IETF Logo Mail Archive

Re: [BEHAVE] address-format secure configuration

Brian E Carpenter <brian.e.carpenter@gmail.com> Wed, 31 March 2010 21:46 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: behave@core3.amsl.com
Delivered-To: behave@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7901B3A6877 for <behave@core3.amsl.com>; Wed, 31 Mar 2010 14:46:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.169
X-Spam-Level:
X-Spam-Status: No, score=-1.169 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, DNS_FROM_OPENWHOIS=1.13, J_CHICKENPOX_13=0.6]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mXo6VSiOxy6k for <behave@core3.amsl.com>; Wed, 31 Mar 2010 14:46:26 -0700 (PDT)
Received: from mail-pv0-f172.google.com (mail-pv0-f172.google.com [74.125.83.172]) by core3.amsl.com (Postfix) with ESMTP id 91DFD3A6807 for <behave@ietf.org>; Wed, 31 Mar 2010 14:46:26 -0700 (PDT)
Received: by pvh1 with SMTP id 1so80344pvh.31 for <behave@ietf.org>; Wed, 31 Mar 2010 14:46:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :organization:user-agent:mime-version:to:cc:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=Ghn1590i056Q6n3maJosKuU0djnrpyHS6+wY4Aud7/I=; b=OVhCXEiDDiq5NTmnR+oCk3D9zSJ3MqjSguPpzBCT43cUkSkG1OnelEHUH0vPb4jJ4J 1ofiZp4uFp4eYpeDDKH3eVLvDzng5ASrdLwIEmASKSfmhWeLkfM0x5+KDF1RqL6Jpa6I te/RYDCujIELduzdEZ+QP9Mdsr6RqClewhyo4=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; b=fSLUQPb6/VWKcqUqgazQxrNBfFhO5yl7YoCzJ8v5pbDElLPoeD8AOJc1KWKQ5SuDAR drtdATkCiFib70BnjJw2DJwyScHRXGFXmTarUhEntGB03l6+BqArgvd7fW0KXqXkFRWK uX5EML/ZltkcqsTvcRj2ymscRh0bqRmA9OZiI=
Received: by 10.115.25.6 with SMTP id c6mr426244waj.129.1270072015133; Wed, 31 Mar 2010 14:46:55 -0700 (PDT)
Received: from [172.16.1.8] (12-50-201-66.att-inc.com [12.50.201.66]) by mx.google.com with ESMTPS id 19sm1868693pwi.6.2010.03.31.14.46.53 (version=SSLv3 cipher=RC4-MD5); Wed, 31 Mar 2010 14:46:54 -0700 (PDT)
Message-ID: <4BB3C2C8.4010900@gmail.com>
Date: Thu, 01 Apr 2010 10:46:48 +1300
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Dave Thaler <dthaler@microsoft.com>
References: <02d001cad0f5$41ef7ee0$0600a8c0@china.huawei.com> <6B55F0F93C3E9D45AF283313B8D342BA6863C744@TK5EX14MBXW653.wingroup.windeploy.ntdev.microsoft.com> <9B57C850BB53634CACEC56EF4853FF65139210A3@TK5EX14MBXW601.wingroup.windeploy.ntdev.microsoft.com>
In-Reply-To: <9B57C850BB53634CACEC56EF4853FF65139210A3@TK5EX14MBXW601.wingroup.windeploy.ntdev.microsoft.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: "behave@ietf.org" <behave@ietf.org>, David Harrington <ietfdbh@comcast.net>
Subject: Re: [BEHAVE] address-format secure configuration
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Mar 2010 21:46:27 -0000

I agree, it doesn't belong here, but it is important. Some of the issues
and mechanisms are covered in draft-carpenter-renum-needs-work-05.txt, which
is now in the RFC Editor queue (having passed the IESG as a direct submission
to one of the Ops ADs). The topic probably belongs in v6ops IMHO.

Regards
   Brian Carpenter

On 2010-04-01 10:16, Dave Thaler wrote:
> To second what Christian said, if you look at RFC 4291 it contains
> no discussion of secure configuration, it defines address formats.
> This draft is no different.
> 
> Configuration mechanisms are outside the scope of this document.
> I don't believe the things you raise belong in this document.
> They could be in a separate document for which we could add a
> milestone as part of the rechartering.
> 
> -Dave
> 
>> -----Original Message-----
>> From: behave-bounces@ietf.org [mailto:behave-bounces@ietf.org] On
>> Behalf Of Christian Huitema
>> Sent: Wednesday, March 31, 2010 1:57 PM
>> To: David Harrington; behave@ietf.org
>> Subject: Re: [BEHAVE] address-format secure configuration
>>
>> David,
>>
>> We do not describe configuration in this document, we merely describe
>> address format. Configuration is indeed important, but do you really
>> believe that it should be part of this document? What about the other
>> documents in the working set, e.g. the description of stateful and
>> stateless address translation? Or the framework document? The note in
>> the security section is meant to flag the issue, not to resolve it.
>>
>> -- Christian Huitema
>>
>>
>> -----Original Message-----
>> From: behave-bounces@ietf.org [mailto:behave-bounces@ietf.org] On
>> Behalf Of David Harrington
>> Sent: Wednesday, March 31, 2010 10:12 AM
>> To: behave@ietf.org
>> Subject: [BEHAVE] address-format secure configuration
>>
>> Hi,
>>
>> I think section 4.2 Secure Configuration is inadequate. The discussion
>> of configuration is inadequate, and the discussion of security is
>> inadequate.
>>
>> Configuration will require some synchronization if the values should
>> change. Specifying a default prefix might provide an initial
>> synchronization, but does not address the difficult operational issue
>> of synchronization of changes to the deployed prefixes and formats.
>> The document does not discuss the operational and security
>> vulnerabilties exposed during the process of changing a prefix.
>>
>> Secure configuration of prefixes and formats across multiple devices
>> and applications in a network will require some type of authentication
>> and authorization, and protection from various possible attacks, such
>> as man in the middle attacks. A default prefix does not address the
>> security issues involved in secure configuration, as far as I can see.
>>
>>
>> I think work needs to be done on this section. I recommend addressing
>> the operational considerations of deploying a change of prefix across
>> a network, and separately identifying and addressing the threats
>> involved in prefix configuration.
>>
>>
>> David Harrington
>> dbharrington@comcast.net
>> ietfdbh@comcast.net
>> dharrington@huawei.com
>>
>> _______________________________________________
>> Behave mailing list
>> Behave@ietf.org
>> https://www.ietf.org/mailman/listinfo/behave
>>
>> _______________________________________________
>> Behave mailing list
>> Behave@ietf.org
>> https://www.ietf.org/mailman/listinfo/behave
> 
> _______________________________________________
> Behave mailing list
> Behave@ietf.org
> https://www.ietf.org/mailman/listinfo/behave
>

v2.23.0 | Report a Bug | By Email