[Isis-wg] Kathleen Moriarty's Discuss on draft-ietf-isis-l2bundles-05: (with DISCUSS)

Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com> Wed, 24 May 2017 15:49 UTC

Return-Path: <Kathleen.Moriarty.ietf@gmail.com>
X-Original-To: isis-wg@ietf.org
Delivered-To: isis-wg@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 84B2E129B84; Wed, 24 May 2017 08:49:15 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>
To: "The IESG" <iesg@ietf.org>
Cc: draft-ietf-isis-l2bundles@ietf.org, isis-chairs@ietf.org, hannes@gredler.at, isis-wg@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.51.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <149564095549.28549.3563573514142018683.idtracker@ietfa.amsl.com>
Date: Wed, 24 May 2017 08:49:15 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/isis-wg/x38C5ZXaL4bEV-aJZPjGhHM_YUM>
Subject: [Isis-wg] Kathleen Moriarty's Discuss on draft-ietf-isis-l2bundles-05: (with DISCUSS)
X-BeenThere: isis-wg@ietf.org
X-Mailman-Version: 2.1.22
List-Id: IETF IS-IS working group <isis-wg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/isis-wg/>
List-Post: <mailto:isis-wg@ietf.org>
List-Help: <mailto:isis-wg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 May 2017 15:49:20 -0000

Kathleen Moriarty has entered the following ballot position for
draft-ietf-isis-l2bundles-05: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)

Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.

The document, along with other ballot positions, can be found here:


I agree that there needs to be security considerations and have the
following suggestions to help fill in that section. I think I caught the
added considerations, but please expand on it if I've missed something.

The draft seems to enable methods to gather information on connected
links and the available bandwidth. That should be mentioned as a
vulnerability, exposing path information (connections/links and
bandwidth).  This is a consideration in other IS-IS RFCs and is specific
to the TLVS and subTLVs of this draft as well as far as I can tell, but
please correct me if I am missing something. 

The use of the Sub-TLV identifiers provide path information that should
be a security consideration in the write up:
   o  IPv4 Interface Address (sub-TLV 6 defined in [RFC5305])

   o  IPv6 Interface Address (sub-TLV 12 defined in [RFC6119])

   o  Link Local/Remote Identifiers (sub-TLV 4 defined in [RFC5307])

Within a single operator environment, the concerns are mitigated, but not
eliminated since it does not appear that encryption is used.

The following text from RFC7917 seems like a useful addition to these
security considerations along with an explanation of what is possibly
exposed with this draft (above):
   Security concerns for IS-IS are already addressed in [ISO10589],
   [RFC5304], and [RFC5310] and are applicable to the mechanisms
   described in this document.  Extended authentication mechanisms
   described in [RFC5304] or [RFC5310] SHOULD be used in deployments
   where attackers have access to the physical networks, because nodes
   included in the IS-IS domain are vulnerable.