Re: [ippm] Benjamin Kaduk's No Objection on draft-ietf-ippm-twamp-yang-11: (with COMMENT)
Benjamin Kaduk <kaduk@mit.edu> Fri, 22 June 2018 18:05 UTC
Return-Path: <kaduk@mit.edu>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F046130EBA; Fri, 22 Jun 2018 11:05:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xO7Ey52FpzSo; Fri, 22 Jun 2018 11:05:35 -0700 (PDT)
Received: from dmz-mailsec-scanner-4.mit.edu (dmz-mailsec-scanner-4.mit.edu [18.9.25.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 619BF130E10; Fri, 22 Jun 2018 11:05:35 -0700 (PDT)
X-AuditID: 1209190f-b43ff70000002ab1-9d-5b2d3a6e0bb8
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-4.mit.edu (Symantec Messaging Gateway) with SMTP id DB.6A.10929.E6A3D2B5; Fri, 22 Jun 2018 14:05:34 -0400 (EDT)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id w5MI5WZa014087; Fri, 22 Jun 2018 14:05:33 -0400
Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id w5MI5RaW025197 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 22 Jun 2018 14:05:30 -0400
Date: Fri, 22 Jun 2018 13:05:27 -0500
From: Benjamin Kaduk <kaduk@mit.edu>
To: Mahesh Jethanandani <mjethanandani@gmail.com>
Cc: The IESG <iesg@ietf.org>, draft-ietf-ippm-twamp-yang@ietf.org, Nalini Elkins <nalini.elkins@insidethestack.com>, ippm-chairs@ietf.org, ippm@ietf.org
Message-ID: <20180622180527.GI64617@kduck.kaduk.org>
References: <152933869439.3647.15290297683322606646.idtracker@ietfa.amsl.com> <3A3BEE09-40B0-4006-A404-6933081C9A19@gmail.com> <20180622151458.GE64617@kduck.kaduk.org> <FBD67FCB-BA86-42DE-A60F-8BC4F4B0E591@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <FBD67FCB-BA86-42DE-A60F-8BC4F4B0E591@gmail.com>
User-Agent: Mutt/1.9.1 (2017-09-22)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprDKsWRmVeSWpSXmKPExsUixG6nrptnpRttsPCUoMWtIw2MFjP+TGS2 WL2jm82i58E7ZovTb9axWXw+eYnRgc1j56y77B5Llvxk8tgy4xZTAHMUl01Kak5mWWqRvl0C V8afPyuZCp7bVry/W97AeFKvi5GTQ0LARGJL90n2LkYuDiGBxUwSC06tYoZwNjJKPGg6ywLh XGWSmNv3lR2khUVAVeL/rdlgNpuAikRD92VmEFtEwFDi1IEXTCANzAKrGCWu9P5i7WLk4BAW iJWYN4kbpIYXaN2lvUugNtxjlDj77A0rREJQ4uTMJywgNrOAusSfeZeYQXqZBaQllv/jgAjL SzRvnQ22i1PAVuLc6wtgtqiAssTevkPsExgFZyGZNAvJpFkIk2YhmbSAkWUVo2xKbpVubmJm TnFqsm5xcmJeXmqRrolebmaJXmpK6SZGUCRwSvLvYJzT4H2IUYCDUYmHV+OrTrQQa2JZcWXu IUZJDiYlUd6bFUAhvqT8lMqMxOKM+KLSnNTiQ4wSHMxKIrxuT4FyvCmJlVWpRfkwKWkOFiVx 3uxFjNFCAumJJanZqakFqUUwWRkODiUJ3imWutFCgkWp6akVaZk5JQhpJg5OkOE8QMN3WwDV 8BYXJOYWZ6ZD5E8xKkqJ804DaRYASWSU5sH1ghKVRPb+mleM4kCvCPNeBqniASY5uO5XQIOZ gAZXN2uBDC5JREhJNTDGCe1cxtX6mUU9fnHTPbk9KYbfFVTDelt1sy6qJds8Mtvknx/bucd6 ozZjvV2ar98pB9Om9u97LLo+sUxP/XD3Y/OFObYcDQY8GtG2pwyPfWPYNulEycqVP15ZXzrt 0bPzkeKx9oLPL3381jBfDPoz9+xbYTGzVK3lrh1HdGd+XrFm40e9hYFKLMUZiYZazEXFiQCb fJVmLwMAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/4LoIzpZXmvoXNUTpcFeF1lIu3uQ>
Subject: Re: [ippm] Benjamin Kaduk's No Objection on draft-ietf-ippm-twamp-yang-11: (with COMMENT)
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jun 2018 18:05:38 -0000
On Fri, Jun 22, 2018 at 10:46:25AM -0700, Mahesh Jethanandani wrote: > Hi Ben, > > > On Jun 22, 2018, at 8:15 AM, Benjamin Kaduk <kaduk@mit.edu> wrote: > > > > On Wed, Jun 20, 2018 at 06:55:23PM -0700, Mahesh Jethanandani wrote: > >> Hi Ben, > >> > >>> On Jun 18, 2018, at 9:18 AM, Benjamin Kaduk <kaduk@mit.edu> wrote: > >>> > >>> Section 3.4 > >>> > >>> Each Session-Reflector is associated with zero or more TWAMP-Test > >>> sessions. For each test session, the REFWAIT timeout parameter which > >>> determines whether to discontinue the session if no packets have been > >>> received (TWAMP [RFC5357], Section 4.2) can be configured. > >>> > >>> nit: I think this would be easier to read if "which > >>> determines...received" was offset by commas or parentheses. > >> > >> How about this: > >> > >> OLD > >> For each test session, the REFWAIT timeout parameter which > >> determines whether to discontinue the session if no packets have been > >> received (TWAMP [RFC5357], Section 4.2 <https://tools.ietf.org/html/rfc5357#section-4.2 <https://tools.ietf.org/html/rfc5357#section-4.2>>) can be configured. > >> > >> > >> NEW > >> For each test session, the REFWAIT timeout parameter can be configured, which > >> determines whether to discontinue the session, if no packets have been > >> received (TWAMP [RFC5357], Section 4.2 <https://tools.ietf.org/html/rfc5357#section-4.2 <https://tools.ietf.org/html/rfc5357#section-4.2>>). > > > > I'm not sure this is quite right -- the clause offset by commas starting > > with "which" is supposed to be a "parenthetical", a clause adding some > > additional information that is not necessary to understand the sentence. > > That is, the sentence is still supposed to read fine if the entire clause > > (and commas) are removed. But "the REFWAIT timeout parameter can be > > configured if no packets have been received" seems like a different meaning > > than is intended. > > Ok. How about? > > OLD: > For each test session, the REFWAIT timeout parameter which > determines whether to discontinue the session if no packets have been > received (TWAMP [RFC5357], Section 4.2 <https://tools.ietf.org/html/rfc5357#section-4.2>) can be configured. > > > NEW: > For each test session, the REFWAIT timeout parameter, which > determines whether to discontinue the session if no packets have been > received (TWAMP [RFC5357], Section 4.2 <https://tools.ietf.org/html/rfc5357#section-4.2>), can be configured. That works for me. (I bet the RFC Editor will think there are too many commas, but will let them decide that for themselves.) > > > > >> > > > >>> > >>> Section 4.2 > >>> > >>> [...] The Server, being prepared to conduct > >>> sessions with more than one Control-Client, uses KeyIDs to choose the > >>> appropriate secret-key; a Control-Client would typically have > >>> different secret keys for different Servers. key-id tells the Server > >>> which shared-secret the Control-Client wishes to use for > >>> authentication or encryption. > >>> > >>> Does this imply a global uniqueness requirement for key-ids? If so, > >>> that should be called out more clearly. > >> > >> Section 4.1 says. Do you think this is clear enough? > >> > >> Both the Server and > >> the Control-Client use the same mappings from KeyIDs to shared > >> secrets (key-id and secret-key in Figure 3, respectively) > > > > I'd prefer to have it also say explicitly that they must be unique, as in > > something like > > > > NEW: > > > > Both the Server and > > the Control-Client use the same mappings from KeyIDs to shared > > secrets (key-id and secret-key in Figure 3, respectively); in order > > for this to work properly, KeyIds must be unique across all systems in > > the administrative domain. > > > > Ok. I have made some minor tweaks to the above suggested changes, mainly to consolidate all references of “KeyIDs" to "key-id" and “shared secret” and “shared-secret” to “secret-key” so they are consistent with the UML diagram and the box “key-chain”. It now appears as: > > NEW: (In Section 4.1) > Both the Server and the Control-Client use the same mappings from key-id to secret-key (in Figure 3); in order for this to work properly, key-id must be unique across all systems in the administrative domain. > > NEW: (In Section 4.2) > As mentioned in Section 4.1, both the Server and the Control-Client use the same mapping from key-id to shared secret-key; in order for this to work properly, key-id must be unique across all the systems in the administrative domain. > Thank you! > > > >>> > >>> Section 4.3 > >>> > >>> | name | > >>> | ctrl-connection-name {ro} | > >>> | fill-mode | > >>> | number-of-packets | > >>> | state {ro} | > >>> | sent-packets {ro} | > >>> | rcv-packets {ro} | > >>> | last-sent-seq {ro} | > >>> | last-rcv-seq {ro} | > >>> +---------------------------+ > >>> > >>> nit: should the "{ro}" on "state" be right-aligned with the others? > >> > >> Ok. > >> > >>> > >>> Is there any privacy concern about exposing the parent-connection > >>> 4-tuple? > >> > >> As discussed in the other thread, the test is run between the four logical entities within the same provider network. That combined with the security of the session, and use of access control (NACM) can limit how much is exposed and what they can do with that information. > >> > >>> > >>> Section 5.2 > >>> > >>> In the 'count' leaf, a default value of 10 (corresponding to an > >>> iteration count of 2^10 == 1024 for PBKDF2) is described. This > >>> seems quite low for a PBKDF2 iteration count, by modern standards. > >>> In "normal" cryptographic protocols we would generally be using a > >>> default closer to 32768 == 2^15 (which I see is the default *max* > >>> count value, and there is additional discussion of the issue in the > >>> leaf description for that leaf). Perhaps one could make an argument > >>> that this is just for test setups and the keys and data exchanged > >>> are "not very valuable", but there is always risk of key sharing > >>> across protocols, and my preference is to present the strong > >>> defaults and give users the option to reduce where appropriate. > >>> What are the authors' thoughts here? > >> > >> We can bump the default for ‘count to be 15, and the default for ‘max-count-exponent’ to 20. > > > > Thanks! > > > >>> > >>> Section 7 > >>> > >>> There are probably more nodes that can get called out as > >>> particularly vulnerable, such as the count and max-count nodes that > >>> can cause a long time to be spent on PBKDF2 iterations, the dscp > >>> markings, the mode bitmask, etc. > >> > >> The question of more nodes being identified from a vulnerability perspective has been called out on the other thread. We can use the above discussion, and the point you make below to call out ‘count’ and ‘max-count-exponent’. What do you see as issue with different DSCP markings or with mode bit mask? > > > > If I understand correctly, different DCSP markings could affect the > > processing of the test traffic on the network (skewing the results), and > > changing the mode mask could result in big changes, like using > > unauthenticated (and MITM-able) test traffic instead of authenticated > > traffic. > > Ok. Will add text around it. Great; thanks! -Benjamin
- Re: [ippm] Benjamin Kaduk's No Objection on draft… Benjamin Kaduk
- Re: [ippm] Benjamin Kaduk's No Objection on draft… t.petch
- Re: [ippm] Benjamin Kaduk's No Objection on draft… Mahesh Jethanandani
- Re: [ippm] Benjamin Kaduk's No Objection on draft… Benjamin Kaduk
- Re: [ippm] Benjamin Kaduk's No Objection on draft… MORTON, ALFRED C (AL)
- [ippm] Benjamin Kaduk's No Objection on draft-iet… Benjamin Kaduk
- Re: [ippm] Benjamin Kaduk's No Objection on draft… Benjamin Kaduk
- Re: [ippm] Benjamin Kaduk's No Objection on draft… Mahesh Jethanandani