[ippm] Re: draft-ietf-ippm-capacity-protocol-14 ietf last call Secdir review
Ruediger.Geib@telekom.de Thu, 08 May 2025 06:45 UTC
Return-Path: <Ruediger.Geib@telekom.de>
X-Original-To: ippm@mail2.ietf.org
Delivered-To: ippm@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id EF2CB263A34B; Wed, 7 May 2025 23:45:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.398
X-Spam-Level:
X-Spam-Status: No, score=-4.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=telekom.de
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MZQ7tHy318NF; Wed, 7 May 2025 23:45:56 -0700 (PDT)
Received: from mailout41.telekom.de (mailout41.telekom.de [194.25.225.151]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 4DEC3263A346; Wed, 7 May 2025 23:45:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telekom.de; i=@telekom.de; q=dns/txt; s=dtag1; t=1746686756; x=1778222756; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=kQ8s9uH5ERgr87hbvW3NUMSL4FSx2ZcaRk6facJUDuc=; b=SYuwHAKH1OJVdHq3Vjo3oLMUButVjRG1/hItHVZMobderKVfkR/GS/Vl RX4eDseI6ix3RKzcOk9BVcSWgzudAIgeyBs4wDk3p5xa7n1tH4TyrHGSB zm2NqDQntAX9vCl56zGCjODPdPXNrngQdgSmqtyZriRbsNwtraDWovYPx JET+VLqXPV5qqVL2jBB0xqxu/Jy0sA042ndkbbERBUbrUQ1Pwv1xsPwD4 hUu4C3L1vIdB4wdWZbyl159+LY4Ecmd9tjVoPSQn9qjSmByP5IRHpEnhB ze+bhE2vJQJYPIX878EgpR7W5nasomgEKcgTNnh+CNL4DQr/BQ42U2sUI w==;
Received: from qde8e4.de.t-internal.com ([10.171.255.33]) by mailout41.dmznet.de.t-internal.com with ESMTP/TLS/ECDHE-RSA-AES128-GCM-SHA256; 08 May 2025 08:45:54 +0200
IronPort-SDR: 681c5322_0Ix4zwNy9evJ+8IjWVraJIon8n9VUjrqVWqsmOzOQbxvJlz gwTlAnexIMGGmm/oebfiyeEejCoMUfmBJOkOe+g==
X-IronPort-AV: E=Sophos;i="6.15,271,1739833200"; d="scan'208";a="1826593590"
X-MGA-submission: MDEVf9LztqAYiPSPJy+8SJK64i4gRtY1ZdFAL6svyDTbgsd5wWm03upnIHS5IxTg5+uOx+fswKQF1h7ihNiyPBcOv2RSoGp4fwEqRgccEGXyV0dck0MfuCG1+wwl8HgfknK137iBqG1JHC3SIaxdH8AMQBE/ByvGEkITjVfN5m9p9A==
Received: from he101419.emea1.cds.t-internal.com ([10.169.118.196]) by QDE8PP.de.t-internal.com with ESMTP/TLS/ECDHE-RSA-AES128-GCM-SHA256; 08 May 2025 08:45:54 +0200
Received: from HE126306.emea1.cds.t-internal.com (10.169.118.207) by HE101419.emea1.cds.t-internal.com (10.169.118.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14; Thu, 8 May 2025 08:45:54 +0200
Received: from HE102770.emea1.cds.t-internal.com (10.171.40.42) by HE126306.emea1.cds.t-internal.com (10.169.118.207) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14 via Frontend Transport; Thu, 8 May 2025 08:45:54 +0200
Received: from FR6P281CU001.outbound.protection.outlook.com (40.93.78.4) by O365mail07.telekom.de (172.30.0.239) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14; Thu, 8 May 2025 08:45:54 +0200
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=ycaXV1g/Gmh7INDgSaTw/xD1BdzuMvv0KP5NE2G38xqA8dckhRXZy0Zz9TmiWbRrxtLM5ItiXzfWwnCgqLYnoAYEESqTq84LvutUpNsYoW+IR406POfTtZSoQ7O5Jy8gmhfwjYmN1Tj7vRHZ2cEvvG/JV7LwT+FEXGoLnUMfeTdz+5Z3EaT5op10XayN1ai8HLRRF+K+JJBD6JDVVtX6SHUor3U7MrVqdZU3eJSccgdVbmVoBvIHJ3shQhlflQnGwfbhf+8XYoRGiaeL1TyZlvMnLEBJVtKlJ5MAMY8rrOdX6zZH2wqC7RSIOkv0phH4vlPGvt2C1qWy+X1S0tR+lA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=kQ8s9uH5ERgr87hbvW3NUMSL4FSx2ZcaRk6facJUDuc=; b=FDLIlp9uC9KGKFdjrG0Abm+c8SBkWOv+vtV7sd/I7WJkJLnbMTCa81WKcwc4arXpdvhWJmM6pL1980w8AGhZEUBSMKW2yGPW6rgt9l4FMhufYGl6zeXdvm5bGmJgOn4XGnffByzLt6fDkRA1bwRnouqAtxzMMqGMpIZQyMfeKZZH7ApUGbH4btFgHQb5T62U5SHHFFwmDYcT6KZM3d1eSWR3lBkH2u3hcWZ/S3XrzuC4ZE02WT656c43i6FJYfIdwYPRqtoyX5NzfUA+567FsJ2omcOTw2O58KNIfgU9DkS6TUBNvv7GA8+1qNY7DtAdlPDnr7sU3+K5xt+vQqtJ6w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=telekom.de; dmarc=pass action=none header.from=telekom.de; dkim=pass header.d=telekom.de; arc=none
Received: from BE1P281MB2004.DEUP281.PROD.OUTLOOK.COM (2603:10a6:b10:36::8) by BEYP281MB4293.DEUP281.PROD.OUTLOOK.COM (2603:10a6:b10:ab::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8722.23; Thu, 8 May 2025 06:45:52 +0000
Received: from BE1P281MB2004.DEUP281.PROD.OUTLOOK.COM ([fe80::5d20:52da:8a7c:5441]) by BE1P281MB2004.DEUP281.PROD.OUTLOOK.COM ([fe80::5d20:52da:8a7c:5441%6]) with mapi id 15.20.8722.021; Thu, 8 May 2025 06:45:52 +0000
From: Ruediger.Geib@telekom.de
To: bew.stds@gmail.com, secdir@ietf.org
Thread-Topic: draft-ietf-ippm-capacity-protocol-14 ietf last call Secdir review
Thread-Index: AQHbuKagLaYE8EvIjkuK89KDEtIzsbPFgUXQ
Date: Thu, 08 May 2025 06:45:52 +0000
Message-ID: <BE1P281MB2004FC8136798AE9E6CCFE0D9C8BA@BE1P281MB2004.DEUP281.PROD.OUTLOOK.COM>
References: <174589036836.340.3530316408750459413@dt-datatracker-9c7687889-5mqnr>
In-Reply-To: <174589036836.340.3530316408750459413@dt-datatracker-9c7687889-5mqnr>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=telekom.de;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BE1P281MB2004:EE_|BEYP281MB4293:EE_
x-ms-office365-filtering-correlation-id: 16af965c-b60a-490a-583d-08dd8dfbf9eb
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|366016|1800799024|376014|38070700018|1580799027;
x-microsoft-antispam-message-info: LThay53Zo9iAahx6C1MrlQ979mAP7TxeS+RJg475GI/mw7DsVclxFz0eabMfQjjK5ag54Q/N9M4WpEMlN69ox77DIoGuRB1t60pew0aVkclwPDUx5SGqt8qulYq7RpeWWmv7n1JU0SY7RZ9+P8QjMOkHvkXxhUcwDnVEyfY49Dx5qvJdoY1aIw0TZl2s+G7NPS3nxH86kPe4YfmzsGmwBj5O4QPlANDnMH8DDUvllSFVfh/Yf4JpusTt3jCG3dbYiLBaiCsNNg07Bv2PEOzQr4Rc6mbXRBqGLUtbNtwG94i2NmNwMP6qfbnkjKMvxZFMyYpz53IUxNCVVNh0BPRZcqvlsAggntJ458S84lndoFforVgD/XtWhmKqkZAwzeV+hO6GMelWL4udhbhRTzGGA7aCpbX2GmUzxPhGOGZUk2gMD06fV0X9Kuoa5lOafryApFznCC2F/24J8VK7/6xEL74BzhY8h/bOlfdaEVkLUmojD5k1rEhuqkSRD1PB+zgoO6/a3Rs49WB12FeShGgNT45/JUhn2gaZE3ZIh+Tk6mqFu98VxOFBp2BWYm57bHaBArQc1FR2VVLQUSIokXUSCRcrw5QWmjFKMGz6A101szCfQqiFVjXUOZYxahr2/BMfW1i52NCRWT/ZDiIBj/O7rEt2gleLk+f8Aw+iGvjkWkLrTPjuRJKTbrnmRgguS8nVQBwYOh8vBg/DflMi8w+BdK/wrA0Kx2S/vAh/ojaFo92grWbL+mNAmxep+BEbiGrAqTQ/swwoRE8eKy7CQFMeyZyaaAeUDxhpV8sRYFx1yfDNyy/YcN4Z6NSJZQuovx96+Dmj0VZLM/FdF5Fs2xS7CxV4op3tWN0IQ4byrHsXn9L+TDx2XcdaHyOQq/YyJCC2RKR+hzOLU2bUEY4zA1GSo7/+qY0QoYyzOdD/XkAsAwDQYzkhFH8VifOqHdn6ZZzcmQtzoMhtFA+wvlAXF2fl7C7lQZGvVqgqBWEWmC3ASA+hXlU+/bklJjbwzqLTX/etgi4WnU9DrEfyvuMN4zL1lcmXNY2HlU4hqxDwguiARt+qsI5tkVIM0UkPdRBzXsvXnRdVnP6NbKWJXca/E1+l7YZIjtdxOQHr4ttoBSZD0S5rNDuZA5nm+bwhoeAKvQHKDASQuHk8LJMVn6aI3K6H1Wqp2VyM4n+/4InWzMjyY1CJG5PDKuIB77TpOW4DwT/weUeBGp40h9qcqz6dpLcivHhKkMm4mWq7rfxK2A3O0yA/D6efaYnSa3pwofl5011HEM+ZVR7aXOht58PaGGu274jUGntRA00xjIGiXalfHiEM1hJAHp+I7/55K3s3AwQPwt+RFX8GeV9I/bmCzKhYwHH6+lT8VnD5fPqOXNxB2DoB0CkqdWG0DcIIuSUsguV47HDGduW9OfWKodTef8KME+frqepAMg4uw4NValayc1UYHOj6v6RGo2wgvKL4d6YtDt0SFb2e0cWr7VQMbx3TGhG7m2PN1Qq4ScqqqYDvtvlv+gACAy8yjLfdrOLxOjpe
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BE1P281MB2004.DEUP281.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(1800799024)(376014)(38070700018)(1580799027);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: p1A6o5whaF3WJWLzQPKujVGGCmxxwfath8Wf7sG5uUqREYlo7AmYa2b6XdHVXWJ4VG1CLPNNq20QKSXjjORJV6LEn000hDRDIjN4bSrtaj8j3u5AH2j17QHZj6Zt2tyAccbaPkXmJVzp3QxN70jVLZmKqnHecCh42JMU9EILDHgJbtfGwVcYmX2QC66Mj6Vbt5wUK8cl9kkwpO+AsZlB+MM/lEBYDYM6rBR+FpWWR+7WmGaQcqeor7dbVYlxbvix9+eX/22rBpbSu6e0pFrLRTlHv5hvxeczJ9c6ytEMWTZra5HBoqtJICVEYNp1Zp/xg2RU047Y0G7M6WAfJSRNaw+WNBLfJUS4gE0bPVb72gV5SFJSd8WLJLMwgEEC60155nqGDbfwwZBTOW1gtc2amXNhHYJX3xVddbSrjT8k8lmbuhzDgjCvHjso3/fA1nZSVTN2KbMkFPMmemDIit2ZAXVjOyUpU9jkqC9ZpIYQGT1TnTqSHf5SKon4ijtqORKCGzcYankhm2hzpeso/ta1VkptgULr/QG+BIORH2nq6IcSl8Wd4D51EEE1LzLQlotl2W3DiLXkPvMzc1kT7GN316bDx4kvLGaxbAzFbyPBAhZQbvQGyX+s0ptCZfZ0s7KPKyVBpokwuKb8oE5o6rF2sRV9tIjes/8GW1PcyqcSBbJ+VvXIMiZNu5w4Vx5yf2rAlzOsLXLQ2py8cxpUQMIBXHVh0h95I3PkCZPjvry+txNUtCQhh3nTSNOhTyEn+6wjMHFDDNvHNogQwy14LhIXh5w0lQtVuC7w0SZkquuWYIBn3wx0yzpBJWX1rwW6kZvqbaUUcDxfjizuErqqLKgVhnYt0gyYi0TZ65pHP5IL4Nnf+uDCxFGOoh5sG0gjYV5HfZSYI69706YPEyr8X3ILzsr/AM/tT4tPRn8gbqHtdmrOAm+nPJH7+XkEazwHAUQ1rggPtwrsA/gzrA1yrb1HUKeXRd0bl3T70SfnVJukgu0xsTXnIeciocUxAwntCIxgwdp7jTveFuV5ZoHJQlm8znbKBEj/MdCqsubcmxbI1ihubgcqV1ABEmCluJLyC/y8fNssMTd7SxOBnOa2+Ky2boVf7c2QeLMbJpyIDR+BsGbhTFcQ7tWILd4UWSQJaPqkARIYoFWF7mOv6iGc/p+d2r03SVryoiwbQnCi6M52ECnJEYa8Qa4NC5BdqxCFp0dh6jxNYUbyKY2yd2b9EwO9HDUpcqEs0A6S/ZsYB6tszAPkWSawTTOLQE8ntMi4mCgkecDXSyiqs8NpCs2XzGl7oZGlAmhVu6tgqdeIIJi7TMWAPPPKFRhZPi4+sxdZlUh2npN6s0b8Qh6kwrnGsvGiSN0ngIYvehkYnOTZkAvQMMVmk9etG11SCUFPtlrx7JeSyhO2cJ5AWCYjMMvbgph9Q30kPQu6ebxObHpxBtx9UP1MgE92NQhNfxh6oxi1qeQIo8KJ2ImJ4N15PBLO62+R+DZIFrdfgjmUboG9YbdX2sP4svCCpR87wVvULse8/vBRV9odw912dgHI1d1/J0kEA8YO4oDZ3xCj2vmahHfGcSqMQQMoTQrrXxfS/tVupLC4
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BE1P281MB2004.DEUP281.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 16af965c-b60a-490a-583d-08dd8dfbf9eb
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 May 2025 06:45:52.5189 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bde4dffc-4b60-4cf6-8b04-a5eeb25f5c4f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: C83ZhwY7fmwxwujpItCeNChVQ360xeQ8KvjsXYt00tlfI6fjTLf3LWbyTh5pKjJYvCqWljrMQBzxMe6kMk1SJRfffVtAVZmFzTyQjdTQom8=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BEYP281MB4293
X-OriginatorOrg: telekom.de
Message-ID-Hash: 4IJESQ7LSJRGSZCI444GBIJ4MXCTQ5SW
X-Message-ID-Hash: 4IJESQ7LSJRGSZCI444GBIJ4MXCTQ5SW
X-MailFrom: Ruediger.Geib@telekom.de
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ippm.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: draft-ietf-ippm-capacity-protocol.all@ietf.org, ippm@ietf.org, last-call@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [ippm] Re: draft-ietf-ippm-capacity-protocol-14 ietf last call Secdir review
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/LruYS5Ed9Pgs6jdz2HsPjAsn_Tg>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Owner: <mailto:ippm-owner@ietf.org>
List-Post: <mailto:ippm@ietf.org>
List-Subscribe: <mailto:ippm-join@ietf.org>
List-Unsubscribe: <mailto:ippm-leave@ietf.org>
Hi Brian, thanks for your review and suggestions. The comments of Len and me are marked [Authors] in line below. Regards, Ruediger -----Ursprüngliche Nachricht----- Von: Brian Weis via Datatracker <noreply@ietf.org> Gesendet: Dienstag, 29. April 2025 03:33 An: secdir@ietf.org Cc: draft-ietf-ippm-capacity-protocol.all@ietf.org; ippm@ietf.org; last-call@ietf.org Betreff: draft-ietf-ippm-capacity-protocol-14 ietf last call Secdir review <snip> The summary of the review is Has Nits. This document describes a new method and set of PDUs for measuring the performance of UDP traffic. It defines methods of message authentication, and one method of encrypting control and status messages. Encryption of data messages is not included, as it is expected to reduce the accuracy of the performance measurements. I have reviewed this document twice before, and have just a few minor comments and suggestions. Section 3, list item 1. I’m wondering why the name of the exchange described in this list item (i.e., Setup Request and Response Exchange) was removed? The name seems to still be used elsewhere in the document, so would be helpful to state it here. [Authors]: Thanks, sound....bullet point 1) ADD: Test Setup Request and Response: ----------------- Section 4.2, list item 1. This unauthenticated mode is stated as “shall only be allowed when all other modes requiring authentication (or Partial Encryption) are blocked or unavailable for use.” The words “are blocked” were added here, which I believe is unwise. A typical method by a on-path attacker is to “downgrade” the security of a session by blocking packets. I would recommend removing these words. Note also that the next sentence says “This mode is intended for a lab or limited domain”, where I would expect blocked packets to be a network error that can be (and should be) fixed, and can be fixed by the same administrators as are running the test. So the necessity of including “are blocked” seems wholly unnecessary. Alternatively, text needs to be added in Security Considerations describing this threat and under what conditions the threat is acceptable. [Authors]: NEW: ....(or Encryption) are unavailable for use. ---------------- Section 4.2.4. This mode is titled “Optional Partial Encryption of Control and Status”. The “Partial” can be misleading a reader into believing that only part of the control or status portions of the message is encrypted. But if I understand the payloads properly, the entire payload prior to the authentication state is encrypted, leaving only the authentication state in the clear. Leaving the authentication state in the clear is necessary since the receiver will check authentication before decryption. I would suggest removing the world “Partial”. [Authors]: Agreed. ------------------- Section 4.2.4. This section defines one encryption method. This definition is fine. But over time the strength of encryption methods tends to degrade, and new definitions need to be adopted. Protocols thus need to be designed with algorithm agility. In fact the document does provide for algorithm agility due to the ability to define new Modes in the “Test Setup PDU Authentication Mode Registry”. However, this is not obvious to a reader. I would suggest adding a note, either in this section or in Security Considerations, that says something like “Alternate encryption and/or authentication modes provide for algorithm agility by defining a new Mode following the rules of the “Test Setup PDU Authentication Mode Registry”.” [Authors]: Thanks, Security Section, ADD: Authentication and encryption methods and requirements steadily evolve. Alternate encryption and/or authentication modes provide for algorithm agility by defining a new Mode, whose support is indicated by an assigning a suitable "Test Setup PDU Authentication Mode Registry" value (see section 11.2.4).
- [ippm] draft-ietf-ippm-capacity-protocol-14 ietf … Brian Weis via Datatracker
- [ippm] Re: draft-ietf-ippm-capacity-protocol-14 i… Ruediger.Geib