Re: [Idr] Last Call: <draft-ietf-idr-shutdown-08.txt> (BGP Administrative Shutdown Communication) to Proposed Standard

Robert Raszuk <robert@raszuk.net> Mon, 08 May 2017 20:39 UTC

Return-Path: <rraszuk@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E17E1293DF; Mon, 8 May 2017 13:39:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.398
X-Spam-Level:
X-Spam-Status: No, score=-2.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LKH2AvEdCakK; Mon, 8 May 2017 13:39:20 -0700 (PDT)
Received: from mail-io0-x236.google.com (mail-io0-x236.google.com [IPv6:2607:f8b0:4001:c06::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 44A611292D3; Mon, 8 May 2017 13:39:20 -0700 (PDT)
Received: by mail-io0-x236.google.com with SMTP id p24so58308533ioi.0; Mon, 08 May 2017 13:39:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=MRE7dw18+GPlLwDWi4N28Hk57UnqG8rMuNVlRWHwWhw=; b=kg08J0L0uLMMi+kil20V443s0QKMbez1hT9qSXm5c/60Rtc22lsQOUOEPDSTOKDBmI X9MLtm0xz89mXApzFE0FqWufrJ0LDnUzglANRrKX0giZk1iez+MhMdIEHJf+/nbHuKw7 eOEqC1+ZUdEokZoJH4prIYXHYZsrcPUoQTyJED+7S/junUGpu6UfNr0Hj4Z3fqFgDGcZ JX+5FHFTHDprVxzKyz0wOC92EODSIQbb2cCpWDQgjU1RUh5yb/FL/vo/JisUXALj/aRg cVQI2tFaNiV/FUDNj3WSrsHCKw/pMtwu/K8DjVAcAZ8RbTH9RVsGZloPRrTgsgdkvAUi VRjw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=MRE7dw18+GPlLwDWi4N28Hk57UnqG8rMuNVlRWHwWhw=; b=cr6Ev7TVmqCSrkfAFD6/wxHlNpqYA2g/iqHl5KYLGRuzUE7ieC6gYF+JZRr3W1C2dv gPDgAdWmIWB+RWDxOj/mj/gTJdeSGF0t38Q/5uiIdEH5OBVZsYIHfHJASqNjnba9liDm hUsHF6XMs1gpCSbkLmfn3xffn8vNeJb1hZS8b3DPzXJcaPbZLl56ar81fjWZwiCH9sd3 NmKrCtLoJ2u3qFRrhURXO9slTnvUOUAnb+th6OBIzVANk/QvBlhjEqucB6mBFIAl3LGF zWBLWLT7i7ms8nsROpuRv55LWjDSISvl82PcAwTwTNpmwErKHPPBMcfZbXfqgaOeY1VC l0SA==
X-Gm-Message-State: AN3rC/5WgAy0oTh0iMAZF/ONSJBJjH4hlnvLqymF5y4xFI2paGdAm3cg rc9tr1VnI2/Ol1MSXWgpiFGgiHJk/g==
X-Received: by 10.107.5.12 with SMTP id 12mr51133662iof.186.1494275959595; Mon, 08 May 2017 13:39:19 -0700 (PDT)
MIME-Version: 1.0
Sender: rraszuk@gmail.com
Received: by 10.79.62.24 with HTTP; Mon, 8 May 2017 13:39:18 -0700 (PDT)
In-Reply-To: <CACWOCC96qHdFNC7dDVLaGgtkVHY_ftSPScggX-yEXhigqpRx2Q@mail.gmail.com>
References: <149400686065.8457.16928207738917615877.idtracker@ietfa.amsl.com> <9d8cf31a-fc21-096b-543e-58750894a22a@cisco.com> <a9996bc76e604acfbe797389ed0d81f6@XCH-ALN-014.cisco.com> <6a3bfb3a-fd06-4291-b3f2-abb92f70ec04@cisco.com> <CACWOCC_mRwMXhrQFzNKin2G4VvT6GoGMGQQiW-rss_5kRY3Yrw@mail.gmail.com> <CA+b+ER=WoxhLN_xNw1e=HvxJbyVo7nDokrXF04Kt2nC7gV6=kA@mail.gmail.com> <CACWOCC96qHdFNC7dDVLaGgtkVHY_ftSPScggX-yEXhigqpRx2Q@mail.gmail.com>
From: Robert Raszuk <robert@raszuk.net>
Date: Mon, 8 May 2017 22:39:18 +0200
X-Google-Sender-Auth: Xwm23bC7F9km8ZNxdoY823dGNtE
Message-ID: <CA+b+ERnJCZ3NPne-V8=3UvgeY=qVGRXSBBtJVnkpP0dyzVtUcA@mail.gmail.com>
To: Job Snijders <job@ntt.net>
Cc: Enke Chen <enkechen@cisco.com>, "Jakob Heitz (jheitz)" <jheitz@cisco.com>, "draft-ietf-idr-shutdown@ietf.org" <draft-ietf-idr-shutdown@ietf.org>, "idr-chairs@ietf.org" <idr-chairs@ietf.org>, "idr@ietf.org" <idr@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>
Content-Type: multipart/alternative; boundary=001a113ef634c4ab8e054f093b04
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/_Tc6pB2ZSGnWG8r8YmPE6lT8_gY>
Subject: Re: [Idr] Last Call: <draft-ietf-idr-shutdown-08.txt> (BGP Administrative Shutdown Communication) to Proposed Standard
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 May 2017 20:39:22 -0000

Then this is not "visual spoofing"  ... you are just protecting from forms
of "visual attacks"

Best,
R.

On Mon, May 8, 2017 at 10:36 PM, Job Snijders <job@ntt.net> wrote:

> Hi Robert,
>
> The reference is to a different type of visual spoofing. The idea was to
> limit the string length to prevent spoofing of additional syslog messages
> or other fake cli output.
>
> We already covered the extensibility aspect in the working group.
>
> Kind regards,
>
> Job
>
> On Mon, 8 May 2017 at 22:28, Robert Raszuk <robert@raszuk.net> wrote:
>
>> Hi Job,
>>
>> Assuming that by "visual spoofing" you really mean this:
>> http://websec.github.io/unicode-security-guide/visual-spoofing/ how does
>> limiting the length of the field helps to minimize it ?
>>
>> It is UTF which is a problem here regardless of the length.
>>
>> Ok so we leave 129-255 for further use .. brilliant. Assume someone comes
>> tomorrow and has a great use case for sending one byte of information in
>> the cease. So he defines length 129 right ? And even if operator did not
>> type anything for the "shutdown case" ... first 128 bytes goes empty, then
>> goes one newly defined octet. Is this really how protocol encoding should
>> be done in 2017 ? Is concept of TLV so complex ?
>>
>> Cheers,
>> R.
>>
>>
>> On Mon, May 8, 2017 at 9:46 PM, Job Snijders <job@ntt.net> wrote:
>>
>>>
>>> On Mon, 8 May 2017 at 21:36, Enke Chen <enkechen@cisco.com> wrote:
>>>
>>>> I understand this is not a good use of time.  But since it is in the
>>>> spec, I would like to understand the reasons.  If there are good reasons
>>>> for doing things differently, then they should be documented in the spec
>>>> so that people do not question again.
>>>
>>>
>>>
>>> In the security section: "This specification minimizes the effects of
>>> visual spoofing by limiting the length of the Shutdown Communication."
>>>
>>> On 5/8/17 12:13 PM, Jakob Heitz (jheitz) wrote:
>>>> > It is deliberately kept short to minimize the potential for abuse.
>>>>
>>>> 128 is ok, and 129- 255 would be considered abuse?
>>>
>>>
>>> Those are an error according to the draft.
>>>
>>> Kind regards,
>>>
>>> Job
>>>
>>>
>>> _______________________________________________
>>> Idr mailing list
>>> Idr@ietf.org
>>> https://www.ietf.org/mailman/listinfo/idr
>>>
>>>