Re: [babel] rtgdir Last Call Review requested: draft-ietf-babel-dtls
David Schinazi <dschinazi.ietf@gmail.com> Sat, 06 July 2019 01:21 UTC
Return-Path: <dschinazi.ietf@gmail.com>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 09CA8120122 for <babel@ietfa.amsl.com>; Fri, 5 Jul 2019 18:21:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zbdqou5OoFIm for <babel@ietfa.amsl.com>; Fri, 5 Jul 2019 18:21:14 -0700 (PDT)
Received: from mail-lf1-x12a.google.com (mail-lf1-x12a.google.com [IPv6:2a00:1450:4864:20::12a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4EBD51200EC for <babel@ietf.org>; Fri, 5 Jul 2019 18:21:14 -0700 (PDT)
Received: by mail-lf1-x12a.google.com with SMTP id u10so7321452lfm.12 for <babel@ietf.org>; Fri, 05 Jul 2019 18:21:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=BtQr1X1oHCcxfwBKzMUPa5ytHAzL1dK70SNpfDAFMjg=; b=s8yMXgmx88Frg7kNoB1AUTBOITeuNYOf7U9RAxT/kbxDXDDUiCwXt9rXg6SUA51h3E d2FlBWKr8BQNsq7+6bIhK9Qqwh0mXke2orku9gwGuPE6olHab3OBl3OVF1dq/hOtgmTV 7x7OFYxhxUzuVzaCzKznf3nR4KcTRjc8wucV+Qe69ANKYJh+Mksx0BysWL0PQelmVC8T us18c1yqmtCKlpm2yKNVQDlvcsfyXO+ML6Qgb8zR6aat/xRR6/P5rps8QpN+Ln+DRa0e LLqpOV90Ccya8mSx6ufFcjWoDhJmXz21xi+INjEi3tzeiIZ/pTpcYx+JbtdPrtGAGyTl DkVQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=BtQr1X1oHCcxfwBKzMUPa5ytHAzL1dK70SNpfDAFMjg=; b=PZ3qATUlP1gGD4MqL/+c/Pu6+6ohvKHyRA0tfff797Gu8kAli+JceVVDiF5No29RQ9 dx9qwj2oU1YYNOAngQCzmRd7pXKyFx/Fa8bQWGpC8Lb3iaCyoqYh+2hMEDVxfO5gU2o/ D9x6pjAjmQN1SNWlQONGoBD1xZGTW4T04HGfPKqLi5zZWOqprjMXcxgrjLAAtVtOba/v QLo4+F9o9+xb9gtKrswQkFiBdaY3ZLKst+1aC7+RHejIXFdh8ZYntcj9r6TJpcj93u5v um2L7/3sBdKzByuMOjjHk/H705QLX/7LWui0c+zsCOKKzWXMHv0abHQOtyscIZ6QUwsV +1XA==
X-Gm-Message-State: APjAAAXk1ZKrFqyBa7MHZEIpkXLAwF1D8tD73l9zm7QvBodzJHe/7Glj dPnGt5fJW8Sx+8qOEZrUK3sxX3JWp/EP37LAwho=
X-Google-Smtp-Source: APXvYqzVk+8ksS4bBAtvriEmLG7hJG6bprcpWJwylgQ8zXRo/ZOKFG1KROBEjhr9tGl92JF8rN5Vs4MVnSqTY/cB6vY=
X-Received: by 2002:ac2:514b:: with SMTP id q11mr3287047lfd.33.1562376072586; Fri, 05 Jul 2019 18:21:12 -0700 (PDT)
MIME-Version: 1.0
References: <156105440578.3118.4917846383408119793.idtracker@ietfa.amsl.com> <9C5FD3EFA72E1740A3D41BADDE0B461FCFC76069@DGGEMM528-MBX.china.huawei.com> <CAGnRvup1FvMU85N4psgG52tZBZwA-qhwCKuBdA7RxvcNLMpNmA@mail.gmail.com>
In-Reply-To: <CAGnRvup1FvMU85N4psgG52tZBZwA-qhwCKuBdA7RxvcNLMpNmA@mail.gmail.com>
From: David Schinazi <dschinazi.ietf@gmail.com>
Date: Fri, 05 Jul 2019 18:21:01 -0700
Message-ID: <CAPDSy+5c+xFqi3C_9xXW9Dvwmg_x8bkg-4y_zsC+p17R40dY8w@mail.gmail.com>
To: Henning Rogge <hrogge@gmail.com>
Cc: "Yemin (Amy)" <amy.yemin@huawei.com>, Antonin Décimo <antonin.decimo@gmail.com>, Juliusz Chroboczek <jch@irif.fr>, Martin Vigoureux <martin.vigoureux@nokia.com>, LucAndré Burdet <laburdet.ietf@gmail.com>, Babel at IETF <babel@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000cfea0f058cf9062b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/yNGgOauQHCp5EyMj8ivQxdTcdJI>
Subject: Re: [babel] rtgdir Last Call Review requested: draft-ietf-babel-dtls
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Jul 2019 01:21:19 -0000
Hi Henning, and thank you for your review. Responses inline. On Fri, Jul 5, 2019 at 5:32 AM Henning Rogge <hrogge@gmail.com> wrote: > > Chapter 2.3: > I wonder if using DTLS protected unicast Hellos should be mandatory... > using unprotected multicast to determine bidirectional reachability > looks like a good way to do a cheap denial of service attack. > In Babel, bidirectional reachability is established using both Hellos and IHUs. We explicitly require DTLS protection for IHUs to prevent an attacker from tricking you into thinking you have bidirectional reachability. This reduces the protocol's attack surface by limiting what an attacker can do. Unicast Hellos are protected by the rule that all unicast traffic must be protected by DTLS. This is also there to reduce attack surface. DTLS itself contains mechanisms to prevent denial of service attacks (see section 4.2.1 of RFC 6347), and it is good practice for us to use those instead of coming up with our own. > Chapter 2.5: > What happens when a node starts a new DTLS connection and there is > already one in the neighbor table? This could both be an attempt to > attack Babel, a reboot of a node or just a matter of misconfiguration > of two nodes. > There is no reason for a node to initiate a DTLS connection if it already has one to the neighbor in question. However, you're right that receiving a new connection when we already have one wasn't explicitly discussed. I've added a sentence to Section 2.1: If a node receives a new DTLS connection from a neighbour to whom it already has a connection, the node MUST NOT discard the older connection until it has completed the handshake of the new one and validated the identity of the peer. > Chapter 3: > Different pairs of nodes could select different ciphers, resulting in > different MTUs. I assume this is no problem for Babel (could be > mentioned in the chapter). > Good point. I've added this text to section 3: Note that distinct DTLS connections can use different ciphers, which can have different amounts of overhead per packet. Therefore, the MTU to one neighbour can be different from the MTU to another neighbour on the same link. The changes above are reflected in draft -07. Thanks, David
- Re: [babel] rtgdir Last Call Review requested: dr… Henning Rogge
- Re: [babel] rtgdir Last Call Review requested: dr… David Schinazi
- Re: [babel] rtgdir Last Call Review requested: dr… Juliusz Chroboczek
- Re: [babel] rtgdir Last Call Review requested: dr… Juliusz Chroboczek
- Re: [babel] rtgdir Last Call Review requested: dr… Henning Rogge
- Re: [babel] rtgdir Last Call Review requested: dr… David Schinazi
- Re: [babel] rtgdir Last Call Review requested: dr… David Schinazi
- Re: [babel] rtgdir Last Call Review requested: dr… Henning Rogge
- Re: [babel] rtgdir Last Call Review requested: dr… David Schinazi