RE: [SUSPECTED SPAM] Re: IPv6 first-hop risks and threats and mitigations

"Pascal Thubert (pthubert)" <pthubert@cisco.com> Fri, 18 December 2020 15:59 UTC

Return-Path: <pthubert@cisco.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D9113A094E; Fri, 18 Dec 2020 07:59:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.598
X-Spam-Level:
X-Spam-Status: No, score=-9.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=TwQeqRAV; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=Ke9owGar
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r43_0-HBJqnh; Fri, 18 Dec 2020 07:59:40 -0800 (PST)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 969AA3A0989; Fri, 18 Dec 2020 07:59:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4484; q=dns/txt; s=iport; t=1608307175; x=1609516775; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=BX7dSzHcbsBGdS2mA5CWtgCi1/57t426pr9R2fIihiY=; b=TwQeqRAVSx5pkHSKeeZsuc+kpncaNTpf2xS3m1+HgGB2y0K/IjCCcn/u 4c/GlwLp5d0AkMSbg/DECiI6Af2L9cAHB6FydpLMKekYn34qeg2Ziqc8f 8zm+nZFo9IzTvPZznvGMNMMbj0zz0xrvf+BHJSYp2YPO9tVs0iwJP+cxC s=;
IronPort-PHdr: =?us-ascii?q?9a23=3AluJVsx1/il4x8GsBsmDT+zVfbzU7u7jyIg8e44?= =?us-ascii?q?YmjLQLaKm44pD+JxWGuadiiVbIWcPQ7PcXw+bVsqW1X2sG7N7BtX0Za5VDWl?= =?us-ascii?q?cDjtlehA0vBsOJSCiZZP7nZiA3BoJOAVli+XzoPk1cGcK4bFrX8TW+6DcIEU?= =?us-ascii?q?D5Mgx4bu3+Bo/ViZGx0Oa/s53eaglFnnyze7R3eR63tg7W8MIRhNhv?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0CjDwAq0dxf/51dJa1igQmBUYFQUQd?= =?us-ascii?q?1Wy8uhD+DSAONUQOFSTiEGAGOcoJTA1QLAQEBDQEBGAsKAgQBAYFVgnUCF4F?= =?us-ascii?q?dAiU5BQ0CAwEBCwEBBQEBAQIBBgRxhWEMhXIBAQEBAwEBEBERDAEBLAsBCwQ?= =?us-ascii?q?CAQgRBAEBAQICIwMCAgIfBgsUAQgIAgQBDQUIEweDBYJVAy4BDqMBAoE8iGl?= =?us-ascii?q?2gTKDBAEBBYU8DQuCEAMGgQ4qTYIog3qGNiYbgUE/gVSCITU+ghtCAQECgV+?= =?us-ascii?q?DFTOCLIJIXQZDECE5IAoSK4EfDwKPL4JrP5NXkGBXCoJ0li+FPqI/lAiOBJM?= =?us-ascii?q?mAgQCBAUCDgEBBYFuIoFXcBU7ggFoUBcCDZIShRSFRHQCNQIGAQkBAQMJfIw?= =?us-ascii?q?WAQE?=
X-IronPort-AV: E=Sophos;i="5.78,430,1599523200"; d="scan'208";a="751994606"
Received: from rcdn-core-6.cisco.com ([173.37.93.157]) by rcdn-iport-9.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 18 Dec 2020 15:59:34 +0000
Received: from XCH-RCD-003.cisco.com (xch-rcd-003.cisco.com [173.37.102.13]) by rcdn-core-6.cisco.com (8.15.2/8.15.2) with ESMTPS id 0BIFxYdj031735 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 18 Dec 2020 15:59:34 GMT
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by XCH-RCD-003.cisco.com (173.37.102.13) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 18 Dec 2020 09:59:33 -0600
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 18 Dec 2020 10:59:33 -0500
Received: from NAM10-DM6-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Fri, 18 Dec 2020 09:59:32 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DL2jfMfIEB1MC1qjvzRZPEIBs6d1IB/8TYKL9YR867r6wCnawp2PsQucLZSxu/BSrJ8naleypjRK/CK+f68eiUIBPwASY/u5QyWBS7mUHIxgnjlZfM7j0ECYjSz6y01CM6iiEKEsH5u2x//Ic4RA1TJ3mAQQ3Hd4Qg0LrzSmUnh/i7lQ+GgAHmTjzhie4XZRs6SSwPASQ6QP3P+xODZyimsStOvuEXbFBBYxjDJVJ9EEh0khPBbhpNdfQRqzu1GHHTcwFpLvBJ4mAiz44+sT+2TSdoptZ3zQThGRYdisgJjum0XO4jlYdfwtQBhtiAtxyhrho2IBUCmU8SI4OHFpiA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BX7dSzHcbsBGdS2mA5CWtgCi1/57t426pr9R2fIihiY=; b=ROz3IC0oaVgN08SBdwYPdTwPtPMhOmM/Q/Gi7JIStfAXjzWroTs+5iyrRtFPRoX62UOZt+ZXej/xa60ekianjz7Ksfw0Ytoi96JmA8EzZKv0PJT0NJzsFAsPog6rkpmJPSNw8TBEl5URfo04BuM2E+36Rjq0Of9bX1j9BGglPT0IahBi3BJM1cxPJRF+DrVWL8caIQRsHxlCxZLr/tAHUp0tdai+InYtQbixrMs25yFFJvL01FDR9c0AfHkfA1hMGYNUfTZz/pTPUOYsfAFoNwnQD1Sp3x8jrGcPGzdJ2FEsPZPRYC/CazF1BpD5HH0bM3jmALxc72eHsfLzGFAdgQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BX7dSzHcbsBGdS2mA5CWtgCi1/57t426pr9R2fIihiY=; b=Ke9owGarSR6mcRuqiMiKVWPwjoHOYCark95KwHwANRHhi1vK8NdKV+0vSZcqGaa1/RaNTiAEBuYld//+uraFqZJ58zWXcDqViUj8uap7pk5IwOCfGfD8/yOKV2zeKjw+Mpx3YdJYZS+UWWvO5wUEcHJ2CcfA3f08aewqmtVeyB8=
Received: from CO1PR11MB4881.namprd11.prod.outlook.com (2603:10b6:303:91::20) by MWHPR11MB1408.namprd11.prod.outlook.com (2603:10b6:300:24::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3654.13; Fri, 18 Dec 2020 15:59:32 +0000
Received: from CO1PR11MB4881.namprd11.prod.outlook.com ([fe80::499:4510:59d6:8f61]) by CO1PR11MB4881.namprd11.prod.outlook.com ([fe80::499:4510:59d6:8f61%4]) with mapi id 15.20.3654.029; Fri, 18 Dec 2020 15:59:32 +0000
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: Christopher Morrow <christopher.morrow@gmail.com>, Xipengxiao <xipengxiao@huawei.com>
CC: Michael Richardson <mcr+ietf@sandelman.ca>, Nabil Benamar <benamar73@gmail.com>, 6man Chairs <6man-chairs@ietf.org>, "ipv6@ietf.org" <ipv6@ietf.org>
Subject: RE: [SUSPECTED SPAM] Re: IPv6 first-hop risks and threats and mitigations
Thread-Topic: [SUSPECTED SPAM] Re: IPv6 first-hop risks and threats and mitigations
Thread-Index: AQHWwS8AuKVVYxvJ9U2rfO9Qv9NSA6n6VCCAgAFdqICAAXROYA==
Date: Fri, 18 Dec 2020 15:59:11 +0000
Deferred-Delivery: Fri, 18 Dec 2020 15:45:34 +0000
Message-ID: <CO1PR11MB4881A14E830E7DBA92334DB2D8C30@CO1PR11MB4881.namprd11.prod.outlook.com>
References: <160603202606.8188.11893701417034577472@ietfa.amsl.com> <7B0EBC9E-4831-4005-98D9-5010CD1097F6@cisco.com> <CAMugd_UrsgmYTSg-abzuHt5ry2dxrU8gLFAQn+WkgcupGbrc5Q@mail.gmail.com> <74f40b386fc24d288412663a707517e4@huawei.com> <20462.1606091054@localhost> <c3267d8670d74df2a61e260c65981ad5@huawei.com> <CAL9jLaYzHPK10otASo8f5MS8+FcEPvPz3RRYGVkbH-M3hA4BMQ@mail.gmail.com>
In-Reply-To: <CAL9jLaYzHPK10otASo8f5MS8+FcEPvPz3RRYGVkbH-M3hA4BMQ@mail.gmail.com>
Accept-Language: fr-FR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [2a01:cb1d:4ec:2200:2830:18e7:5321:bf78]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: e1a0c10c-7253-43a1-894c-08d8a36de8c0
x-ms-traffictypediagnostic: MWHPR11MB1408:
x-microsoft-antispam-prvs: <MWHPR11MB14082ACAEEB3AB2B4FE7481ED8C30@MWHPR11MB1408.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: wZ1TSOFBzh5Qtz2ae5JFYK44IoLlulFd8sc6DoYoJjt4aop8/olOygs/0GFQfbkeo4ACSkRFvbOkAjNmFinTYhEaIp38SuK2nwCzH/SYMxz9vmoXJJvKojyJNg8Jo1eD3wGyUlh/8qKclomk6v1sCwL4Oi0UpaFztEED/1wQ/HfZeZgz5ER3FrEwufs/Ok2KfjSpAOBnWzxufmt5HN9hcWKUVzIuJjZ6JkeOO4ZSF00l6ZHC8aIwKUD84EwRYX5Zf4vM6r9TsqVAav+CUkgO8hWWo6ACZLgAja6naFzOGhLIimTX7ffeTJyMKnlp6ZgpeMcRT35T9LEmjMnWgmKwy901rDTce6E807RkWSeMzh58Dqj32mZf6rsc6mejqctEebyhYpfUI+MLwew8pZtblA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO1PR11MB4881.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(396003)(136003)(39860400002)(376002)(366004)(346002)(83380400001)(316002)(478600001)(52536014)(76116006)(110136005)(53546011)(2906002)(55016002)(4326008)(8936002)(7696005)(6506007)(54906003)(9686003)(33656002)(66476007)(66446008)(64756008)(966005)(6666004)(5660300002)(66946007)(71200400001)(86362001)(66556008)(8676002)(186003); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: =?utf-8?B?bzZsVVBDVTJvYWF6VmF4R1lzdkRhcktWWUdPSXBVNEdWSWhVbjd3cHJveGpH?= =?utf-8?B?VFByck9nL3p0Y2xuVlFkd1BCMVFZV0NnZWVZVjFOdHorZy9IQ0RVb0E1TzZS?= =?utf-8?B?ODhxWFZNRjZweVF6TnE4UlltL09rdFppNEdCN2RXUjV2KzZjNkMyVmVJOE1t?= =?utf-8?B?Z3JzOUFxZVY0Sm4vUzMzYS95d2tieDROTitKanllRFpPdUc3VWJWSFovZEJ3?= =?utf-8?B?OWxPVitUM3g2NTlPYXBkdnRWcXc1aEZ1OVB2T2lxSENtVVM4cHk4cXRaSWhC?= =?utf-8?B?OTNKMFpheTkvMlFBcXdVeWxGMjlRWWYrL1BlWXBQMUxPYWVqYkJQdW5WV1ZX?= =?utf-8?B?SU10Visxd0YwbVQ3eE1TSkc3d3ByVGRFUDF3UDJJSjdBcWpYK2MrdG1nL2Fp?= =?utf-8?B?UFRveWlGeFdpSWZVWm5VTE5nTVN1TUd3czNTMEtHaHBTREJHVnRsVFVod2hj?= =?utf-8?B?Mi9IMnBBVUt4S0xqQUlyOFhLR1lzejZVdHlBSmtkVGY0UkNOcThsTzlkVEo2?= =?utf-8?B?TFlmTDJnaGpSektpemlMSmdzRGdkQXZoSGlUVzRyN3dIaEZtWkpVM1dLRWMy?= =?utf-8?B?eUE3TW4wemQxanBOOHNEZUEwdFNWaXVJM1pvTlJnQllaVTVzSlJBcXplQ0c3?= =?utf-8?B?eGprMVQ4cHErTWw2dVZvNzgxMHduNGxBWDhmbW5PbysvdDJrTXFqZUl1dSt1?= =?utf-8?B?elB6UUVDdFlXdDFyVkpqcXJyUm02c2FickgxT1lNN0U0djlLVWtvSFpFK0dq?= =?utf-8?B?VENlSjc4K0VSMGkyNGFZS2ZaTHdsQ0dmMmdpNDZjV0tGenBNVnRZYnRQazcw?= =?utf-8?B?a1AydmVTTml2ZnB6UnlzS1oxeEp2bjhIdklaeHM2Si9tZU9DNVlvM000Tk1q?= =?utf-8?B?UWlyTVp5OHlOWnpTSWJOcFNIN05zODFUeEkyeXNldHlQWVMzcHUvNGg4RlMr?= =?utf-8?B?YVN3R1pxUGJPb0x4YnU4emxUYzJseWR1dGMrdEpKMUU1cEhESWV6bFhLQmJF?= =?utf-8?B?K0lIZzY3cE95MEVvcmg3ZXZWcXN0dCs4SVVIZ1lveTJYUHJPMncyTHpiL2VK?= =?utf-8?B?UDVmbHBVQXBlN0h3YkJueDN6dFo1UjFxb3J0bDI1NEptWFNuemFwYXo2Tmlt?= =?utf-8?B?cExXVkVWdHVxOTlNUGpXR3VnbGVpWXJVdzhhSUp5QUZQRlVDQmRUY210RW1r?= =?utf-8?B?dVVnSTc3V0h3ZmZKNzlvWUVqYW5FcnZVb2pZaGY5SU01UStnL2N4RjFJdHUx?= =?utf-8?B?YmR4aGk0Zy9uU05Ma1dNaXphTVBwVGtBZUtWa082Rm5QRFVIa2NRR2o1VzdT?= =?utf-8?B?eW5IemhTYk5QdWRpaVJmZVQwempEQnlBQ29ibnU5d0FoZ1ZWczNkOXNTY21I?= =?utf-8?B?UVAyMUJnMFZMRVN3SGtkWEtRQjBzTTBCdXZ0Sk9FVVhsSytLK3VmLytjQXdR?= =?utf-8?Q?srXFSs0r?=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CO1PR11MB4881.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e1a0c10c-7253-43a1-894c-08d8a36de8c0
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Dec 2020 15:59:32.3704 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ZIYm+sel8HhxL4kDr/9RZ2GqKgMMEJSjtfTbAe+q2g6u7/kuYu2C09s9+4YroI5jrZOrlRiA6dEzoxJh8m08KQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR11MB1408
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.13, xch-rcd-003.cisco.com
X-Outbound-Node: rcdn-core-6.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/BpFIWD7jiCbpQFvfI2bPmVpYquw>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Dec 2020 15:59:44 -0000

You got me confused Christopher. 

Both Jen and Fernando are quite prolific, and I see many point solutions, but I do not see a problem statement such as the one Xipeng is proposing. Would you have a pointer to the doc(s) you have in mind.

With a larger view, one may derive a different set of solutions that may be more work but still worthwhile with respect to the amount of issues that this could solve.

Enjoy the break!

pascal

> -----Original Message-----
> From: Christopher Morrow <christopher.morrow@gmail.com>
> Sent: jeudi 17 décembre 2020 18:29
> To: Xipengxiao <xipengxiao@huawei.com>
> Cc: Michael Richardson <mcr+ietf@sandelman.ca>ca>; Nabil Benamar
> <benamar73@gmail.com>om>; Pascal Thubert (pthubert) <pthubert@cisco.com>om>;
> 6man Chairs <6man-chairs@ietf.org>rg>; ipv6@ietf.org
> Subject: [SUSPECTED SPAM] Re: IPv6 first-hop risks and threats and
> mitigations
> 
> I thought this was work Fernando Gont / Jen Linkova already undertook... or
> had already taking some large steps to cover at any rate.
> Were their docs not helpful here?
> 
> On Wed, Dec 16, 2020 at 3:37 PM Xipengxiao <xipengxiao@huawei.com>
> wrote:
> >
> > Hi Michael,
> >
> >
> >
> > >> So, the idea being to write down the issues, give the attacks names, and
> then clarify what defenses we have already and how well they work?
> >
> >
> >
> > Yes.  Are you interested in working on this together?  Happy holidays!
> >
> >
> >
> > XiPeng
> >
> >
> >
> > -----Original Message-----
> > From: Michael Richardson [mailto:mcr+ietf@sandelman.ca]
> > Sent: Monday, November 23, 2020 1:24 AM
> > To: Xipengxiao <xipengxiao@huawei.com>om>; Nabil Benamar
> > <benamar73@gmail.com>om>; Pascal Thubert (pthubert)
> > <pthubert=40cisco.com@dmarc.ietf.org>rg>; 6man Chairs
> > <6man-chairs@ietf.org>rg>; ipv6@ietf.org
> > Subject: IPv6 first-hop risks and threats and mitigations
> >
> >
> >
> >
> >
> > Xipengxiao <xipengxiao@huawei.com> wrote:
> >
> >     > I also think that it’s a good piece of work, and shouldn’t be given up.
> >
> >
> >
> >     > I would also like to take this opportunity to propose that the
> > WG start
> >
> >     > a “problem statement of IPv6 first-hop protocols” draft.  The
> > rationale
> >
> >     > is: many IPv6 first-hop protocols like ND, SLAAC were designed
> > long
> >
> >     > time ago; many things have changed over the years, e.g. the
> > advent of
> >
> >     > wireless, mobility, IoT, overlays;  lately there are multiple
> > drafts
> >
> >     > trying to fix various issues in a number of IPv6 first-hop
> > protocols,
> >
> >     > including:
> >
> >
> >
> > So, the idea being to write down the issues, give the attacks names, and
> then clarify what defenses we have already and how well they work?
> >
> >
> >
> > --
> >
> > Michael Richardson <mcr+IETF@sandelman.ca>   . o O ( IPv6 IøT consulting )
> >
> >            Sandelman Software Works Inc, Ottawa and Worldwide
> >
> > --------------------------------------------------------------------
> > IETF IPv6 working group mailing list
> > ipv6@ietf.org
> > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> > --------------------------------------------------------------------