Re: [lisp] Restarting last call on LISP threats

Dino Farinacci <farinacci@gmail.com> Tue, 10 June 2014 17:04 UTC

Return-Path: <farinacci@gmail.com>
X-Original-To: lisp@ietfa.amsl.com
Delivered-To: lisp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C208A1A022F for <lisp@ietfa.amsl.com>; Tue, 10 Jun 2014 10:04:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FSJdF4XtTjG3 for <lisp@ietfa.amsl.com>; Tue, 10 Jun 2014 10:04:00 -0700 (PDT)
Received: from mail-pb0-x22a.google.com (mail-pb0-x22a.google.com [IPv6:2607:f8b0:400e:c01::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 55D4A1A0040 for <lisp@ietf.org>; Tue, 10 Jun 2014 10:04:00 -0700 (PDT)
Received: by mail-pb0-f42.google.com with SMTP id md12so6483430pbc.1 for <lisp@ietf.org>; Tue, 10 Jun 2014 10:04:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=BVhQNDQvYHA3TJ15CpFR/SaVlkl3IbINzb/R0huvRDc=; b=Mpc6N+Fd3YTtUuvlvTORMopZrctKIdJjBreG/+WmPXpU7F9PeCAxf2m3DNzRJArvHI k+RFZsh+ETINa/lcc1BYRk1qIwjWIJXTY4oAZqvFeSzOajZoQuulaWouGd5rEyCHwoQk cJWDLATjriFpMgmgo3oIjun7M0c2zb8xQhGjKwovXiWWqC74CJrDpc5zJiAVZXZFDm9K Ut9n76na2m6OYV5E13rDvN6etd7abmrtybNT2bNINLV88rnhNrMaC1joOxaO6yg3Shl+ VZpVOLg7DnY7OOvWyVyFz33rFJy93h4Xn2sSffdDcTnUB8/bqUBCdm7jWCI87vo88NqO +ROw==
X-Received: by 10.67.12.171 with SMTP id er11mr6805414pad.132.1402419840084; Tue, 10 Jun 2014 10:04:00 -0700 (PDT)
Received: from [192.168.1.174] ([207.145.253.66]) by mx.google.com with ESMTPSA id gw8sm70481685pbc.28.2014.06.10.10.03.52 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 10 Jun 2014 10:03:59 -0700 (PDT)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.2\))
From: Dino Farinacci <farinacci@gmail.com>
In-Reply-To: <d690563db20d4fca945b810a14f37090@CO1PR05MB442.namprd05.prod.outlook.com>
Date: Tue, 10 Jun 2014 10:03:51 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <B3A9D234-A6A2-45DC-B8FA-623B3A86DCE8@gmail.com>
References: <d690563db20d4fca945b810a14f37090@CO1PR05MB442.namprd05.prod.outlook.com>
To: Ronald Bonica <rbonica@juniper.net>
X-Mailer: Apple Mail (2.1878.2)
Archived-At: http://mailarchive.ietf.org/arch/msg/lisp/AwklAUBjsGiDUoFqXH04DX9_HP8
Cc: LISP mailing list list <lisp@ietf.org>
Subject: Re: [lisp] Restarting last call on LISP threats
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Jun 2014 17:04:04 -0000

On Jun 10, 2014, at 9:57 AM, Ronald Bonica <rbonica@juniper.net> wrote:

> Earlier in this thread, we agreed that when LISP is deployed on the global Internet, mapping information cannot be gleaned safely from incoming LISP data packets. Following that train of thought, when LISP is deployed on the global Internet, is it safe to glean routing locator reachability information from incoming LISP data packets as described in RFC 6830, Section 6.3, bullet 1. If not, I think that we need to mention this in the threats document.

What you can glean is that the source RLOC is up, but you cannot glean your path to it is reachable.

> Given that ICMP packets are easily spoofed, when LISP is deployed on the global Internet, is it safe to glean routing locator reachability information from incoming ICMP packets as described in RFC 6830, Section 6.3, bullet 2 and bullet 4. If not, I think that we need to mention this in the threats document.

What you can glean is that the source RLOC is up, but you cannot glean your path to it is reachable.

Dino