Re: [dtn] Éric Vyncke's No Objection on draft-ietf-dtn-bpsec-18: (with COMMENT)

"Birrane, Edward J." <Edward.Birrane@jhuapl.edu> Sat, 08 February 2020 00:42 UTC

Return-Path: <Edward.Birrane@jhuapl.edu>
X-Original-To: dtn@ietfa.amsl.com
Delivered-To: dtn@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 533E71200B6; Fri, 7 Feb 2020 16:42:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=jhuapl.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IMdbDpxEBaZY; Fri, 7 Feb 2020 16:42:00 -0800 (PST)
Received: from aplegw01.jhuapl.edu (aplegw01.jhuapl.edu [128.244.251.168]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 123971200B3; Fri, 7 Feb 2020 16:41:59 -0800 (PST)
Received: from pps.filterd (aplegw01.jhuapl.edu [127.0.0.1]) by aplegw01.jhuapl.edu (8.16.0.42/8.16.0.42) with SMTP id 0180dgZ7187069; Fri, 7 Feb 2020 19:41:58 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jhuapl.edu; h=from : to : cc : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version : subject; s=JHUAPLDec2018; bh=R/gwMHmp56PVSRl1L6HjWkbh9Dt3tuuRmfgL2D4O1l0=; b=VfXNzw+kQk00aPsb/m2WPNULfMQncgiVCR8ZSwGAOE2qVs/3n1xn5A9G3LyMnX5iDCmf IocstedptGx92i9rMcdTGxJNX9zuArmtiHdx3ayfUeBGGcAC/HO2CTjSi3LSRiI4YYJ8 AC4kRi3fx3pb9y89Yt+6IZNyQa5c7RyOBBQopa18AfgFkT+DDgt71f29pX1/b2SQR5iJ CW8v1l7YyshmQS5t0luHB6hVi5CljiuuZput9LttC/jL+6lEpQ9ANSGsqhWnrx0NLe/C KNwV4Pp/e6aEVS83LAEoLYyf2KgggcB8QVfhD/ZxG3JBx49NpsAY2jpYAS/d1D2ECPS7 fA==
Received: from aplex03.dom1.jhuapl.edu (aplex03.dom1.jhuapl.edu [128.244.198.7]) by aplegw01.jhuapl.edu with ESMTP id 2y1ctqh3v6-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Fri, 07 Feb 2020 19:41:58 -0500
X-CrossPremisesHeadersFilteredBySendConnector: APLEX03.dom1.jhuapl.edu
Received: from aplex01.dom1.jhuapl.edu (128.244.198.5) by APLEX03.dom1.jhuapl.edu (128.244.198.7) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 7 Feb 2020 19:41:57 -0500
Received: from aplex01.dom1.jhuapl.edu ([fe80::19f5:dcc5:c696:1a50]) by aplex01.dom1.jhuapl.edu ([fe80::19f5:dcc5:c696:1a50%25]) with mapi id 15.00.1473.003; Fri, 7 Feb 2020 19:41:57 -0500
From: "Birrane, Edward J." <Edward.Birrane@jhuapl.edu>
To: Éric Vyncke <evyncke@cisco.com>, The IESG <iesg@ietf.org>
CC: "draft-ietf-dtn-bpsec@ietf.org" <draft-ietf-dtn-bpsec@ietf.org>, Scott Burleigh <Scott.C.Burleigh@jpl.nasa.gov>, "dtn-chairs@ietf.org" <dtn-chairs@ietf.org>, "dtn@ietf.org" <dtn@ietf.org>
Thread-Topic: [EXT] Éric Vyncke's No Objection on draft-ietf-dtn-bpsec-18: (with COMMENT)
Thread-Index: AQHV3N4hXOJou/82nUGMJombv/qKQagQdLbA
Date: Sat, 08 Feb 2020 00:41:56 +0000
Message-ID: <461cde20a45a43e383741946a6fecf30@aplex01.dom1.jhuapl.edu>
References: <158098746535.12238.7635413468192921667.idtracker@ietfa.amsl.com>
In-Reply-To: <158098746535.12238.7635413468192921667.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [128.244.198.168]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OrganizationHeadersPreserved: APLEX03.dom1.jhuapl.edu
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.572 definitions=2020-02-07_06:2020-02-07, 2020-02-07 signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dtn/6EUf42BcvwgOLqj6xMLGd8ak_SA>
Subject: Re: [dtn] Éric Vyncke's No Objection on draft-ietf-dtn-bpsec-18: (with COMMENT)
X-BeenThere: dtn@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Delay Tolerant Networking \(DTN\) discussion list at the IETF." <dtn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtn>, <mailto:dtn-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dtn/>
List-Post: <mailto:dtn@ietf.org>
List-Help: <mailto:dtn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtn>, <mailto:dtn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 08 Feb 2020 00:42:02 -0000

Éric,

  Thank you for the review of BPSEC.  I have updated a new BpSec (BpSec-20) and a new interop-sc (ietf-dtn-bpsec-interop-sc-01) which addresses some of your comments below. 

  Specific comments are in-line below.  I have enumerated the comment items as **C# to aid in referencing these points going forward.

Edward J. Birrane, III, Ph.D.
Embedded Applications Group Supervisor
Principal Staff, Space Exploration Sector
Johns Hopkins Applied Physics Laboratory
(W) 443-778-7423 / (F) 443-228-3839


-----Original Message-----
From: Éric Vyncke via Datatracker <noreply@ietf.org> 
Sent: Thursday, February 6, 2020 6:11 AM
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-dtn-bpsec@ietf.org; Scott Burleigh <Scott.C.Burleigh@jpl.nasa.gov>; dtn-chairs@ietf.org; Scott.C.Burleigh@jpl.nasa.gov; dtn@ietf.org
Subject: [EXT] Éric Vyncke's No Objection on draft-ietf-dtn-bpsec-18: (with COMMENT)

APL external email warning: Verify sender noreply@ietf.org before clicking links or attachments 

Éric Vyncke has entered the following ballot position for
draft-ietf-dtn-bpsec-18: No Objection

When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-dtn-bpsec/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

Thank you for the work put into this document.

I hope that this helps to improve the document,

Regards,

-éric

-- Section 2.3 --
About
  "a waypoint node, representing a
   gateway to an insecure portion of the DTN, may receive the bundle and
   choose to apply a confidentiality service"
how could the bundle destination could recover the plain text if there is no security association with the encrypting waypoint? Or is it simple hop-by-hop encryption ?

**C1: The WG decision was to decouple routing and security. A gateway node may encrypt using a BCB and the bundle could get to the destination without going through a decrypting node. In cases where this is a practical problem, the WG recommends encapsulating the bundle into another bundle and addressing the encapsulating bundle to a waypoint known to be able to decrypt. It is not expected that this encryption is only hop-by-hop encryption. If a bundle with a BCB reaches a waypoint which can (and has policy to) decrypt, it is expected that the security context ID plus the values of any security context parameters are sufficient to allow the waypoint to decrypt. 

-- Section 3.2 --
Why not supporting multiple integrity-checks/signatures? After all, this would allow the support of more than 1 integrity check / signature algorithm?
(Obvioulsy, this cannot be done for confidentility -- except if transmitting multiple copies). There are some text related to this in section 3.7.

**C2: The WG approach was to - later - define a security context that carried these signatures as multiple security results in 1 BIB instead of multiple BIBs. 

-- Section 8.2.4 --
More details about anti-replay of a DTN message would be welcome. E.g., is the bundle age field used ?

**C3: It is not clear that any additional analysis for that would change the normative portions of BPSec. There may be some additional analysis here using different extension blocks but that is still analysis ongoing within the WG.

-- Section 9.2 --
This section is a list of issues with BPsec but are there other WG items attempting to solve those issues ? draft-ietf-dtn-bpsec-interop-sc does not seem to cover those issues.

**C4: It is envisioned  that the WG will provide multiple security contexts to cover multiple cases. The interop security contexts should  be going to WG last call, and we will draft a security context (1 or more) relating to security on the Internet for BPSec nodes that operate on the Internet.