IETF Logo Mail Archive

Re: [manet] draft-ietf-manet-aodvv2-13 review - a couple of big ticket Items

"Dearlove, Christopher (UK)" <chris.dearlove@baesystems.com> Wed, 23 March 2016 14:17 UTC

Return-Path: <chris.dearlove@baesystems.com>
X-Original-To: manet@ietfa.amsl.com
Delivered-To: manet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA84712D7E8 for <manet@ietfa.amsl.com>; Wed, 23 Mar 2016 07:17:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.929
X-Spam-Level:
X-Spam-Status: No, score=-6.929 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0ZFVK-yKNA1U for <manet@ietfa.amsl.com>; Wed, 23 Mar 2016 07:17:23 -0700 (PDT)
Received: from ukmta1.baesystems.com (ukmta1.baesystems.com [20.133.0.55]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8063A12DC57 for <manet@ietf.org>; Wed, 23 Mar 2016 07:03:07 -0700 (PDT)
X-IronPort-AV: E=Sophos; i="5.24,382,1454976000"; d="scan'208,217"; a="54496799"
Received: from unknown (HELO baemasmds016.greenlnk.net) ([10.15.207.101]) by ukmta1.baesystems.com with ESMTP; 23 Mar 2016 14:02:49 +0000
X-IronPort-AV: E=Sophos;i="5.24,382,1454976000"; d="scan'208,217";a="111319471"
Received: from glkxh0002v.greenlnk.net ([10.109.2.33]) by baemasmds016.greenlnk.net with ESMTP; 23 Mar 2016 14:02:48 +0000
Received: from GLKXM0002V.GREENLNK.net ([169.254.5.79]) by GLKXH0002V.GREENLNK.net ([10.109.2.33]) with mapi id 14.03.0248.002; Wed, 23 Mar 2016 14:02:28 +0000
From: "Dearlove, Christopher (UK)" <chris.dearlove@baesystems.com>
To: Justin Dean <bebemaster@gmail.com>
Thread-Topic: [manet] draft-ietf-manet-aodvv2-13 review - a couple of big ticket Items
Thread-Index: AQHRhHiiU+1aHmMw/kSRrabi+iXC459m1SlQgAAfQACAAABmcIAABJeAgAAV2aA=
Date: Wed, 23 Mar 2016 14:02:26 +0000
Message-ID: <B31EEDDDB8ED7E4A93FDF12A4EECD30D9238199E@GLKXM0002V.GREENLNK.net>
References: <8C311D85-5C5A-4155-9705-6B09D0AA588B@thomasclausen.org> <CA+-pDCds+kZy2LUz_A0c3_sJKF03NFroh5oXXgQP0fw=aGRNxg@mail.gmail.com> <B31EEDDDB8ED7E4A93FDF12A4EECD30D92381821@GLKXM0002V.GREENLNK.net> <CA+-pDCcJwyOZeMEGOx_DeYMrQ0_ANNsqi4pjbQUgO21y3s1ZFg@mail.gmail.com> <B31EEDDDB8ED7E4A93FDF12A4EECD30D92381902@GLKXM0002V.GREENLNK.net> <CA+-pDCc2a62e-abpyjnt-ERPE6FhD-txMa5JgnwxPK6r0eZtpg@mail.gmail.com>
In-Reply-To: <CA+-pDCc2a62e-abpyjnt-ERPE6FhD-txMa5JgnwxPK6r0eZtpg@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.109.62.6]
Content-Type: multipart/alternative; boundary="_000_B31EEDDDB8ED7E4A93FDF12A4EECD30D9238199EGLKXM0002VGREEN_"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/manet/0Xyi17T3ePrProQM9jWW8YHa-GU>
Cc: "manet@ietf.org" <manet@ietf.org>, "Thomas Heide Clausen (Thomas.Clausen@polytechnique.edu)" <Thomas.Clausen@polytechnique.edu>
Subject: Re: [manet] draft-ietf-manet-aodvv2-13 review - a couple of big ticket Items
X-BeenThere: manet@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mobile Ad-hoc Networks <manet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/manet>, <mailto:manet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/manet/>
List-Post: <mailto:manet@ietf.org>
List-Help: <mailto:manet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/manet>, <mailto:manet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Mar 2016 14:17:26 -0000

Still strongly disagree with some of what you say. The multiplexer MUST NOT modify messages as far as the protocol can tell, no flag as to whether it may, that’s just absolutely horrible. But there is a get out of gaol free card - it could modify a message (e.g. add a TLV, such as an ICV) then revert it (remove the TLV) before the protocol sees it. The next 5444 usage draft will say this.

A protocol in general SHOULD NOT, but MAY, modify messages. OLSRv2 MUST NOT modify messages.

--
Christopher Dearlove
Senior Principal Engineer
BAE Systems Applied Intelligence Laboratories
__________________________________________________________________________

T:  +44 (0)1245 242194  |  E: chris.dearlove@baesystems.com<mailto:chris.dearlove@baesystems.com>

BAE Systems Applied Intelligence, Chelmsford Technology Park, Great Baddow, Chelmsford, Essex CM2 8HN.
www.baesystems.com/ai<http://www.baesystems.com/ai>
BAE Systems Applied Intelligence Limited
Registered in England & Wales No: 01337451
Registered Office: Surrey Research Park, Guildford, Surrey, GU2 7YP

From: Justin Dean [mailto:bebemaster@gmail.com]
Sent: 23 March 2016 12:40
To: Dearlove, Christopher (UK)
Cc: manet@ietf.org; Thomas Heide Clausen (Thomas.Clausen@polytechnique.edu)
Subject: Re: [manet] draft-ietf-manet-aodvv2-13 review - a couple of big ticket Items


*** WARNING ***
This message originates from outside our organisation, either from an external partner or the internet.
Consider carefully whether you should click on any links, open any attachments or reply.
For information regarding Red Flags that you can look out for in emails you receive, click here<http://intranet.ent.baesystems.com/howwework/security/spotlights/Documents/Red%20Flags.pdf>.
If you feel the email is suspicious, please follow this process<http://intranet.ent.baesystems.com/howwework/security/spotlights/Documents/Dealing%20With%20Suspicious%20Emails.pdf>.
RFC 7182 is mandatory to RFC 7181.  In violent agreement.  OLSRv2 MUST NOT do that.  5444 doesn't generate/forward messages though 7181 does.  Clearly there should be a way for a process sitting on the multiplexer to tell it that a message is immutable.  But in other cases a message does get change/added to (e.g. 6121 (SMF) tlvs attached to 6130 (NHDP) hello messages).  In the end we all seem to agree end-to-end security is a problem currently for AODVv2.
Justin

On Wed, Mar 23, 2016 at 8:29 AM, Dearlove, Christopher (UK) <chris.dearlove@baesystems.com<mailto:chris.dearlove@baesystems.com>> wrote:
I’ve put the MANET list back on distribution.

As Thomas has pointed out to me, RFC 7182 is mandatory to implement as specified in RFC 7181. Thus “without ICVs” is not an option, and anything that breaks 7182 breaks compliance with 7181. And changing a message breaks 7181, in addition to it being directly indicated that messages are forwarded unchanged (hop count/limit aside).

Or in other words, OLSRv2 MUST NOT do this, and 5444 multiplexer MUST NOT change messages (as visible from protocol). I have an updated 5444 usage draft that makes this clearer for the multiplexer, waiting on co-authors to review.

--
Christopher Dearlove
Senior Principal Engineer
BAE Systems Applied Intelligence Laboratories
__________________________________________________________________________

T:  +44 (0)1245 242194<tel:%2B44%20%280%291245%20242194>  |  E: chris.dearlove@baesystems.com<mailto:chris.dearlove@baesystems.com>

BAE Systems Applied Intelligence, Chelmsford Technology Park, Great Baddow, Chelmsford, Essex CM2 8HN.
www.baesystems.com/ai<http://www.baesystems.com/ai>
BAE Systems Applied Intelligence Limited
Registered in England & Wales No: 01337451
Registered Office: Surrey Research Park, Guildford, Surrey, GU2 7YP

From: Justin Dean [mailto:bebemaster@gmail.com<mailto:bebemaster@gmail.com>]
Sent: 23 March 2016 12:23
To: Dearlove, Christopher (UK)
Subject: Re: [manet] draft-ietf-manet-aodvv2-13 review - a couple of big ticket Items


*** WARNING ***
This message originates from outside our organisation, either from an external partner or the internet.
Consider carefully whether you should click on any links, open any attachments or reply.
For information regarding Red Flags that you can look out for in emails you receive, click here<http://intranet.ent.baesystems.com/howwework/security/spotlights/Documents/Red%20Flags.pdf>.
If you feel the email is suspicious, please follow this process<http://intranet.ent.baesystems.com/howwework/security/spotlights/Documents/Dealing%20With%20Suspicious%20Emails.pdf>.
CMD> I think this comes under the heading of “not prohibited but undesirable” but also that all options I can see involve something undesirable, or worse, so this may be the least undesirable
JWD: check.

JWD> The way multiplexers work messages can get torn apart and sent back out in a different way.  My OLSRv2 with another version will likely do just that.

CMD> Absolutely not, that is a violation of OLSRv2 rules and unacceptable, because OLSRv2 specifies forwarding messages unchanged. That completely breaks use of RFC 7182 message ICVs - which might be applied by the multiplexer. Please do not even consider this.
JWD: you are correct.  ICVs disallow this behavior.  In my own code the messages are not changed because I generated them in the first place.  Without ICVs though it's quite natural.  I've personally seen three different packetbb parsers (one my own) which by default will rearrange a message if processed and regenerated  (actually caused some headache when trying to debug and getting different generated message outputs).  If there are no ICVs and it doesn't matter, but that's throwing all of end to end security out the window.  End to end security is an issue.

********************************************************************
This email and any attachments are confidential to the intended
recipient and may also be privileged. If you are not the intended
recipient please delete it from your system and notify the sender.
You should not copy it or use it for any purpose nor disclose or
distribute its contents to any other person.
********************************************************************

v2.23.0 | Report a Bug | By Email