Re: [dhcwg] Ben Campbell's Yes on draft-ietf-dhc-dhcpv6-privacy-04: (with COMMENT)
"Ben Campbell" <ben@nostrum.com> Wed, 24 February 2016 15:10 UTC
Return-Path: <ben@nostrum.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ABCFD1B32B1; Wed, 24 Feb 2016 07:10:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.906
X-Spam-Level:
X-Spam-Status: No, score=-1.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.006] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WOD9B6oMpJ8F; Wed, 24 Feb 2016 07:10:18 -0800 (PST)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C7F71B2DFB; Wed, 24 Feb 2016 07:10:18 -0800 (PST)
Received: from [10.0.1.10] (cpe-70-119-203-4.tx.res.rr.com [70.119.203.4]) (authenticated bits=0) by nostrum.com (8.15.2/8.14.9) with ESMTPSA id u1OFA9Zl095943 (version=TLSv1 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Wed, 24 Feb 2016 09:10:09 -0600 (CST) (envelope-from ben@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host cpe-70-119-203-4.tx.res.rr.com [70.119.203.4] claimed to be [10.0.1.10]
From: Ben Campbell <ben@nostrum.com>
To: Tomek Mrugalski <tomasz.mrugalski@gmail.com>
Date: Wed, 24 Feb 2016 09:10:09 -0600
Message-ID: <69F11960-F355-4344-B2E3-069145F231ED@nostrum.com>
In-Reply-To: <56CDAD2F.9070505@gmail.com>
References: <20160217230718.32558.47975.idtracker@ietfa.amsl.com> <56CDAD2F.9070505@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
X-Mailer: MailMate (1.9.4r5226)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dhcwg/EDrSoQygeRcT1ZbCfP_kSMjct2A>
Cc: dhc-chairs@ietf.org, The IESG <iesg@ietf.org>, dhcwg@ietf.org, draft-ietf-dhc-dhcpv6-privacy@ietf.org
Subject: Re: [dhcwg] Ben Campbell's Yes on draft-ietf-dhc-dhcpv6-privacy-04: (with COMMENT)
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Feb 2016 15:10:20 -0000
This all looks good to me, thanks! On 24 Feb 2016, at 7:16, Tomek Mrugalski wrote: > Oops, seems nobody answered this comment yet. > > On 18.02.2016 00:07, Ben Campbell wrote: >> Ben Campbell has entered the following ballot position for >> draft-ietf-dhc-dhcpv6-privacy-04: Yes >> ---------------------------------------------------------------------- >> COMMENT: >> ---------------------------------------------------------------------- >> >> -2: >> If this is strictly an analysis with no proposed solution, why does >> it >> need 2119 keywords? Actually, I only found one MAY, and that seemed >> more >> a statement of fact than a new requirement. > 2119 references removed, normative language removed (MAY is now lower > case). > >> -5.6: >> This seems to talk about pervasive monitoring in a very general >> sense. >> Can you say something about how that specifically relates to dhcpv6? > Sure. Here's the proposed text for section 5.6. The first paragraph > comes from RFC7258 (this addressed a comment made earlier that > suggested > to borrow the text directly rather than try to describe PM with our > own > words). The last two paragraphs are new. Are they sufficient? > > 5.6. Pervasive monitoring > > Pervasive Monitoring (PM) is widespread (and often covert) > surveillance through intrusive gathering of protocol artefacts, > including application content, or protocol metadata such as > headers. > Active or passive wiretaps and traffic analysis, (e.g., > correlation, > timing or measuring packet sizes), or subverting the cryptographic > keys used to secure protocols can also be used as part of pervasive > monitoring. PM is distinguished by being indiscriminate and very > large scale, rather than by introducing new types of technical > compromise. See [RFC7258] for a discussion about PM. > > In the DHCPv6 context, PM approach can be used to collect any > identifiers discussed in Section 3. DHCPv4 and DHCPv6 are > especially > susceptible as the initial message sent (SOLICIT in case of DHCPv6) > is one of the very first packets sent when visiting a network. > Furthermore, in certain cases this packet can be logged even on > networks that do not support IPv6 (some implementations initiate > DHCPv6 even without receiving RA with M or O bits set). This may > be > an easily overlooked attack vector when IPv6-capable device > connects > to an IPv4 only network, gains only IPv4 connectivity, but still > leaks its stable identifiers over DHCPv6. > > Using PM approach, attacks discussed in Sections 5.1, 5.2, 5.3, > 5.4, > 5.5, 5.7, 5.8 and possibly 5.9 apply. > > Once we sort out this last comment, I can upload -05 and it should be > ready to go. > > Thanks, > Tomek
- [dhcwg] Ben Campbell's Yes on draft-ietf-dhc-dhcp… Ben Campbell
- Re: [dhcwg] Ben Campbell's Yes on draft-ietf-dhc-… Tomek Mrugalski
- Re: [dhcwg] Ben Campbell's Yes on draft-ietf-dhc-… Ben Campbell