Re: [dna] next steps on draft-ietf-dna-simple

Jari Arkko <jari.arkko@piuha.net> Thu, 10 December 2009 16:52 UTC

Return-Path: <jari.arkko@piuha.net>
X-Original-To: dna@core3.amsl.com
Delivered-To: dna@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8142D3A6AA2; Thu, 10 Dec 2009 08:52:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.545
X-Spam-Level:
X-Spam-Status: No, score=-2.545 tagged_above=-999 required=5 tests=[AWL=0.054, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wSY5d8u8PqJK; Thu, 10 Dec 2009 08:52:11 -0800 (PST)
Received: from p130.piuha.net (p130.piuha.net [IPv6:2001:14b8:400::130]) by core3.amsl.com (Postfix) with ESMTP id 48C743A6A94; Thu, 10 Dec 2009 08:52:11 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by p130.piuha.net (Postfix) with ESMTP id 97767D4988; Thu, 10 Dec 2009 18:51:59 +0200 (EET)
X-Virus-Scanned: amavisd-new at piuha.net
Received: from p130.piuha.net ([127.0.0.1]) by localhost (p130.piuha.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id blkfGyvk3nJt; Thu, 10 Dec 2009 18:51:59 +0200 (EET)
Received: from [IPv6:::1] (unknown [IPv6:2001:14b8:400::130]) by p130.piuha.net (Postfix) with ESMTP id F11D4D4974; Thu, 10 Dec 2009 18:51:58 +0200 (EET)
Message-ID: <4B21272D.7060605@piuha.net>
Date: Thu, 10 Dec 2009 18:51:57 +0200
From: Jari Arkko <jari.arkko@piuha.net>
User-Agent: Thunderbird 2.0.0.23 (X11/20090817)
MIME-Version: 1.0
To: Bernard Aboba <bernard_aboba@hotmail.com>
References: <4B0655CB.2040309@piuha.net> <4B203D25.5090409@ericsson.com> <BLU137-DS1F32A2E3E81C6B537AB94938D0@phx.gbl>
In-Reply-To: <BLU137-DS1F32A2E3E81C6B537AB94938D0@phx.gbl>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: 'DNA' <dna@eng.monash.edu.au>, dna@ietf.org, draft-ietf-dna-simple@tools.ietf.org, 'IESG' <iesg@ietf.org>, 'Lars Eggert' <lars.eggert@nokia.com>
Subject: Re: [dna] next steps on draft-ietf-dna-simple
X-BeenThere: dna@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DNA working group mailing list <dna.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dna>, <mailto:dna-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dna>
List-Post: <mailto:dna@ietf.org>
List-Help: <mailto:dna-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dna>, <mailto:dna-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Dec 2009 16:52:12 -0000

Bernard,

>> The DNA procedure does not in itself provide positive, secure 
>> authentication of the router(s) on the network, or authentication of
>> the network itself, as e.g. would be provided by mutual authentication
>> at the link layer. Therefore when such assurance is not available, the
>> host MUST NOT make any security-sensitive decisions based on the DNA
>> procedure. In particular, it MUST NOT decide it has rejoined a network
>> known to be physically secure, and proceed to abandon cryptographic
>> protection.
>>     
>
> This text doesn't make sense.  In the case where DNA is based on SEND, DNA
> does provide positive,
> secure authentication of the router(s) on the network.  Also, the document
> describes how 
> secure address determination, where present, takes precedence over DNA. 
>   

Ok. How about this:

"Unless SEND or other form of secure address configuration is used, the 
DNA procedure does not in itself provide positive, secure authentication 
of the router(s) on the network, or authentication of the network 
itself, as e.g. would be provided by mutual authentication at the link 
layer. Therefore when such assurance is not available, the host MUST NOT 
make any security-sensitive decisions based on the DNA procedure alone. 
In particular, it MUST NOT decide it has rejoined a network known to be 
physically secure, and proceed to abandon cryptographic protection."

Jari