IETF Logo Mail Archive

Re: [lisp] Nonce in PubSub

Alberto Rodriguez-Natal <rodrigueznatal@gmail.com> Fri, 17 November 2017 18:57 UTC

Return-Path: <rodrigueznatal@gmail.com>
X-Original-To: lisp@ietfa.amsl.com
Delivered-To: lisp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9E60912717E for <lisp@ietfa.amsl.com>; Fri, 17 Nov 2017 10:57:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yryQIulZMY3A for <lisp@ietfa.amsl.com>; Fri, 17 Nov 2017 10:57:42 -0800 (PST)
Received: from mail-it0-x236.google.com (mail-it0-x236.google.com [IPv6:2607:f8b0:4001:c0b::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A5283126C89 for <lisp@ietf.org>; Fri, 17 Nov 2017 10:57:42 -0800 (PST)
Received: by mail-it0-x236.google.com with SMTP id l196so5207603itl.4 for <lisp@ietf.org>; Fri, 17 Nov 2017 10:57:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=L9zjjDjpE1pJ8Et2IT6bbP3ZWzZEUrI+Mg5fHR7vdSY=; b=GSp7VR2MBKqpXB4pEdBnGEpOEgsq8z1EZcqo+pw4qfbSycW6u7ePwcAvTG/5zwfOdu XZzDrr5wWccNIRYRYd0vC25FfXyAk80a0RDwZOp1XsMQNX7yvSMtbT9ZLp5QSuaaYwwp HXkC8kZ4joRZO6xDax6moXSXJygy8K6+6jxvQVH+SsDwtBCsDxdb4PlpouqXJuyi0oa6 0oRYMeM1yIF/VnO+VPG1+gxhSz+rftrBEbrhKnW8wnZFqv8ADJY9dITeZT8tVSMuQ5dc kOe9IF5SzLP6rkzsyBvfKYWstOA4qQRmpzBG2mUXXXRrHoUZtWPS3lWFwob6vp60Ciez hD2A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=L9zjjDjpE1pJ8Et2IT6bbP3ZWzZEUrI+Mg5fHR7vdSY=; b=n5O+uufHvZ/RIcaYCkbyx7A03TwwfPJH/5L4YiWry1x7K9GbnAaE0Wlnj3wijmSJCd WR40MXnzYNys5jEosIhl9z9b66N/1JR4BXjXLOXsajiWSEhotc6Uw+QKpGYk1GhJ+s7O qVCGUblE/6P4kwax3KWZuKLj2SZVDNBXrw92/G0IZ9Pxdfx0OUiCQyTymPCK6cAIV5qL /OjTl//PB0zPXWCnsTPwzs8c43XbsG0bQ2xyCQrjXJF3a/+s1L8MOiwxFCNJC0KWD4eB 3B2rkwoxzSyQACvqSloySo7DfdWpusAn5ZR4Cc0TMLlOmfl0opOfPb1oaNNPllGsa8fq TwUQ==
X-Gm-Message-State: AJaThX5WH+jFA6UUaGBAEANBWRRrwTHGTVJ8ClOkpUNjUkSktXUwutFT We3LrlGoLS/H4usVvUmTRQLYqlWBPYnwXZtkMAA=
X-Google-Smtp-Source: AGs4zMa6Y0H1eaE4euTJpXYjKoP0Bxba91LRvA4hNOAlZZYsXJomQ8eyPw/GE+f6qYHuXp+aDIL0S3KO1XMcWXww/58=
X-Received: by 10.36.163.138 with SMTP id p132mr7454357ite.57.1510945061867; Fri, 17 Nov 2017 10:57:41 -0800 (PST)
MIME-Version: 1.0
Received: by 10.107.181.70 with HTTP; Fri, 17 Nov 2017 10:57:21 -0800 (PST)
In-Reply-To: <826333ea-ed39-96f5-8047-073ac6aad498@acm.org>
References: <CA+YHcKFoOcQvFRBsLhGq7_XHRaKuDiVKTqKR9v9jNroQ25YTpA@mail.gmail.com> <826333ea-ed39-96f5-8047-073ac6aad498@acm.org>
From: Alberto Rodriguez-Natal <rodrigueznatal@gmail.com>
Date: Fri, 17 Nov 2017 10:57:21 -0800
Message-ID: <CA+YHcKGPwvT30vzZX77Mt8nT3bP-chdyOYzY7JxY_QhjfiYt2w@mail.gmail.com>
To: Erik Nordmark <nordmark@acm.org>
Cc: "lisp@ietf.org list" <lisp@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/lisp/FdNpPS6hjs_vjxTecikssbvfyrs>
Subject: Re: [lisp] Nonce in PubSub
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Nov 2017 18:57:45 -0000

Hi Erik,

I see your point. The draft assumes a security association between the
ITR and the MS in order to authenticate the Map-Notifies. I think this
addresses your valid concern on spoofed Map-Notifies. How this
security association is established is a different discussion :)

Note also that, ideally, the Map-Notifies sent as publications should
each have a different nonce so the MS can easily correlate them with
the Map-Notify-Acks received as responses.

Best,
Alberto

On Thu, Nov 16, 2017 at 11:17 PM, Erik Nordmark <nordmark@acm.org> wrote:
> On 11/17/2017 10:49 AM, Alberto Rodriguez-Natal wrote:
>>
>> Just to clarify what was discussed in the meeting. The nonce used in
>> the Map-Request requesting the subscription will be used in the
>> Map-Notify that confirms the subscription. This is at top of page 6 in
>> the draft.
>>
>> Similarly, a Map-Notify sent as publication will be ack'ed by a
>> Map-Notify-Ack using its nonce.
>
>
> Albero,
>
> My understanding from Dino's comment at the make was that in his
> implementation the map-notify has the nonce from the original map-request.
>
> The reason I asked about this is that there are some additional security
> benefits if the map-notify has a nonce which corresponds to what the xTR had
> sent in the map-request. Otherwise you need some other mechanism to guard
> against receiving spoofed map-notifies.
>
>    Erik
>
>>
>> https://tools.ietf.org/html/draft-rodrigueznatal-lisp-pubsub-01
>>
>> Thanks,
>> Alberto
>>
>> _______________________________________________
>> lisp mailing list
>> lisp@ietf.org
>> https://www.ietf.org/mailman/listinfo/lisp
>>
>

v2.23.0 | Report a Bug | By Email