IETF Logo Mail Archive

Re: [CGA-EXT] Comments on draft-ietf-csi-proxy-send-01

"Laganier, Julien" <julienl@qualcomm.com> Thu, 19 November 2009 17:21 UTC

Return-Path: <julienl@qualcomm.com>
X-Original-To: cga-ext@core3.amsl.com
Delivered-To: cga-ext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2292928C0F4 for <cga-ext@core3.amsl.com>; Thu, 19 Nov 2009 09:21:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -104.832
X-Spam-Level:
X-Spam-Status: No, score=-104.832 tagged_above=-999 required=5 tests=[AWL=1.767, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qr5LY7C7q5n0 for <cga-ext@core3.amsl.com>; Thu, 19 Nov 2009 09:21:34 -0800 (PST)
Received: from wolverine01.qualcomm.com (wolverine01.qualcomm.com [199.106.114.254]) by core3.amsl.com (Postfix) with ESMTP id 2331A28C0F3 for <cga-ext@ietf.org>; Thu, 19 Nov 2009 09:21:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=qualcomm.com; i=julienl@qualcomm.com; q=dns/txt; s=qcdkim; t=1258651292; x=1290187292; h=from:to:cc:date:subject:thread-topic:thread-index: message-id:references:in-reply-to:accept-language: content-language:x-ms-has-attach:x-ms-tnef-correlator: acceptlanguage:content-type:content-transfer-encoding: mime-version:x-ironport-av; z=From:=20"Laganier,=20Julien"=20<julienl@qualcomm.com> |To:=20Tony=20Cheneau=20<tony.cheneau@it-sudparis.eu>,=0D =0A=20=20=20=20=20=20=20=20"draft-ietf-csi-proxy-send@too ls.ietf.org"=0D=0A=09<draft-ietf-csi-proxy-send@tools.iet f.org>|CC:=20"cga-ext@ietf.org"=20<cga-ext@ietf.org> |Date:=20Thu,=2019=20Nov=202009=2009:21:29=20-0800 |Subject:=20RE:=20[CGA-EXT]=20Comments=20on=20draft-ietf- csi-proxy-send-01|Thread-Topic:=20[CGA-EXT]=20Comments=20 on=20draft-ietf-csi-proxy-send-01|Thread-Index:=20AcppBrZ h0VOCh0waQISWck1fFCd4jgAMN7YW|Message-ID:=20<BF345F63074F 8040B58C00A186FCA57F1C66087842@NALASEXMB04.na.qualcomm.co m>|References:=20<alpine.LNX.2.00.0911191100150.7833@whit ebox>|In-Reply-To:=20<alpine.LNX.2.00.0911191100150.7833@ whitebox>|Accept-Language:=20en-US|Content-Language:=20en -US|X-MS-Has-Attach:|X-MS-TNEF-Correlator: |acceptlanguage:=20en-US|Content-Type:=20text/plain=3B=20 charset=3D"us-ascii"|Content-Transfer-Encoding:=20quoted- printable|MIME-Version:=201.0|X-IronPort-AV:=20E=3DMcAfee =3Bi=3D"5300,2777,5806"=3B=20a=3D"27984959"; bh=0Xmo3IRBNEYqMXy77O4L5PtT7dIi9wr1VYcqbEi0O9E=; b=fJSOcfXNk7gQKo+27DKNYJuCYjAX7hg4/Xus4nSUAuMukDRj8tE/Rk74 lCy205ZhkWK8i3D0IVwGyUfQ6kgUKxW6st75zKt6gnmtpxd2kzAXobmnt yV3s1AT2IzT227M0XcjG5KmFd7rFs00TUAM0k76wcdhcjzj6Vi6i0PWlp I=;
X-IronPort-AV: E=McAfee;i="5300,2777,5806"; a="27984959"
Received: from pdmz-ns-mip.qualcomm.com (HELO ithilien.qualcomm.com) ([199.106.114.10]) by wolverine01.qualcomm.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 19 Nov 2009 09:21:31 -0800
Received: from msgtransport04.qualcomm.com (msgtransport04.qualcomm.com [129.46.61.156]) by ithilien.qualcomm.com (8.14.2/8.14.2/1.0) with ESMTP id nAJHLVL7025368 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Thu, 19 Nov 2009 09:21:31 -0800
Received: from nasanexhub03.na.qualcomm.com (nasanexhub03.na.qualcomm.com [10.46.93.98]) by msgtransport04.qualcomm.com (8.14.2/8.14.2/1.0) with ESMTP id nAJHLUkT011827 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Thu, 19 Nov 2009 09:21:30 -0800
Received: from nalasexhc03.na.qualcomm.com (10.47.129.194) by nasanexhub03.na.qualcomm.com (10.46.93.98) with Microsoft SMTP Server (TLS) id 8.2.176.0; Thu, 19 Nov 2009 09:21:30 -0800
Received: from NALASEXMB04.na.qualcomm.com ([10.47.7.118]) by nalasexhc03.na.qualcomm.com ([10.47.129.194]) with mapi; Thu, 19 Nov 2009 09:21:29 -0800
From: "Laganier, Julien" <julienl@qualcomm.com>
To: Tony Cheneau <tony.cheneau@it-sudparis.eu>, "draft-ietf-csi-proxy-send@tools.ietf.org" <draft-ietf-csi-proxy-send@tools.ietf.org>
Date: Thu, 19 Nov 2009 09:21:29 -0800
Thread-Topic: [CGA-EXT] Comments on draft-ietf-csi-proxy-send-01
Thread-Index: AcppBrZh0VOCh0waQISWck1fFCd4jgAMN7YW
Message-ID: <BF345F63074F8040B58C00A186FCA57F1C66087842@NALASEXMB04.na.qualcomm.com>
References: <alpine.LNX.2.00.0911191100150.7833@whitebox>
In-Reply-To: <alpine.LNX.2.00.0911191100150.7833@whitebox>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "cga-ext@ietf.org" <cga-ext@ietf.org>
Subject: Re: [CGA-EXT] Comments on draft-ietf-csi-proxy-send-01
X-BeenThere: cga-ext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: CGA and SeND Extensions <cga-ext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/cga-ext>, <mailto:cga-ext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/cga-ext>
List-Post: <mailto:cga-ext@ietf.org>
List-Help: <mailto:cga-ext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cga-ext>, <mailto:cga-ext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Nov 2009 17:21:35 -0000

Hi Tony,

Thanks for reviewing the draft!

Replying to your concern on the security considerations "t would be nice to have a warning text such as: "Note that if a Secure Proxy ND is corrupted, it can impersonate all the node in the subnet in which it is authorized to act as a proxy."

I wouldn't use the term impersonate -- the delegation certificate doesn't allow the proxy to impersonate nodes (they're only used for SEND), only to issue ND signalling on their behalf. So a compromised proxy is able, like a compromised router, to siphon off traffic from the host, or mount a man-in-the-middle attack. 

Looking at RFC 3971 for compromised router, it states:

   SEND does not protect against brute force attacks on the router, such
   as DoS attacks, or against compromise of the router, as described in
   Sections 4.4.2 and 4.4.3 of [RFC3756].

(as a side note the sections number of RFC 3756 being referred to above do not exist, I believe it should say 4.2.2 and 4.2.3. Could be fixed in a revision of RFC 3971)

So maybe we want to say something like:

   Thanks to the authorization certificate it is provisioned with, a proxy ND
   is authorized to issue ND signalling on behalf of nodes on the subnet. 
   Thus, a compromised proxy is able, like a compromised router, to siphon off
   traffic from the host, or mount a man-in-the-middle attack. As for SEND, 
   which does not protect against against compromise of the route as 
   described in Sections 9.2.4 of [RFC3971], Secure Proxy ND Support for
   SEND does not protect against compromise of the proxy ND.

What do you think?

--julien
________________________________________
From: cga-ext-bounces@ietf.org [cga-ext-bounces@ietf.org] On Behalf Of Tony Cheneau [tony.cheneau@it-sudparis.eu]
Sent: Thursday, November 19, 2009 2:54 AM
To: draft-ietf-csi-proxy-send@tools.ietf.org
Cc: cga-ext@ietf.org
Subject: [CGA-EXT] Comments on draft-ietf-csi-proxy-send-01

Hello,

I reviewed draft-ietf-csi-proxy-send-01 and have the following
comments/remarks:

- In section 4.1, "figure 1: Proxy ND operations", in the first message,
   I think the "SLLAO = B_LL" should be "SLLAO = A_LL"

- Small typo in section 6,  "(PSO.)" should be "(PSO)."

- I have a concern about the content of the Security Considerations
   (Section 8).
   It would be nice to have a warning text such as: "Note that if a Secure
   Proxy ND is corrupted, it can impersonate all the node in the subnet
   in which it is authorized to act as a proxy."

- The section 10 (normative references) contains a reference to
   [I-D.ietf-netlmm-proxymip6] that is now RFC 5213

As you can see, I have only minor comments. The document is in a good
shape.

Hope it helps.

Regards,
        Tony Cheneau
_______________________________________________
CGA-EXT mailing list
CGA-EXT@ietf.org
https://www.ietf.org/mailman/listinfo/cga-ext

v2.8.7 | Report a Bug | By Email