Re: draft-noisternig-ipdvb-sec-ext-00.txt

Michael Noisternig <mnoist@cosy.sbg.ac.at> Fri, 10 July 2009 14:26 UTC

Message-ID: <4A574876.9010108@cosy.sbg.ac.at>
Date: Fri, 10 Jul 2009 15:56:06 +0200
From: Michael Noisternig <mnoist@cosy.sbg.ac.at>
User-Agent: Thunderbird 2.0.0.22 (Windows/20090605)
MIME-Version: 1.0
To: ipdvb@erg.abdn.ac.uk
Cc: H.Cruickshank@surrey.ac.uk, Prashant Pillai <P.Pillai@Bradford.ac.uk>
Subject: Re: draft-noisternig-ipdvb-sec-ext-00.txt
References: <1244702672.4a30a7d0b5839@webmail.brad.ac.uk> <4A50542A.20001@erg.abdn.ac.uk>
In-Reply-To: <4A50542A.20001@erg.abdn.ac.uk>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Sender: owner-ipdvb@erg.abdn.ac.uk
Precedence: bulk
Reply-To: ipdvb@erg.abdn.ac.uk

Hi Gorry,

many thanks for reviewing the draft. Please see some questions/comments 
inline.

Michael

Gorry Fairhurst schrieb:
> Thanks for this new draft. It is good to see progress on this draft, I
> have a number of comments on the draft, and some editorial NiTs that I
> shall send separately.
> 
> best wishes,
> 
> Gorry
> ---
> 
> Abstract:
> /The extension may be easily adapted to the Generic Stream Encapsulation
> (GSE) protocol, which uses a similar extension header mechanism./
> - Is it possible to say this extension header *is* applicable to GSE?

Well, the extension /header/ is directly applicable to GSE, but the 
processing described in the document has to be adapted, such as 
replacing PID by ISI, and taking the 3-byte label into account. So I'd 
prefer saying 'it may be easily adapted'.

> ---
> Para 2 of introduction:
> /(e.g., satellite mesh systems with on-board processing)./
> - As far as I know, this is a property of any mesh network. If so, this
> could be shortened to /satellite mesh systems/ 

Ok.

> ---
> Para 3 of introduction:
> /This allows them to be used independently and in parallel, and
>    any network layer protocol like IP (even with Ethernet bridging) may
>    be used with the security extension./
> - Is it also possible to be used for signaling information?

I'm not sure what you mean. Are you asking whether the extension can 
secure L2 signalling information? If so, we may add something like: 
'Link-layer signalling information may be protected as well.'

> ---
> Para 5 of introduction:
> /may benefit from IETF key management protocols, /
> - It could be worth saying the simplest method is to use pre-shared
> keys, and this may be appropriate in some important use-cases.

Agreed.

> ---
> Page 6 states:
> /More importantly, from a
>       security point of view, temporary addresses do not provide
>       adequate identity protection, as a passive adversary may easily
>       link different SNDUs to the same connection. Also, a procedure to
>       allocate temporary addresses is required such that they are unique
>       in the system. Hence it is proposed to encrypt the destination
>       address/
> - I found this confusing. Does this text need to be in the current draft
> or could it be moved to a change log or appendix? 

I was also wondering. We will discuss that.

> ---
> Section 5.8
> /It is RECOMMENDED that it has a default size of 12 octets./
> - I'm confused by the RFC-2119 keyword here. Does this define a 12 byte
> default? (it could) Or does this recommend something for which there may
> be a good reason to make exceptions... I think I do not understand.

This is left over from the old draft. It suggests MAC sizes to comply to 
the de-facto standard IPsec MAC sizes of 96 bits. However, given that we 
allow other authentication mechanisms (e.g., TESLA), and we do not 
define any algorithms in the document, I will remove the sentence.

> ---
> Section 5.8
> - What would you suggest for use with GSE, would you also suggest the 
> ISI value was included?

Yes, for GSE we would take the ISI. I'm not sure whether we should point 
this out since we are primarily defining for ULE, and in the 
introduction/abstract we are saying that the extension may be /adapated/ 
to GSE.

> ---
> Section 6
> /for multicast settings, for other
>    scenarios of group communication, and also for unidirectional links,
>    where the SPI value has to be centrally selected by a group
>    controller/
> - Can you elaborate or remove the following text, currently I do not
> understand these additional cases: /for other scenarios of group
> communication/

I will replace with 'multi-sender shared SA scenarios'. It should be 
more clear in this wording since that is used below.

> - Does it have to be centrally selected? - This implies a need for
> automated key management. ... or is it sufficient to be known at both

Yes, this is talking about automated key management. I will clarify this.

> ends, and hence a pre-shared value could alternatively be used with a
> static configuration.
> ---
> Section 6
> / an SAD should only store references to SAs, and reference/
>          ^^^^^^
> - Does this need to be /SHOULD/ i.e. is there a protocol
> interoperability issue, if other approaches are used?

Hm, the intention was to rather say duplication efforts could be avoided 
if references are stored. I will rephrase to
'To support shared SAs permitting bi-directional communication and avoid 
the effort of duplicating SAs, an SAD may store references to SAs, and 
reference bi-directional SAs in both the incoming and outgoing SAD.'

> ---
> Section 6
> / This document always requires
>    separate SPs to be defined for incoming and outgoing data, and in
>    turn allows SAs to be shared across several devices, supporting both
>    unidirectional links and group communication./
> - These seem like requirements, can this be written using MUST and MAY?

These are kinda requirements. An implementation may 'optimise' certain 
configurations, and e.g. define a bi-directional SP where appropriate. 
The point is that the behaviour to the outside must comply. So I suggest 
not using RFC2119 keywords (for now).

> ---
> /The GCKS must be contacted by a device which
>         cannot find an SA for a matching SP, and when the SP does not
>         define a static SID and default key data in its first set of
>         Security Parameters./
> - This seems to imply there is always a GCKS?
> - Should this be prefixed by /When a GCKS is configured, the GCKS must
> be.../

Agreed.

> ---
> 
> The standards language should be tightened:
> 
> /must default to the first entry in the list/
>  ^^^^
> - MUST?

<snip>

Agreed. These RFC2119 keywords got "lost" in copying to a paper and back.

> ---
> Point 4.
> /If the SA requests
>          identity protection, the destination NPA address is omitted
>          from the base header, setting the base header's D bit to 1./
> - This seems to be optional, as described earlier.

I suggest concluding the sentence with '(though another label may be 
re-inserted, see section 5.2)'.

> ---
> References:
> 
> There is a Downref: A Normative reference to Informational RFC 5458.
> Reference 4 should be informational, since the standard can not rely on
> an informational draft.

Right. Will correct this.

> 
> ===
> 
> - It would be really helpful to see an appendix (that may be removed by
> the RFC Editor) that keeps a change log of what has changed in the draft
> revision. In this case, it would be useful if the authors could provide
> some inherited history from the drafts that contributed to this combined
> draft - so that other people reviewing this can see where the work came
> from.
> 
> 
> 
> 
> 
> 
>

draft-noisternig-ipdvb-sec-ext-00.txt Gorry Fairhurst
Re: draft-noisternig-ipdvb-sec-ext-00.txt (Editor… Gorry Fairhurst
Re: draft-noisternig-ipdvb-sec-ext-00.txt (Editor… Michael Noisternig
Re: draft-noisternig-ipdvb-sec-ext-00.txt Michael Noisternig
Re: draft-noisternig-ipdvb-sec-ext-00.txt (Editor… Gorry Fairhurst