IETF Logo Mail Archive

[homenet] about Babel security (questions for Juliusz Chroboczek)

Denis Ovsienko <denis@ovsienko.info> Fri, 29 June 2018 07:55 UTC

Return-Path: <denis@ovsienko.info>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 97D1112F295; Fri, 29 Jun 2018 00:55:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.501
X-Spam-Level:
X-Spam-Status: No, score=-1.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, GB_ABOUTYOU=0.5, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ovsienko.info
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZkHWZEpTHKpf; Fri, 29 Jun 2018 00:55:23 -0700 (PDT)
Received: from sender-of-o51.zoho.com (sender-of-o51.zoho.com [135.84.80.216]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E589D128BAC; Fri, 29 Jun 2018 00:55:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1530258918; s=zohomail; d=ovsienko.info; i=denis@ovsienko.info; h=Date:From:To:Message-ID:In-Reply-To:Subject:MIME-Version:Content-Type:Content-Transfer-Encoding; l=5823; bh=f0AzD0Mo5SFsAEaLWz4n6kETfjtRTQ/A48fHnxNHsoc=; b=PvcSrF22R5kByv8itleHaguNUwWUe6Ru7UL/vPFIabTEYALHty32qY4hOKopoUca la7Ik3v80AdLWSDp1LObJ4AtM5Xbclk0C8BqMqs/copGjlREiUnKr7JlfwPZNFWxAxb yZ7U0+wflS8Gq1qjq/VNAMgTO82BYJFt4r0E4RdE=
Received: from mail.zoho.com by mx.zohomail.com with SMTP id 153025891836956.753317683144246; Fri, 29 Jun 2018 00:55:18 -0700 (PDT)
Date: Fri, 29 Jun 2018 08:55:18 +0100
From: Denis Ovsienko <denis@ovsienko.info>
To: "\"Babel at IETF\"" <babel@ietf.org>, "\"homenet\"" <homenet@ietf.org>
Message-ID: <1644a8a0be0.b4caee6f16267.1270300104515944073@ovsienko.info>
In-Reply-To:
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Priority: Medium
User-Agent: Zoho Mail
X-Mailer: Zoho Mail
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet/U5NwUo7Y_xAlKy5wh89VaLcrTIU>
Subject: [homenet] about Babel security (questions for Juliusz Chroboczek)
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Jun 2018 07:55:25 -0000

Hello Juliusz.

This is about your contributions to the Babel and Homenet IETF working groups.

Given the apparent flood of Babel security related messages you are sending to the Babel WG mailing list, I find it necessary to try putting it into proper context. I tried to attack the problem rather than the person, it is up to you to tell whether I managed to do that or not. In either case, I tried to leave you room to defend yourself and to correct me if I am wrong.

A fact is, the Babel WG charter among other things has been saying: "Address security needs for BABEL. This may include using the techniques in RFC 7298, or other alternatives."

Another fact is, in early 2016 you were promoting the pre-IETF Babel work before and at the Babel BoF and claimed that besides the HMAC (then RFC 7298) approach to Babel security there was another viable alternative, namely, "Stenberg-style security". You were promoting the idea that the Babel WG should evaluate both mechanisms and choose the best.

* Q1: Do you acknowledge these two facts and do you agree they are directly related? (yes/no, please explain if "no")


The specification of "Stenberg-style security" for Babel was never published. It is June 2018 and I have never seen it, although I asked to.

* Q2: In 2016 did you know "Stenberg-style security" for Babel did not exist as a workable WG item in the first place? (yes/no)

* Q3: Why were you promoting a WG option that either you didn't verify exists in the first place (if "no" above) or you definitely knew does not exist (if "yes" above)? Please explain.


At some point between 2016 and 2017 you stopped mentioning "Stenberg-style security" and began to promote DTLS for Babel security. The first "running code" prototypes (not implementations) of Babel DTLS began to be discussed between late 2017 and early 2018 (as far as I could see in the mailing list archive). It is June 2018 and I have never seen the DTLS Babel security specification, although I have asked to.

* Q4: In 2016-2018 did you know a specification for the "DTLS" Babel security did not exist as a workable WG item? (yes/no)

* Q5: same as Q3


Whichever the name of it, mentions of the "alternative" Babel security have consistently been in your regular IETF slides, talks and status updates in the Babel and Homenet WGs, and occasionally elsewhere at IETF. This statement is as factual as the IETF meeting materials and witness of IETF participants including myself.

* Q6: Do you agree your long-time presenting effort had created and maintained an impression that the "alternative" security option was viable and workable by the Babel WG, regardless of its actual status at the time? (yes/no, please explain if "no")

* Q7: If "yes" to Q6, was this impression what you intentionally were trying to achieve? (yes/no, please explain if "no")

* Q8: If "yes" to Q6, do you agree this impression has been influencing decision making in both Babel and Homenet WGs? (yes/no, please explain if "no")

* Q9: Do you agree the end effect was that the work on HMAC Babel security was held back in the Babel WG? (yes/no, please explain if "no")


In May 2018 the Babel WG had reached the decision not to adopt the HMAC I-D (7298bis) as a working group document. The adoption call lasted for more than 60 days, so every participant had a chance to comment. You supported the adoption at first and later withdrew your opinion in the course of the call.

* Q10: After the WG decision about HMAC (which was in line with your latest position at the time) are you still maintaining that choosing between HMAC and DTLS would benefit the Babel WG? (yes/no, please explain if "yes")

* Q11: If "no", could you explain why did not you denounce the idea on the mailing list with appropriate comments?


Up to this point I could state I understand certain things even if I do not like them. Such as, for example, effectively saying "security is not my problem" in the Homenet Babel profile, or the need to consider DTLS for Babel security, or the decision not to use HMAC. But I kept getting out of the path, as that's what I expect from other people when I am working on something.

Now there is something that I cannot understand in the first place: after the Babel WG decision you started to post HMAC-related messages to the mailing list.

* Q12: Do you agree, in the sense of your own long time "DTLS or HMAC" idea and the claimed viability of DTLS, that the most consistent next step would be to work towards the adoption of a DTLS Babel security mechanism document? (yes/no, please explain if "no")

* Q13: If "yes", could you explain in detail why you started to draw so much attention to HMAC after the WG decision and do not bring up DTLS anymore?


I have tried to find (in the first few dozens of your messages) the supposed technical problem you are trying to solve. I could not see a sound technical point not already addressed in RFC 7298, 7298bis I-D or the mailing list discussion before and during the adoption call of 7298bis (including the replay attack you had described and I had addressed). This impression may be wrong, but I believe I have studied those messages well enough to make this statement.

* Q14: Could you clarify in proper technical terms what exact technical problem you suddenly started to solve and why?


I am sorry if this message upsets you, but please note it concerns only your voluntary activity within IETF. Its purpose is not to block progress, but rather to avoid another couple years of talking/walking in circles.

I have a few more pending comments to make on your older messages, including outstanding non-security technical issues in the Babel WG documents. I hope to send them separately later.

Thank you.

-- 
    Denis Ovsienko

v2.23.0 | Report a Bug | By Email