Re: [bess] Kathleen Moriarty's Discuss on draft-ietf-bess-mvpn-extranet-04: (with DISCUSS)
Eric C Rosen <erosen@juniper.net> Fri, 18 December 2015 15:24 UTC
Return-Path: <erosen@juniper.net>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 31C051B2ED3; Fri, 18 Dec 2015 07:24:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 882hXFmkILcD; Fri, 18 Dec 2015 07:24:53 -0800 (PST)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2on0127.outbound.protection.outlook.com [65.55.169.127]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4ECF81B358E; Fri, 18 Dec 2015 07:24:53 -0800 (PST)
Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=erosen@juniper.net;
Received: from [172.29.35.68] (66.129.241.14) by BLUPR0501MB2003.namprd05.prod.outlook.com (10.164.22.29) with Microsoft SMTP Server (TLS) id 15.1.361.13; Fri, 18 Dec 2015 15:24:43 +0000
To: Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>, The IESG <iesg@ietf.org>
References: <20151218014710.16763.71345.idtracker@ietfa.amsl.com>
From: Eric C Rosen <erosen@juniper.net>
Message-ID: <56742534.5080302@juniper.net>
Date: Fri, 18 Dec 2015 10:24:36 -0500
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0
MIME-Version: 1.0
In-Reply-To: <20151218014710.16763.71345.idtracker@ietfa.amsl.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [66.129.241.14]
X-ClientProxiedBy: DM2PR10CA0085.namprd10.prod.outlook.com (25.162.31.11) To BLUPR0501MB2003.namprd05.prod.outlook.com (25.164.22.29)
X-Microsoft-Exchange-Diagnostics: 1; BLUPR0501MB2003; 2:4azxYF/TLzcZF9EPYXu5ZwhOvSQuZR4R6Hsito0ocujT8ew1OSv8i87HXctQBtKuhIYX5QFoyjEogdIHUHyFmTgxYoEfFbMrhjMIfTUaVHUS5IdejH0mjkWOq//iz70WS15cGRP8SPzzJ8hx8OnVCQ==; 3:xycgIj9+O6YEOgpfHvGccHCwYqPGv0Zf0d5Ax6tSP2KUQc3K3oHwjQHvlzBFObjSGuTkF6Vz3NQ/jF8VqSFjsbi7a6k67WdQ0hY8PkC+5BAvZshvcmLBz7Z5cr+WO3aX; 25:rQvJTp8jC5RDFAHCOg8b2B0/OtxKv/pkg8oa7uQNkbTtu7J9gH5+TCoMbNd6muR3k51U/8dNrLNYRLYmAw6YNGPgT4n2SsauDcWA8bBWblYicsnNIAMEsipqZYqtJUwTp6fqdgCgz4P31jhnfSsVRIeC1owj9GZvrmKupX6Ej0M49oHcMcd6MLBjOMSePd0S6PU1+jrnrJicAWk+q6nNwKfFFdh72aBGtQVkhEe4cVc2wxRDW+zGgBRWR8pMBsh0hfSXeoqXK9nzXCVMsUmj5g==
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BLUPR0501MB2003;
X-Microsoft-Exchange-Diagnostics: 1; BLUPR0501MB2003; 20:JjIkcxbPmAg6vnVQUTCk7dboKVkpkVLAg1fOjzMraNKrgDkImw8R0ox0c4GOgqY3r8R1g7PEilO9Rvxisf+xcjCSdATe1xlf8p7i9s4Vc/+A+mpHzNONbpO/VRN1ugL8bUfiXS1Aoq1rV4YnC/nEmrtbqlbeBRFVGnD3xzHR3QP/MRuJv/aKIN4Gfe+bUGc/ZrzCRQim0Bob2VMVc8OIRpJoXMSE7k518fYHYiwfpkRvoAICC6RA+Xa880g7Bdj7HiGtuqmabyDzcWcq0OHBz+RiLpvuM+52p3xGpf/NifEBukYQYYGWuiPuU8h4eD7ThGmBFtnwZKvXcNU59tZTwxRPZ/PVfJ7ChnSyqNGC49FOlgazQgeHlUMczF4D1hmwehFcSErvbPP7zLjLzaTMF9scAXgEDcNgULbixesk7QcSWd5eUCu/7198qtuDZeWUYt/SFjJCXRIJ5E/QSKv14J+nlb+ChmSCGRLvolIfexOzii4bfarLPHn7EgE2YVA7; 4:vBP9XbDuANKRwPIAo4/RzVMSkbloqfRxNyIJvKhysWPhH5nLeaDNuB4FwjgGtnxFf/7VHA/Agnl+KUDjPCq4qu2ehmfI5X5ecBWIjB7vmwHMXxTdNPHb6dtlYb1r3bIFG40FSo0cdTXhw5Go75BYuhQOplttq87tLlFhiYp8p5ZJFNPVbgH/CpDG3iCba3ehDPqCd1vgD4EHoF+JI/SSj6gfi+idlgy/4js+O/ZW2d5ifCxsDytI6c/Wp5w7QrNOHayJi5KAtRJpg+abjqh/Jx8EbljxKO936NRDt8S2R/tseMTcFPG6oeKwM/q5X7z65EXY33K1w49UimBZaH2y7AVwEnIQYVnr6sBbdy9UfzREJW4bVDw5BKUQICZ2hbck
X-Microsoft-Antispam-PRVS: <BLUPR0501MB200375E7DD48E36C816B9330D4E10@BLUPR0501MB2003.namprd05.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(2401047)(5005006)(8121501046)(520078)(3002001)(10201501046); SRVR:BLUPR0501MB2003; BCL:0; PCL:0; RULEID:; SRVR:BLUPR0501MB2003;
X-Forefront-PRVS: 07943272E1
X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(6009001)(6049001)(377454003)(479174004)(189002)(199003)(24454002)(6116002)(50986999)(3846002)(1096002)(76176999)(59896002)(99136001)(50466002)(42186005)(65816999)(36756003)(101416001)(87266999)(77096005)(5004730100002)(105586002)(106356001)(117636001)(586003)(5008740100001)(5001770100001)(47776003)(65956001)(87976001)(64126003)(81156007)(97736004)(65806001)(66066001)(5001960100002)(54356999)(122386002)(230783001)(4001350100001)(92566002)(86362001)(189998001)(23676002)(40100003)(2950100001)(230700001)(83506001)(62816006); DIR:OUT; SFP:1102; SCL:1; SRVR:BLUPR0501MB2003; H:[172.29.35.68]; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
Received-SPF: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
X-Microsoft-Exchange-Diagnostics: 1;BLUPR0501MB2003;23:UBDVx9o/WNOZvoheRRazxokxmKlQtIeVNLFtPIWZO4QloyIHBQpdsWvwYfNuj7wYGBqRyPHndWFEvEy71NxpXrJZDho6Yo08z46L+iHvXr5VghdM/6GjKdGhmt5gTiuitPfOG9z9GIitrbmNwySPSz4EuNkeLYdQJyYEcAC1HZZRSpkiagw77jzh9P8wrL1NT5XULsUhyETLeeHc3ZciivxWZ3Rg/PvrIMM4YrdsUZR/zjhYwZaxGTOi+K8OlJH/LckMnk0Ok1RAZMjkLMMNgwuarnfaxnmKXPnfXujAIkxewGCI3k2MIrFzDcAv1E2peXinBmKMgDNEESS08a1TWt0QClYH8haKA3dQTZ1g6pK0YoypDUFSd5wSkYV411vrzEkzOwQOeit8YeGnoBs21lZgqYPuQfplNWoqEhCA85qxDYfdQ3LbnJEZwZ1OEAvf4QfEYbnxN1oqurYjufCvD6vohN39cno3eU1o6JtmTpa3kTCduI1uqZw/V+e+v58YsY4YIvEV88xztlTFC3NzDITSWDo0lXGFOzv3j2qeTwqoL88CWgyH0j7VkJwXw65v8SO9vZ4iR+/e2E1dmxgdX73Qhc/bHLfYLW1XHMiqvZBy/JU17P0EfaM53YWb0fzHsLE3EeZDFNA1hYyawprSWC55gMcvaVTk2n99LvPXVg1UZ3O9kXIBnzndraAR7HBazXZKUP7HjZvhEBACig+SGPEMpzBLbgViaerNRDByjeurb4Y1hymAhROgxo/LZxUnnUaQW5BHZNEYq9KoxooHcGfWGDAIYXXI0MicQO6aeHY4/8TZiRXcoBNDRjZd17QxlZFzXSzq/v+3ByvTBb9lpZxRvnMKk4L0/HOCaXNfirdCQTvs7bHEGfmcks2FmXiIyy8F+c6VDLPtPBBFA1qt1i2NjwB/vzg6oHYPyFaPJ3il8pHClW85D2SAQAN9gE/jVeG5DUUJeEejpPqmfFRxES5TTLMmGibdPlbQ0j9I6D3oLwISVIieR1wsCpe7nza19xMBu5Gxckt8umVe9dd2drTREWT7NUzOzwh7Ym9xMGnVh9lZB7WsH3HRmPYXoHBQ2q6ssCJ6nHvBLCoibz9zXjjruCxdqz+nCxIDeIkBl1moKrdML5ZmFHYtYYvo3MnBkTD74PSsuXZ7Cq/G6T4x/+ZsmUg0VVp6iy/+XEotc264uJXGPmzwUSTq/7PUrKWZi8pOKEvvKkUelbLXuiLT+cuGk8BPD57PcdJxjI56JfhxAtH7XO3SQYY4OrfSYqtBb802mrDJV7kql3AINMasjw==
X-Microsoft-Exchange-Diagnostics: 1; BLUPR0501MB2003; 5:gIlil5nPwKF9BtP2BQKnnf1Ay3OKu53xeaWNqrQUDDG3TpeTA1qvSDSnREBCWRZdFWuJLkmt0aOqZTFTqBsoGN4JE9WstU/Po70yFtK4mxKkZD2q4wnjqnBt0q0HdiiPicv6O03b3RGbDr9Ea6vIOA==; 24:+5ZXj4nkPqzkMJAdIQN4gdMkKGe0WlpVHvp90jcHpakFElWRBmBSPAxKbe4M6Sj7JTIBEnLV1jrsQ2gbcF0elaTGW/mFWwDFErjs22iWAIE=
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Dec 2015 15:24:43.4849 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR0501MB2003
Archived-At: <http://mailarchive.ietf.org/arch/msg/bess/9DBRsUS1hzHZrHwwyQyoyCq-AAw>
Cc: aretana@cisco.com, bess-chairs@ietf.org, draft-ietf-bess-mvpn-extranet@ietf.org, martin.vigoureux@alcatel-lucent.com, bess@ietf.org
Subject: Re: [bess] Kathleen Moriarty's Discuss on draft-ietf-bess-mvpn-extranet-04: (with DISCUSS)
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Dec 2015 15:24:55 -0000
On 12/17/2015 8:47 PM, Kathleen Moriarty wrote: > I just have one question/request to improve the security consideration > section. The only security mentioned in this draft is what's called a > "security violation", where traffic may go to the incorrect "VPN" > endpoint. If you are worried about traffic winding up in the wrong > place, why is there no consideration for observing this traffic on the > wire? Since there is no encryption, wouldn't this also be a security > consideration to call out specifically? > > Mention of the possibility of active attacks that could alter or tamper > with the traffic or passive attacks that could observe the traffic as a > risk due to lack of encryption (confidentiality protection) would help or > a reason why this doesn't matter. The reason I didn't mention this in the Security Considerations section is that the issues are not specific to Extranet MVPN, which is the topic of this document. The Security Considerations section mentions those issues that could result in misdelivery of traffic if the procedures of the document are not properly executed; this set of issues is certainly within the scope of the document. I understand that there are issues having to do with the possibility of observing or altering the traffic on the wire. Certainly I could mention that the procedures of this document do not provide encryption, and hence do not by themselves ensure the privacy/integrity of the data against attacks on the backbone network. Would that be sufficient? I don't want to make any specific recommendations for mitigating those attacks, because: - Issues of how to provide privacy/integrity for multicast traffic in general would seem to be out of scope for this document; - Issues of how to provide privacy/integrity for various tunneling/encapsulation methods would seem to be out of scope for this document; - Issues of how to provide privacy/integrity for the base L3VPN technology would seem to be out of scope for this document; - Issues of how a Service Provider can protect its backbone network against various attacks would also seem to be out of scope for this document.
- [bess] Kathleen Moriarty's Discuss on draft-ietf-… Kathleen Moriarty
- Re: [bess] Kathleen Moriarty's Discuss on draft-i… Eric C Rosen
- Re: [bess] Kathleen Moriarty's Discuss on draft-i… Kathleen Moriarty
- Re: [bess] Kathleen Moriarty's Discuss on draft-i… Alvaro Retana (aretana)