IETF Logo Mail Archive

Re: [bess] Kathleen Moriarty's Discuss on draft-ietf-bess-mvpn-extranet-04: (with DISCUSS)

Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Fri, 18 December 2015 16:19 UTC

Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E551E1B36C5; Fri, 18 Dec 2015 08:19:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vkKy5WILG8El; Fri, 18 Dec 2015 08:19:56 -0800 (PST)
Received: from mail-wm0-x235.google.com (mail-wm0-x235.google.com [IPv6:2a00:1450:400c:c09::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 330851B2EC5; Fri, 18 Dec 2015 08:19:56 -0800 (PST)
Received: by mail-wm0-x235.google.com with SMTP id p187so71421942wmp.0; Fri, 18 Dec 2015 08:19:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Gqp0W0xXTF1b8DYgJ2xsur5veKeu+83ZPvv2MuuShZM=; b=C4xC1yyM+dw070CLnjfjJD8ObSFK+L30cbdYv4L6wxdEjNX7mB2UVAJjglilzhLHCT xhX+VqEnUjCf6mkXr6c/pDOj/GIPrF5GW0XO0OA1gAZyf7NFgMTIjXC5nZmKTGyr5cvJ CVgS6f4MPsHbbrS+FA6CAPutdBr5SC6NoqWEDDxi0fcXo+Pw+tT36+Yl/F/hJrsYoQz4 ACXNvrnoyRDLC4jXzVkB4rSKgj173Tx5Gbz5qC02j5sSXowWI1T4CG5sxgCqdQDcbDVU p6BDKtmX1SbZSTvlaE5Pj9rzwD+UkZSjBIFvOfGEbbv/uWF7WL9CRA0fkgmZShsXFb7p L1AQ==
MIME-Version: 1.0
X-Received: by 10.28.133.8 with SMTP id h8mr4160565wmd.71.1450455594781; Fri, 18 Dec 2015 08:19:54 -0800 (PST)
Received: by 10.28.52.130 with HTTP; Fri, 18 Dec 2015 08:19:54 -0800 (PST)
In-Reply-To: <56742534.5080302@juniper.net>
References: <20151218014710.16763.71345.idtracker@ietfa.amsl.com> <56742534.5080302@juniper.net>
Date: Fri, 18 Dec 2015 11:19:54 -0500
Message-ID: <CAHbuEH7MQvHgeGq5652mT4TW5UTNJ_cHNVn=0qE1BfgQBsspBg@mail.gmail.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
To: Eric C Rosen <erosen@juniper.net>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/bess/nzzYtjlX6g51LZyKxGjmIoVrZ1Y>
Cc: draft-ietf-bess-mvpn-extranet@ietf.org, The IESG <iesg@ietf.org>, Alvaro <aretana@cisco.com>, bess-chairs@ietf.org, martin.vigoureux@alcatel-lucent.com, bess@ietf.org
Subject: Re: [bess] Kathleen Moriarty's Discuss on draft-ietf-bess-mvpn-extranet-04: (with DISCUSS)
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Dec 2015 16:19:58 -0000

Hi Eric,

On Fri, Dec 18, 2015 at 10:24 AM, Eric C Rosen <erosen@juniper.net> wrote:
> On 12/17/2015 8:47 PM, Kathleen Moriarty wrote:
>>
>> I just have one question/request to improve the security consideration
>> section.  The only security mentioned in this draft is what's called a
>> "security violation", where traffic may go to the incorrect "VPN"
>> endpoint.  If you are worried about traffic winding up in the wrong
>> place, why is there no consideration for observing this traffic on the
>> wire?  Since there is no encryption, wouldn't this also be a security
>> consideration to call out specifically?
>>
>> Mention of the possibility of active attacks that could alter or tamper
>> with the traffic or passive attacks that could observe the traffic as a
>> risk due to lack of encryption (confidentiality protection) would help or
>> a reason why this doesn't matter.
>
> The reason I didn't mention this in the Security Considerations section is
> that the issues are not specific to Extranet MVPN, which is the topic of
> this document.   The Security Considerations section mentions those issues
> that could result in misdelivery of traffic if the procedures of the
> document are not properly executed; this set of issues is certainly within
> the scope of the document.
>
> I understand that there are issues having to do with the possibility of
> observing or altering the traffic on the wire.  Certainly I could mention
> that the procedures of this document do not provide encryption, and hence do
> not by themselves ensure the privacy/integrity of the data against attacks
> on the backbone network.   Would that be sufficient?

Yes, just having that warning would go a long a way.  I'm not asking
you to solve it (although that would be nice), but rather to make sure
it is included as a security consideration.

Let me know when the text has been added and I'll clear.

Thanks!
Kathleen
>
> I don't want to make any specific recommendations for mitigating those
> attacks, because:
>
> - Issues of how to provide privacy/integrity for multicast traffic in
> general would seem to be out of scope for this document;
>
> - Issues of how to provide privacy/integrity for various
> tunneling/encapsulation methods would seem to be out of scope for this
> document;
>
> - Issues of how to provide privacy/integrity for the base L3VPN technology
> would seem to be out of scope for this document;
>
> - Issues of how a Service Provider can protect its backbone network against
> various attacks would also seem to be out of scope for this document.
>
>
>
>
>
>



-- 

Best regards,
Kathleen

v2.23.0 | Report a Bug | By Email