6126bis, they really should be harmonized. We've fleshed out the text in draft-ietf-babel-rfc6126bis and kept the reference in draft-ietf-babel-dtls. (2) Section 2.1. Per “Implementations MUST support authenticating peers against a local store of credentials”, what does that credentialing look like? Is it certificates, PSK, etc? What validation procedure is being used for this authentication? I'll respond to this point on Ben's DISCUSS since I think you're both asking for the same thing. [Roman] Concur that Ben and I are raising the same concern. I appreciate the explanation you provided in: https://mailarchive.ietf.org/arch/msg/babel/HuoEG7HG_rSfs3rCFZo2ZYdCl_I Ben’s recommendation to explicitly note that this authentication needs to be solved in external profiles would address my concern too: https://mailarchive.ietf.org/arch/msg/babel/5AnLlaHPTEsBJpV7WVrZLpw07ls (I don’t know if you were waiting on Ben for anything else, but …) I didn’t see this discussion about profiles in the new -08 text. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- (3) Abstract. Per “Babel does not contain any means … [to] protect messages”, be more precise in the definition of protect (i.e., integrity and confidentiality) Agreed, fixed. (4) Section 1.2. Per “A comparison of Babel security mechanisms and their applicability can be found in [RFC6126bis]”, where in draft-ietf-babel-rfc6126bis does this comparison occur. The references to HMAC and TLS are in a single paragraph in in Section 6/Security Considerations which roughly reiterate the one sentence statements written here. We've fleshed out the text in draft-ietf-babel-rfc6126bis and kept the reference in draft-ietf-babel-dtls. (5) Section 2.1. Per “When a node receives a new DTLS connection, it MUST verify that the source IP address is an IPv6 link-local address …”, what happens if IPv4 is in use? This was an oversight. The text now also discusses IPv4. (6) Section 2.1. Per “Nodes MUST only negotiate DTLS version 1.2 or higher”, this is stricter than RFC7525 cited in the Security Consideration later in the draft. That’s fine, but please reiterate that in Section 5. Done. (7) Section 2.6 Suggest being clearer that this is a deployment not an implementation issue. s/Implementations<http://s/Implementations> MAY implement both Babel over DTLS and unprotected Babel./ /A node MAY run both Babel over DTLS and unprotected Babel./ Agreed. We added your new sentence but also kept the old one since both are true. (8) Section 2.6, Per “However, accepting unprotected Babel packets … loses the security properties of Babel over DTLS”. This seems misleading. The security properties of “Babel over DTLS” as a protocol are stated in Section 1.2. In this section there is discussion of the security properties of the node (and the resulting neighbor table). These are different. The issue seems to be that a node is building a neighbor table with updates from sources which need to be trusted to different degrees. Agreed. We've reworked that paragraph. (9) Section 5. Per “Confidential interaction between two Babel peers requires Datagram Transport Layer Security (DTLS) with a cipher suite offering confidentiality protection. The guidance given in [RFC7525] MUST be followed to avoid attacks on DTLS.”, the first sentence is true, but incomplete, in that we’d also want cipher suites with a strong key exchange algorithm, etc. Section 4.2 of RFC7525, which is cited as a MUST, provides a list of recommended ciphers suites. Do we need this first sentence? Fair enough, We've removed that sentence. (10) Editorial -- Section 2.1. Expand “IHU” on first use Done -- Section 3. Nit. s/ciphers/ciphersuites/<http://s/ciphers/ciphersuites/> Done [Roman] Thanks for all of the changes above! Regards, Roman
- [babel] Roman Danyliw's Discuss on draft-ietf-bab… Roman Danyliw via Datatracker
- Re: [babel] Roman Danyliw's Discuss on draft-ietf… David Schinazi
- Re: [babel] Roman Danyliw's Discuss on draft-ietf… David Schinazi
- Re: [babel] Roman Danyliw's Discuss on draft-ietf… Roman Danyliw
- Re: [babel] Roman Danyliw's Discuss on draft-ietf… David Schinazi
- Re: [babel] Roman Danyliw's Discuss on draft-ietf… Roman Danyliw
- Re: [babel] Roman Danyliw's Discuss on draft-ietf… David Schinazi
- Re: [babel] Roman Danyliw's Discuss on draft-ietf… David Schinazi
- Re: [babel] Roman Danyliw's Discuss on draft-ietf… Roman Danyliw