Re: [Idr] Adam Roach's No Objection on draft-ietf-idr-shutdown-08: (with COMMENT)

Adam Roach <adam@nostrum.com> Wed, 24 May 2017 18:44 UTC

Return-Path: <adam@nostrum.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 82A611294E7; Wed, 24 May 2017 11:44:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.881
X-Spam-Level:
X-Spam-Status: No, score=-1.881 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qsDjOuQWt_QJ; Wed, 24 May 2017 11:44:15 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6333B129422; Wed, 24 May 2017 11:44:15 -0700 (PDT)
Received: from Svantevit.roach.at (cpe-70-122-154-80.tx.res.rr.com [70.122.154.80]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id v4OIiC8x083240 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Wed, 24 May 2017 13:44:13 -0500 (CDT) (envelope-from adam@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host cpe-70-122-154-80.tx.res.rr.com [70.122.154.80] claimed to be Svantevit.roach.at
To: Job Snijders <job@ntt.net>, Robert Raszuk <robert@raszuk.net>, The IESG <iesg@ietf.org>, aretana@cisco.com, draft-ietf-idr-shutdown@ietf.org, idr@ietf.org, idr-chairs@ietf.org, skh@ndzh.com
References: <149559358944.28506.18362121959782542849.idtracker@ietfa.amsl.com> <CA+b+ERmg33vdOywz=Krw_30vdwWpMYLS_EZRSE+bfrHcS12GUA@mail.gmail.com> <CA+b+ERmamUOaUjnNX2FM0Qh+S7Gz-7f7PVHXiVzczZg2rvMtwQ@mail.gmail.com> <CA+b+ERnyJAU4xe6EiwsER9gG3Np9L6F4aEQWt0ZT405mzYg5wg@mail.gmail.com> <53c58824-e5fa-88e1-b092-b2e285906514@nostrum.com> <CACWOCC86iDeFEceWG3P3W0UQEXTZXb2ogwuwrQ8OApFThWafcQ@mail.gmail.com>
From: Adam Roach <adam@nostrum.com>
Message-ID: <0b729dc2-03cb-1ee0-18c2-aa40c454617f@nostrum.com>
Date: Wed, 24 May 2017 13:44:12 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:52.0) Gecko/20100101 Thunderbird/52.1.0
MIME-Version: 1.0
In-Reply-To: <CACWOCC86iDeFEceWG3P3W0UQEXTZXb2ogwuwrQ8OApFThWafcQ@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/mz9lTXdhB5xvuy6oCIcs9QvqPqk>
Subject: Re: [Idr] Adam Roach's No Objection on draft-ietf-idr-shutdown-08: (with COMMENT)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 May 2017 18:44:18 -0000

On 5/24/17 1:15 PM, Job Snijders wrote:
>
> I consider it somewhat out of scope for the document to define, 
> specify and teach people what "visual spoofing attacks" are.
>

So, the problem here is that "visual spoofing attack" actually does have 
a meaning that some implementors are likely to be familiar with (see, 
e.g., google results for searching for that phrase: 
<https://www.google.com/search?q="visual+spoofing+attacks">), and -- as 
a term of art, at least -- it refers to homoglyphs and confusables. As I 
initially mentioned, the impact of homographs and confusables on 
human-to-human communication is not immediately obvious, and -- 
especially based on this...

> We'll remove the sentence about "confusion character", you are right 
> that it doesn't add much.
>

...not what you actually mean. So if you're using the phrase "visual 
spoofing attacks" in a way that runs counter to the well-established 
meaning used by that phrase as a term of art, then I *do* think it is 
incumbent on you to clarify what you mean, since it is likely to diverge 
from what readers interpret those words to mean.

I understand your request for me to send text, but I'm still slightly 
perplexed about the exact issue you are trying to highlight, so I'll 
probably get it somewhat wrong. Here's an attempt:

1) Completely remove this text:

    However, the visual
    spoofing due to character confusion still persists.  This
    specification minimizes the effects of visual spoofing by limiting
    the length of the Shutdown Communication.

2) Between the first and second paragraph, add the following:

"As BGP Shutdown messages are likely to appear in syslog output, there 
is a risk that carefully formed Shutdown Communication fields might be 
formatted by receiving systems in a way to make them appear as 
additional syslog messages. To limit the ability to mount such an 
attack, the mechanism described in this document limits the length of 
BGP Shutdown Communication fields to 128 octets in length."

To be clear, I don't believe the mitigation proposed is a particularly 
good solution to the problem. I'm just proposing this text as my 
interpretation of what you seem to be claiming the existing text is 
supposed to say. If you can verify that the text I propose above is an 
accurate representation of the concern, then we can open a discussion 
around whether the mitigation is appropriate.

/a