IETF Logo Mail Archive

Re: [bfcpbis] Kathleen Moriarty's Discuss on draft-ietf-bfcpbis-rfc4582bis-13: (with DISCUSS and COMMENT)

Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Wed, 23 September 2015 15:07 UTC

Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: bfcpbis@ietfa.amsl.com
Delivered-To: bfcpbis@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 373631A6F88; Wed, 23 Sep 2015 08:07:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S8FJwQbawKKC; Wed, 23 Sep 2015 08:07:34 -0700 (PDT)
Received: from mail-wi0-x233.google.com (mail-wi0-x233.google.com [IPv6:2a00:1450:400c:c05::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3AC981A6F58; Wed, 23 Sep 2015 08:07:34 -0700 (PDT)
Received: by wicge5 with SMTP id ge5so211951614wic.0; Wed, 23 Sep 2015 08:07:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=y4wgA0W9JdarqSgxfJsMSdMxGig1AMXs9Zywl+El5F4=; b=p6JcX9krxqD9ZREWIyx5PeUbuR6Cmn8n5KAlz8dwfqxt+LB3fKP0ImlTarFC20zjex RAYxNeL5N5ipcx5udS95Od5ODgFs2eLKUU8a7Pw7C6N6hfjf7Ih815N8PwErdFyanneY /ATu7AkxKvxG9+8+4ABZ+I0nqB9dsqH1NQN7KEc0lqiTjwaHUQt2TuHyO20s8vICwxr4 PBbDCRotTHK7xEXXgiuCeT3tvAfRDrwFQo4zXQigJ0w4zhw4rJ6cNdcgot9ltURE3wq/ r/hlWggAtfV9VdkY4GNJPxS+o91q8zS04RBvkXlKuZl0+We4Xo9nf8CxakzsR/v3cViz CL0A==
MIME-Version: 1.0
X-Received: by 10.194.116.106 with SMTP id jv10mr41231929wjb.0.1443020852618; Wed, 23 Sep 2015 08:07:32 -0700 (PDT)
Received: by 10.28.214.213 with HTTP; Wed, 23 Sep 2015 08:07:32 -0700 (PDT)
In-Reply-To: <em32a27159-0960-4ceb-89ca-e75cd66919c1@sydney>
References: <20150305152202.28872.54032.idtracker@ietfa.amsl.com> <em32a27159-0960-4ceb-89ca-e75cd66919c1@sydney>
Date: Wed, 23 Sep 2015 11:07:32 -0400
Message-ID: <CAHbuEH5T-ZPXZSxCr_x8ihtaRrHZJg+EwOgzLBSGDpevU-erFg@mail.gmail.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
To: "Paul E. Jones" <paulej@packetizer.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/bfcpbis/guWv1xZ3JFNOFDe74C5aXovU1p8>
Cc: "bfcpbis@ietf.org" <bfcpbis@ietf.org>, "draft-ietf-bfcpbis-rfc4582bis.all@ietf.org" <draft-ietf-bfcpbis-rfc4582bis.all@ietf.org>, Mary Barnes <mary.ietf.barnes@gmail.com>, The IESG <iesg@ietf.org>, "bfcpbis-chairs@ietf.org" <bfcpbis-chairs@ietf.org>
Subject: Re: [bfcpbis] Kathleen Moriarty's Discuss on draft-ietf-bfcpbis-rfc4582bis-13: (with DISCUSS and COMMENT)
X-BeenThere: bfcpbis@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: BFCPBIS working group discussion list <bfcpbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bfcpbis/>
List-Post: <mailto:bfcpbis@ietf.org>
List-Help: <mailto:bfcpbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Sep 2015 15:07:37 -0000

Hi Paul,

I think we are close, thanks for your response.  Inline.

On Wed, Sep 23, 2015 at 2:26 AM, Paul E. Jones <paulej@packetizer.com> wrote:
> Kathleen,
>
> Following up on this email (and building a growing to-do list)....
>
>
> ------ Original Message ------
> From: "Kathleen Moriarty" <Kathleen.Moriarty.ietf@gmail.com>
> To: "The IESG" <iesg@ietf.org>
> Cc: mary.ietf.barnes@gmail.com; draft-ietf-bfcpbis-rfc4582bis.all@ietf.org;
> bfcpbis@ietf.org; bfcpbis-chairs@ietf.org
> Sent: 3/5/2015 10:22:02 AM
> Subject: [bfcpbis] Kathleen Moriarty's Discuss on
> draft-ietf-bfcpbis-rfc4582bis-13: (with DISCUSS and COMMENT)
>
>> Kathleen Moriarty has entered the following ballot position for
>> draft-ietf-bfcpbis-rfc4582bis-13: Discuss
>>
>> When responding, please keep the subject line intact and reply to all
>> email addresses included in the To and CC lines. (Feel free to cut this
>> introductory paragraph, however.)
>>
>>
>> Please refer to http://www.ietf.org/iesg/statement/discuss-criteria.html
>> for more information about IESG DISCUSS and COMMENT positions.
>>
>>
>> The document, along with other ballot positions, can be found here:
>> http://datatracker.ietf.org/doc/draft-ietf-bfcpbis-rfc4582bis/
>>
>>
>>
>> ----------------------------------------------------------------------
>> DISCUSS:
>> ----------------------------------------------------------------------
>>
>> Thanks for your work on this draft, it was very well written which is
>> much appreciated.
>>
>> I just have one item I'd like to discuss that should be very easy to
>> resolve.
>> This should be considered with Spencer's question on what happens when
>> the fragments are larger or smaller than the path MTU.  It's important to
>> state this to prevent fragmentation overlap attacks (unless you can
>> explain why we don't need to worry about that).
>
>
> Are you concerned about IP-packet level fragmentation overlap or payload
> level fragmentation overlap issues?  I think the former should be addressed
> with "do not fragment IP packets".  The latter is an area that is not
> addressed in the spec at present.  However, if there is overlap in the
> application data, I do not see any harm.  Of course, it would be important
> to check to ensure lengths are all correct to prevent buffer overruns.
>
> Am I missing something here?

I think we are good with the agreed text below on this point.
>
>
>> In the second sentence on page 42, adding the ending clause may be
>> helpful:
>>   The size of each of these N messages MUST be
>>    smaller than the path MTU to help prevent fragmentation overlap
>> attacks.
>
>
> This would be a good addition.  We have other text we need to add re: path
> MTU and it is the intent that all messages fit within the path MTU.

Thanks, please let me know when this has been added to the draft and
I'll clear.  I see a -14 was posted, but don't see this text and could
have missed it.  If so, a pointer would be helpful.

>
>
>> ----------------------------------------------------------------------
>> COMMENT:
>> ----------------------------------------------------------------------
>>
>>
>> Spencer asked what happens when TLS/DTLS is not used, so perhaps
>> rewording of the intro to the security considerations section would help
>> to clear up his point.  TLS/DTLS is the MTI with flexibility left in to
>> support some other undefined mechanism to secure the channel.  Since no
>> MTU is set, but recommended, the first few sentences are a bit confusing.
>>  The rest of the paragraph is clear in terms of MTI and recommendations
>> when TLD/DTLS is used as well as alternates options supporting the listed
>> desired security properties.
>>
>> Security Considerations
>>
>>    BFCP uses TLS/DTLS to provide mutual authentication between clients
>>    and servers.  TLS/DTLS also provides replay and integrity protection
>>    and confidentiality.
>
>
> At present, TLS/DTLS are recommended, but not mandatory.  Without them,
> there is a host of attacks one could perform against either a client or
> server, especially over UDP, and there is no authentication or
> confidentiality.  Much of that is spelled out in the security considerations
> section.

Aren't they mandatory to implement (MTI), but not mandatory to use
(MTU)?    The "recommended" in the security considerations , I thought
could go further since you have an MTI, no?  The request would be a
slight rewording of the introduction or an explanation of why
recommended is appropriate even though there is an MTI.  In full
disclosure, I read this in full when the discuss was placed, but just
skimmed the applicable sections this time, so I may have missed
something.

Thanks,
Kathleen

>
> I apologize, but I'm missing what your request is here.  Can you clarify for
> me?
>
> Paul
>



-- 

Best regards,
Kathleen

v2.23.0 | Report a Bug | By Email