Re: [bfcpbis] Kathleen Moriarty's Discuss on draft-ietf-bfcpbis-rfc4582bis-13: (with DISCUSS and COMMENT)
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Wed, 23 September 2015 15:07 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: bfcpbis@ietfa.amsl.com
Delivered-To: bfcpbis@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 373631A6F88; Wed, 23 Sep 2015 08:07:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S8FJwQbawKKC; Wed, 23 Sep 2015 08:07:34 -0700 (PDT)
Received: from mail-wi0-x233.google.com (mail-wi0-x233.google.com [IPv6:2a00:1450:400c:c05::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3AC981A6F58; Wed, 23 Sep 2015 08:07:34 -0700 (PDT)
Received: by wicge5 with SMTP id ge5so211951614wic.0; Wed, 23 Sep 2015 08:07:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=y4wgA0W9JdarqSgxfJsMSdMxGig1AMXs9Zywl+El5F4=; b=p6JcX9krxqD9ZREWIyx5PeUbuR6Cmn8n5KAlz8dwfqxt+LB3fKP0ImlTarFC20zjex RAYxNeL5N5ipcx5udS95Od5ODgFs2eLKUU8a7Pw7C6N6hfjf7Ih815N8PwErdFyanneY /ATu7AkxKvxG9+8+4ABZ+I0nqB9dsqH1NQN7KEc0lqiTjwaHUQt2TuHyO20s8vICwxr4 PBbDCRotTHK7xEXXgiuCeT3tvAfRDrwFQo4zXQigJ0w4zhw4rJ6cNdcgot9ltURE3wq/ r/hlWggAtfV9VdkY4GNJPxS+o91q8zS04RBvkXlKuZl0+We4Xo9nf8CxakzsR/v3cViz CL0A==
MIME-Version: 1.0
X-Received: by 10.194.116.106 with SMTP id jv10mr41231929wjb.0.1443020852618; Wed, 23 Sep 2015 08:07:32 -0700 (PDT)
Received: by 10.28.214.213 with HTTP; Wed, 23 Sep 2015 08:07:32 -0700 (PDT)
In-Reply-To: <em32a27159-0960-4ceb-89ca-e75cd66919c1@sydney>
References: <20150305152202.28872.54032.idtracker@ietfa.amsl.com> <em32a27159-0960-4ceb-89ca-e75cd66919c1@sydney>
Date: Wed, 23 Sep 2015 11:07:32 -0400
Message-ID: <CAHbuEH5T-ZPXZSxCr_x8ihtaRrHZJg+EwOgzLBSGDpevU-erFg@mail.gmail.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
To: "Paul E. Jones" <paulej@packetizer.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/bfcpbis/guWv1xZ3JFNOFDe74C5aXovU1p8>
Cc: "bfcpbis@ietf.org" <bfcpbis@ietf.org>, "draft-ietf-bfcpbis-rfc4582bis.all@ietf.org" <draft-ietf-bfcpbis-rfc4582bis.all@ietf.org>, Mary Barnes <mary.ietf.barnes@gmail.com>, The IESG <iesg@ietf.org>, "bfcpbis-chairs@ietf.org" <bfcpbis-chairs@ietf.org>
Subject: Re: [bfcpbis] Kathleen Moriarty's Discuss on draft-ietf-bfcpbis-rfc4582bis-13: (with DISCUSS and COMMENT)
X-BeenThere: bfcpbis@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: BFCPBIS working group discussion list <bfcpbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bfcpbis/>
List-Post: <mailto:bfcpbis@ietf.org>
List-Help: <mailto:bfcpbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Sep 2015 15:07:37 -0000
Hi Paul, I think we are close, thanks for your response. Inline. On Wed, Sep 23, 2015 at 2:26 AM, Paul E. Jones <paulej@packetizer.com> wrote: > Kathleen, > > Following up on this email (and building a growing to-do list).... > > > ------ Original Message ------ > From: "Kathleen Moriarty" <Kathleen.Moriarty.ietf@gmail.com> > To: "The IESG" <iesg@ietf.org> > Cc: mary.ietf.barnes@gmail.com; draft-ietf-bfcpbis-rfc4582bis.all@ietf.org; > bfcpbis@ietf.org; bfcpbis-chairs@ietf.org > Sent: 3/5/2015 10:22:02 AM > Subject: [bfcpbis] Kathleen Moriarty's Discuss on > draft-ietf-bfcpbis-rfc4582bis-13: (with DISCUSS and COMMENT) > >> Kathleen Moriarty has entered the following ballot position for >> draft-ietf-bfcpbis-rfc4582bis-13: Discuss >> >> When responding, please keep the subject line intact and reply to all >> email addresses included in the To and CC lines. (Feel free to cut this >> introductory paragraph, however.) >> >> >> Please refer to http://www.ietf.org/iesg/statement/discuss-criteria.html >> for more information about IESG DISCUSS and COMMENT positions. >> >> >> The document, along with other ballot positions, can be found here: >> http://datatracker.ietf.org/doc/draft-ietf-bfcpbis-rfc4582bis/ >> >> >> >> ---------------------------------------------------------------------- >> DISCUSS: >> ---------------------------------------------------------------------- >> >> Thanks for your work on this draft, it was very well written which is >> much appreciated. >> >> I just have one item I'd like to discuss that should be very easy to >> resolve. >> This should be considered with Spencer's question on what happens when >> the fragments are larger or smaller than the path MTU. It's important to >> state this to prevent fragmentation overlap attacks (unless you can >> explain why we don't need to worry about that). > > > Are you concerned about IP-packet level fragmentation overlap or payload > level fragmentation overlap issues? I think the former should be addressed > with "do not fragment IP packets". The latter is an area that is not > addressed in the spec at present. However, if there is overlap in the > application data, I do not see any harm. Of course, it would be important > to check to ensure lengths are all correct to prevent buffer overruns. > > Am I missing something here? I think we are good with the agreed text below on this point. > > >> In the second sentence on page 42, adding the ending clause may be >> helpful: >> The size of each of these N messages MUST be >> smaller than the path MTU to help prevent fragmentation overlap >> attacks. > > > This would be a good addition. We have other text we need to add re: path > MTU and it is the intent that all messages fit within the path MTU. Thanks, please let me know when this has been added to the draft and I'll clear. I see a -14 was posted, but don't see this text and could have missed it. If so, a pointer would be helpful. > > >> ---------------------------------------------------------------------- >> COMMENT: >> ---------------------------------------------------------------------- >> >> >> Spencer asked what happens when TLS/DTLS is not used, so perhaps >> rewording of the intro to the security considerations section would help >> to clear up his point. TLS/DTLS is the MTI with flexibility left in to >> support some other undefined mechanism to secure the channel. Since no >> MTU is set, but recommended, the first few sentences are a bit confusing. >> The rest of the paragraph is clear in terms of MTI and recommendations >> when TLD/DTLS is used as well as alternates options supporting the listed >> desired security properties. >> >> Security Considerations >> >> BFCP uses TLS/DTLS to provide mutual authentication between clients >> and servers. TLS/DTLS also provides replay and integrity protection >> and confidentiality. > > > At present, TLS/DTLS are recommended, but not mandatory. Without them, > there is a host of attacks one could perform against either a client or > server, especially over UDP, and there is no authentication or > confidentiality. Much of that is spelled out in the security considerations > section. Aren't they mandatory to implement (MTI), but not mandatory to use (MTU)? The "recommended" in the security considerations , I thought could go further since you have an MTI, no? The request would be a slight rewording of the introduction or an explanation of why recommended is appropriate even though there is an MTI. In full disclosure, I read this in full when the discuss was placed, but just skimmed the applicable sections this time, so I may have missed something. Thanks, Kathleen > > I apologize, but I'm missing what your request is here. Can you clarify for > me? > > Paul > -- Best regards, Kathleen
- [bfcpbis] Kathleen Moriarty's Discuss on draft-ie… Kathleen Moriarty
- Re: [bfcpbis] Kathleen Moriarty's Discuss on draf… Spencer Dawkins at IETF
- Re: [bfcpbis] Kathleen Moriarty's Discuss on draf… Kathleen Moriarty
- Re: [bfcpbis] Kathleen Moriarty's Discuss on draf… Alissa Cooper
- Re: [bfcpbis] Kathleen Moriarty's Discuss on draf… Paul E. Jones
- Re: [bfcpbis] Kathleen Moriarty's Discuss on draf… Kathleen Moriarty
- Re: [bfcpbis] Kathleen Moriarty's Discuss on draf… Paul E. Jones
- Re: [bfcpbis] Kathleen Moriarty's Discuss on draf… Kathleen Moriarty