IETF Logo Mail Archive

Re: [dhcwg] Review of draft-ietf-dhc-sedhcpv6-01

Sheng Jiang <jiangsheng@huawei.com> Fri, 04 April 2014 07:52 UTC

Return-Path: <jiangsheng@huawei.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 060101A040B for <dhcwg@ietfa.amsl.com>; Fri, 4 Apr 2014 00:52:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Level:
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5k78JO5Mi8HF for <dhcwg@ietfa.amsl.com>; Fri, 4 Apr 2014 00:52:36 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) by ietfa.amsl.com (Postfix) with ESMTP id 1D1A51A0019 for <dhcwg@ietf.org>; Fri, 4 Apr 2014 00:52:34 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml204-edg.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id BCS78430; Fri, 04 Apr 2014 07:52:29 +0000 (GMT)
Received: from LHREML405-HUB.china.huawei.com (10.201.5.242) by lhreml204-edg.china.huawei.com (172.18.7.223) with Microsoft SMTP Server (TLS) id 14.3.158.1; Fri, 4 Apr 2014 08:51:40 +0100
Received: from NKGEML408-HUB.china.huawei.com (10.98.56.39) by lhreml405-hub.china.huawei.com (10.201.5.242) with Microsoft SMTP Server (TLS) id 14.3.158.1; Fri, 4 Apr 2014 08:52:28 +0100
Received: from NKGEML512-MBX.china.huawei.com ([169.254.7.206]) by nkgeml408-hub.china.huawei.com ([10.98.56.39]) with mapi id 14.03.0158.001; Fri, 4 Apr 2014 15:52:23 +0800
From: Sheng Jiang <jiangsheng@huawei.com>
To: Qi Sun <sunqi.csnet.thu@gmail.com>, "<dhcwg@ietf.org>" <dhcwg@ietf.org>
Thread-Topic: Review of draft-ietf-dhc-sedhcpv6-01
Thread-Index: AQHPTx8YOJxAVW///0a/FAJpGv/Bz5sBFG2g
Date: Fri, 04 Apr 2014 07:52:22 +0000
Message-ID: <5D36713D8A4E7348A7E10DF7437A4B923AE34B8A@nkgeml512-mbx.china.huawei.com>
References: <0608491B-C35F-4145-BD3D-A3D766A5A3E4@gmail.com>
In-Reply-To: <0608491B-C35F-4145-BD3D-A3D766A5A3E4@gmail.com>
Accept-Language: en-GB, zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.111.98.145]
Content-Type: multipart/alternative; boundary="_000_5D36713D8A4E7348A7E10DF7437A4B923AE34B8Ankgeml512mbxchi_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: http://mailarchive.ietf.org/arch/msg/dhcwg/6K4VeTU31rHjrIrTEkTjA2FHdEY
X-Mailman-Approved-At: Fri, 04 Apr 2014 04:08:26 -0700
Cc: "draft-ietf-dhc-sedhcpv6@tools.ietf.org" <draft-ietf-dhc-sedhcpv6@tools.ietf.org>
Subject: Re: [dhcwg] Review of draft-ietf-dhc-sedhcpv6-01
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Apr 2014 07:52:41 -0000

Hi, Qi,

Thanks so much for your carefully review. All editorial comments will be applied in the next update in a couple of week time. Your technical comments are also valid, they will be applied too.

Some explanation for technical point 1, regarding to signature option.  In the section 5.3, the signature “constructed by using the sender's private key protects the following sequence of octets:

               1. The DHCPv6 message header.

               2. All DHCPv6 options including the Signature
               option (fill the signature field with zeroes)
               except for the Authentication Option.”

So, the signature option itself, including timestamp is actually protected. Changing the wrong description in Section 6.1 would be sufficient to address this comment.

Regards,

Sheng

From: Qi Sun [mailto:sunqi.csnet.thu@gmail.com]
Sent: Thursday, April 03, 2014 5:28 PM
To: <dhcwg@ietf.org>
Cc: draft-ietf-dhc-sedhcpv6@tools.ietf.org; liuzilong8266@163.com
Subject: Review of draft-ietf-dhc-sedhcpv6-01

Hi all,

I volunteered to review the document. Here are my comments (sorry if some of them have been discussed). But most are editorial.

1. Technical
1) About the Signature Option
a) Different description of Signature Option:
Sec 5.3: "It protects the entire DHCPv6 header and options, except for the Authentication Option.”
Sec 6.1: "It protects the message header and the message payload and all DHCPv6 options except for the Signature option itself and the Authentication Option.”

b) As is described above, Signature option does not protect itself including the timestamp which will be used to judge the message's validity. It means attackers can change the timestamp without destroying the signature. So attackers changes the timestamp of message, then the recipient will inspect the signature which is "correct" despite the change of the timestamp. This might cause a replay attack.

2) Inequality on the bottom of Page 12
"TSnew + fuzz > TSlast + (RDnew - RDlast) x (1 - drift) - fuzz"

What if RDnew < RDlast, maybe caused by a bad clock? In this case, the inequality holds (so that the message is accepted) but there might be something wrong. For the security reason, it would be better to drop the message, IMHO.

2. Editorial
1) Section titles:
Sec 3: Security Overview of DHCPv6
Sec 4: Secure DHCPv6 Overview
They are kind of close at the first glance.
Suggestion:
s/Sec 4: Secure DHCPv6 Overview/Sec 4: Secure DHCPv6 Mechanism Overview/

2) Add a section of Terminology
There are some terms that are not well-known to the readers. It would be clearer if a section of Terminology could define them before using.
For example:
CA; leap of faith mode; TSlast; RDlast; TSnew; RDnew; drift; etc.

3) Sec 3, 2nd paragraph (and followed paras)
Unnecessary indentation

4) Sec 4, 3rd para
  In this document, we introduce a public key option, a certificate
  option and a signature options with a corresponding verification
  mechanism.
s/a signature options/a signature option/

5) Sec 4.1, bullet 1
  A second option is defined to carry the certificate.
s/A second option/Another option/
Note: “A second option” reads like the two options are kind of linked to each other. But from the description, the two options should not appear at the same time.

6) Sec 5.1
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|     OPTION_Public_Key         |         option-len            |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                                                               |
.                Public Key (variable length)                   .
.                                                               .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
s/OPTION_Public_Key/OPTION_PK_PARAMETER/

7) Sec 5.2
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|    OPTION_Certificate         |         option-len            |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                                                               |
.                Public Key (variable length)                   .
.                                                               .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
s/OPTION_Certificate/OPTION_CERT_PARAMETER/

8) Sec 6.2, the last para

   A Relay-forward or Relay-reply message with any Public Key,

   Certificate or the Signature option is invilad.  The message SHOULD

   be discarded silently.
s/invilad/invalid/
Use MUST instead of SHOULD?

9) Sec 6.3, 1st para

   Actually, be definition in

   this document, relay agents MUST NOT add any secure DHCPv6 options.
10) Sec 6.4, bullet 2

   o  The time stamp in the last received and accepted DHCPv6 message.

      This is called TSlast.
s/time stamp/timestamp/

11) Sec 7, 3rd para

   The Secure DHCPv6 mechanism is based on the pre-condition that the

   recipient knows the public key of senders or the sender’s certificate

   can be verified through a trust CA.
s/through a trust CA/through a trusted CA/


12) Sec 7, Page 14

   However, the two communciating nodes can be synchronized is out of

   scope of this work.
s/the two/how the two/
s/communciating nodes/communicating nodes/

Best Regards,
Qi

v2.23.0 | Report a Bug | By Email