Re: [manet] Stephen Farrell's Discuss on draft-ietf-manet-ibs-04: (with DISCUSS and COMMENT)
"Dearlove, Christopher (UK)" <chris.dearlove@baesystems.com> Mon, 21 March 2016 13:45 UTC
Return-Path: <chris.dearlove@baesystems.com>
X-Original-To: manet@ietfa.amsl.com
Delivered-To: manet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B3FD12D73D; Mon, 21 Mar 2016 06:45:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.127
X-Spam-Level:
X-Spam-Status: No, score=-6.127 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RDNS_NONE=0.793] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RXgOg-v2zNt8; Mon, 21 Mar 2016 06:45:11 -0700 (PDT)
Received: from ukmta2.baesystems.com (unknown [20.133.0.56]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E4F912D69C; Mon, 21 Mar 2016 06:45:10 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="5.24,372,1454976000"; d="scan'208";a="32367868"
Received: from unknown (HELO baemasmds016.greenlnk.net) ([10.15.207.101]) by ukmta2.baesystems.com with ESMTP; 21 Mar 2016 13:45:06 +0000
X-IronPort-AV: E=Sophos;i="5.24,372,1454976000"; d="scan'208";a="110953351"
Received: from glkxh0005v.greenlnk.net ([10.109.2.36]) by baemasmds016.greenlnk.net with ESMTP; 21 Mar 2016 13:45:06 +0000
Received: from GLKXM0002V.GREENLNK.net ([169.254.5.79]) by GLKXH0005V.GREENLNK.net ([10.109.2.36]) with mapi id 14.03.0248.002; Mon, 21 Mar 2016 13:45:06 +0000
From: "Dearlove, Christopher (UK)" <chris.dearlove@baesystems.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, The IESG <iesg@ietf.org>
Thread-Topic: Stephen Farrell's Discuss on draft-ietf-manet-ibs-04: (with DISCUSS and COMMENT)
Thread-Index: AQHRUglSpz5i4kghnk6Esgrt6AGIkJ9kSwpw
Date: Mon, 21 Mar 2016 13:45:06 +0000
Message-ID: <B31EEDDDB8ED7E4A93FDF12A4EECD30D9237F973@GLKXM0002V.GREENLNK.net>
References: <20160118160005.5086.59480.idtracker@ietfa.amsl.com>
In-Reply-To: <20160118160005.5086.59480.idtracker@ietfa.amsl.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.109.62.6]
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Archived-At: <http://mailarchive.ietf.org/arch/msg/manet/bg3wWiATF4LjejQ7md4tzuDI_9g>
Cc: "manet@ietf.org" <manet@ietf.org>, "T.Clausen@computer.org" <T.Clausen@computer.org>, "draft-ietf-manet-ibs@ietf.org" <draft-ietf-manet-ibs@ietf.org>, "manet-chairs@ietf.org" <manet-chairs@ietf.org>
Subject: Re: [manet] Stephen Farrell's Discuss on draft-ietf-manet-ibs-04: (with DISCUSS and COMMENT)
X-BeenThere: manet@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mobile Ad-hoc Networks <manet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/manet>, <mailto:manet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/manet/>
List-Post: <mailto:manet@ietf.org>
List-Help: <mailto:manet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/manet>, <mailto:manet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Mar 2016 13:45:13 -0000
Sorry about delay, I had someone to either square or leave long enough to fail to square. A -05 has been submitted. Hoping this meets the DISCUSS issue. With regard to the comment on 4.1, there already was a not quite complete specification in 4.3, I've now cross-referenced and fleshed out that specification as a recommendation. -- Christopher Dearlove Senior Principal Engineer BAE Systems Applied Intelligence Laboratories __________________________________________________________________________ T: +44 (0)1245 242194 | E: chris.dearlove@baesystems.com BAE Systems Applied Intelligence, Chelmsford Technology Park, Great Baddow, Chelmsford, Essex CM2 8HN. www.baesystems.com/ai BAE Systems Applied Intelligence Limited Registered in England & Wales No: 01337451 Registered Office: Surrey Research Park, Guildford, Surrey, GU2 7YP -----Original Message----- From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie] Sent: 18 January 2016 16:00 To: The IESG Cc: draft-ietf-manet-ibs@ietf.org; aretana@cisco.com; manet-chairs@ietf.org; T.Clausen@computer.org; manet@ietf.org Subject: Stephen Farrell's Discuss on draft-ietf-manet-ibs-04: (with DISCUSS and COMMENT) ----------------------! WARNING ! ---------------------- This message originates from outside our organisation, either from an external partner or from the internet. Consider carefully whether you should click on any links, open any attachments or reply. Follow the 'Report Suspicious Emails' link on IT matters for instructions on reporting suspicious email messages. -------------------------------------------------------- Stephen Farrell has entered the following ballot position for draft-ietf-manet-ibs-04: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-manet-ibs/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- My main discuss point on -02 of this was: (1) I am concerned that RFC6507 may not be ready for use in standards-track RFCs. So far it has not been and I have found no peer reviewed security or cryptographic analysis that indicates that it is has been studied to see if it is good enough for that. I've also not seen any MANET list discussion of that aspect (and indeed the MANET list discussion I did see seems to involve very few people). I asked on the CFRG list about RFC6507 and it seems [1] to be the case that no-one has so far really evaluated its security, other than folks associated with the author's institution. (Which applies to both 6507 and this I think.) I also didn't find any references to 6507 in Google scholar. Lastly, I think we should be, and be seen to be, more careful than usual with this draft - given the situation with DUAL-EC-DRBG, and that this is a new signature scheme that allows the KMS to fake anyone's signature and the author involved. Note that that last is not any imputation of misbehaviour, but the IETF would not be doing due-dilligence if we didn't explicitly consider that aspect. [1] https://www.ietf.org/mail-archive/web/cfrg/current/msg05540.html The authors have added section 6.1 and changed the intended status to experimental which does almost entirely resolve the above. I have one issue with the text of 6.1 though that I think needs fixing before we can proceed. I'll state that in the form of an OLD/NEW suggestion in case that just works: OLD: This specification is thus published as experimental, in order to encourage its use and reports of its use. Once experiments have been carried out and reported, it is intended to advance this specification, with any changes identified by such experimentation, to standards track. NEW: This specification is thus published as experimental, in order to encourage its use and reports on its use. Once experiments have been carried out and reported, and when some public analysis of the underlying cryptographic algorithms is available, it may be appropriate to advance this specification, with any changes identified by such experimentation and analysis, to standards track. My reasoning is as follows: the main problem (I see) with this being on the standards track is the total lack of public analysis of the signature algorithm. That is not fixed via usage or reports of usage. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- The text below were additional discuss points. While I'm ok with these not being specified in an experimental RFC, I think the absence of those bits of specification means that this is clearly not a complete spec that'd allow interop. (So that would need to be fixed before trying to get this back on the standards track.) The text does now at least ack that the revocation trick or some equivalent is needed, but fails to specify a concrete way of doing that. And while the authors don't agree with me that private key provisioning needs to be specified in an interoperable manner, I think that if one was to produce any IBC standard that has to be a part of the work, otherwise nodes are limited to working with a KMS in a proprietary fashion, which is a kind of vendor lockin. The old discuss points are below. I think this would be better if these issues were also called out in section 6.1 but I'll not block on that basis. Perhaps the responsible AD might think about whether that really needs to be mentioned or not. (2) How does a router get its private key? Why is it ok to not specify that? Seems like an interop fail if that is not done. (4) 4.1: The usual revocation trick of including a time value in the name is referred to at the end of this section but without sufficient detail to allow interop. Why is that ok? ******************************************************************** This email and any attachments are confidential to the intended recipient and may also be privileged. If you are not the intended recipient please delete it from your system and notify the sender. You should not copy it or use it for any purpose nor disclose or distribute its contents to any other person. ********************************************************************
- [manet] Stephen Farrell's Discuss on draft-ietf-m… Stephen Farrell
- Re: [manet] Stephen Farrell's Discuss on draft-ie… Dearlove, Christopher (UK)