IETF Logo Mail Archive

Re: WG Last Call for for draft-ietf-6man-rfc6874bis

David Farmer <farmer@umn.edu> Sat, 18 June 2022 11:27 UTC

Return-Path: <farmer@umn.edu>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C9603C15BE7E for <ipv6@ietfa.amsl.com>; Sat, 18 Jun 2022 04:27:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.109
X-Spam-Level:
X-Spam-Status: No, score=-2.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=umn.edu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zfWGE86E7-Cc for <ipv6@ietfa.amsl.com>; Sat, 18 Jun 2022 04:27:34 -0700 (PDT)
Received: from mta-p8.oit.umn.edu (mta-p8.oit.umn.edu [134.84.196.208]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B8D56C15AAE7 for <ipv6@ietf.org>; Sat, 18 Jun 2022 04:27:33 -0700 (PDT)
Received: from localhost (unknown [127.0.0.1]) by mta-p8.oit.umn.edu (Postfix) with ESMTP id 4LQDCn2v7hz9vBsQ for <ipv6@ietf.org>; Sat, 18 Jun 2022 11:27:33 +0000 (UTC)
X-Virus-Scanned: amavisd-new at umn.edu
Received: from mta-p8.oit.umn.edu ([127.0.0.1]) by localhost (mta-p8.oit.umn.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Wf7RrByuPymi for <ipv6@ietf.org>; Sat, 18 Jun 2022 06:27:33 -0500 (CDT)
Received: from mail-ed1-f69.google.com (mail-ed1-f69.google.com [209.85.208.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mta-p8.oit.umn.edu (Postfix) with ESMTPS id 4LQDCm6CF5z9vBrj for <ipv6@ietf.org>; Sat, 18 Jun 2022 06:27:31 -0500 (CDT)
DMARC-Filter: OpenDMARC Filter v1.3.2 mta-p8.oit.umn.edu 4LQDCm6CF5z9vBrj
DKIM-Filter: OpenDKIM Filter v2.11.0 mta-p8.oit.umn.edu 4LQDCm6CF5z9vBrj
Received: by mail-ed1-f69.google.com with SMTP id y13-20020a056402358d00b0042dfb820070so5117772edc.6 for <ipv6@ietf.org>; Sat, 18 Jun 2022 04:27:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umn.edu; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=w2aVZa4hOXEa351OmB+Jnjni7d/+A8jyNno+YOS/etk=; b=E+M8I1s1Vp6jmguSclBxPwGbnxeQyCgYGmzys8UnczryTIozJ41EXJDzGec2dcOLmv lUCS4IXmnGCNVIyimc3NCiGCBec9jGikqiDkd91nF0yMnp2oXNgMPgdvPkldSRsFgvdg YK6CAynFbf9CE474aI/NyE68D2KTYHZ6ZuZ8b/HTVEmweEqfecxlwxNJmmf3yUUJjYmr McD0e4Uc7qk5aXvtF7/K8Vur6j2j/NpCM056v4mIVpaW0xvD3ExZZoDu6P2SRv8qP0Sa l6hnP63xGQJG13wmm5NnwkivqZY1rxECQB75GcLInL/P0FkBGwuRVQVv1uydmnxomdjx 7Azw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=w2aVZa4hOXEa351OmB+Jnjni7d/+A8jyNno+YOS/etk=; b=k+EI1hLp1fD8rqpJSXc4in2dP1RYAAR0OWV6rBvcBAeS6EqMV+703Te5ZZYlz/x5FW ptn+c3UgsTxP12S3xAyBbp7c/Jt6S4LXXBQosS7ZW4A8sdzf/SFOhovF22z6WSsBmpnf NPISNvkLZTZ6bu29ucwPdVAu6czMHc/LAscdox5sxq40OKnM+mHFVLEokQlqMcLYUFzG JUGRrrF587fsk11DZt19bHnmbWMpwp6o7H7T7EJ77nPi1xq/+OCftCeac1978bHQ1qRA HgdM7+AA45l3udWZQGneIoeU3xn3AbB94scimGW0nbGteY0HquH/8h51er87iP2ZVeqz OwuQ==
X-Gm-Message-State: AJIora+mFj9QN9pVS26WdS4QoUgw+QYp0xaVF06cBJKLdngvkEi1YZUq vX/X8N3m1A+56bIfD9h0MvWEz3RWqXrpWiDzPvfWLwSUPjOsoweljtoa4Pknzuc5jPCf5cvp66k 5oaMg8q4hbn7fMy7CUaGW+Z1J
X-Received: by 2002:a05:6402:388c:b0:435:548c:177e with SMTP id fd12-20020a056402388c00b00435548c177emr13254610edb.231.1655551649398; Sat, 18 Jun 2022 04:27:29 -0700 (PDT)
X-Google-Smtp-Source: AGRyM1vrnN4PDOvJ6fGtuYp8tcu7JMte7Exh0bkoyk8Hhxv2oIRBfCsg7lvgQOb0tbUhNv+KkhXbltAcbQIR8ClBiDg=
X-Received: by 2002:a05:6402:388c:b0:435:548c:177e with SMTP id fd12-20020a056402388c00b00435548c177emr13254589edb.231.1655551649066; Sat, 18 Jun 2022 04:27:29 -0700 (PDT)
MIME-Version: 1.0
References: <CAFU7BAQVr_UMK_v7O7DGTV363j7q25X9GwrgraTEypzq_Lz3gQ@mail.gmail.com> <CAPt1N1m+g8Yu9rPyvfvrxG_bST_9_z3siByOCsMmeTpWAfAiZA@mail.gmail.com> <223eeed3-40f0-1958-5df4-a6b310a29706@gmail.com> <CAN-Dau14A+GANWRBwHH=+NTkcdaOTfrNN3wcfzo_iiWwo4LzLQ@mail.gmail.com> <CAPt1N1mt=ykhOcb8bXBw4antBBdprhVMNa2iHMBJ3GsR-VX5tg@mail.gmail.com>
In-Reply-To: <CAPt1N1mt=ykhOcb8bXBw4antBBdprhVMNa2iHMBJ3GsR-VX5tg@mail.gmail.com>
From: David Farmer <farmer@umn.edu>
Date: Sat, 18 Jun 2022 06:27:17 -0500
Message-ID: <CAN-Dau2LaLAu-phD0daBO=+KizdENLka1FTO2Nr-Yr5FHtOnFA@mail.gmail.com>
Subject: Re: WG Last Call for for draft-ietf-6man-rfc6874bis
To: Ted Lemon <mellon@fugue.com>
Cc: 6man <ipv6@ietf.org>, Brian E Carpenter <brian.e.carpenter@gmail.com>
Content-Type: multipart/alternative; boundary="000000000000f34c8605e1b727bf"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/yFtIhJ6BOZiOuhE2-inTrwx0eDA>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Jun 2022 11:27:38 -0000

Not mandating anything, suggesting how they will me useful. Your suggesting
a cut and paste, from what? A PCAP,

On Sat, Jun 18, 2022 at 05:20 Ted Lemon <mellon@fugue.com> wrote:

> It sounds like you’re reinventing dns-sd + mDNS. I think the usual use
> case for IPv6 address literals is that you cut and paste them from the
> terminal. I don’t think we need to mandate LLAs printed on the box.
>
> On Fri, Jun 17, 2022 at 23:51 David Farmer <farmer@umn.edu> wrote:
>
>>
>>
>> On Thu, Jun 16, 2022 at 9:55 PM Brian E Carpenter <
>> brian.e.carpenter@gmail.com> wrote:
>>
>>> On 17-Jun-22 01:36, Ted Lemon wrote:
>>> >
>>> > In the security considerations section, I think if the syntax were
>>> only allowed in the case of input into the browser's dialog box, then most
>>> of the possible attacks would go away. If there is no anticipated use case
>>> other than manual input (perhaps a scripted input would also count) then
>>> unless the script would be allowed to open the URI but not otherwise probe
>>> IPv6 address literals, it's hard to see what additional vulnerability this
>>> would create.
>>>
>>> I still have to review Phillip Tiesel's comment carefully, but if there
>>> is a real exploit, I'm pretty sure it would have to be Javascript, trying
>>> to find other devices on the LAN. I'm not sure why that would be more
>>> interesting than trying to find other devices with routeable IPv6 addresses
>>> in the same prefix, which is feasible today (and the reason why we
>>> recommend pseudo-random interface IDs). And at least on a Windows target,
>>> you don't need a Zone ID, so you could do it today. But the search space is
>>> still 2^64 in all cases. That's our primary defence against such attacks.
>>>
>>> I can, however, see use cases where embedding such a URL in a web page
>>> would actually be useful to a service technician, so I'm fairly sure that
>>> saying "don't do this" won't work.
>>
>>
>> This got me thinking a bit;
>>
>> Maybe a short discussion, probably in an appendix, of LLA
>> assignment strategies that are operationally useful for devices that
>> intended support or require the use of manually entered Link-Local IPv6
>> literals would be helpful and warranted.
>>
>> If you are going to manually enter a Link-Local IPv6 Literal into a
>> browser the LLA, it would be very helpful for the LLA to either be known or
>> discoverable by non-technical means, like being printed on the device's
>> label or made available through a device's user interface, for example,
>> printed on a printers test page, displayed on a video screen the device is
>> attached to, etc...
>>
>> A naive device manufacturer, especially for a device with no user
>> interface, could be tempted to use an LLA like fe80::1, which would be
>> similar to the common IPv4 addresses used to bootstrap devices like
>> 192.168.1.1 or 10.0.0.1. However, this is obviously a bad idea, because of
>> the high probability of address collision and the trivially easy
>> susceptibility to the types of attacks being discussed in this thread, but
>> I think this is worth pointing out just how bad of an idea it is.
>>
>> Nevertheless, temporary or otherwise changing LLAs, perhaps generated on
>> a per attachment basis, create a different problem, for devices that have
>> no user interface, requiring a technical means to discover the LLA, in
>> order to manually enter it. While for highly technical users, this would
>> not be a problem. However, if this is intended to be useful to more general
>> users, then requiring a technical means to discover the LLA would greatly
>> limit the useability of Link-Local IPv6 Literals. While this could be a
>> desirable feature, however, in that case, I suspect this entire endeavor is
>> doomed to failure, as in order to get browsers to implement this feature it
>> probably needs to be of some level of general usability for them to bother
>> to implement the feature.
>>
>> So, from a usability perspective, and even though not recommended in most
>> cases, a EUI-64 based LLA could be a good choice for devices with no user
>> interface, as many, if not most, devices already have their MAC addresses
>> printed on their label for a whole host of other reasons, making the LLA
>> easily discovered by non-technical means. However, if a EUI-64 based LLA is
>> provided, it probably should be limited to LLA HTTP(S) access and not for
>> sourcing more automated Link-Local tasks, such as Neighbor Discovery
>> [RFC4861].
>>
>> That being said, EUI-64 based LLAs are still a bad idea for
>> general-purpose devices or any device with even a minimal user interface
>> capability, especially mobile devices.
>>
>> Another option could be a pseudo-random LLA generated at device
>> manufacture, and also printed on the label, in addition to the MAC address.
>>
>> Finally, while most of the above are fairly obvious to members of the
>> 6MAN and v6OPS working groups. However, they are probably not obvious to
>> most IoT device implementers. Furthermore, helping IoT device implementers
>> make good LLA assignment choices should help strengthen the case for
>> browsers to support this feature.
>>
>> Thanks
>>
>
>> --
>> ===============================================
>> David Farmer               Email:farmer@umn.edu
>> Networking & Telecommunication Services
>> Office of Information Technology
>> University of Minnesota
>> 2218 University Ave SE
>> <https://www.google.com/maps/search/2218+University+Ave+SE?entry=gmail&source=g>
>>       Phone: 612-626-0815
>> Minneapolis, MN 55414-3029   Cell: 612-812-9952
>> ===============================================
>>
> --
===============================================
David Farmer               Email:farmer@umn.edu
Networking & Telecommunication Services
Office of Information Technology
University of Minnesota
2218 University Ave SE        Phone: 612-626-0815
Minneapolis, MN 55414-3029   Cell: 612-812-9952
===============================================

v2.23.0 | Report a Bug | By Email