Re: [Homenet-babel-sec] Security Design Team - July is coming!

Jehan Tremback <jehan.tremback@gmail.com> Tue, 23 May 2017 18:55 UTC

Return-Path: <jehan.tremback@gmail.com>
X-Original-To: homenet-babel-sec@ietfa.amsl.com
Delivered-To: homenet-babel-sec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B6BA8129BC6; Tue, 23 May 2017 11:55:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V0hKkwcMFu5H; Tue, 23 May 2017 11:55:12 -0700 (PDT)
Received: from mail-wm0-x230.google.com (mail-wm0-x230.google.com [IPv6:2a00:1450:400c:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AB5C91270AC; Tue, 23 May 2017 11:55:11 -0700 (PDT)
Received: by mail-wm0-x230.google.com with SMTP id b84so36463129wmh.0; Tue, 23 May 2017 11:55:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=nlmZFtI87mNWmncXs/rvaqVjueL4DlOdkxI/dSVQW4o=; b=h2QCCS9KzZ8lzo3Ripd4Wpr4AQfc3E1CspBQHWrYpRRG6g0c7WRQuca+93sX023Nq1 XYZsEF76ylnAS5cFbiWa3tcF3tAc7G0sUBXX8HLxULbUkefHaQStTWSVy9kWqF9U7zTx BNihINbnNbVTDiBbp41glwCqSZULtfmK+0vGSzeDnaUrg5MOH4+SFoJpjTVU8ZsPmN6L AL2O8Axn4jn3p7o2e6h67lhHyBof4YFuThXYPCRTKQVyH83kN8sF1SquN7c6aYbe9sbF zpa5Gv1Zd7+Y2kR3JGomFvvltL7fNT1jj1kqP2QIZldUwqD7834x292Umiagsa1RlpQ2 7SEg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=nlmZFtI87mNWmncXs/rvaqVjueL4DlOdkxI/dSVQW4o=; b=pRD1tvmr+xQHdS7WpmQl2fabiumpZ8u9a6zIlrKBgWL1Qo5sbDgydGr8IOto7ieaf8 aSo33vDA0EJh1UFPbC66KYKG95epYKa65z9g7cevjtsCPGD38gOfwOEGOE/SLtTtxHjL axCiurOoMvIo6qUrI8L10CqYnf8Tfr/n8TWZsia1SWL3bcVs+puhWhxr9an00tW6JEjF gdO0KMAeCVFj/ExdUKMe+NIbMMog6nL/e06zoLA/4Ag/nhxUjUZAtSHoI6Lftkw65x7R NBwBiI0iyDWLo30zI4msLRMdNhxp1/wfuFkStmc1iVGZwdBXUeiJE9H60L1Hg7G2gMdU 3wPg==
X-Gm-Message-State: AODbwcCceGFTEjVC4udG3uyQVaGA5CpGkIO1XSNUgzHlt5BsubKMXuye ytMOq0EKXuLH7JpmkdtNIOQei3D6Zw==
X-Received: by 10.223.150.167 with SMTP id u36mr17065663wrb.184.1495565710092; Tue, 23 May 2017 11:55:10 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.223.134.131 with HTTP; Tue, 23 May 2017 11:55:09 -0700 (PDT)
In-Reply-To: <7i4lwb33gq.wl-jch@irif.fr>
References: <5255AA16-3DA8-418B-8533-B87F1CA78A72@townsley.net> <168E460A-29A7-4AA1-9232-6A777F8F93DE@fugue.com> <A1A2DC72-FAB0-4E9E-826A-7F15A4110D70@apple.com> <7i4lwb33gq.wl-jch@irif.fr>
From: Jehan Tremback <jehan.tremback@gmail.com>
Date: Tue, 23 May 2017 11:55:09 -0700
Message-ID: <CABG_PfQ77XKSHyYrxWcadqOnrbvnO6VgiL6SWbxB2fdjyZOyxg@mail.gmail.com>
To: Juliusz Chroboczek <jch@irif.fr>
Cc: David Schinazi <dschinazi@apple.com>, Mark Townsley <mark@townsley.net>, Ted Lemon <mellon@fugue.com>, homenet-babel-sec@ietf.org, babel@ietf.org
Content-Type: multipart/alternative; boundary="f403045f4e0ce3771a0550358681"
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet-babel-sec/rIQ8oJCzMnnv6P1qpapjWExijpw>
Subject: Re: [Homenet-babel-sec] Security Design Team - July is coming!
X-BeenThere: homenet-babel-sec@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Homenet Babel Security <homenet-babel-sec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet-babel-sec>, <mailto:homenet-babel-sec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet-babel-sec/>
List-Post: <mailto:homenet-babel-sec@ietf.org>
List-Help: <mailto:homenet-babel-sec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet-babel-sec>, <mailto:homenet-babel-sec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 May 2017 18:55:14 -0000

Hey, I just read through the minutes, wondering if someone has a concise
definition of the threat model we are trying to guard against. I assume
it's to prevent attackers from showing up and sending out bogus routing
messages to bork or DOS the network?

-Jehan

On Tue, May 23, 2017 at 10:09 AM, Juliusz Chroboczek <jch@irif.fr> wrote:

> > I think we were waiting for proponents of each alternative to write code.
>
> Oh, I missed this bit.
>
> I was going to bully everyone into working on that, but then Gwendoline
> and Matthieu convinced me to add mandatory bits to the spec, so I've been
> working on that, as I'd like the mandatory bits work to be ready before we
> introduce more changes.
>
> FWIW, mandatory bits are implemented in both babeld and sbabeld, and I've
> got the spec written down.  Unfortunately, I did it in an obsolete git
> branch, so I need to do some merging and wordsmithing before I can push.
> (Automatic git merges on natural language documents are not quite
> reliable.)
>
> -- Juliusz
>
> _______________________________________________
> Homenet-babel-sec mailing list
> Homenet-babel-sec@ietf.org
> https://www.ietf.org/mailman/listinfo/homenet-babel-sec
>