Re: [Detnet] [RTG-DIR] Rtgdir last call review of draft-ietf-detnet-security-10
Eric Gray <eric.gray@ericsson.com> Thu, 06 August 2020 18:16 UTC
Return-Path: <eric.gray@ericsson.com>
X-Original-To: detnet@ietfa.amsl.com
Delivered-To: detnet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9CA373A0D90; Thu, 6 Aug 2020 11:16:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0ubkh9sjFoL5; Thu, 6 Aug 2020 11:16:09 -0700 (PDT)
Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2048.outbound.protection.outlook.com [40.107.244.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 80D5F3A0D8C; Thu, 6 Aug 2020 11:16:09 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kfTI//VZxkNck8F22NdORza+F9pIyaJQy4Z9dZ34XTX8I1F3ZPcvTTczEnVGP+fbIFhJxQR/0bzru+hZioJ3XgrrGQLHRkF22j77iT2SiAiEf9o6grQLYfnyPbZrOSk+DWvocLQNaQOTLq7WcioxNX6x7b9w2lEHwstAqvkVEoYW2Q5i9hDD1K8iVJ9X3p6iIK/Ahx3enCR5otBhFHoNwbf08UHMyf/1aIS+GphxrJ1UoJKfrWwaCak9TpbyXcmciGKXLSDFgoe2Zx/bM9eLfp7y+n4nTJuAYghyZba9k3sGRSyti3pi9bXxJ/dZr72feGxt97VL38Q7DsiP66JD3g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=67M7pni8cgg/AVs8dw84WpT80t8g3IXePCGW4xHy2a4=; b=PR2Jrq0pWxB8GvC+R/ORDimeoRhL1cedgEsRDRZKTXmiTX4fLc/mWlgobWi5nDoNjpmLxvqTstsdSOHFqVTa8QyX43lFx1XH77MaxvyhWho38uR5NomB8OLUr7uJ8vAxqPLgD78kynEHOFqK/jHlVesxzo7/OxMcvhmKSQJwqZeYhZUu7+lBPO7hXOWCIwg6wExBIqep0vnYnloyHc5CVK5B4I5KhlmTe3LGgYyiawOMpJFFqXBtJhTr10rLqfsbfd7HxkdpTEdiKv2aTdFR7rdZWHK3xn2+azX5bF5gTLiKomujZgEJuk7+QaDtoogPusto54bzCJjsYr0MmpmaLw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=67M7pni8cgg/AVs8dw84WpT80t8g3IXePCGW4xHy2a4=; b=HLkAmvHEgjDqltwdxWWEd/XFAEk/RRSW+sEQI2gzUtHa7kxtrnEgipZdhH1Z3jwPANUyTryJF/pwf8QXkI01KslmVjrQiFJ0pncB5WMAccmRH7xpeH5/J6ng/R1l/nY3Vy+3axEHpPKlxhpF2BkzxKeZ0J6rp/W81+0MRmuVPYs=
Received: from MN2PR15MB3103.namprd15.prod.outlook.com (2603:10b6:208:f9::10) by MN2PR15MB2606.namprd15.prod.outlook.com (2603:10b6:208:12c::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3239.16; Thu, 6 Aug 2020 18:16:06 +0000
Received: from MN2PR15MB3103.namprd15.prod.outlook.com ([fe80::882d:78ad:ae4:9068]) by MN2PR15MB3103.namprd15.prod.outlook.com ([fe80::882d:78ad:ae4:9068%7]) with mapi id 15.20.3261.019; Thu, 6 Aug 2020 18:16:06 +0000
From: Eric Gray <eric.gray@ericsson.com>
To: Stewart Bryant <stewart.bryant@gmail.com>
CC: Adrian Farrel <adrian@olddog.co.uk>, "draft-ietf-detnet-security.all@ietf.org" <draft-ietf-detnet-security.all@ietf.org>, "rtg-dir@ietf.org" <rtg-dir@ietf.org>, "detnet@ietf.org" <detnet@ietf.org>
Thread-Topic: [RTG-DIR] [Detnet] Rtgdir last call review of draft-ietf-detnet-security-10
Thread-Index: AQHWa/BdpGTnWzrVO0O56W7a0MDbdqkrCj6AgABHfACAAAMisA==
Date: Thu, 06 Aug 2020 18:16:06 +0000
Message-ID: <MN2PR15MB3103203553ED5A0E4F97EBB697480@MN2PR15MB3103.namprd15.prod.outlook.com>
References: <159618704596.337.11731016034191108207@ietfa.amsl.com> <D9587519-FCD7-4046-AAF8-97E619D288C3@gmail.com> <MN2PR15MB3103F2676574000A26A12D6497480@MN2PR15MB3103.namprd15.prod.outlook.com> <39951A70-3128-46A0-BCE6-9562EA93DE06@gmail.com>
In-Reply-To: <39951A70-3128-46A0-BCE6-9562EA93DE06@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [2601:85:4680:3329:311c:1753:1012:51d]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: e66bdd49-e775-4312-637e-08d83a34c98b
x-ms-traffictypediagnostic: MN2PR15MB2606:
x-microsoft-antispam-prvs: <MN2PR15MB260638ACF4D0EB19E674D1D597480@MN2PR15MB2606.namprd15.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:1227;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: pdhJLdGQocE9PYCfWxuyYEBrSA6JJBBEUaOaV3FEtgiKDSkjKYG8C17WF/yUIpuDNarAOdFYWcdy3VuYMPGEFixWOyyfcfKU9+r5XcoVyHkxdI3Yo1K0FiEzgkxNj+reOes8DX69vojCYmk+/JdgB7vQwx7gweQaEvPHXbfab8uKbJ00cWI8iwof/YdYtBC9bqUyHzTf+JsAtu77xys9vlTmEbCv0T1EgL7ZKuJJBx1e5g0S2aTOo+8Z3CLqaPWybIoHTPc4AG52f2kZY7PaZgq5r32G6tgychXKt3GXarCy2pUOLhTwbyFgDf+XsDWVluHZH0qjlvSs5N2YyPbq8g==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR15MB3103.namprd15.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(136003)(366004)(396003)(39860400002)(346002)(376002)(76116006)(186003)(8676002)(15650500001)(6506007)(55016002)(53546011)(4326008)(71200400001)(5660300002)(52536014)(2906002)(66476007)(478600001)(66556008)(64756008)(33656002)(7696005)(316002)(66946007)(8936002)(66446008)(54906003)(6916009)(86362001)(83380400001)(44832011)(9686003); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: Kk7G9iOxGiz7lssUIDDhb/xsMXd0P4pjyLLUAUAgyxY+5zivx9Hw7fHPHSGTHYPN+5UkEUOB04SmnBPCK7M2HfKogCrVygX9hvnCa6DwdersMoWzevullR5YhU0Mcqqnt6e7ky183QpPX/Dn2GI4W5dtQJPCHqoZqjDlkPI6zaJuJrZflnGsV620IN8XkjIFd/fcGU7bY5o1vUTv5udA1clb4lo/ws92UJWJZ/Dufq8GiVv5Ra4MrdmDi5USt7H4y1tragL06h4tTDEHla5J4OyP1IzFih60iict+2AZsbiPz7tMiw/CzkeueeJ/Nm1gFUIuVHsZcTTieKbO7RMbcR4otZV83gCdMD1gX0i1GgltEgUWCAcc54Imhkj6E/QemRXg5OnJxlaljvF4af20XDobtFnCLFjDlS8oTxwQn0get5nyZbYnsGT2HD5Mkn3IaLu3BtRDN6ERj7CL7l3jFYzHx1+Wu3tdUl3UA8rovyztAimgdLQfvXlpaXe/ocrYtv3PSQ5Ejt5wV/hXD9Bt791riAALysGln4kryOCXpnmSpez9QaRhVK9zKHYqQMJpGCz2Vl/VHjULu2MAUqZ3m5ZP4cmNIVsWDk/8U0V+bf3tiT7HK63KmYbF5CoDia9UijKi+8NmDjwL5TbS/i2BMWrtdlTMoZHjtfJkXsFBhNwKtteZuleHJ4zE7uQHruRylu2aeQTBthXfvjPYTnbwEw==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR15MB3103.namprd15.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e66bdd49-e775-4312-637e-08d83a34c98b
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Aug 2020 18:16:06.5491 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: pe9DmeSLET6M2gTQbZtAD2MLN+twQchiQ7eZJ5myqTACx27p03x38DwHoTXhOVql5xALZ8lSscoWjERPoZeoeA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR15MB2606
Archived-At: <https://mailarchive.ietf.org/arch/msg/detnet/6NaVaZeU1rlBTDpavHpqJ9Gebmo>
Subject: Re: [Detnet] [RTG-DIR] Rtgdir last call review of draft-ietf-detnet-security-10
X-BeenThere: detnet@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions on Deterministic Networking BoF and Proposed WG <detnet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/detnet>, <mailto:detnet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/detnet/>
List-Post: <mailto:detnet@ietf.org>
List-Help: <mailto:detnet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/detnet>, <mailto:detnet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Aug 2020 18:16:12 -0000
Stewart, I am going to assume that you mean "DetNet" when you refer to "DN" (maybe I'm wrong?). I am not certain that your "active attacker" assumption is correct even in this limited case, but you were responding on the subject of "gender neutrality" and whether or not it is appropriate to use "MITM" (presumably in general). That topic is no longer in the realm of "DetNet specific." So your response should probably not be written (or read) as if it were. In your own words, however, one reason for passive listening is "technical surveillance to intervene more effectively" - which would seem to apply to DetNet at least as much as to anything else. This is not necessarily a generic privacy concern, as a passive MITM could be waiting for some specific activity (or activities) to occur in what would clearly be a "special class" of communications (such as DetNet would be). As I implied in a separate discussion, a MITM active attacker is rather easy to detect and deal with - unless it targets a specific subset of users or applications in unpredictable ways. If it remains passive, the only way to detect it is from information leakage that would otherwise be unexplainable. If a malicious actor has other ways to perpetrate an attack, a passive MITM could be used to select targets, or select timing, and otherwise remain undetected over a long period of time. Presumably, DetNet traffic is self-announced "important" traffic. If this does not increase its vulnerability to active or passive MITM hazards, then it would be good to be assured of that. -- Eric -- Eric -----Original Message----- From: Stewart Bryant <stewart.bryant@gmail.com> Sent: Thursday, August 6, 2020 1:13 PM To: Eric Gray <eric.gray@ericsson.com> Cc: Stewart Bryant <stewart.bryant@gmail.com>; Adrian Farrel <adrian@olddog.co.uk>; draft-ietf-detnet-security.all@ietf.org; rtg-dir@ietf.org; detnet@ietf.org Subject: Re: [RTG-DIR] [Detnet] Rtgdir last call review of draft-ietf-detnet-security-10 Importance: High We are talking about the threats in DN. I think we should be focusing on the things that are special to DN which is a technology that adds certain properties to a general network. I assume the protection of the general network using the normal techniques is a given. Passively looking at the contents is about privacy and technical surveillance to intervene more effectively. Privacy obviously applies to a general network, and I take it as read that we protect against this. However this document is about DN, and I cannot see what the privacy concerns are about the DN specifics. - Stewart > On 6 Aug 2020, at 14:05, Eric Gray <eric.gray@ericsson.com> wrote: > > Stewart, > > Actually, in addition to the many things that are strange about this entire conversation, your observation about the "thing in the middle" (I mean, let's face it, the "entity" in the middle - EITM? - has been gender-neutral for a long time, given that any human participation in the role could be detected by an idiot) being necessarily _active_ is not quite correct. > > It seems to me to be quite reasonable that the middle position could as easily be used to passively collect information for use in other activities - including a few fairly well known attacks. > > -- > Eric > > -----Original Message----- > From: rtg-dir <rtg-dir-bounces@ietf.org> On Behalf Of Stewart Bryant > Sent: Thursday, August 6, 2020 8:52 AM > To: Adrian Farrel <adrian@olddog.co.uk> > Cc: draft-ietf-detnet-security.all@ietf.org; rtg-dir@ietf.org; > detnet@ietf.org > Subject: Re: [RTG-DIR] [Detnet] Rtgdir last call review of > draft-ietf-detnet-security-10 > > >> --- >> >> It would be nice to avoid the term "man-in-the-middle" (and >> coresponding >> "MITM") in favour of the term "on-path attacker". It is less >> problematic as a term, and no less accurate. >> >> Although "man-in-the-middle" is well established, I think you could >> easily avoid it and if you feel necessary you could use "An on-path >> attacker (formerly known as a man-in-the-middle) ..." > > I sort of understand why you want to change MITM, although given that the man you have in mind is evil I am not sure whether it is that objectionable in this context. However I am not sure on-path is the right term. MITM normally implies an entity that can modify traffic in flight, whereas an on path attacker may simply be an observer. > > Maybe AITM (attacker ....) would be a better gender neutral term. > > Stewart > >
- [Detnet] Rtgdir last call review of draft-ietf-de… Adrian Farrel via Datatracker
- Re: [Detnet] Rtgdir last call review of draft-iet… Grossman, Ethan A.
- Re: [Detnet] Rtgdir last call review of draft-iet… Stewart Bryant
- Re: [Detnet] [RTG-DIR] Rtgdir last call review of… Eric Gray
- Re: [Detnet] [RTG-DIR] Rtgdir last call review of… Stewart Bryant
- Re: [Detnet] [RTG-DIR] Rtgdir last call review of… Eric Gray
- Re: [Detnet] Rtgdir last call review of draft-iet… Adrian Farrel