Re: [lisp] Restarting last call on LISP threats

Dino Farinacci <farinacci@gmail.com> Tue, 10 June 2014 17:23 UTC

Return-Path: <farinacci@gmail.com>
X-Original-To: lisp@ietfa.amsl.com
Delivered-To: lisp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22E471A01C4 for <lisp@ietfa.amsl.com>; Tue, 10 Jun 2014 10:23:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xqyR-nSDN3wl for <lisp@ietfa.amsl.com>; Tue, 10 Jun 2014 10:23:02 -0700 (PDT)
Received: from mail-pd0-x236.google.com (mail-pd0-x236.google.com [IPv6:2607:f8b0:400e:c02::236]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 923BF1A00D4 for <lisp@ietf.org>; Tue, 10 Jun 2014 10:23:02 -0700 (PDT)
Received: by mail-pd0-f182.google.com with SMTP id y13so425399pdi.13 for <lisp@ietf.org>; Tue, 10 Jun 2014 10:23:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=R3+spw3daUV725Wch9ZPFFSyx6pa19MM0pKbT1I+EvY=; b=D6rcDB2h1Fz+8GKv4KAUrkXpGmyHsOEzXASZ3+Th1frPgkCfAnyO5omEjRldjN+bz1 4a+AGtg0M57zYvSrvF0WLGF9Fcc9z7v5DJrmqZAuXV0meBnbATyB3z/puXrjikgqKwHT gXZO1ARQpQ8VsC6IKdlZKlx6wIFxJpGfEi3OHzXZbsgmn4esIJo3GCMA7jz/e7xdezA3 ESNhCL/GXgEw7GwYetCE+dQgJ466FLfDn2O1olwTYSQ7NFKNvVpgNzAxW5E04RRcnykw I1z/TWS0MMR9vpGgTzBii5QmV6WIX2rEjcXEwj48zj3KYh0JCNbvYxd20afb0a34yENf Mp2A==
X-Received: by 10.68.254.103 with SMTP id ah7mr12285298pbd.159.1402420982317; Tue, 10 Jun 2014 10:23:02 -0700 (PDT)
Received: from [192.168.1.174] ([207.145.253.66]) by mx.google.com with ESMTPSA id no9sm70467218pbc.83.2014.06.10.10.22.59 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 10 Jun 2014 10:23:00 -0700 (PDT)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.2\))
From: Dino Farinacci <farinacci@gmail.com>
In-Reply-To: <a7c188aabbfe41ef80645d2ee1d6df99@CO1PR05MB442.namprd05.prod.outlook.com>
Date: Tue, 10 Jun 2014 10:22:59 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <E0485205-9FCD-46FC-B852-06259334A47C@gmail.com>
References: <d690563db20d4fca945b810a14f37090@CO1PR05MB442.namprd05.prod.outlook.com> <B3A9D234-A6A2-45DC-B8FA-623B3A86DCE8@gmail.com> <a7c188aabbfe41ef80645d2ee1d6df99@CO1PR05MB442.namprd05.prod.outlook.com>
To: Ronald Bonica <rbonica@juniper.net>
X-Mailer: Apple Mail (2.1878.2)
Archived-At: http://mailarchive.ietf.org/arch/msg/lisp/S7nDfDAx_iKyZNbDydTLzgwWfmc
Cc: LISP mailing list list <lisp@ietf.org>
Subject: Re: [lisp] Restarting last call on LISP threats
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Jun 2014 17:23:04 -0000

As I keep saying Ron, you need to verify anything you intend to glean. The spec says the gleaning is "a hint" and not gospel.

Dino

On Jun 10, 2014, at 10:06 AM, Ronald Bonica <rbonica@juniper.net> wrote:

> Hi Dino,
> 
> Given that the LISP data packet or ICMP packet may be from an attacker, is it even safe to glean that? I think not.
> 
>                                                                                                                Ron
> 
> 
>> -----Original Message-----
>> From: Dino Farinacci [mailto:farinacci@gmail.com]
>> Sent: Tuesday, June 10, 2014 1:04 PM
>> To: Ronald Bonica
>> Cc: LISP mailing list list
>> Subject: Re: [lisp] Restarting last call on LISP threats
>> 
>> 
>> On Jun 10, 2014, at 9:57 AM, Ronald Bonica <rbonica@juniper.net> wrote:
>> 
>>> Earlier in this thread, we agreed that when LISP is deployed on the global
>> Internet, mapping information cannot be gleaned safely from incoming LISP
>> data packets. Following that train of thought, when LISP is deployed on the
>> global Internet, is it safe to glean routing locator reachability information
>> from incoming LISP data packets as described in RFC 6830, Section 6.3, bullet
>> 1. If not, I think that we need to mention this in the threats document.
>> 
>> What you can glean is that the source RLOC is up, but you cannot glean your
>> path to it is reachable.
>> 
>>> Given that ICMP packets are easily spoofed, when LISP is deployed on the
>> global Internet, is it safe to glean routing locator reachability information
>> from incoming ICMP packets as described in RFC 6830, Section 6.3, bullet 2
>> and bullet 4. If not, I think that we need to mention this in the threats
>> document.
>> 
>> What you can glean is that the source RLOC is up, but you cannot glean your
>> path to it is reachable.
>> 
>> Dino
>> 
>