Re: [ippm] Secdir early review of draft-ietf-ippm-ioam-direct-export-07

Stephen Farrell <stephen.farrell@cs.tcd.ie> Thu, 19 May 2022 16:51 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 93A92C1D3518; Thu, 19 May 2022 09:51:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.857
X-Spam-Level:
X-Spam-Status: No, score=-3.857 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, NICE_REPLY_A=-1.857, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1BGRuOu1BQ7k; Thu, 19 May 2022 09:51:03 -0700 (PDT)
Received: from EUR02-AM5-obe.outbound.protection.outlook.com (mail-eopbgr00117.outbound.protection.outlook.com [40.107.0.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 08AA3C1D351A; Thu, 19 May 2022 09:50:17 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QlY5tMosxaQEugZ7Q6+5hN6Jq1lUQpXzrDC9u+fIO4tzcXFxBZYoFrKPun6Y/t8xJoqw1T+ByZ8dKb+0xWXgPVwh2C3vv7ww5ZeCF2LD7YABfZedKat24fMCVuQe812NM2oy1ZWrF781/EcT2cgAvn/51tgCrBKN826NJYWzzLjQO4eQBSNQPbD7bkf8SHc62+a04X8/YsfW1WlmbhSqkHKdip9aj7OZp9xojksz4eSoNSKT2hB2n7ofDAavibvzidZ/5l7ibQwjqyOy9t1WG9zxRGU3hYqScfYIOCYlsTFrYQotlgxrvqA6F9s1llDjZiktI9m9PafcAJ0px4IC0w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=i15j1GiW2wLLhNH/r+ubgAPYHj8TkfQPr/gWNwsUriE=; b=XlGyQjOxSI8OItyslG9rdePXOS5nL9NWpSb88smkcKBIiraPbxFdU/ZZ53YH+mzEEynl+FWr+QPemuZeWVInaS6ub/wU0zrqoSkedrr9U86yoVUIwqZGhmojfuWVL5YpseEmFzEkQCdJa7HOHqgLug+UXdtfERaDYFFp/iMvfPqA0r8SV5vSWfrPWgQCLzlLteBTs+E6MPm188KVEvkmDYpsQunTu+rQQKw2hvUMOeCUiNK7gjK3GKj/U3SzQHI73AhbkOrlgUYKqwqCF0ysoylN3j+JMbTTylfCb9s24IAGjq6oo0Z+3MhumN3Ei52a28/p4AhaC+jTamijK/C6Rg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=i15j1GiW2wLLhNH/r+ubgAPYHj8TkfQPr/gWNwsUriE=; b=VU1eKeeGUbydcPEF8fOUWUyWk0rimCziwUWa68WVWchQGbjmTe3IqwdYw/6+je7if/lLqEnuMXHrmOBwqltbPDXBv3uKJk6bayOkfDvk0gGG/UmEEaP4BgP65/K7q/g8JL2u0BqF0hYE+Yzb4sT1Awx0esyyNycEEYqUWfxoyMMnHzhS1BpzAaN95Y0ehtUec/g+xmns2NWA6nwHLTljh5JAvJCtGDIHPRDCdA1TI9N0fJgCGNIyEC1Lziigd1ySIMRAHfg0NC74s1YgYiaGMyU/7W3HcjOF3IIV1IBfGd/c5sB0MtbsIHTbeVAIMHBZc83E7xoHcDzMRBmgGkStGQ==
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by AM6PR0202MB3431.eurprd02.prod.outlook.com (2603:10a6:209:1d::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5273.15; Thu, 19 May 2022 16:50:13 +0000
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::92f:cb0b:71d:b049]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::92f:cb0b:71d:b049%7]) with mapi id 15.20.5273.014; Thu, 19 May 2022 16:50:13 +0000
Message-ID: <c388a6a9-b3dc-b92d-d3eb-f2f9b7077a05@cs.tcd.ie>
Date: Thu, 19 May 2022 17:50:11 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.8.1
Content-Language: en-US
To: Haoyu Song <haoyu.song@futurewei.com>, "secdir@ietf.org" <secdir@ietf.org>
Cc: "draft-ietf-ippm-ioam-direct-export.all@ietf.org" <draft-ietf-ippm-ioam-direct-export.all@ietf.org>, "ippm@ietf.org" <ippm@ietf.org>
References: <165297463378.5296.5590170778832486427@ietfa.amsl.com> <BY3PR13MB4787765F9D1BDE157268DE109AD09@BY3PR13MB4787.namprd13.prod.outlook.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
In-Reply-To: <BY3PR13MB4787765F9D1BDE157268DE109AD09@BY3PR13MB4787.namprd13.prod.outlook.com>
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------eZYRldOpwvZSXpI083t0D00Y"
X-ClientProxiedBy: DB6PR07CA0165.eurprd07.prod.outlook.com (2603:10a6:6:43::19) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 383b1173-6414-441f-9731-08da39b7a4c9
X-MS-TrafficTypeDiagnostic: AM6PR0202MB3431:EE_
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-Microsoft-Antispam-PRVS: <AM6PR0202MB3431876AEB6C4E860DD7CB49A8D09@AM6PR0202MB3431.eurprd02.prod.outlook.com>
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 1PuWwl1t2LRrtRqoLRgbh6K+CGlnOdgbiREItDuF/GlCuilGIIkhEOimwzBlg7uZCdEc/63iHewj0P5eGPHGSuz4mg/l+Gr/lI6tG3RISWrIAPBNcKFO/fWZ3zWK/MWx/twbuYtj+FOCOK8WWIFE+5Vv3vabSmOp3XyVP4SkycbdVVnqhzug9oH30QDFNzxu1weSoa/O8AapZC64Zmc+IDFoEIMecVI8ZAJfcTVY+0l0yRT3QLE+dd1Iv1vJhQqgOYYTCkj6waPTe0S4Wmnc6PWpba7ym5QpaE49y7Viywz2yok00DcDgFAp7jF+Wb4ttod10xE9hPjeFK7VerDKgj/mRO5SW5Og2xSB7+I6MQB7q92PgBl766AroG0Y2sw50UNAqrhOJYPVO9CB9bErCV7vyib5le04KqVVwEeF68OcNZNVDy+Vm8cLISllef075ioSVE/8JRfU3DfF8M3rHi6eh5Flq1wiplueKPkdFMMc1Dejldrm5toKWWIMsHoxaNGyc7hGvib7OlaAQlJkCVQPhpGhnhIYYyLTiJ2SVYM15XVP+hcZ7JvWH38hgDE89OPHnBrC6phNJ3hbrtniIBknsQbyiHhqH6mA6JEKKu6UE+OELCtsFjql/FwZYKOIWQrQLoDc1y7R7DB+OTXJe3EMHWK9RsP4FzgdXW0XJrB+oktfIgntgUm7RZtoclcnF7YE2N2UDNHwbvOVAURa9GnGTLGEYoU5PeqHzQoZcMA=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(6512007)(8676002)(186003)(66476007)(66556008)(2616005)(66946007)(4326008)(38100700002)(786003)(36756003)(54906003)(31686004)(86362001)(110136005)(8936002)(235185007)(44832011)(21480400003)(45080400002)(83380400001)(6506007)(53546011)(33964004)(316002)(6486002)(5660300002)(31696002)(508600001)(2906002)(45980500001)(43740500002); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2
X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?OEFRaG9xVi94aFZFVEF4TzVTMXQ5MUQ0MkhXejVWcnc4OEVaWTlRUmppaEYr?= =?utf-8?B?THd4RmIvT3pEeDdyOTNpb3ZQTEY3LzNVZk1qV0FTRkFLRVYrd3hhKzRHMjhk?= =?utf-8?B?Q3loSHB5SUlOYkgvZXpCcytSWVM5UlMrYmdVZnBpWG03YjdHWDlGSHdEeWhx?= =?utf-8?B?R0NiUFNJSEN0QWF4TjNYYzJscXZxU3VOQ09JSkNiRnhCZml1ay8xTU5ML3B2?= =?utf-8?B?U0F4cUZWcnlTUGVjdE05UkJsdWdPeW1PajdFY3F0S0xEbkJnYjRPUndHc1lT?= =?utf-8?B?OThwUVZ5eE4yeS93b21jVXdIc05iR2ZlOU5Ja295KzBDYkNiU2Fwd3RuVFk0?= =?utf-8?B?YzBFZWJpc01ZZFpTcnhmZEZ0c09TOE1VUGJVOGlrUDlZNHJHdmZmUUdVZjkz?= =?utf-8?B?dUZ4bDd4WVowQWRCNmxlWmdXaTJyVjRtdHFhbFVHeVIvYy8vZCtWcWsvWDFM?= =?utf-8?B?WXlUWWlzSjRXNEFpNmtzRFh0d2x0cVc4MXh3UkdGU0g3c1pQRzgwQjJHc0pG?= =?utf-8?B?UWVId0VUWUc4RXphM2FHS0JMTENuM00xRmk2MjhnU3JVdGxJbTRPOFZIRUxx?= =?utf-8?B?TlI5NHE5eHFEcmpqOGlIbFFWaDVBcjh6MlRoVHhQdWw1Q3U0Q1hmRGJVNFhu?= =?utf-8?B?Snc1cEdkTkRzYVNXaXg5OWhZUjhiSUVHclorRVI5QlUxR0tqb3BvN05jcmxW?= =?utf-8?B?bFdXNGptTTY4c1YyR3RwUnl1Z1l3ZFAyQkE4a0hWTWtueGdSVjlwYWlqb0t5?= =?utf-8?B?UzFBQW1WSStTbXhnTm5vRUJQZ0NILzZpQkh5VUNWVW5rSFlCUWdkMk9DcUQ4?= =?utf-8?B?WG9odFVhdXRiaG1LY1NUVTVwVDdYVlVMaDQ3cEgrVXVwKzRVTTdncnBXRTZI?= =?utf-8?B?OG5zRnAvVyswT3MyRVZLVGNOSzgrTjZQWnp6eGpieGhHQTg1RG85dXVVZVR0?= =?utf-8?B?U2M0Vkk2TmhxS3RnTG1OVUxHZjY2ZDFkVVo5SUJPajJrSnBUZk03NmZLUUo3?= =?utf-8?B?b2poOTdwT010Ri9mdGRnNDdZTnZYdGpDOGF4REdWdGVuVnVETEJIenVzUlZa?= =?utf-8?B?VUtwQ2FuM3hlU1NJRzBEaXJ4TFE3WDZUbDVrU2F5ZkhmajlWMEp5VGFVbW9l?= =?utf-8?B?aDVsODY3KzBwV3ZTcU1QZUNTVGhNOUQxbHViNEJVQk5aYW1sNE5kdnErQllT?= =?utf-8?B?dDVyVlFiMWRDMnVTL0Y4MjBFTkovVzdoYlFDSzY0SnpXUC9yenZ6M2hJaHhT?= =?utf-8?B?UTl4amJnZEJzY1FXZHFMK0pGdy9ndjNxSzNMQTdPWUhWbzZkOTZIRkxleXlR?= =?utf-8?B?bGpTTm8vQnpKWGtLanRxREtXVGhYWXExS1BCTm9LY0hpT2lqNkQvUVVYU2Fn?= =?utf-8?B?aDJWQzh1NFZiNUNJRzZIc3g1aFV4dGE3MHFWdDY2eG9hQVZBaG1VYU1FWDlr?= =?utf-8?B?d1ZVdGE0YmlLRjFGK1JvL0laQy9yZGNVaTBXbWlrRFFyYW5KMDhkZXRGYS9l?= =?utf-8?B?b3J0NWlzeFNJcEpGdTk2OGhSZlRZSnB1a1NjMGdlMDlzSkFPalF1R1F1Qlhj?= =?utf-8?B?LzJ4TGRQR28xcFEzMGZVcVhIQ0poN2thcjFHUFd5SkZySEluQkFWTFVvTS9j?= =?utf-8?B?WUxTK0Q2VjBVTSsveTU1YXdXL0VpUlN1ZEEySmdXZTM0YjV1MjdyV1VvbUJo?= =?utf-8?B?b3NwVVlaUDJJNWpocVhPbFJkaXc0THF5a2Q0cTBBU0Z4VnZlbzlYalIyY0pD?= =?utf-8?B?Nzd1Tk00ZkpiVXNnUHl3eldXSW5iZjRGSXVDUUREdmU3cEFwSE1sMFNMWHRK?= =?utf-8?B?cnVFUGdKOFN3NW5oNFdYcjJHU0QySWxWS29yTHZIUk1mMTFBZVFyV0xQeHRY?= =?utf-8?B?QU1wVDZaNzBGVTRUQ2plS0NZTS9yOEZKdmZOemFSdzFHWVQ5UnZPNmNlOXBa?= =?utf-8?B?MmNMSkI0NnhYYTdVRFRxUTlEMHpHZVhOYVFFdnJTTjZ3ckc2QWpXSllDRW9Q?= =?utf-8?B?bG9aYndMZ3VjYlZTMlRZclBwdnh3cHBFU0srTnRqT29heUpmNE9xL3lhckcw?= =?utf-8?B?aVo1TEVRbmU3MGw5NVlCd01Menh4a2gwNDVrUzdZMlYzVVlmZVFUeFJLWGU2?= =?utf-8?B?UzY4N2RLQmxnUkNCdU9KTGlpVHFheXRCTE9USTVuOEY3WWRRUG9pbXdRQTVu?= =?utf-8?B?VEFOYm1YcnlkTEtnam5hb1NZbHROMGNFVllxQTBIK244OEN4MWp2eXhTUFl2?= =?utf-8?B?dHhVMmhVekZxYWVVVkxsUlJJT3NOYWFQYVRsby9uRGF4bFFKaEF4ekhNOE1r?= =?utf-8?B?TUlMUWpyR29wQTJ4eDBBTG5FZlFTUVhzNHFlWEJlbnpMakFSVmRjYXNjZGhi?= =?utf-8?Q?rxF90j7I9qk/o3K3Xo4LO7L0WxwNJQGVF+O7PnyW59M4O?=
X-MS-Exchange-AntiSpam-MessageData-1: HeHrmx2UaFkQ9A==
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: 383b1173-6414-441f-9731-08da39b7a4c9
X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 May 2022 16:50:13.3913 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: agHsZaVRiXbx0bc5PcRAfLBfePcyinqr7B5Zk5iUdhW2WehET/1MH17ok0iqKERh
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR0202MB3431
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/rwdnho3BzMTjBFsQSpY8hltbSDU>
Subject: Re: [ippm] Secdir early review of draft-ietf-ippm-ioam-direct-export-07
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 May 2022 16:51:08 -0000

Hiya,

On 19/05/2022 17:45, Haoyu Song wrote:
> Hi Stephen,
> 
> Thanks for the review. Both concerns are valid and the potential DOS
> attack threat and mitigation are briefly discussed in the security
> considerations section. The privacy consideration is the same as in
> draft-ietf-ippm-ioam-data, also similar to that for IPFIX and
> Netflow. I think here we need to emphasize that all the data
> collected are network operation related without user private
> information. The technology is also supposed to be applied in a
> single managed domain. We can add some discussion on the privacy
> issue in the next revision.

Good stuff. Just to note though that "without user
private information" can be very hard to ensure, e.g.
any combination of IP address and time can be enough
to cause problems sometimes, e.g. if a collection of
such records leaks later.

Cheers,
S.

> 
> Best regards, Haoyu
> 
> -----Original Message----- From: Stephen Farrell via Datatracker
> <noreply@ietf.org> Sent: Thursday, May 19, 2022 8:37 AM To:
> secdir@ietf.org Cc: draft-ietf-ippm-ioam-direct-export.all@ietf.org;
> ippm@ietf.org Subject: Secdir early review of
> draft-ietf-ippm-ioam-direct-export-07
> 
> Reviewer: Stephen Farrell Review result: Has Issues
> 
> First, apologies for the dramatically late review. I hope this is
> still useful.
> 
> I think there are two issues worth considering:
> 
> 1. The DEX scheme seems to create a potential for DoS based on
> storage whereas I think prevously only DoS vectors related to traffic
> were documented in the IAOM drafts. That's based on a quick scan
> though so I may have missed it being considered.
> 
> 2. I see no mention at all of privacy in this draft nor in
> draft-ietf-ippm-ioam-data - I don't understand why that's ok given
> that privacy leaks from the kind of metadata collected here can be
> subtle? Or maybe that's in some other draft?
> 
> 
>