[i2rs] review of draft-hares-i2rs-auth-trans-04.txt
Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> Mon, 20 July 2015 22:19 UTC
Return-Path: <j.schoenwaelder@jacobs-university.de>
X-Original-To: i2rs@ietfa.amsl.com
Delivered-To: i2rs@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA52E1A877E for <i2rs@ietfa.amsl.com>; Mon, 20 Jul 2015 15:19:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.86
X-Spam-Level:
X-Spam-Status: No, score=-3.86 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 09YMsevTEtnB for <i2rs@ietfa.amsl.com>; Mon, 20 Jul 2015 15:19:16 -0700 (PDT)
Received: from atlas3.jacobs-university.de (atlas3.jacobs-university.de [212.201.44.18]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AAE651A877B for <i2rs@ietf.org>; Mon, 20 Jul 2015 15:19:15 -0700 (PDT)
Received: from localhost (demetrius5.irc-it.jacobs-university.de [10.70.0.222]) by atlas3.jacobs-university.de (Postfix) with ESMTP id 7712B14DC for <i2rs@ietf.org>; Tue, 21 Jul 2015 00:19:13 +0200 (CEST)
X-Virus-Scanned: amavisd-new at jacobs-university.de
Received: from atlas3.jacobs-university.de ([10.70.0.220]) by localhost (demetrius5.jacobs-university.de [10.70.0.222]) (amavisd-new, port 10030) with ESMTP id YfqmqPtbuJCL for <i2rs@ietf.org>; Tue, 21 Jul 2015 00:19:12 +0200 (CEST)
Received: from hermes.jacobs-university.de (hermes.jacobs-university.de [212.201.44.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hermes.jacobs-university.de", Issuer "Jacobs University CA - G01" (verified OK)) by atlas3.jacobs-university.de (Postfix) with ESMTPS for <i2rs@ietf.org>; Tue, 21 Jul 2015 00:19:12 +0200 (CEST)
Received: from localhost (demetrius3.jacobs-university.de [212.201.44.48]) by hermes.jacobs-university.de (Postfix) with ESMTP id 1DCB420039 for <i2rs@ietf.org>; Tue, 21 Jul 2015 00:19:13 +0200 (CEST)
X-Virus-Scanned: amavisd-new at jacobs-university.de
Received: from hermes.jacobs-university.de ([212.201.44.23]) by localhost (demetrius3.jacobs-university.de [212.201.44.32]) (amavisd-new, port 10024) with ESMTP id qoplujcEpzEj; Tue, 21 Jul 2015 00:19:12 +0200 (CEST)
Received: from elstar.local (elstar.jacobs.jacobs-university.de [10.50.231.133]) by hermes.jacobs-university.de (Postfix) with ESMTP id 1FCC420036; Tue, 21 Jul 2015 00:19:11 +0200 (CEST)
Received: by elstar.local (Postfix, from userid 501) id 55A113545494; Tue, 21 Jul 2015 00:19:10 +0200 (CEST)
Date: Tue, 21 Jul 2015 00:19:10 +0200
From: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
To: i2rs@ietf.org
Message-ID: <20150720221910.GA17835@elstar.local>
Mail-Followup-To: i2rs@ietf.org
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.4.2.3i
Archived-At: <http://mailarchive.ietf.org/arch/msg/i2rs/CnBDV53s9yJAyruUyuxj_0XNpOw>
Subject: [i2rs] review of draft-hares-i2rs-auth-trans-04.txt
X-BeenThere: i2rs@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
List-Id: "Interface to The Internet Routing System \(IRS\)" <i2rs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2rs>, <mailto:i2rs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2rs/>
List-Post: <mailto:i2rs@ietf.org>
List-Help: <mailto:i2rs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2rs>, <mailto:i2rs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jul 2015 22:19:17 -0000
Hi,
I looked at this document from the perspective of NETCONF/RESTCONF and
here are some comments I wrote down while reading the document:
a) I assume the following two requirements are simply a bit badly
worded but not harmful:
o SEC-REQ-03: An I2RS agent, upon receiving an I2RS message from a
client, MUST confirm that the client has a valid identity.
o SEC-REQ-04: The client, upon receiving an I2RS message from an
agent, MUST confirm the I2RS agent's identity.
b) The point here is that for protocols that use a secure transport,
authentication typically takes place when a secure transport is
established and not when I2RS messages are received.
o SEC-REQ-08: Each Identity is associated with one secondary
identity during a particular read/write sequence, but the
secondary identity may vary during the time a connection between
the I2RS client and I2RS agent is active. The variance of the
secondary identity allows the I2rs client to be associated with
multiple applications and pass along an identifier for these
applications in the secondary identifier.
Not really a security requirement I would say. Not sure it needs to
stay in the security requirements document.
c) This part of SEC-REQ-10 is somewhat unclear:
[...] In addition, the key management
mechanisms need to be able to update the keys before they have lost
sufficient security strengths, without breaking the connection
between the agents and clients.
It is unclear which keys are meant. Security protocols usually have
keys to authenticate communicating parties, they typically generate
a session master key and they usually derive the currently used
encryption key from the session master key and they usually perform
automated rekeying. If this refers to authentication keys, then key
updates usually do not impact existing sessions.
d) It remains unclear what that following means in practice:
SEC-REQ-12: The I2RS Client and I2RS Agent protocol SHOULD implement
mechanisms that mitigate DoS attacks
e) I find it kind of surprising that the security requirements
document allows for non-secure channels. This should be checked
with the security directorate.
f) Section 2.4.1 seems to be a misplaced protocol requirement - this
is pretty much unrelated to security from what I can tell.
/js
--
Juergen Schoenwaelder Jacobs University Bremen gGmbH
Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany
Fax: +49 421 200 3103 <http://www.jacobs-university.de/>
- [i2rs] review of draft-hares-i2rs-auth-trans-04.t… Juergen Schoenwaelder
- Re: [i2rs] review of draft-hares-i2rs-auth-trans-… Susan Hares
- Re: [i2rs] review of draft-hares-i2rs-auth-trans-… Juergen Schoenwaelder