Re: [Int-area] xping and IPv6 Node Information Queries (????)
Ron Bonica <rbonica@juniper.net> Tue, 28 March 2017 23:04 UTC
Return-Path: <rbonica@juniper.net>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A408F126BFD for <int-area@ietfa.amsl.com>; Tue, 28 Mar 2017 16:04:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.922
X-Spam-Level:
X-Spam-Status: No, score=-1.922 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=junipernetworks.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RqOXnAP75hg3 for <int-area@ietfa.amsl.com>; Tue, 28 Mar 2017 16:04:30 -0700 (PDT)
Received: from NAM03-CO1-obe.outbound.protection.outlook.com (mail-co1nam03on0134.outbound.protection.outlook.com [104.47.40.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8D3F3128959 for <int-area@ietf.org>; Tue, 28 Mar 2017 16:04:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=junipernetworks.onmicrosoft.com; s=selector1-juniper-net; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Gbj4u94/NNZK4c0DkYWJ5+ZqcEWm7LKRup7G5yXaSFI=; b=efY5BrqKvDIX6InQnSjvES0/0Fv6tg4xJp5pvR9k92hH7FJuEQm8WkCKTci6jRYu488+lJEJ2G9vd9S9X/cX+B0LLcmVNxPQgZb6zlin8TAG0nZEr/CMgnrwlPcS9MGepGlmOtwTOrTHnvz0l/NJK96AjJj4x8Wd/rPB8KmKXdc=
Received: from BLUPR0501MB2051.namprd05.prod.outlook.com (10.164.23.21) by BLUPR0501MB2052.namprd05.prod.outlook.com (10.164.23.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1005.2; Tue, 28 Mar 2017 23:04:26 +0000
Received: from BLUPR0501MB2051.namprd05.prod.outlook.com ([10.164.23.21]) by BLUPR0501MB2051.namprd05.prod.outlook.com ([10.164.23.21]) with mapi id 15.01.1005.009; Tue, 28 Mar 2017 23:04:26 +0000
From: Ron Bonica <rbonica@juniper.net>
To: "int-area@ietf.org" <int-area@ietf.org>
Thread-Topic: xping and IPv6 Node Information Queries (????)
Thread-Index: AdKoF6JY+G71n70uSm6G7lQNOLOBlg==
Date: Tue, 28 Mar 2017 23:04:26 +0000
Message-ID: <BLUPR0501MB20518CF62E95CB1C482B3BEFAE320@BLUPR0501MB2051.namprd05.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=juniper.net;
x-originating-ip: [66.129.241.10]
x-microsoft-exchange-diagnostics: 1; BLUPR0501MB2052; 7:sSTEc2VZpDp6En7iJPTabpHfGmp8M6DR/GXYFdvQMsJ3CJqbFgwKXaHINucbul9y+DRDSaMSEmB/FVWEVphcM0eKpp5Cuq7hEG2zRsra5gtrWsfex9zedSzYWZE7E7s/n1Bsf1RRQNDDDlo9hVClfkohK+TVsfKclBMajpjqeh9P16iAPMCkfkwRBBQ0YGvazxdDZ9g8jeJxvSG6FpnBlt6iHPatygapYSuh9Bzum85f6hqBlwLbuobD0wn0ZvI0w6zc6b5FPk1zPzITF1kfML7BqpuqA+Knefd73vUQacF22GJH1jrLGQRKpJgXCbz2VWiGavckrs1tnIde6KsAKA==
x-ms-office365-filtering-correlation-id: bead4e5f-fa9b-462f-e1ec-08d4762ec831
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075)(48565401081)(201703131423067)(201703031133073)(201702281549067); SRVR:BLUPR0501MB2052;
x-microsoft-antispam-prvs: <BLUPR0501MB2052A6F408D463C3BA9E5048AE320@BLUPR0501MB2052.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(192374486261705);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040442)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001)(6055026)(6041248)(201703131423067)(201702281528067)(201703011903067)(201703061421067)(20161123564025)(20161123555025)(20161123562025)(20161123558025)(20161123560025)(6072148); SRVR:BLUPR0501MB2052; BCL:0; PCL:0; RULEID:; SRVR:BLUPR0501MB2052;
x-forefront-prvs: 0260457E99
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(39400400002)(39840400002)(39860400002)(39410400002)(39450400003)(39850400002)(25786009)(5640700003)(3660700001)(6436002)(54356999)(53546009)(9686003)(102836003)(6116002)(2906002)(50986999)(33656002)(8676002)(8936002)(86362001)(575784001)(77096006)(3280700002)(99286003)(3846002)(6506006)(55016002)(229853002)(122556002)(2501003)(74316002)(5660300001)(7736002)(2351001)(189998001)(6246003)(110136004)(38730400002)(305945005)(2900100001)(53936002)(66066001)(6916009)(7696004); DIR:OUT; SFP:1102; SCL:1; SRVR:BLUPR0501MB2052; H:BLUPR0501MB2051.namprd05.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Mar 2017 23:04:26.3055 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR0501MB2052
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/5KShUw4D5klvzAhkGWI_ceaiO34>
Subject: Re: [Int-area] xping and IPv6 Node Information Queries (????)
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Mar 2017 23:04:32 -0000
Hi Jinmei,
Nominally, XPING only returns the following information:
- Interface status (UP/DOWN/Does not exist)
- Protocols running on the interface (IPv4, IPv6)
Some additional information may be gleaned. We see this as a security issue and present mitigations. Please see the Security Considerations section.
Ron
>
> Message: 3
> Date: Tue, 28 Mar 2017 11:39:53 -0700
> From: ???? <jinmei@wide.ad.jp>
> To: Internet Area <Int-area@ietf.org>
> Subject: [Int-area] xping and IPv6 Node Information Queries
> Message-ID:
> <CAJE_bqf2=qxLVx-
> YKwbjA98A0FSmuZSDdx4fAn=s1rMhsgOKsw@mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
>
> The idea of xping reminded me of IPv6 Node Information Queries
> (RFC4620). In my understanding operators hated it because it was
> deemed to disclose too much information, and the feature is generally
> disabled by default if implemented. Maybe the xping draft refers to
> it and explains how these two are different (I've not read the entire
> text of xping yet - sorry).
>
> --
> JINMEI, Tatuya
>
>
>