Re: [ipwave] Roman Danyliw's Discuss on draft-ietf-ipwave-ipv6-over-80211ocb-49: (with DISCUSS and COMMENT)
Roman Danyliw <rdd@cert.org> Fri, 12 July 2019 01:51 UTC
Return-Path: <rdd@cert.org>
X-Original-To: its@ietfa.amsl.com
Delivered-To: its@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EA8A2120046; Thu, 11 Jul 2019 18:51:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[AC_DIV_BONANZA=0.001, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m7quPLXQ9Cq4; Thu, 11 Jul 2019 18:50:57 -0700 (PDT)
Received: from veto.sei.cmu.edu (veto.sei.cmu.edu [147.72.252.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7DED8120020; Thu, 11 Jul 2019 18:50:57 -0700 (PDT)
Received: from korb.sei.cmu.edu (korb.sei.cmu.edu [10.64.21.30]) by veto.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id x6C1ot3s022587; Thu, 11 Jul 2019 21:50:55 -0400
DKIM-Filter: OpenDKIM Filter v2.11.0 veto.sei.cmu.edu x6C1ot3s022587
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=yc2bmwvrj62m; t=1562896255; bh=Br4oJQ0I4V1Ejg3/NwsU0csppO09NZyzUCAjUdQE9aw=; h=From:To:CC:Subject:Date:References:In-Reply-To:From; b=Pi4+amEz2K9IP0n+CnDhA1Q4DSmg8Cd4o/lzeKgWSpIxjORuV3SDzANIGRwvr113g Q8qRtCa+Dng7RKEqvN8WHvtCxMP9Oi9ZqC5vMgfeojZmRvQTPevPFb/wrHjUOR3c1j lG+4hqlgwqIJROGUpnJPXL8535zqnLRrsW2TyQ+k=
Received: from CASSINA.ad.sei.cmu.edu (cassina.ad.sei.cmu.edu [10.64.28.249]) by korb.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id x6C1oq3T022214; Thu, 11 Jul 2019 21:50:52 -0400
Received: from MARCHAND.ad.sei.cmu.edu ([10.64.28.251]) by CASSINA.ad.sei.cmu.edu ([10.64.28.249]) with mapi id 14.03.0439.000; Thu, 11 Jul 2019 21:50:51 -0400
From: Roman Danyliw <rdd@cert.org>
To: Nabil Benamar <n.benamar@est.umi.ac.ma>
CC: The IESG <iesg@ietf.org>, "draft-ietf-ipwave-ipv6-over-80211ocb@ietf.org" <draft-ietf-ipwave-ipv6-over-80211ocb@ietf.org>, Carlos Bernardos <cjbc@it.uc3m.es>, "ipwave-chairs@ietf.org" <ipwave-chairs@ietf.org>, "its@ietf.org" <its@ietf.org>
Thread-Topic: Roman Danyliw's Discuss on draft-ietf-ipwave-ipv6-over-80211ocb-49: (with DISCUSS and COMMENT)
Thread-Index: AQHVNpF/33hAh0jHH02D3kgWd/IptqbD/WyAgAItfLA=
Date: Fri, 12 Jul 2019 01:50:50 +0000
Message-ID: <359EC4B99E040048A7131E0F4E113AFC01B33CE293@marchand>
References: <156270262382.15819.8454309099280995022.idtracker@ietfa.amsl.com> <CAD8vqFdf7yTAVFeiz7t4qazhcrYjDcMOPPbvfwQy2xcA9GjQ2A@mail.gmail.com>
In-Reply-To: <CAD8vqFdf7yTAVFeiz7t4qazhcrYjDcMOPPbvfwQy2xcA9GjQ2A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.64.22.6]
Content-Type: multipart/alternative; boundary="_000_359EC4B99E040048A7131E0F4E113AFC01B33CE293marchand_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/its/LlQoVXXMqs2h5tGP_0fMBwO_N6Q>
Subject: Re: [ipwave] Roman Danyliw's Discuss on draft-ietf-ipwave-ipv6-over-80211ocb-49: (with DISCUSS and COMMENT)
X-BeenThere: its@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IPWAVE - IP Wireless Access in Vehicular Environments WG at IETF <its.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/its>, <mailto:its-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/its/>
List-Post: <mailto:its@ietf.org>
List-Help: <mailto:its-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/its>, <mailto:its-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Jul 2019 01:51:01 -0000
From: Nabil Benamar [mailto:n.benamar@est.umi.ac.ma] Sent: Wednesday, July 10, 2019 7:37 AM To: Roman Danyliw <rdd@cert.org> Cc: The IESG <iesg@ietf.org>; draft-ietf-ipwave-ipv6-over-80211ocb@ietf.org; Carlos Bernardos <cjbc@it.uc3m.es>; ipwave-chairs@ietf.org; its@ietf.org Subject: Re: Roman Danyliw's Discuss on draft-ietf-ipwave-ipv6-over-80211ocb-49: (with DISCUSS and COMMENT) Hi Roman, Thank you for your detailed review. Let me start with the 'DISCUSS' comments. Please see my answers below. On Tue, Jul 9, 2019 at 9:03 PM Roman Danyliw via Datatracker <noreply@ietf.org<mailto:noreply@ietf.org>> wrote: Roman Danyliw has entered the following ballot position for draft-ietf-ipwave-ipv6-over-80211ocb-49: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-ipwave-ipv6-over-80211ocb/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- A few items per the text in the Security Considerations (Section 5): (1) Section 5. Per “A previous work at SAVI WG identifies some threats [RFC6959], while SeND presented in [RFC3971] and [RFC3972] is a solution against address theft but it is complex and not deployed.”, a few questions: ** What specific threats from RFC6959 are of concern? Which mitigations for them are being proposed? Since there is no Layer 2 security in OCB, anyone can join the same subnet and impersonate any only else, to source traffic and get the traffic back. [Roman] In this case, perhaps something more precise could be said: OLD: The potential attack vectors are: MAC address spoofing, IP address and session hijacking, and privacy violation Section 5.1. A previous work at SAVI WG identifies some threats [RFC6959], while SeND presented in [RFC3971] and [RFC3972] is a solution against address theft but it is complex and not deployed. NEW: When using OCB, no layer 2 security is provided. Therefore, any node can join a subnet, directly communicate with any nodes on the subset to include potentially impersonating another node. This design allows for a number of threats outlined in Section 3 of [RFC6959]. While not widely deployed, SeND [RFC3971] [RFC3972] is a solution that can address <insert qualifying statements on which subset of the threats in Section 3>” END There is no mitigation in this specification because it is limited to RFC 4861 and 4862 and SeND is not available in the current stacks. ** Why mention SeND if it is “complex and not deployed”? This was informational because it may be the only pertinent remediation. (2) Section 5. Per “More IETF protocols are available in the toolbox of the IP security protocol designer. Some ETSI protocols related to security protocols in ITS are described in [ETSI-sec-archi].”: ** Are there specific protocols to mention here? Would they be different/OCB-specific than what was already noted in the beginning of the section -- “Any security mechanism as the IP layer or above that may be carried out …”? ** What specific ETSI protocols are being recommended from [ETSI-sec-archi]? This sentence is just informational. I propose to remove the whole sentence. [Roman] That works for me. (3) Section 5.2. Per “An Interface ID SHOULD be of length specified in other documents”, what other documents? I'm afraid no other documents as mentioned by Alex in its reply. To be removed. [Roman] Removing the text works for me. Thanks, Roman (4) Section 5.3 I’m having trouble following this section – is this a discussion of a threat or mitigation? The references to Section 4.4 and 5.0 didn’t clarity this for me. ** What is meant by the drivers’ identity in this case? What is the pseudonym scheme is being used to protect it or what requirements are being set for it? ** What are the specific challenges of concern around pseudo-anonymization approaches to which an allusion is made? ** Who is the trusted third parted needed? ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- (5) Section 1. Per “The resulting stack inherits from IPv6 over Ethernet [RFC2462], but operates over …”, what exactly is being inherited? What does “inherited” mean in this case? (6) Section 4.3. Per “Among these types of addresses only the IPv6 link-local addresses can be formed using an EUI-64 identifier, in particular during transition time”, the meaning of the “in particular during transition time isn’t clear to me. (7) Section 5. Per “The OCB operation is stripped off of …”, is this sentence saying that OCB operations doesn’t use 802.11 link layer security mechanisms, or does the OCB operation actively remove (i.e., strips) 802.11 link layer security mechanisms? I’m getting caught up in the use of “stripped off”. (8) Section 5, Per “Any attacker can therefore just sit in the near range of vehicles ... and performs attacks without needing to physically break any wall”, I’d recommend revising this sentence to reflect that it isn’t just vehicles and that active attacks are possible: NEW: Therefore, an attacker can sniff or inject traffic while within range of a vehicle or IP-RSU (by setting an interface card’s frequency to the proper range). (9) Section 5. What is “protected 802.11” mentioned in “Such a link is less protected …”? (10) Section 5.2. SHA256 needs a reference. (11) Editorial Nits ** Table of Contents. There is odd spacing in the title of Appendix C ** Section 1. Typo. s/Appendicies/Appendices/ ** Section 1. Typo. s/Concretly/Concretely/ ** Section 1. Editorial. s/[RFC1042], [RFC2464] ./[RFC1042 and [RFC2464]./ ** Multiple sections. Editorial, to make an RFC citation a reference. s/RFC2464/[RFC2464]/ and s/RFC 7217/[RFC7217]/ ** Section 4.5. Typo. s/.A A future/. A future/ ** Section 4.6. Typo. s/links; The/links. The/ ** Section 5.1. Typo. s/Futhermore/Furthermore/ ** Section 5.1. Typo. s/pricavy/privacy/ ** Section 5.2. Typo. s/admninistered/ administered/ ** Appendix B. s/Ammendment/Amendment/ ** Appendix H. Duplicate word. s/section Section 2/Section 2/ ** Appendix I. Typo. s/specificed/specified/ ** Appendix I. Typo. s/Moreoever/Moreover/ -- Best Regards Nabil Benamar Associate Professor Department of Computer Sciences School of Technology Moulay Ismail University Meknes. Morocco
- [ipwave] Roman Danyliw's Discuss on draft-ietf-ip… Roman Danyliw via Datatracker
- Re: [ipwave] Roman Danyliw's Discuss on draft-iet… Alexandre Petrescu
- Re: [ipwave] Roman Danyliw's Discuss on draft-iet… Nabil Benamar
- Re: [ipwave] Roman Danyliw's Discuss on draft-iet… Alexandre Petrescu
- Re: [ipwave] Roman Danyliw's Discuss on draft-iet… Nabil Benamar
- Re: [ipwave] Roman Danyliw's Discuss on draft-iet… Roman Danyliw
- Re: [ipwave] Roman Danyliw's Discuss on draft-iet… Nabil Benamar
- Re: [ipwave] Roman Danyliw's Discuss on draft-iet… Roman Danyliw
- Re: [ipwave] Roman Danyliw's Discuss on draft-iet… Alexandre Petrescu