Re: [CCAMP] Secdir last call review of draft-ietf-ccamp-layer1-types-16
Italo Busi <Italo.Busi@huawei.com> Wed, 14 February 2024 13:52 UTC
Return-Path: <Italo.Busi@huawei.com>
X-Original-To: ccamp@ietfa.amsl.com
Delivered-To: ccamp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8CECEC151089; Wed, 14 Feb 2024 05:52:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.907
X-Spam-Level:
X-Spam-Status: No, score=-6.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7ZFBYChcjcfx; Wed, 14 Feb 2024 05:52:45 -0800 (PST)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A263FC14F747; Wed, 14 Feb 2024 05:52:45 -0800 (PST)
Received: from mail.maildlp.com (unknown [172.18.186.231]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4TZffz3CNtz6J9vy; Wed, 14 Feb 2024 21:48:43 +0800 (CST)
Received: from frapeml100005.china.huawei.com (unknown [7.182.85.132]) by mail.maildlp.com (Postfix) with ESMTPS id 1FFDC140D1D; Wed, 14 Feb 2024 21:52:43 +0800 (CST)
Received: from frapeml500007.china.huawei.com (7.182.85.172) by frapeml100005.china.huawei.com (7.182.85.132) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Wed, 14 Feb 2024 14:52:42 +0100
Received: from frapeml500007.china.huawei.com ([7.182.85.172]) by frapeml500007.china.huawei.com ([7.182.85.172]) with mapi id 15.01.2507.035; Wed, 14 Feb 2024 14:52:42 +0100
From: Italo Busi <Italo.Busi@huawei.com>
To: Christian Huitema <huitema@huitema.net>, "secdir@ietf.org" <secdir@ietf.org>
CC: "ccamp@ietf.org" <ccamp@ietf.org>, "draft-ietf-ccamp-layer1-types.all@ietf.org" <draft-ietf-ccamp-layer1-types.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>
Thread-Topic: [CCAMP] Secdir last call review of draft-ietf-ccamp-layer1-types-16
Thread-Index: AQHaFeAn22h4y1oxmUa8BC1TjBRfbbEKXaTQ
Date: Wed, 14 Feb 2024 13:52:42 +0000
Message-ID: <f03d13275f2a415d890fa0fbe2834d21@huawei.com>
References: <169984552704.60413.8772898152962330657@ietfa.amsl.com>
In-Reply-To: <169984552704.60413.8772898152962330657@ietfa.amsl.com>
Accept-Language: it-IT, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.203.246.111]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/ccamp/uEIJV43JtkXOSb_OZTcURVMSatQ>
Subject: Re: [CCAMP] Secdir last call review of draft-ietf-ccamp-layer1-types-16
X-BeenThere: ccamp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussion list for the CCAMP working group <ccamp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ccamp>, <mailto:ccamp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ccamp/>
List-Post: <mailto:ccamp@ietf.org>
List-Help: <mailto:ccamp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ccamp>, <mailto:ccamp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Feb 2024 13:52:46 -0000
Dear Christian, Thank you for the review, the authors have updated the document to address your comments and posted the updated document as draft-ietf-ccamp-layer1-types-17. Your suggestions for improvements of the Security Considerations section are understood and we are grateful. We have added some additional clarification text and plan to discuss the more general optical security best practice guide that would also apply to this document, and several other CCAMP WG documents currently being worked on. This advice could be documented in a new I-D, or on a CCAMP Wiki. If ok, we may follow-up with you on this specific guidance. Again, thanks for the support and review. Authors, Haomian and Italo. > -----Original Message----- > From: Christian Huitema via Datatracker <noreply@ietf.org> > Sent: lunedì 13 novembre 2023 04:19 > To: secdir@ietf.org > Cc: ccamp@ietf.org; draft-ietf-ccamp-layer1-types.all@ietf.org; last- > call@ietf.org > Subject: [CCAMP] Secdir last call review of draft-ietf-ccamp-layer1-types-16 > > Reviewer: Christian Huitema > Review result: Ready > > I have reviewed this document as part of the security directorate's ongoing > effort to review all IETF documents being processed by the IESG. These > comments were written primarily for the benefit of the security area > directors. > Document editors and WG chairs should treat these comments just like any > other last call comments. > > The summary of the review is 'Ready'. > > draft-ietf-ccamp-layer1-types specifies a YANG module for describing the > common data types, groupings and identities for use in YANG [RFC7950] > data models of Layer 1 networks, such as for example Optical Transport > Networking. > > The security section asserts that potential security issues do not derived > from the particulars of the Yang modules, but from potential unauthorized > access to the data and unauthorized modification of the data. Access is > expected to be protected using either SSH for NETCONF or HTTPS for > RESTCONF, as per standard practice. I would not expect a Yang module to > state anything else. > > I do not have enough expertise in Optical Transport Networking and other > Layer > 1 networks to evaluate the details of the specification. I assume that other > reviewers will conduct such specialized review. > > And now, a side remark, not related to this specific document but applying > to the general practice of saying "just use NETCONF with SSH or RESTCONF > with TLS", but SSH and HTTPS support a variety of authentication > mechanisms. SSH, for example, can authenticate a client using a public key, a > password, a host identity, or even nothing. HTTPS has a similar range of > options. Some of those options are much more vulnerable than others -- > password based authentication, for example, is vulnerable to phishing > attacks and password reuse. > > The NETCONF and RESTCONF specifications leave the choice of > authentication to the organization deploying the Yang based management, > with statements like "the identity of the SSH client MUST also be verified and > authenticated by the SSH server according to local policy". I did not find a > specification of what the local policy should be. It would be nice if the safety > of network infrastructure could not be defeated by a password-based attack, > or other simple attacks. It might be useful to do some work here, and > provide practical guidance on the deployment of strong authentication > mechanisms. > >
- [CCAMP] Secdir last call review of draft-ietf-cca… Christian Huitema via Datatracker
- Re: [CCAMP] Secdir last call review of draft-ietf… Italo Busi