[dnssd] Secdir telechat review of draft-ietf-dnssd-srp-23

Joey Salazar via Datatracker <noreply@ietf.org> Tue, 08 August 2023 19:32 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: dnssd@ietf.org
Delivered-To: dnssd@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F0D9C13AE32; Tue, 8 Aug 2023 12:32:02 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Joey Salazar via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: dnssd@ietf.org, draft-ietf-dnssd-srp.all@ietf.org, last-call@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 11.5.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <169152312263.24934.16256094577792938802@ietfa.amsl.com>
Reply-To: Joey Salazar <joeygsal@gmail.com>
Date: Tue, 08 Aug 2023 12:32:02 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssd/BLVmfAj8F8rI554HOgAksDHfeBk>
Subject: [dnssd] Secdir telechat review of draft-ietf-dnssd-srp-23
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.39
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Aug 2023 19:32:02 -0000

Reviewer: Joey Salazar
Review result: Has Nits

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

Please note that I previously reviewed version 20 of this draft and at that
time stated that the document was "Ready with Nits/Has Nits"

I am therefore only reviewing the differences between version 20 and current
version (23)

The summary of the review is: Ready with nits

Major Concerns: None

Minor Concerns: None
The minor concern highlighted in the previous review has been addressed with
the text added to 6.3.  Risks of allowing arbitrary names to be registered in
SRP updates

Nits:

1.  Introduction
The mention of authentication in mDNS might be confusing, perhaps something
along the lines "In this regard, our goal with this specification is
   to impose similar constraints to mDNS [RFC6762], which allows arbitrary
   hosts on a single IP link to advertise services [RFC6763] and relies on
   whatever service is advertised to provide authentication. This pratice in
   mDNS is considered reasonably safe because it requires physical presence on
   the network in order to advertise, with an off-network mDNS attack simply
   being not possible. Because of this you will see..."

Alternatively, shorter text in the introduction section might make the text
more concise, with these new paragraphs explaining the reasoning either in
Section 3.3.3 FCFS Name And Signature Validation or a subsection of its own.
The shorter text could be along the lines "Section x explains the reasoning for
a limited/constrained authentication scope in this protocol"

6.  Security Considerations
Even though specifying key management policies is out of scope, perhaps it
could be worthwhile to add a short mention that "If a key that is used for SRP
is also used for
   other purposes" it could represent a vulnerability.

Other than these remarks, I continue to find the document easy to read and to
follow, with good use of highlights of related protocols and RFCs.

Thank you for your work.