[lisp] Roman Danyliw's No Objection on draft-ietf-lisp-gpe-17: (with COMMENT)

Roman Danyliw via Datatracker <noreply@ietf.org> Wed, 08 July 2020 22:08 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: lisp@ietf.org
Delivered-To: lisp@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 43FB93A0842; Wed, 8 Jul 2020 15:08:00 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: "The IESG" <iesg@ietf.org>
Cc: draft-ietf-lisp-gpe@ietf.org, lisp-chairs@ietf.org, lisp@ietf.org, Luigi Iannone <ggx@gigix.net>, ggx@gigix.net
X-Test-IDTracker: no
X-IETF-IDTracker: 7.7.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Roman Danyliw <rdd@cert.org>
Message-ID: <159424608025.11827.15288656141836801569@ietfa.amsl.com>
Date: Wed, 08 Jul 2020 15:08:00 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/lisp/h3toBeoc3XMrLTHIcGsLs1yOVyU>
Subject: [lisp] Roman Danyliw's No Objection on draft-ietf-lisp-gpe-17: (with COMMENT)
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.29
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jul 2020 22:08:01 -0000

Roman Danyliw has entered the following ballot position for
draft-ietf-lisp-gpe-17: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-lisp-gpe/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

Section 4.  Per “When a LISP-GPE router performs Ethernet encapsulation, the
inner header 802.1Q [IEEE.802.1Q_2014] VLAN Identifier (VID) MAY be mapped to,
or used to determine the LISP Instance IDentifier (IID) field”, as noted in a
DISCUSS item in my ballot on draft-ietf-lisp-rfc6830bis-32, using Instance ID
values as 802.1Q tags without integrity protection seems problematic in the
public internet scenario.  Please add cautionary language recommending
integrity protection.

Section 7.  Per “LISP-GPE, as many encapsulations that use optional extensions,
is subject to on-path adversaries that by manipulating the P-Bit and the packet
itself can remove part of the payload or claim to encapsulate any protocol
payload type”, it’s worse than that – (in the absence of integrity protection
and like LISP in general) an on-path attacker make arbitrary modifications to
the packet (like a 802.1Q tag in the encapsulated ethernet; or the Instance ID
using an 802.1.Q tag)