IETF Logo Mail Archive

Re: [lisp] Virtual meeting

"Joel M. Halpern" <jmh@joelhalpern.com> Tue, 31 March 2020 12:48 UTC

Return-Path: <jmh@joelhalpern.com>
X-Original-To: lisp@ietfa.amsl.com
Delivered-To: lisp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CC0C53A14A5 for <lisp@ietfa.amsl.com>; Tue, 31 Mar 2020 05:48:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.2
X-Spam-Level:
X-Spam-Status: No, score=-0.2 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=joelhalpern.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IFeLrVIyEs-4 for <lisp@ietfa.amsl.com>; Tue, 31 Mar 2020 05:48:54 -0700 (PDT)
Received: from maila2.tigertech.net (maila2.tigertech.net [208.80.4.152]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E41A43A1482 for <lisp@ietf.org>; Tue, 31 Mar 2020 05:48:54 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by maila2.tigertech.net (Postfix) with ESMTP id 48s8K25HVwz6GD38; Tue, 31 Mar 2020 05:48:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=joelhalpern.com; s=2.tigertech; t=1585658934; bh=y3jPEIHV6k/Vg1VOUAnJY5bg12Id+DnFdp2jHTFjpJk=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=BbSZIdPt57YPoQ1Ks7WQxbEs2ngFO6OWhFLnsyvjMuG0Cy7+3vDZRsoVIT7Z9hHdY f75M9owRb47RRbRCynue4V4ummW6gUPxB1U5lmSTzrSV+NBLolOqq2c8uWsjPZ74bj MOPYDBGNRRhJspE8+/AmaahWdnTCHuL+fLZi2Rew=
X-Virus-Scanned: Debian amavisd-new at a2.tigertech.net
Received: from [192.168.128.43] (209-255-163-147.ip.mcleodusa.net [209.255.163.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by maila2.tigertech.net (Postfix) with ESMTPSA id 48s8K14wgqz6GBCf; Tue, 31 Mar 2020 05:48:53 -0700 (PDT)
To: "Alberto Rodriguez Natal (natal)" <natal=40cisco.com@dmarc.ietf.org>
Cc: "lisp@ietf.org" <lisp@ietf.org>
References: <bf751274-3d10-4675-40ff-0876b968ec58@joelhalpern.com> <EB8728FF-8299-4915-81C0-7A414E1A1735@gmail.com> <b2bf2e7c-9535-e6b2-51ff-dc922c875fb7@joelhalpern.com> <F0929D9F-2726-48AF-90E0-9242A5898F4C@gmail.com> <e995cd58-3504-c7b4-a970-f55550e3829b@joelhalpern.com> <0310FDA2-6AE2-472B-82A7-D38039F64DDB@cisco.com> <293fbb16-75c4-bb79-e183-eaf781b696e3@joelhalpern.com> <613F569E-6FCF-4363-A60A-CB14C6459FE2@cisco.com>
From: "Joel M. Halpern" <jmh@joelhalpern.com>
Message-ID: <8e654897-26f6-e4c2-db74-e5a15155e04b@joelhalpern.com>
Date: Tue, 31 Mar 2020 08:48:53 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.6.0
MIME-Version: 1.0
In-Reply-To: <613F569E-6FCF-4363-A60A-CB14C6459FE2@cisco.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/lisp/rE11JsmNUSpmbJv0daQG8gg7gW4>
Subject: Re: [lisp] Virtual meeting
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Mar 2020 12:48:59 -0000

thinking about Alberto's request, and reading the document, I wondered 
if the security could be improved by sending the first notify back via 
the ETR, and coupling it to LISP-SEC to protect the information and 
provide needed keys for further messages?  It seems like we do need a 
way to protect the notifications, and requiring associations from every 
ITR to every MS who may provide notifications seems impossible.

Yours,
Joel

On 3/17/2020 11:56 PM, Alberto Rodriguez Natal (natal) wrote:
> Thanks Joel, I've tried to summarize my line of thought below. There may be other aspects I'm missing.
> 
> In traditional LISP, there is some shared state between a Map-Server and an ETR in order to validate Map-Notifies. First, for integrity protection Map-Notifies include some authentication data generated using a shared key between the Map-Server and the ETR. Second, to protect against replay attacks the nonce used in the Map-Register/Map-Notify exchange is incremented over time. This requires that both the Map-Server and the ETR are in synch regarding the shared key and incremental nonce.
> 
> PubSub introduces a new protocol operation where a Map-Server can send Map-Notify messages to ITRs. This departs from the traditional ETR-MS relationship stated above and introduces a few questions. How to keep a shared key at scale between ITRs and a Map-Server? The ratio of ITRs-to-MS is potentially orders of magnitude bigger than the ratio of ETRs-to-MS, are shared keys even feasible? Besides, how to handle the nonce increment when the ITR is also an ETR? Do we need to keep track of two Map-Notify nonces, one for the Map-Register exchange and another for PubSub operation?
> 
> Thanks,
> Alberto
> 
> On 3/16/20, 11:24 AM, "Joel Halpern Direct" <jmh.direct@joelhalpern.com> wrote:
> 
>      Thank you Alberto.  To see if folks want to engage on the topic, could
>      you write a short email describing the question and, if you can, some of
>      the things that you would like to discuss?
>      
>      Folks, let's be clear.  I do expect we will have a virtual interim.
>      Maybe even more than one.  I would really like to see groundwork on the
>      email list so that any request by the chairs for folks to make time is
>      for more than just some presentations.
>      
>      Thank you,
>      Joel
>      
>      On 3/16/2020 2:15 PM, Alberto Rodriguez Natal (natal) wrote:
>      > Joel, all,
>      >
>      > I'm in favor of having a virtual interim meeting. One of the points that I have on my personal list of "things to discuss when we have time" is the aspect of (unsolicited) Map-Notifies on PubSub. I think it can benefit from some deeper discussion with the WG regarding, nonces, security associations, ITR-MS relationship, etc. If the WG is up to it, I can bring the topic for discussion and get some opinions on an interim.
>      >
>      > Thanks,
>      > Alberto
>      >
>      >
>      
> 
> _______________________________________________
> lisp mailing list
> lisp@ietf.org
> https://www.ietf.org/mailman/listinfo/lisp
>

v2.23.0 | Report a Bug | By Email