Re: [lisp] Comments on draft-ietf-lisp-eid-anonymity-00
Dino Farinacci <farinacci@gmail.com> Fri, 27 October 2017 03:58 UTC
Return-Path: <farinacci@gmail.com>
X-Original-To: lisp@ietfa.amsl.com
Delivered-To: lisp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F9D213F63C for <lisp@ietfa.amsl.com>; Thu, 26 Oct 2017 20:58:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.595
X-Spam-Level:
X-Spam-Status: No, score=-0.595 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2xA2l2QFRGwA for <lisp@ietfa.amsl.com>; Thu, 26 Oct 2017 20:58:03 -0700 (PDT)
Received: from mail-pf0-x229.google.com (mail-pf0-x229.google.com [IPv6:2607:f8b0:400e:c00::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF87F1391C3 for <lisp@ietf.org>; Thu, 26 Oct 2017 20:58:02 -0700 (PDT)
Received: by mail-pf0-x229.google.com with SMTP id 17so4015411pfn.12 for <lisp@ietf.org>; Thu, 26 Oct 2017 20:58:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=v72zL2P0Lo7wgu9XAo7PS/mv2eEezubTMlY2UuzLp5g=; b=VOtSL9gu9hedKLpji+EPOfO7LV+CZPqvbFTFmsTkPnBXpIKy7wt2seIIgRFV70qfxd Znm9CwuUbg3+3pX1HlC+2f6UzKO+LUu3DUKzgV5ziG9O5rBl1q1eYYsrIIX7ZQW1oHGp 5w9zCBF2rkcgZOyaX6KZ3Hs4J0Q1LRAN6M9/Sjf/n+RrRX9VvYbn8jt1JTuiJh06/RQS pcdjtZJzuRC8u/jm4Pm0Ix5cg4qzSWrMbloiO7XV/Pv9mhoyMF+Lhd2Ez8aBDT2tWI0V gUGZFtMpby+MKShISjhci8nUt47/SBah7DbyWhy4VtEy2d3045P8uEqj1J/i70unYvp2 sTCQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=v72zL2P0Lo7wgu9XAo7PS/mv2eEezubTMlY2UuzLp5g=; b=cWbVEj7rxtmCZhXJVD+sv3ZPayd1U3d39HUnjo5o9Td50m3iJ1OVXvpDEwJ4YGLg5K 8WMslj1DHWZFeI+nA3FZquOReT4NDTYtjIvusGLcuTaff4UUhotoWmQiy+EWqWcHNKhX zld45uw0m+1AhYYQInfMMyTO3T07YehhrAITbFuc2o79JIZ3xbtOBZyLuExT4uILRGOq dzjs8aJNT0jwbvYLiEi3sZWkufEwwTI7JuFKfyc9DcBZyzpUt4ie066iEgQ+oxyUiANk zdpm3X2fgdJqTc767jYVCBmevcmaWwhBqe6Jul+eMx1tNnY91P4J2pGo6N5Gj1SdAREm iOAQ==
X-Gm-Message-State: AMCzsaVz134Fy3AfZOCn+kqp4khogByG3YPZoo+b/MrRDuCqJNHuF7WE lgFYgl2ygX9yA2PgjzDabX5ZBK1l
X-Google-Smtp-Source: ABhQp+SjaTXkNCoN9e5YcpZ9DOr1yWK/LOio1nCy2I+3H54B7JuefhTRXmZyi0GfGrcQAnaALOx3Aw==
X-Received: by 10.99.101.68 with SMTP id z65mr6801489pgb.205.1509076681774; Thu, 26 Oct 2017 20:58:01 -0700 (PDT)
Received: from dino-macbook.wp.comcast.net (173-8-188-29-SFBA.hfc.comcastbusiness.net. [173.8.188.29]) by smtp.gmail.com with ESMTPSA id w69sm11876868pfd.22.2017.10.26.20.58.00 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 26 Oct 2017 20:58:00 -0700 (PDT)
From: Dino Farinacci <farinacci@gmail.com>
Message-Id: <016663BE-F706-4AC6-9566-4D972009FD2E@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_BD731DB4-E099-49E1-AF54-4A756224FDE7"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Thu, 26 Oct 2017 20:57:59 -0700
In-Reply-To: <c3cca9bd-ef06-2175-c31c-5fb53cd33195@bartschnet.de>
Cc: IETF <lisp@ietf.org>
To: "Rene 'Renne' Bartsch, B.Sc. Informatics" <ietf@bartschnet.de>
References: <c3cca9bd-ef06-2175-c31c-5fb53cd33195@bartschnet.de>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/lisp/UhUgYhZrbjNmA3J6ENNHSrCAj7I>
Subject: Re: [lisp] Comments on draft-ietf-lisp-eid-anonymity-00
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Oct 2017 03:58:05 -0000
> Hi, Thanks for the comments Rene! > 'draft-ietf-lisp-eid-anonymity-00' does not mention any authentication of the LISP-nodes/xTRs with the map-servers. > That way a Man-In-The-Middle-Attack can be run by sending bogus map-requests with the MITM-attacker's RLOCs. Well we do have the regular shared-key authentication documented in draft-ietf-lisp-rfc6831bis. But we can also put a reference in for draft-farinacci-lisp-ecdsa-auth if you are looking for stronger ways to authenticate. > I suggest to allow only CGA-addresses. There is a reference in this section: > Benefits: > > 1. Privacy: Dynamic eEIDs by re-keying > 2. Reachability: Static eEIDs by static key-pairs allow direct connections without third-party services relaying (e.g. Facebook ;-) ) Yes, understand. > 3. Security: > > 1. Signed map-requests > 2. eEID-based authentication/authorization with static keypairs > facilitates administration > (e.g. road-warrior authentication/authorization can be done with > a firewall by eEID filtering > without any upper-layer authentication/authorization like > usernames/passwords involved) > > Privacy/security considerations: > > 1. Don't use dynamic and static eEIDs on the same RLOC! > 2. Always use payload encryption to avoid deanonymisation by > Deep-Packet-Inspection Right, this is all in draft-farinacci-lisp-ecdsa-auth. Have you looked at it? Dino
- [lisp] Comments on draft-ietf-lisp-eid-anonymity-… Rene 'Renne' Bartsch, B.Sc. Informatics
- Re: [lisp] Comments on draft-ietf-lisp-eid-anonym… Dino Farinacci