Re: [Gen-art] Gen-ART Last Call review of draft-ietf-csi-hash-threat-10
Suresh Krishnan <suresh.krishnan@ericsson.com> Wed, 29 September 2010 05:22 UTC
Return-Path: <suresh.krishnan@ericsson.com>
X-Original-To: gen-art@core3.amsl.com
Delivered-To: gen-art@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DAD7A3A6C30 for <gen-art@core3.amsl.com>; Tue, 28 Sep 2010 22:22:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.506
X-Spam-Level:
X-Spam-Status: No, score=-102.506 tagged_above=-999 required=5 tests=[AWL=0.093, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E83EJW9fohXU for <gen-art@core3.amsl.com>; Tue, 28 Sep 2010 22:22:11 -0700 (PDT)
Received: from imr3.ericy.com (imr3.ericy.com [198.24.6.13]) by core3.amsl.com (Postfix) with ESMTP id A5BEE3A6C07 for <gen-art@ietf.org>; Tue, 28 Sep 2010 22:22:11 -0700 (PDT)
Received: from eusaamw0706.eamcs.ericsson.se ([147.117.20.31]) by imr3.ericy.com (8.13.8/8.13.8) with ESMTP id o8T5MrFq012857 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 29 Sep 2010 00:22:53 -0500
Received: from [142.133.10.113] (147.117.20.213) by eusaamw0706.eamcs.ericsson.se (147.117.20.91) with Microsoft SMTP Server id 8.2.234.1; Wed, 29 Sep 2010 01:22:53 -0400
Message-ID: <4CA2CC22.7000500@ericsson.com>
Date: Wed, 29 Sep 2010 01:18:26 -0400
From: Suresh Krishnan <suresh.krishnan@ericsson.com>
User-Agent: Thunderbird 2.0.0.24 (X11/20100411)
MIME-Version: 1.0
To: McCann Peter-A001034 <pete.mccann@motorola.com>
References: <274D46DDEB9F2244B2F1EA66B3FF54BC078E14F6@de01exm70.ds.mot.com>
In-Reply-To: <274D46DDEB9F2244B2F1EA66B3FF54BC078E14F6@de01exm70.ds.mot.com>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: "gen-art@ietf.org" <gen-art@ietf.org>, "draft-ietf-csi-hash-threat.all@tools.ietf.org" <draft-ietf-csi-hash-threat.all@tools.ietf.org>
Subject: Re: [Gen-art] Gen-ART Last Call review of draft-ietf-csi-hash-threat-10
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Sep 2010 05:22:14 -0000
Hi Pete, Thanks for the comments. Please find responses inline. On 10-09-23 11:30 AM, McCann Peter-A001034 wrote: > I am the assigned Gen-ART reviewer for this draft. For background on > Gen-ART, please see the FAQ at > <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. > > Please resolve these comments along with any other Last Call comments > you may receive. > > Document: draft-ietf-csi-hash-threat-10 > Reviewer: Pete McCann > Review Date: 23 September 2010 > IETF LC End Date: 27 September 2010 > IESG Telechat date: unknown > > Summary: Not quite ready > > Major issues: > > Section 3.2: > For this attack to succeed the attacker needs to predict the content > of all fields (some of them are human-readable) appearing before the > public key including the serial number and validity periods. Even > though a relying party cannot verify the content of these fields, the > CA can identify the forged certificate, if necessary. > This section omits a lot of discussion that was in the previous version > of the draft. It seems like a forged certificate, even with falsified > serial numbers and validity periods, could still do damage. Detecting > the forgery after-the-fact by the CA doesn't really help. Or are you > saying that the client should use OCSP to check the current validity > of the signature? How does it run OCSP before it gets Internet > connectivity? The sec-dir reviews pointed out that this discussion is already covered in the normative references and should not be repeated here. That is why we removed it. As far as forged certificates go, the client will use CRLs to verify the certificate. As specified in section 6.3.1. of SEND (RFC3971) the client will accept the certificate provisionally since it does not have any internet connectivity. Once internet connectivity is established, the client will perform the CRL check. If the CRL check fails or if the router interferes with the CRL check the client will stop using the router as a default router as specified in RFC3971. > > Section 3.3: > Since the structure of > the Neighbor Discovery messages is well defined, it is not possible > to use this vulnerability in real world attacks. > Need a little more discussion here justifying this statement. Are > you saying that the attacker does not have enough flexibility in > choosing the message contents to carry out the collision attack? Yes. Not only is the structure of the messages fixed. A lot of the contents inside the ND message fields only have a small range of valid values. > > > Minor issues: > > Nits/editorial comments: > > Section 1 Introduction: > Discovery(ADD) > SHOULD BE: > Discovery (ADD) > > The document > SHOULD BE: > This document > > Section 3: > theaforementioned > SHOULD BE: > the aforementioned > > protocols . > SHOULD BE: > protocols. > > Section 3.1: > Since CGAs do not > provide non-repudiation features anyway. > SHOULD BE: > CGAs do not > provide non-repudiation features anyway. > > Section 3.2: > an certificate > SHOULD BE: > a certificate > I will fix all of these typos in a new revision. Thanks Suresh
- [Gen-art] Gen-ART Last Call review of draft-ietf-… McCann Peter-A001034
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Suresh Krishnan