Re: [Hipsec] Kathleen Moriarty's No Objection on draft-ietf-hip-multihoming-11: (with COMMENT)

Tom Henderson <tomhend@u.washington.edu> Sun, 18 September 2016 16:56 UTC

Return-Path: <tomhend@u.washington.edu>
X-Original-To: hipsec@ietfa.amsl.com
Delivered-To: hipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3137712B144; Sun, 18 Sep 2016 09:56:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.516
X-Spam-Level:
X-Spam-Status: No, score=-6.516 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-2.316, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZoZX0KJtQj4u; Sun, 18 Sep 2016 09:56:03 -0700 (PDT)
Received: from mxout24.cac.washington.edu (mxout24.cac.washington.edu [140.142.234.158]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3ED3712B13B; Sun, 18 Sep 2016 09:56:02 -0700 (PDT)
Received: from hymn04.u.washington.edu (hymn04.u.washington.edu [140.142.8.72]) by mxout24.cac.washington.edu (8.14.4+UW14.03/8.14.4+UW16.03) with ESMTP id u8IGtUJc002485 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 18 Sep 2016 09:55:31 -0700
Received: from hymn04.u.washington.edu (localhost [127.0.0.1]) by hymn04.u.washington.edu (8.14.4+UW14.03/8.14.4+UW16.03) with ESMTP id u8IGtR5J004576; Sun, 18 Sep 2016 09:55:27 -0700
Received: from localhost (Unknown UID 17623@localhost) by hymn04.u.washington.edu (8.14.4+UW14.03/8.14.4+Submit-local) with ESMTP id u8IGtRmF004573; Sun, 18 Sep 2016 09:55:27 -0700
X-Auth-Received: from [73.140.18.44] by hymn04.u.washington.edu via HTTP; Sun, 18 Sep 2016 09:55:26 PDT
Date: Sun, 18 Sep 2016 09:55:27 -0700 (PDT)
From: Tom Henderson <tomhend@u.washington.edu>
To: Kathleen.Moriarty.ietf@gmail.com
Message-ID: <alpine.LRH.2.01.1609180955270.32623@hymn04.u.washington.edu>
User-Agent: Web Alpine 2.01 (LRH 1302 2010-07-20)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Content-Transfer-Encoding: 8BIT
X-PMX-Version: 6.2.1.2493963, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2016.9.18.164817
X-PMX-Server: mxout24.cac.washington.edu
X-Uwash-Spam: Gauge=IIIIIIIII, Probability=9%, Report=' MULTIPLE_RCPTS 0.1, HTML_00_01 0.05, HTML_00_10 0.05, SUPERLONG_LINE 0.05, BODYTEXTP_SIZE_3000_LESS 0, BODY_SIZE_1900_1999 0, BODY_SIZE_2000_LESS 0, BODY_SIZE_5000_LESS 0, BODY_SIZE_7000_LESS 0, DATE_TZ_NA 0, LEGITIMATE_NEGATE 0, LEGITIMATE_SIGNS 0, MSG_THREAD 0, MULTIPLE_REAL_RCPTS 0, NO_CTA_URI_FOUND 0, NO_URI_FOUND 0, NO_URI_HTTPS 0, __BOUNCE_CHALLENGE_SUBJ 0, __BOUNCE_NDR_SUBJ_EXEMPT 0, __CC_NAME 0, __CC_NAME_DIFF_FROM_ACC 0, __CC_REAL_NAMES 0, __CP_NOT_1 0, __CT 0, __CTE 0, __CT_TEXT_PLAIN 0, __FORWARDED_MSG 0, __HAS_CC_HDR 0, __HAS_FROM 0, __HAS_MSGID 0, __MIME_TEXT_ONLY 0, __MIME_TEXT_P 0, __MIME_TEXT_P1 0, __MIME_VERSION 0, __MULTIPLE_RCPTS_CC_X2 0, __SANE_MSGID 0, __SUBJ_ALPHA_NEGATE 0, __TO_MALFORMED_2 0, __TO_NO_NAME 0, __USER_AGENT 0'
Archived-At: <https://mailarchive.ietf.org/arch/msg/hipsec/emj2Z_bnoduLtz8V93PXGIrwJKQ>
Cc: draft-ietf-hip-multihoming@ietf.org, hip-chairs@ietf.org, The IESG <iesg@ietf.org>, hipsec@ietf.org
Subject: Re: [Hipsec] Kathleen Moriarty's No Objection on draft-ietf-hip-multihoming-11: (with COMMENT)
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hipsec/>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 18 Sep 2016 16:56:04 -0000

Hi Kathleen, thank you for your comment.

On 09/13/2016 12:22 PM, Kathleen Moriarty wrote:
> Kathleen Moriarty has entered the following ballot position for
> draft-ietf-hip-multihoming-11: No Objection
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
> 
> I'm wondering if split-tunneling should be listed as a security
> consideration.  I see the following in section 4.1 that might be used to
> help prevent split tunneling:
>    In the outbound direction, as a result of SPD processing, when
>    an outbound SA is selected, the correct IP destination address for
>    the peer must also be assigned.
> 
> Then also the entirety of section 4.3.
> 
> I read this as split tunneling could be an issue in some circumstances
> depending on policy and it might be good to mention this in the security
> considerations section.  Or let me know if I am missing some background
> that would prevent split tunneling so implementers don't need to be made
> aware of this consideration.

>From my recollection, support (or prevention) of split tunneling was not a consideration of these parts of the text.  The first sentence you quote from 4.1 was intended as a hint to implementers that there is this additional level of indirection with HIP that must be managed (mapping of SA to IP address) when multihoming is in use.  Section 4.3 is mainly about how to manage the possibly large number of valid SA configurations that could arise from multihoming.

My understanding of the common use of the term 'split tunneling' is that it pertains to VPN tunnel situations where some set of connections should be tunneled but others not.  In HIP, the security association is end-to-end and the same VPN scenario is not applicable, so by split tunnel, do you mean that some transport sessions between two hosts are within HIP/ESP protection and others not?

- Tom