IETF Logo Mail Archive

Re: [core] Review of draft-hartke-core-e2e-security-reqs-01

Jim Schaad <ietf@augustcellars.com> Sat, 17 September 2016 21:37 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE604127077 for <core@ietfa.amsl.com>; Sat, 17 Sep 2016 14:37:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.317
X-Spam-Level:
X-Spam-Status: No, score=-2.317 tagged_above=-999 required=5 tests=[RP_MATCHES_RCVD=-2.316, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H7iReGhCI3dS for <core@ietfa.amsl.com>; Sat, 17 Sep 2016 14:37:49 -0700 (PDT)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F3908126D74 for <core@ietf.org>; Sat, 17 Sep 2016 14:37:48 -0700 (PDT)
Received: from hebrews (173.8.216.38) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Sat, 17 Sep 2016 14:51:00 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: 'weigengyu' <weigengyu@bupt.edu.cn>, 'Klaus Hartke' <hartke@tzi.org>
References: <036801d1ed09$507ef080$f17cd180$@augustcellars.com> <CAAzbHvbUW5ZAh2EQ2e-L-VRyFL-V_D+sA9G1jR6pf5h=kVJWFQ@mail.gmail.com> <047701d1eda6$4af5c5b0$e0e15110$@augustcellars.com> <5BC478FD5AC445798E221150D9C227C0@WeiGengyuPC>
In-Reply-To: <5BC478FD5AC445798E221150D9C227C0@WeiGengyuPC>
Date: Sat, 17 Sep 2016 14:37:33 -0700
Message-ID: <02b001d2112b$b5b241f0$2116c5d0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQFVQec6mZkH2zubcUsWpGYFrv/2RAEXD4dJAfiG7VwB7PWwkaFP7uWQ
Content-Language: en-us
X-Originating-IP: [173.8.216.38]
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/g1FTy6_f-QAe-2WyhLXwGbKCkFI>
Cc: draft-hartke-core-e2e-security-reqs@tools.ietf.org, core@ietf.org
Subject: Re: [core] Review of draft-hartke-core-e2e-security-reqs-01
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Sep 2016 21:37:51 -0000

I am not sure that I follow why you believe that an HTTP proxy document should be referenced.  The problem space might be similar but there are some very distinct differences around things like caching that are done by components other than HTTP proxies.

jim

> -----Original Message-----
> From: weigengyu [mailto:weigengyu@bupt.edu.cn]
> Sent: Wednesday, September 14, 2016 12:21 AM
> To: Jim Schaad <ietf@augustcellars.com>; 'Klaus Hartke' <hartke@tzi.org>
> Cc: draft-hartke-core-e2e-security-reqs@tools.ietf.org; core@ietf.org
> Subject: Re: [core] Review of draft-hartke-core-e2e-security-reqs-01
> 
> Hi,
> 
> Just one question.
> Is it required to refer to documentations on threats of HTTP proxies?
> 
> Regards,
> 
> Gengyu WEI
> Network Technology Center
> School of Computer
> Beijing University of Posts and Telecommunications
> -----原始邮件-----
> From: Jim Schaad
> Sent: Thursday, August 04, 2016 12:44 AM
> To: 'Klaus Hartke'
> Cc: draft-hartke-core-e2e-security-reqs@tools.ietf.org ; core@ietf.org
> Subject: Re: [core] Review of draft-hartke-core-e2e-security-reqs-01
> 
> 
> 
> > -----Original Message-----
> > From: Klaus Hartke [mailto:hartke@tzi.org]
> > Sent: Wednesday, August 03, 2016 8:23 AM
> > To: Jim Schaad <ietf@augustcellars.com>
> > Cc: draft-hartke-core-e2e-security-reqs@tools.ietf.org; core@ietf.org WG
> > <core@ietf.org>
> > Subject: Re: [core] Review of draft-hartke-core-e2e-security-reqs-01
> >
> > Hi Jim,
> >
> > thanks a lot for your review. Comments inline below.
> >
> > Klaus
> >
> >
> > Jim Schaad wrote:
> >
> > > 2. Section 2.1.1 - Should "client receives a response" include
> > >
> > >     * (Threat ?) The proxy returns a stale or outdated response based
> > > on data it previously obtained from the origin server or some fourth
> > > party.
> > >
> > >                I'm thinking of both out of date caches and poisoned
> > > caches.
> > > Note that these are valid from a security point of view, but not 'fresh'
> >
> > This is a part of (Threat 1:) The proxy spoofs a response.
> >
> > In the mitigation section (2.1.1.1.) we define that a response is valid
> > from a
> > security point of view only if it is fresh.
> >
> > (We use the term "authentic" instead of "valid" though, because "valid" is
> > already used in the context of cache validation.)
> >
> > I've expanded the text with your suggestion:
> >
> >       *  (Threat 1:) The proxy spoofs a response.  For example, the
> >          proxy could return a stale or outdated response based on data
> >          it previously obtained from the server or some fourth party, or
> >          could craft an illicit response itself.
> >
> 
> My problem with this is that I view a spoof as different.  To me a spoof
> implies the attempt to create a new message that will pass muster as oppose
> to doing something like a replay.  It would probably be better to use a
> different term.  I'll try and remember to ponder on this.
> 
> Jim
> 
> 
> _______________________________________________
> core mailing list
> core@ietf.org
> https://www.ietf.org/mailman/listinfo/core
>

v2.23.0 | Report a Bug | By Email