Re: [Iot-directorate] Iotdir early review of draft-richardson-mud-qrcode-02
Michael Richardson <mcr+ietf@sandelman.ca> Thu, 25 November 2021 13:39 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: iot-directorate@ietfa.amsl.com
Delivered-To: iot-directorate@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 136823A088C; Thu, 25 Nov 2021 05:39:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sandelman.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cLZyEjXBW2hv; Thu, 25 Nov 2021 05:39:15 -0800 (PST)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AD0993A0889; Thu, 25 Nov 2021 05:39:11 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id 1AA6E18119; Thu, 25 Nov 2021 08:42:03 -0500 (EST)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id An76h-g8YFWn; Thu, 25 Nov 2021 08:41:58 -0500 (EST)
Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id B4C611809F; Thu, 25 Nov 2021 08:41:58 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sandelman.ca; s=mail; t=1637847718; bh=bXzTt92Fz9lOufv3Ju/HFbPwk0UpUJAREKB6BjVjBNA=; h=From:To:cc:Subject:In-Reply-To:References:Date:From; b=2PK/xek1yB+8K3Pp3hwbqS18rrq0WIp1y8mofytbpacFfRDXS0hGFCwtIu9cTVWRE COWg1PtRpNpyP7HgIuX+GNpaeGHmdPtOLep7kZPCNEiHx+I8Ghf++h2g8fwnawQy1h k4nl0gNNt8GRMGUpqcwymep9axtIjJd0u1o7ahAZICmnAdgxM4GnnLbEy+lKKjevWs KF8WQlgRZaLbKTnOSBvWZ+JcL9W9dge+QF7N+rv/TLHyFW6nmkuadHd1bwRGhsDHLi XveukgFbL0Gdo27othFSFf5LRNHx3J7ZF/6j6IZq8S6qZ7/WQDp4txRLjZGiDQXJV8 Tf+NMWdOJ76Bg==
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 60D9D98E; Thu, 25 Nov 2021 08:39:03 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Jaime Jimenez <jaime@iki.fi>
cc: iot-directorate@ietf.org, draft-richardson-mud-qrcode.all@ietf.org
In-Reply-To: <163783289022.31136.7276510955956674909@ietfa.amsl.com>
References: <163783289022.31136.7276510955956674909@ietfa.amsl.com>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Thu, 25 Nov 2021 08:39:03 -0500
Message-ID: <15386.1637847543@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/iot-directorate/GBJtAfj9rJj-r-nJW__I_Kghz_8>
Subject: Re: [Iot-directorate] Iotdir early review of draft-richardson-mud-qrcode-02
X-BeenThere: iot-directorate@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Mailing list for the IoT Directorate Members <iot-directorate.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/iot-directorate>, <mailto:iot-directorate-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/iot-directorate/>
List-Post: <mailto:iot-directorate@ietf.org>
List-Help: <mailto:iot-directorate-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/iot-directorate>, <mailto:iot-directorate-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Nov 2021 13:39:20 -0000
Jaime Jimenez via Datatracker <noreply@ietf.org> wrote: > As per the IoT Dir request I will be providing a first review of > draft-richardson-mud-qrcode-02. Thank you for the review! > To my understanding the aim of the document is to provide the MUD URL as a QR > code for devices that do not have MUD support. From the deployment point of > view I suppose the process would be done for example via a deployment > specialist that scans the code and transmits the URL from the phone device to > the MUD Controller. yes, it might also occur in the asset management group, which for instance, receives devices in boxes, adds them to their asset management database, and then prints some "This device owned by Example Corp, asset tag 234589234" stickers and affixes them. This is one of the purposes of the RLA QR codes. > As per 3.2.5 in some cases the MUD URL contains also the MAC of the device so > that when the device connects, the network will recognise it (for example when > using ARP or DHCP). That latter part by the way is a bit undefined at The detail here is difficult as it depends upon how the asset database is integrated with the DHCP, and ultimately, with the MUD controller. In the worse case, there would be copy and pasting from one system to another, but that would get better as this this goes on. No integration with ARP, DHCP or LLDP is required, as the device probably does not put it's MUD URL into DHCP or LLDP if it has the URL on the outside. (but that might change over time) > A naive attacker could read the QR code that contains the MAC, change its own > MAC to that of the QR code and then impersonate the device effectively > blacklisting that MAC address and preventing the actual device from attaching > to the network in the future. Yes, I suppose that this is an attack. To do it, the attacker must have credentials that let it onto the network in the first place. Maybe that involves just plugging a cable in to an empty port. At which point, they could do all sorts things too. If the network has 802.1x controls (such as EAP-Enterprise), then the network would really have already defended itself against that. > "The ISE would appreciate reviews from IoT and Operations experts to gather > opinions on the document. In particular, the ISE would like to know whether > publicaiton would be a bad idea or could be harmful to the Internet." > I personally do not see any specific items on this draft that could be harmful > to the general Internet. Some security issues are evident and affect the use of > the QR code, but they have been described in the Security section. Wunderbar. -- Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
- [Iot-directorate] Iotdir early review of draft-ri… Jaime Jimenez via Datatracker
- Re: [Iot-directorate] Iotdir early review of draf… Michael Richardson
- Re: [Iot-directorate] Iotdir early review of draf… Jaime Jiménez