Re: [GROW] WGLC: draft-ietf-grow-simple-leak-attack-bgpsec-no-help
Christopher Morrow <christopher.morrow@gmail.com> Tue, 13 May 2014 03:36 UTC
Return-Path: <christopher.morrow@gmail.com>
X-Original-To: grow@ietfa.amsl.com
Delivered-To: grow@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8367B1A03B5; Mon, 12 May 2014 20:36:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F32f1SuCiMhW; Mon, 12 May 2014 20:35:59 -0700 (PDT)
Received: from mail-lb0-x22f.google.com (mail-lb0-x22f.google.com [IPv6:2a00:1450:4010:c04::22f]) by ietfa.amsl.com (Postfix) with ESMTP id EECFB1A0829; Mon, 12 May 2014 20:35:58 -0700 (PDT)
Received: by mail-lb0-f175.google.com with SMTP id l4so8039239lbv.20 for <multiple recipients>; Mon, 12 May 2014 20:35:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=qGKFOhe4KxE7+l+GKD+65KQdDDJnHCjrebwAbsjA0mw=; b=l7COs7ox+z7vI2r2wVfAHONsneEXXjJoHtxa7sKa1Rgyc9ylJ50nlL1OqPanzfDBeq jzCkddvDZEbmWpQ3TaPTATw0U0Dk1NsYKTqjqNN+SeWggSz3ot9SOlg1IpxVlt7EvzoW bMZW7dsdso9fQev7IjO+7RgFIXII/K9NCxITyFjVUUkxWRmqHYyQdPbMwRDoWdVBh6te wBTgG/MUrh+zqR97etKVTPNMnd2CjOXDAhiw3VC/DJwzE/qPxxaH0Et4lCZKhjXb8eQE o/r8JsIEuxE47TregpLBcrL7XW42nX5AezQTfbyjwghXQ7A8ZgJUGdV5Y+DkvVoXvoYs Xdvg==
MIME-Version: 1.0
X-Received: by 10.112.46.97 with SMTP id u1mr35998lbm.50.1399952152072; Mon, 12 May 2014 20:35:52 -0700 (PDT)
Received: by 10.114.95.74 with HTTP; Mon, 12 May 2014 20:35:52 -0700 (PDT)
In-Reply-To: <CF96AEDB.1B684%wesley.george@twcable.com>
References: <CAL9jLabRKA2gezfRdzND1TSYMJO+a_4mVV+M302cLBFTUwYmTQ@mail.gmail.com> <CF96AEDB.1B684%wesley.george@twcable.com>
Date: Mon, 12 May 2014 23:35:52 -0400
Message-ID: <CAL9jLaZ9J52Dt5n1Wk2KYTqwzmefGxvq-bRcfMfhWBNwf_6ZGg@mail.gmail.com>
From: Christopher Morrow <christopher.morrow@gmail.com>
To: "George, Wes" <wesley.george@twcable.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/grow/aiRaf4ncEQuc7_kDFY1eT1wCYm4
Cc: "grow-chairs@ietf.org" <grow-chairs@ietf.org>, "grow@ietf.org grow@ietf.org" <grow@ietf.org>
Subject: Re: [GROW] WGLC: draft-ietf-grow-simple-leak-attack-bgpsec-no-help
X-BeenThere: grow@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Grow Working Group Mailing List <grow.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/grow>, <mailto:grow-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/grow/>
List-Post: <mailto:grow@ietf.org>
List-Help: <mailto:grow-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/grow>, <mailto:grow-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 May 2014 03:36:01 -0000
I should have noted in my follow-up email: "I'm not expressing an opinion about the document, but here are a few suggestions/questions" Sorry for not being clear about that. On Mon, May 12, 2014 at 5:42 PM, George, Wes <wesley.george@twcable.com> wrote: > I see a thread dated 2013 Nov in GROW, in which substantive discussion and > comments were provided after -03 was published, in which the authors > mainly just expressed why they were frustrated with SIDR and the IETF in > general for in their minds, ignoring this problem because it was hard, > rather than addressing the concerns raised within the WG. -04 is a > keepalive to reset the expiration date with no substantive updates. Why > are we now talking about WGLC? > Chris, you were one of the ones who said that your comments hadn’t been > addressed yet. yup, and there was some discussion which petered out after a while. Regarding my questions/comments/suggestions to the previous (or original even) version of the document, I don't recall hearing back about those, i figured that either I was in the weeds (I didn't think so) or someone else decided that my suggestions/comments didn't quite fit into the document. that's sort of a shame, but if i'm in the weeds: "ok". > (https://mailarchive.ietf.org/arch/msg/grow/0ho_RU3e15TCvp4p8ScCeObk42Y) > > Substantive comments: > This document provides one example of a route leak causing a problem that > BGPSec does not protect against, but still does not do much to provide > guidance on how such a leak would be systematically identified, It does > note that there are data supporting the assertion that this is a real > problem, and imply that perhaps additional analysis of that data would > reveal more information. I don’t think that anyone would dispute that this > is a valid attack. However: > "This document is meant to provide input into routing protocol design > choices being > considered within the IETF, and to foster discussion of the practical > implications of "policy" and "intent" in operational routing system > security." > > This document provides no actionable guidance beyond articulating the > basics of the attack, certainly no meaningful discussion of policy vs > intent other than to note that discerning intent is difficult, and as such possibly the authors are aiming at just defining what a leak is (one example type) so discussions can progress beyond 'what is a route leak again? can you point me at an RFC/definition of same?' I think this was part of the impetus for the document, or that's what I recall. > the draft is absolutely not ready for publication if the above is its > goal. We’re not hiding behind SIDR’s carefully crafted requirements and > charter here, so let’s actually have the discussion about policy and > intent and see if we can come to some consensus on how to use that info to > define a route leak such that we can first systematically find, and then > protect against it. I absolutely want to see a solution to this problem, > but one example/existence proof isn’t enough to get us moving in that > direction. > > Thanks, > > Wes > > > > On 5/12/14, 9:59 AM, "Christopher Morrow" <christopher.morrow@gmail.com> > wrote: > >>Working Group Folks: >> >>The authors of draft-ietf-grow-simple-leak-attack-bgpsec-no-help would >>like to bring the draft to WGLC, this is that LC. Please have a read >>through: >> >> >><https://datatracker.ietf.org/doc/draft-ietf-grow-simple-leak-attack-bgpse >>c-no-help/?include_text=1> >> >>Who's abstract is: >> "This document describes a very simple attack vector that illustrates >> how RPKI-enabled BGPSEC machinery as currently defined can be easily >> circumvented in order to launch a Man In The Middle (MITM) attack via >> BGP. It is meant to serve as input to the IETF's Global Routing >> Operations Working group (GROW) during routing security requirements >> discussions and subsequent specification." >> >>and raise questions/comments/suggestions/eggs on this list. >> >>I expect this WGLC to last for the normal 2wk period ending: >> 26-May-2014 >> >>-chris >>grow-co-chair >> >>_______________________________________________ >>GROW mailing list >>GROW@ietf.org >>https://www.ietf.org/mailman/listinfo/grow > > > This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout.
- [GROW] WGLC: draft-ietf-grow-simple-leak-attack-b… Christopher Morrow
- Re: [GROW] WGLC: draft-ietf-grow-simple-leak-atta… Christopher Morrow
- Re: [GROW] WGLC: draft-ietf-grow-simple-leak-atta… George, Wes
- Re: [GROW] WGLC: draft-ietf-grow-simple-leak-atta… Danny McPherson
- Re: [GROW] WGLC: draft-ietf-grow-simple-leak-atta… Christopher Morrow
- Re: [GROW] WGLC: draft-ietf-grow-simple-leak-atta… George, Wes
- Re: [GROW] WGLC: draft-ietf-grow-simple-leak-atta… George, Wes
- Re: [GROW] WGLC: draft-ietf-grow-simple-leak-atta… Danny McPherson
- Re: [GROW] WGLC: draft-ietf-grow-simple-leak-atta… Jeffrey Haas
- Re: [GROW] WGLC: draft-ietf-grow-simple-leak-atta… Danny McPherson
- Re: [GROW] WGLC: draft-ietf-grow-simple-leak-atta… Jeffrey Haas
- Re: [GROW] WGLC: draft-ietf-grow-simple-leak-atta… Danny McPherson
- Re: [GROW] WGLC: draft-ietf-grow-simple-leak-atta… George, Wes
- Re: [GROW] WGLC: draft-ietf-grow-simple-leak-atta… Christopher Morrow
- Re: [GROW] WGLC: draft-ietf-grow-simple-leak-atta… Sandra Murphy
- Re: [GROW] WGLC: draft-ietf-grow-simple-leak-atta… Danny McPherson
- Re: [GROW] WGLC: draft-ietf-grow-simple-leak-atta… Jared Mauch
- Re: [GROW] WGLC: draft-ietf-grow-simple-leak-atta… Danny McPherson
- Re: [GROW] WGLC: draft-ietf-grow-simple-leak-atta… Jared Mauch
- Re: [GROW] WGLC: draft-ietf-grow-simple-leak-atta… Nick Hilliard
- Re: [GROW] WGLC: draft-ietf-grow-simple-leak-atta… Christopher Morrow
- Re: [GROW] WGLC: draft-ietf-grow-simple-leak-atta… Tony Tauber