Secdir early review of draft-ietf-babel-hmac-00
Robert Sparks <rjsparks@nostrum.com> Thu, 01 November 2018 21:59 UTC
Return-Path: <rjsparks@nostrum.com>
X-Original-To: ietf@ietf.org
Delivered-To: ietf@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E46712958B; Thu, 1 Nov 2018 14:59:58 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Robert Sparks <rjsparks@nostrum.com>
To: secdir@ietf.org
Cc: draft-ietf-babel-hmac.all@ietf.org, ietf@ietf.org, babel@ietf.org
Subject: Secdir early review of draft-ietf-babel-hmac-00
X-Test-IDTracker: no
X-IETF-IDTracker: 6.87.2
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <154110959830.29553.6414151772410048476@ietfa.amsl.com>
Date: Thu, 01 Nov 2018 14:59:58 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/2LBEwk8crszkdBdZssVfk70tP9E>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Nov 2018 21:59:58 -0000
Reviewer: Robert Sparks Review result: Has Issues This is an early secdir review of draft-ietf-babel-hmac-00 Summary: There are issues in the draft to address Issues: The pseudo-header is IPv4-centric. The protocol allows for multiple HMAC algorithms, but has no mechanism for signaling which one was used. The MUST NOT at the top of page 8 will need to be adjusted after that's worked out. Discussion of what to do at a verifying peer that doesn't implement a chosen algorithm is also needed. Nits: The claim in 1.1 about not requiring persistent storage is contradicted by the definition of the protocol. At the very least, there is the need to persist the most recent (index,PC) seen. The third bullet at the top of page 4 (among different nodes) has its actors confused. As stated, communication between A and C is irrelevant to the communication between B and C. It would be worth building an example of bootstrapping the protocol between two peers that have no previous knowledge of each other. It's concerning to see a document (even a 00) whose point is to secure a protocol have no discussion at all in the Security Considerations section. It will help refine the document to create and maintain a summary of the important security points in this section going forward.
- Secdir early review of draft-ietf-babel-hmac-00 Robert Sparks
- Re: [babel] Secdir early review of draft-ietf-bab… Juliusz Chroboczek
- Re: [babel] Secdir early review of draft-ietf-bab… Robert Sparks
- Re: [babel] Secdir early review of draft-ietf-bab… Juliusz Chroboczek