[core] #294: Add discussion of using non-trivial token for protecting against hijacking
"core issue tracker" <trac+core@trac.tools.ietf.org> Sun, 07 April 2013 12:34 UTC
Return-Path: <trac+core@trac.tools.ietf.org>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9654D21F8E2C for <core@ietfa.amsl.com>; Sun, 7 Apr 2013 05:34:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.593
X-Spam-Level:
X-Spam-Status: No, score=-102.593 tagged_above=-999 required=5 tests=[AWL=0.006, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fYzHEpQBdp0A for <core@ietfa.amsl.com>; Sun, 7 Apr 2013 05:34:14 -0700 (PDT)
Received: from grenache.tools.ietf.org (grenache.tools.ietf.org [IPv6:2a01:3f0:1:2::30]) by ietfa.amsl.com (Postfix) with ESMTP id E1CDC21F8DD1 for <core@ietf.org>; Sun, 7 Apr 2013 05:34:13 -0700 (PDT)
Received: from localhost ([127.0.0.1]:60831 helo=grenache.tools.ietf.org ident=www-data) by grenache.tools.ietf.org with esmtp (Exim 4.80) (envelope-from <trac+core@trac.tools.ietf.org>) id 1UOonU-00034f-RC; Sun, 07 Apr 2013 14:34:12 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: core issue tracker <trac+core@trac.tools.ietf.org>
X-Trac-Version: 0.12.3
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.12.3, by Edgewall Software
To: draft-ietf-core-coap@tools.ietf.org, cabo@tzi.org
X-Trac-Project: core
Date: Sun, 07 Apr 2013 12:34:12 -0000
X-URL: http://tools.ietf.org/core/
X-Trac-Ticket-URL: http://trac.tools.ietf.org/wg/core/trac/ticket/294
Message-ID: <051.07b994a18d06121dc7a48fa336ed1618@trac.tools.ietf.org>
X-Trac-Ticket-ID: 294
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Rcpt-To: draft-ietf-core-coap@tools.ietf.org, cabo@tzi.org, core@ietf.org
X-SA-Exim-Mail-From: trac+core@trac.tools.ietf.org
X-SA-Exim-Scanned: No (on grenache.tools.ietf.org); SAEximRunCond expanded to false
Resent-To: cabo@tzi.org, hartke@tzi.org, zach@sensinode.com
Resent-Message-Id: <20130407123413.E1CDC21F8DD1@ietfa.amsl.com>
Resent-Date: Sun, 07 Apr 2013 05:34:13 -0700
Resent-From: trac+core@trac.tools.ietf.org
Cc: core@ietf.org
Subject: [core] #294: Add discussion of using non-trivial token for protecting against hijacking
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.12
Reply-To: trac+core@trac.tools.ietf.org
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/core>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Apr 2013 12:34:14 -0000
#294: Add discussion of using non-trivial token for protecting against hijacking Michael Scharf (tsv-dir reviewer) notes (msg04191-tsvdir-6): Section 11 * Section 11 => This section IMHO needs a discussion on minimum requirements on how to select Message ID and Tokens. Both are a means to protect against "hijacking" of transactions / falsification of responses, but if an attacker can guess these values, an attacker can inject wrong data into a CoAP communication. Compare e.g. to a TCP receiver that carefully checks whether sequence numbers are valid, i.e., within the receive window. * Section 5.3.1 »The Token is used to match a response with a request. The token value is a sequence of 0 to 8 bytes.« => While CoAP optimizes its protocol fields for single bits, the document does not comment at all on reasonable sizes for the token. At least some text mentioning the high overhead of a 4 or 8 byte token compared to the rest of the CoAP headers could be useful. Possibly also addressing the security-size tradeoff. Carsten Bormann plans to reply: The Token length was chosen to be as big as it is to enable this kind of protection, if desired. More likely, we will simply use DTLS security where that matters. But a short discussion of this could be added. Note that there is a recommendation that message-IDs are allocated sequentially in draft-ietf-lwig-guidance; for a constrained system, this may be the only way to keep enough message state for reliable duplicate removal. -- -------------------------+------------------------------------------------- Reporter: | Owner: draft-ietf-core-coap@tools.ietf.org cabo@tzi.org | Status: new Type: other | Milestone: post-IESG-1 technical | Version: coap-14 Priority: minor | Keywords: Component: coap | Severity: Submitted | WG Document | -------------------------+------------------------------------------------- Ticket URL: <http://trac.tools.ietf.org/wg/core/trac/ticket/294> core <http://tools.ietf.org/core/>
- [core] #294: Add discussion of using non-trivial … core issue tracker
- Re: [core] #294: Add discussion of using non-triv… core issue tracker