Re: [dtn] AD review of draft-ietf-dtn-bpsec-default-sc-02
Rick Taylor <rick@tropicalstormsoftware.com> Fri, 09 April 2021 07:59 UTC
Return-Path: <rick@tropicalstormsoftware.com>
X-Original-To: dtn@ietfa.amsl.com
Delivered-To: dtn@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A297E3A14F9 for <dtn@ietfa.amsl.com>; Fri, 9 Apr 2021 00:59:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R_Q6Tk6wqzOA for <dtn@ietfa.amsl.com>; Fri, 9 Apr 2021 00:59:48 -0700 (PDT)
Received: from mail.tropicalstormsoftware.com (mail.tropicalstormsoftware.com [188.94.42.120]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 92ABA3A14FA for <dtn@ietf.org>; Fri, 9 Apr 2021 00:59:47 -0700 (PDT)
Received: from tss-server1.home.tropicalstormsoftware.com ([fe80::48e4:acbb:6065:8168]) by tss-server1.home.tropicalstormsoftware.com ([fe80::48e4:acbb:6065:8168%16]) with mapi id 14.03.0513.000; Fri, 9 Apr 2021 08:59:44 +0100
From: Rick Taylor <rick@tropicalstormsoftware.com>
To: "zaheduzzaman.sarker@ericsson.com" <zaheduzzaman.sarker@ericsson.com>, "dtn@ietf.org" <dtn@ietf.org>, "Edward.Birrane@jhuapl.edu" <Edward.Birrane@jhuapl.edu>
CC: "magnus.westerlund@ericsson.com" <magnus.westerlund@ericsson.com>
Thread-Topic: AD review of draft-ietf-dtn-bpsec-default-sc-02
Thread-Index: AQHXH1vax7LWSJVgGEW7LhnHV51gYaqaUmZQgAOJLQCACcDOsIAD56AAgABZGoA=
Date: Fri, 09 Apr 2021 07:59:43 +0000
Message-ID: <01fde9bd754f4578f6e81b10e8b22dea77de89c4.camel@tropicalstormsoftware.com>
References: <EAF9AEEC-B28E-48AC-BE47-1DAD6FA3609B@ericsson.com> <7b1238eb22fa41cd826548c5a53f2e42@aplex01.dom1.jhuapl.edu> <1663F867-DB26-4B00-B341-EAE4AB84D39B@ericsson.com> <38A5475DE83986499AEACD2CFAFC3F9801F5A55580@tss-server1.home.tropicalstormsoftware.com> <D0F15504-4889-4ADF-BD74-DFB82D1C4F6A@ericsson.com>
In-Reply-To: <D0F15504-4889-4ADF-BD74-DFB82D1C4F6A@ericsson.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Evolution 3.38.1-1
x-originating-ip: [2a02:1648:4000:120::5]
Content-Type: text/plain; charset="utf-8"
Content-ID: <40F8FEB084059846AE7853961877A92E@home.tropicalstormsoftware.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dtn/XD7oXf5BkPcSDJLgh2eg-g25PzQ>
Subject: Re: [dtn] AD review of draft-ietf-dtn-bpsec-default-sc-02
X-BeenThere: dtn@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Delay Tolerant Networking \(DTN\) discussion list at the IETF." <dtn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtn>, <mailto:dtn-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dtn/>
List-Post: <mailto:dtn@ietf.org>
List-Help: <mailto:dtn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtn>, <mailto:dtn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Apr 2021 07:59:53 -0000
Hi Zahed, Okay.. I agree there is value in recording that key management is a potential source of complication, and the detail isn't covered in this document. @Ed: Does that work for you? Cheers, Rick On Thu, 2021-04-08 at 23:40 +0000, Zaheduzzaman Sarker wrote: > Hello Rick, > > Thanks for the pointers. I have skimmed through the IETF100 minutes > but could not really find notes on key management discussion. I > certainly found the decision behind separate sec context document. > So, that was somewhat helpful to get the context. > > Now, if the WG has a consensus that "this limitation is appropriate > for now > > for this default security context and the DTN WG is looking to > determine > > delay-tolerant key management strategies in the future." As > mentioned by Edward in his response. > I think the bpsec-default-sc document should describe the potential > issues due to lack of proper key management and explain why this > limitation is OK for default security context. Basically recording > that the WG is aware of issues and has well thought decision for > default security context. > > > BR > Zahed > > On 2021-04-06, 16:08, "Rick Taylor" <rick@tropicalstormsoftware.com> > wrote: > > Hi Zahed, > > Just as a bit of clarification to your point re Key Management. > > The working group has discussed key management a couple of times > (IETF-100 in particular) and there is at least one proposed solution, > however the rough consensus of the group is that this topic is tricky > to get right in a couple of paragraphs in either BPSec or in this > document (which we intend to be as short and simple as possible), and > therefore it would be better to not attempt a lose definition before > the WG has a firmer view on best practice, and have to update these > documents. > > To that end, Key Management as a work item for the group is a > firm proposal for the re-chartering, and there seems to be sufficient > interest and excitement in the group to get it done. > > References: IETF-100 minutes and mailing list - I can't find a > single obvious thread on the mailing list unfortunately. > > Cheers, > > Rick > > > -----Original Message----- > > From: dtn [mailto:dtn-bounces@ietf.org] On Behalf Of > Zaheduzzaman Sarker > > Sent: 31 March 2021 08:07 > > To: Birrane, Edward J.; dtn@ietf.org > > Cc: Magnus Westerlund > > Subject: Re: [dtn] AD review of draft-ietf-dtn-bpsec-default- > sc-02 > > > > Hi Edward, > > > > Thanks for the update. The -03 version addresses most of the > comments and > > concerns. > > > > See my further comments inline below with [ZS]. > > > > BR > > Zahed > > > > On 2021-03-29, 05:43, "Birrane, Edward J." > <Edward.Birrane@jhuapl.edu> > > wrote: > > > > > > > * It would be good for the user of this document to > capture the reason > > > behind selecting HMAC-SHA and AES-GCM in respective > overview section > > > (section 3.1 and section 4.1). > > > > C3: Agreed. I have added reasons for selection in 3.1 and > 4.1 in the -03 > > version. > > > > [ZS] Thanks, this is a good addition. > > > > In section 4.1 : > > > > The BCB-AES-GCM security context shall have the security > context > > identifier specified in Section 5.1. > > > > is this "shall" should be a "MUST" as described in Section 3.1? > > > > > > > * Section 3.3.2 and Section 3.5 : > > > It seems like some sort of key-id might be required to > resolve > > > this. The BPsec does not define any generic key-id and it > is neither > > defined > > > here. It might become an issue for interoperability. > > > > C5: Agreed this might become an issue for > interoperability. For example, if > > the policies for requiring security operations differ on > different nodes there > > may be interop problems. Similarly, if the policies for key > > generation/communication differ on different nodes, there may > be interop > > problems. The DTNWG consensus was this limitation is > appropriate for now > > for this default security context and the DTN WG is looking to > determine > > delay-tolerant key management strategies in the future. > > > > [ZS] Ok, is this consensus documented somewhere? Meeting notes > or email > > thread or whatever? > > > > > > > > > * Section 4.3.2 : > > > Does this "security policy" refers to local security > policy? > > > > C15: Yes. Security policy at the source, verifier, or > acceptor is meant to > > imply the local security policy at the node. > > > > [ZS] Ok, then clearly stating that helps. It was clearly > mention in the other > > place(s). > > > > > > > * Section 6.3 > > > > > > To me this security considerations for fragmentation > belongs to BPsec > > as > > > the main technical issues on fragmentation are described > there. > > > > C17: I would support removing the fragmentation section > from this > > document and including it in some other broader-scoped document > on DTN > > security, though perhaps not the BPSec document itself because > the issues > > with fragmentation can extend beyond the insertion and handling > of security > > blocks. > > > > [ZS] I don't think removing the fragmentation section from this > document to > > some other document actually helps. This is a very important > aspect of the > > security context and I think it is better to be decisive about > it now. If moved > > to BPSec then other documents , specially security context > documentation, > > can just refer to it. The question really is, where does it > make more sense put > > there it is in line with the context of the content of the > document? Right now > > I see that is BPsec. > > > > > > > I would also like to draw attention to the SECART review > (Thanks to the > > > SECART team and Christian Huitema) proposing test vectors > to mitigate > > > interoperability issue pointed out by the reviewer. This > seems like a good > > > proposal to include in this specification. > > > > > > C18: Agreed and grateful for the review! As mentioned in my > comments to > > the SECART review and similar to C17 above, I think that > example encodings > > are a very useful concept, but would ultimately be useful at > showing bundle > > structure and security block structure. Rather than repeating > such encodings > > in all future security context documents, I propose the DTN WG > consider the > > best way to produce this broader-scope documentation. > > > > [ZS] I see the test vectors related to the applicability of the > this document > > hence this need to be considered well. Failing to assure > interoperability > > actually undermine the intention of this document, hence any > tools to help > > achieving that goal is worth putting effort into. Also we need > to make sure > > the test vector is actually usable by more than one > implementation. I would > > be happy if DTN WG comes up with a best way forward here. > > > > > > > > _______________________________________________ > > dtn mailing list > > dtn@ietf.org > > https://www.ietf.org/mailman/listinfo/dtn >
- [dtn] AD review of draft-ietf-dtn-bpsec-default-s… Zaheduzzaman Sarker
- Re: [dtn] AD review of draft-ietf-dtn-bpsec-defau… Birrane, Edward J.
- Re: [dtn] AD review of draft-ietf-dtn-bpsec-defau… Zaheduzzaman Sarker
- Re: [dtn] AD review of draft-ietf-dtn-bpsec-defau… Brian Sipos
- Re: [dtn] AD review of draft-ietf-dtn-bpsec-defau… Rick Taylor
- Re: [dtn] AD review of draft-ietf-dtn-bpsec-defau… Zaheduzzaman Sarker
- Re: [dtn] AD review of draft-ietf-dtn-bpsec-defau… Rick Taylor
- Re: [dtn] AD review of draft-ietf-dtn-bpsec-defau… Birrane, Edward J.
- Re: [dtn] AD review of draft-ietf-dtn-bpsec-defau… Birrane, Edward J.
- Re: [dtn] AD review of draft-ietf-dtn-bpsec-defau… Martin Duke
- Re: [dtn] AD review of draft-ietf-dtn-bpsec-defau… Mehmet Adalier
- Re: [dtn] [EXT] Re: AD review of draft-ietf-dtn-b… Birrane, Edward J.
- Re: [dtn] [EXT] Re: AD review of draft-ietf-dtn-b… R. Atkinson
- Re: [dtn] [EXT] Re: AD review of draft-ietf-dtn-b… Martin Duke
- Re: [dtn] [EXT] Re: AD review of draft-ietf-dtn-b… Birrane, Edward J.
- Re: [dtn] [EXT] Re: AD review of draft-ietf-dtn-b… Martin Duke
- Re: [dtn] [EXT] Re: AD review of draft-ietf-dtn-b… Birrane, Edward J.
- Re: [dtn] [EXT] Re: AD review of draft-ietf-dtn-b… Martin Duke
- Re: [dtn] [EXT] Re: AD review of draft-ietf-dtn-b… Zaheduzzaman Sarker