IETF Logo Mail Archive

Re: [Int-dir] Intdir early review of draft-ietf-ipwave-ipv6-over-80211ocb-34 - shortening the opaque IID text

Alexandre Petrescu <alexandre.petrescu@gmail.com> Mon, 08 April 2019 10:15 UTC

Return-Path: <alexandre.petrescu@gmail.com>
X-Original-To: int-dir@ietfa.amsl.com
Delivered-To: int-dir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A96451202CD; Mon, 8 Apr 2019 03:15:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.633
X-Spam-Level:
X-Spam-Status: No, score=-2.633 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_FROM=0.001, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_DNSWL_MED=-2.3, SPF_SOFTFAIL=0.665] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LwUzKdB5-ngb; Mon, 8 Apr 2019 03:15:29 -0700 (PDT)
Received: from sainfoin-smtp-out.extra.cea.fr (sainfoin-smtp-out.extra.cea.fr [132.167.192.228]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8F8E312006D; Mon, 8 Apr 2019 03:15:28 -0700 (PDT)
Received: from pisaure.intra.cea.fr (pisaure.intra.cea.fr [132.166.88.21]) by sainfoin-sys.extra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id x38AFORx001631; Mon, 8 Apr 2019 12:15:24 +0200
Received: from pisaure.intra.cea.fr (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id 9C0DF202EAC; Mon, 8 Apr 2019 12:15:24 +0200 (CEST)
Received: from muguet1-smtp-out.intra.cea.fr (muguet1-smtp-out.intra.cea.fr [132.166.192.12]) by pisaure.intra.cea.fr (Postfix) with ESMTP id 866E2201726; Mon, 8 Apr 2019 12:15:24 +0200 (CEST)
Received: from [10.8.35.150] (is154594.intra.cea.fr [10.8.35.150]) by muguet1-sys.intra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id x38AFOb3024518; Mon, 8 Apr 2019 12:15:24 +0200
To: Pascal Thubert <pthubert@cisco.com>
Cc: int-dir@ietf.org, ietf@ietf.org, its@ietf.org, draft-ietf-ipwave-ipv6-over-80211ocb.all@ietf.org
References: <155169869045.5118.3508360720339540639@ietfa.amsl.com>
From: Alexandre Petrescu <alexandre.petrescu@gmail.com>
Message-ID: <00ae8801-883d-8228-8551-ede699833fc9@gmail.com>
Date: Mon, 08 Apr 2019 12:15:24 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <155169869045.5118.3508360720339540639@ietfa.amsl.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: fr
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-dir/jg6g-CIW1vUUV8Yjzk2PmW__6Ew>
Subject: Re: [Int-dir] Intdir early review of draft-ietf-ipwave-ipv6-over-80211ocb-34 - shortening the opaque IID text
X-BeenThere: int-dir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This list is for discussion between the members of the Internet Area directorate." <int-dir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-dir>, <mailto:int-dir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-dir/>
List-Post: <mailto:int-dir@ietf.org>
List-Help: <mailto:int-dir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-dir>, <mailto:int-dir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Apr 2019 10:15:31 -0000

Le 04/03/2019 à 12:24, Pascal Thubert a écrit :
> Reviewer: Pascal Thubert
> Review result: Not Ready
[...]
> "
> If semantically
>     opaque Interface Identifiers are needed, a potential method for
>     generating semantically opaque Interface Identifiers with IPv6
>     Stateless Address Autoconfiguration is given in [RFC7217].
> 
>     Semantically opaque Interface Identifiers, instead of meaningful
>     Interface Identifiers derived from a valid and meaningful MAC address
>     ([RFC2464], section 4), MAY be needed in order to avoid certain
>     privacy risks.
> 
> ...
> 
>     In order to avoid these risks, opaque Interface Identifiers MAY be
>     formed according to rules described in [RFC7217].  These opaque
>     Interface Identifiers are formed starting from identifiers different
>     than the MAC addresses, and from cryptographically strong material.
>     Thus, privacy sensitive information is absent from Interface IDs, and
>     it is impossible to calculate the initial value from which the
>     Interface ID was calculated.
> 
> "
> Duplicate and mis ordered text, isn't it?

Indeed.  The duplication comes from multiple discussions and expresses 
support of many people to the use of opaque identifiers.

To my defense, there is however a notion of going from generic to 
particular.  In first occurences of opaque IIDs we just refer to the 
RFC, then tell how, and so on.

But of course it is a bit long, and worse, it refers twice to the 
RFC7217, which may disturb.

If you dont mind, I shorten it like this:

NEW:
>    Semantically opaque Interface Identifiers, instead of meaningful
>    Interface Identifiers derived from a valid and meaningful MAC address
>    ([RFC2464], section 4), help avoid certain privacy risks (see the
>    paragraph below).  If semantically opaque Interface Identifiers are
>    needed, they MAY be generated using the method for generating
>    semantically opaque Interface Identifiers with IPv6 Stateless Address
>    Autoconfiguration given in [RFC7217].  Typically, an opaque Interface
>    Identifier is formed starting from identifiers different than the MAC
>    addresses, and from cryptographically strong material.  Thus, privacy
>    sensitive information is absent from Interface IDs, because it is
>    impossible to calculate back the initial value from which the
>    Interface ID was first generated (intuitively, it is as hard as
>    mentally finding the square root of a number, and as impossible as
>    trying to use computers to identify quickly whether a large number is
>    prime).
> 
>    The privacy risks of using MAC addresses displayed in Interface
>    Identifiers are important.  The IPv6 packets can be captured easily
>    in the Internet and on-link in public roads.  For this reason, an
>    attacker may realize many attacks on privacy.  One such attack on
>    802.11-OCB is to capture, store and correlate Company ID information
>    present in MAC addresses of many cars (e.g. listen for Router
>    Advertisements, or other IPv6 application data packets, and record
>    the value of the source address in these packets).  Further
>    correlation of this information with other data captured by other
>    means, or other visual information (car color, others) MAY constitute
>    privacy risks.

Alex


> 
> " For this reason, an attacker may realize many
>     attacks on privacy.
> "
> Do we attack privacy? Maybe say that privacy is a real concern, and maybe move
> that text to security section?
> 
> "
>     The way Interface Identifiers are used MAY involve risks to privacy,
>     as described in Section 5.1.
> "
> Also duplicate
> 
> Nits
> ------
> 
> "
>     IP packets MUST be transmitted over 802.11-OCB media as QoS Data
>     frames whose format is specified in IEEE Std 802.11.
> "
> Please add link to the reference
> 
> " the 802.11 hidden node"
> Do not use 802.11 standalone (multiple occurrences).
> => "the IEEE Std. 802.11 [ ref ] hidden node", or just "the hidden terminal".
> 
> BCP 14 text:
> 
> Suggest to use this text:
> “
>     The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
>     "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
>     "OPTIONAL" in this document are to be interpreted as described in
>     https://tools.ietf.org/html/bcp14 https://tools.ietf.org/html/bcp14
>     [https://tools.ietf.org/html/rfc2119][RFC8174] when, and only when, they
>     appear in all capitals, as shown here.
> 
> “
> 
> All the best
> 
> Pascal
> 
> 
>

v2.23.0 | Report a Bug | By Email