[dhcwg] AD review of draft-ietf-dhc-isnsoption-05.txt
Thomas Narten <narten@us.ibm.com> Tue, 22 April 2003 17:42 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA17820 for <dhcwg-archive@odin.ietf.org>; Tue, 22 Apr 2003 13:42:31 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h3MHsAY25399 for dhcwg-archive@odin.ietf.org; Tue, 22 Apr 2003 13:54:10 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h3MHs9825396 for <dhcwg-web-archive@optimus.ietf.org>; Tue, 22 Apr 2003 13:54:09 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA17798 for <dhcwg-web-archive@ietf.org>; Tue, 22 Apr 2003 13:42:01 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1981ob-0003Tz-00 for dhcwg-web-archive@ietf.org; Tue, 22 Apr 2003 13:44:21 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 1981ob-0003Tw-00 for dhcwg-web-archive@ietf.org; Tue, 22 Apr 2003 13:44:21 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h3MHn7824919; Tue, 22 Apr 2003 13:49:07 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h3MHfV824518 for <dhcwg@optimus.ietf.org>; Tue, 22 Apr 2003 13:41:31 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA17305 for <dhcwg@ietf.org>; Tue, 22 Apr 2003 13:29:23 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1981cN-0003Mr-00 for dhcwg@ietf.org; Tue, 22 Apr 2003 13:31:43 -0400
Received: from e35.co.us.ibm.com ([32.97.110.133]) by ietf-mx with esmtp (Exim 4.12) id 1981cN-0003MO-00 for dhcwg@ietf.org; Tue, 22 Apr 2003 13:31:43 -0400
Received: from westrelay01.boulder.ibm.com (westrelay01.boulder.ibm.com [9.17.195.10]) by e35.co.us.ibm.com (8.12.9/8.12.2) with ESMTP id h3MHVXuT067736; Tue, 22 Apr 2003 13:31:33 -0400
Received: from cichlid.adsl.duke.edu (sig-9-65-244-156.mts.ibm.com [9.65.244.156]) by westrelay01.boulder.ibm.com (8.12.8/NCO/VER6.5) with ESMTP id h3MHVT98070020; Tue, 22 Apr 2003 11:31:29 -0600
Received: from cichlid.adsl.duke.edu (narten@localhost) by cichlid.adsl.duke.edu (8.11.6/8.9.3) with ESMTP id h3MHTb304661; Tue, 22 Apr 2003 13:29:38 -0400
Message-Id: <200304221729.h3MHTb304661@cichlid.adsl.duke.edu>
To: cmonia@nishansystems.com, jtseng@nishansystems.com, kgibbons@nishansystems.com
cc: dhcwg@ietf.org
Date: Tue, 22 Apr 2003 13:29:37 -0400
From: Thomas Narten <narten@us.ibm.com>
Subject: [dhcwg] AD review of draft-ietf-dhc-isnsoption-05.txt
Sender: dhcwg-admin@ietf.org
Errors-To: dhcwg-admin@ietf.org
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Id: <dhcwg.ietf.org>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
General issues:
I'd like to see a justification for the vendor specific fields. I'd
like to understand how these can be safely used without leading to
interoperability issues. Besides, there are other ways in DHC to do
vendor-specific things. Can we just remove them from this
option/document?
The security considerations section is rather weak.
General note: this document is inconsitent about bit ordering. Some
picture show bits numbered left-to-right, others right-to-left. Please
pick one and be consistent.
needs an IANA considerations section.
I assume a revision of the document would be in order before starting
the IETF LC.
Specific comments follow.
> DHCP Options for Internet Storage Name Service
Would be good for the title to note that this is for DHCP for
IPv4. E.g.:
The IPv4 DHCP Option for Internet Storage Name Service
Abstract doesn't satisfy ID nits; e.g., has unexpanded acronyms.
"iSNS" used before being defined.
ditto for iSCSI, iFCP, etc.
The Dynamic Host Configuration Protocol for Ipv4 provides a
s/Ipv4/IPv4/
> Existing DHCP option numbers are not plausible due to the following
> reasons:
suggested reword:
Existing DHCP options cannot be used to find iSNS servers for
the following reasons:
> Length: the number of bytes that follow the Length field. The
> minimum value for the Length field is 6 in order to account
> for the iSNS Functions, Discovery Domain Access, and
> Administrative Flags fields.
From the picture, it seems like the minimum length is more than
6. Are some of the fields optional?
> certificates for the use of iSCSI and iFCP devices. The format of
> the iSNS Role bit field is shown in Figure 2:
>
> 1 2 3
> 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
> +--+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> |Vendor-Specific |RESERVED |S|A|E|
> +--+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> Figure 2 -- iSNS Functions
I don't see how a vendor-specific portion of this option facilitates
interoperability. Remove?
Also, caling it the "iSNS Role" field is confusing, since that is not
used in the previous figure. SHouldn't this be the "iSNS Functions"
field?
> Bit field Significance
> --------- ------------
> 31 Function Fields Enabled
> 30 DD-Based Authorization
> 29 Security policy distribution
> 28 - 24 Reserved
> 23 - 16 Vendor-specific
You need a transistion sentence saying what field is being talked
about. Presumably, this is "iSNS Server Security Bitmap"?
> Enabled: This bit specifies the validity of the
Spell out "Function Fields Enabled", as that is the name of the field
per the picture.
> Security: Indicates whether the iSNS client is to
spell out field name.
> Vendor- These bits are used to indicate the vendor-
> Specific: specific capabilities supported by the
> indicated iSNS server.
Again, this does not promote interoperability. There are other ways in
DHC to communicate vendor specific information.
General note: this document is inconsitent about bit ordering. Some
picture show bits numbered left-to-right, others right-to-left. Please
pick one and be consistent.
> 3. Security Considerations
>
> DHCP currently provides no authentication or security mechanisms.
> Potential exposures to attack are discussed in section 7 of the DHCP
> protocol specification [DHCP].
What about RFC 3118?
> iSNS security considerations are discussed in [iSNS] and [SEC-IPS].
> With regard to security considerations specific to the use of this
> DHCP option to discover the location of the iSNS server, exposure to
> a "man-in-the-middle" attack by an hostile entity modifying or
> replacing the original iSNS option message should be considered a
> potential security exposure. To prevent an attacker from weakening
> the required security and potentially tricking the iSNS client into
> connecting into rogue iSNS servers, reliance on local security
> policy configuration is an appropriate countermeasure.
This says almost nothing. What can happen if there is a man-in-the
middle? Really bad things? or just DOS? And what "local security
policy configuration" helps mitigate the threats?
Thomas
_______________________________________________
dhcwg mailing list
dhcwg@ietf.org
https://www1.ietf.org/mailman/listinfo/dhcwg
- [dhcwg] AD review of draft-ietf-dhc-isnsoption-05… Thomas Narten
- [dhcwg] RE: AD review of draft-ietf-dhc-isnsoptio… Charles Monia
- [dhcwg] RE: AD review of draft-ietf-dhc-isnsoptio… Charles Monia