Re: [manet] Benjamin Kaduk's Discuss on draft-ietf-manet-dlep-pause-extension-06: (with DISCUSS and COMMENT)

Lou Berger <lberger@labn.net> Thu, 13 June 2019 18:26 UTC

Return-Path: <lberger@labn.net>
X-Original-To: manet@ietfa.amsl.com
Delivered-To: manet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7EA2E12023C for <manet@ietfa.amsl.com>; Thu, 13 Jun 2019 11:26:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.686
X-Spam-Level: **
X-Spam-Status: No, score=2.686 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, GB_SUMOF=5, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.415, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (768-bit key) header.d=labn.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OEvRVkbLKkZM for <manet@ietfa.amsl.com>; Thu, 13 Jun 2019 11:26:23 -0700 (PDT)
Received: from gproxy1-pub.mail.unifiedlayer.com (gproxy1-pub.mail.unifiedlayer.com [69.89.25.95]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9FB34120229 for <manet@ietf.org>; Thu, 13 Jun 2019 11:26:20 -0700 (PDT)
Received: from cmgw10.unifiedlayer.com (unknown [10.9.0.10]) by gproxy1.mail.unifiedlayer.com (Postfix) with ESMTP id 25E37B42873F6 for <manet@ietf.org>; Thu, 13 Jun 2019 12:26:17 -0600 (MDT)
Received: from box313.bluehost.com ([69.89.31.113]) by cmsmtp with ESMTP id bUQShWGXjsFwgbUQShP3jx; Thu, 13 Jun 2019 12:26:17 -0600
X-Authority-Reason: nr=8
X-Authority-Analysis: v=2.3 cv=J/aEEjvS c=1 sm=1 tr=0 a=h1BC+oY+fLhyFmnTBx92Jg==:117 a=h1BC+oY+fLhyFmnTBx92Jg==:17 a=jpOVt7BSZ2e4Z31A5e1TngXxSK0=:19 a=IkcTkHD0fZMA:10:nop_charset_1 a=xqWC_Br6kY4A:10:nop_ipv6 a=dq6fvYVFJ5YA:10:nop_rcvd_month_year a=Vy_oeq2dmq0A:10:endurance_base64_authed_username_1 a=48vgC7mUAAAA:8 a=oVDSxFbo9Ya9f_9SELMA:9 a=vVICH83cBykVrxfP:21 a=8MauNC88WcY10SuP:21 a=QEXdDO2ut3YA:10:nop_charset_2 a=mYAOWqAtFUkA:10:demote_hacked_domain_1 a=1dbGxDndw2gA:10:demote_hacked_domain_7 a=w1C3t2QeGrPiZgrLijVG:22
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=labn.net; s=default; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:MIME-Version :Date:Message-ID:References:Cc:To:Subject:From:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=ojKvDzd1IzbK8phQpCfzpADW/pMWDmSpi//D3dhRVqQ=; b=KUwkBsb9MnD57KEeyOiN+AEwTx B/eo+Tsbp+tna9TjBckcfHLbYe8UnrxTH/EsDF2Koc98+mJ0D530+PtbvXmEWwBJa9GOAItPNfBvQ R33JEWU7ZyMNZ3soOjubR6Acc;
Received: from [127.0.0.1] (port=10801 helo=[IPv6:::1]) by box313.bluehost.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92) (envelope-from <lberger@labn.net>) id 1hbUQS-001eaG-O6; Thu, 13 Jun 2019 12:26:16 -0600
From: Lou Berger <lberger@labn.net>
To: Benjamin Kaduk <kaduk@mit.edu>
Cc: draft-ietf-manet-dlep-pause-extension@ietf.org, manet@ietf.org, The IESG <iesg@ietf.org>, manet-chairs@ietf.org
References: <155494445891.22757.7399588752085896470.idtracker@ietfa.amsl.com> <e20c4e6d-b36f-690c-2049-4bc81f5cd37a@labn.net> <20190506224055.GX19509@kduck.mit.edu> <10c43c45-877d-842d-b527-8ff0dd9cb600@labn.net> <20190606182224.GC23396@kduck.mit.edu>
Message-ID: <93f68bb0-0366-4def-48c3-2a2465ccdcde@labn.net>
Date: Thu, 13 Jun 2019 14:26:11 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.3.1
MIME-Version: 1.0
In-Reply-To: <20190606182224.GC23396@kduck.mit.edu>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - box313.bluehost.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - labn.net
X-BWhitelist: no
X-Source-IP: 127.0.0.1
X-Source-L: Yes
X-Exim-ID: 1hbUQS-001eaG-O6
X-Source:
X-Source-Args:
X-Source-Dir:
X-Source-Sender: ([IPv6:::1]) [127.0.0.1]:10801
X-Source-Auth: lberger@labn.net
X-Email-Count: 12
X-Source-Cap: bGFibm1vYmk7bGFibm1vYmk7Ym94MzEzLmJsdWVob3N0LmNvbQ==
X-Local-Domain: yes
Archived-At: <https://mailarchive.ietf.org/arch/msg/manet/fXbyEIQn4X5_J-NeCmjZZ8OKcH8>
Subject: Re: [manet] Benjamin Kaduk's Discuss on draft-ietf-manet-dlep-pause-extension-06: (with DISCUSS and COMMENT)
X-BeenThere: manet@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Mobile Ad-hoc Networks <manet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/manet>, <mailto:manet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/manet/>
List-Post: <mailto:manet@ietf.org>
List-Help: <mailto:manet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/manet>, <mailto:manet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jun 2019 18:26:27 -0000

Hi,

No worries on the delay.

On 6/6/2019 2:22 PM, Benjamin Kaduk wrote:
> Hi Lou,
>
> Sorry for the long delay here; I'm in the process of moving from St. Louis
> to Seattle and have had to take a bunch of time off in the process.
>
> On Tue, May 07, 2019 at 10:34:57AM -0400, Lou Berger wrote:
>> Please see responses below...
>>
>> On 5/6/2019 6:40 PM, Benjamin Kaduk wrote:
>>> On Sun, May 05, 2019 at 09:22:16PM -0400, Lou Berger wrote:
>>>> Hi,
>>>> 	My apologies, I thought I responded to this, but can't seem to find the
>>>> response (hopefully my responses are consistent if I did!).
>>>>
>>>> On 4/10/19 9:00 PM, Benjamin Kaduk via Datatracker wrote:
>>>>> Benjamin Kaduk has entered the following ballot position for
>>>>> draft-ietf-manet-dlep-pause-extension-06: Discuss
>>>>>
>>>>> When responding, please keep the subject line intact and reply to all
>>>>> email addresses included in the To and CC lines. (Feel free to cut this
>>>>> introductory paragraph, however.)
>>>>>
>>>>>
>>>>> Please refer tohttps://www.ietf.org/iesg/statement/discuss-criteria.html
>>>>> for more information about IESG DISCUSS and COMMENT positions.
>>>>>
>>>>>
>>>>> The document, along with other ballot positions, can be found here:
>>>>> https://datatracker.ietf.org/doc/draft-ietf-manet-dlep-pause-extension/
>>>>>
>>>>>
>>>>>
>>>>> ----------------------------------------------------------------------
>>>>> DISCUSS:
>>>>> ----------------------------------------------------------------------
>>>>>
>>>>> Section 3.1 defines 'Scale' as a four-bit unsigned integer field but only the
>>>>> values 0-3 are assigned, leaving 4-16k usable.  How will future values be
>>>>> assigned?
>>>>>
>>>> A future revision or update of this document.  We discussed a IANA
>>>> registry, but thought it overkill as future additions seem quite unlikely.
>>> Okay.  The Discuss was just to make sure it was considered in some fashion;
>>> we do have a bunch of documents that explictly note "additional values are
>>> to be allocated by updates to this specification" but I do not insist on
>>> it.
>>>
>>>>> In Section 3.1.1:
>>>>>
>>>>>      DS Field Qn:
>>>>>
>>>>>         The data item contains a sequence of 8 bit DS Fields.  The number
>>>>>         of DS Fields present MUST equal the sum of all Num DSCPs field
>>>>>         values.
>>>>>
>>>>> Perhaps I'm misreading, but I thought the Num DSCPs Qn field was global
>>>>> for this queue index, so there would just be one of them and no need to
>>>>> take a sum.
>>>> It's just saying that more than one DSCP can match to a single queue
>>>> index value.
>>> Okay, if I'm looking at the figure properly then this is just an editorial
>>> issue, then:
>>>
>>>           0                   1                   2                   3
>>>           0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
>>>          +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>>>          |  Queue Index  |             Queue Size Qn                     |
>>>          +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>>>          | Num DSCPs Qn  |  DS Field Qn  |              ...              :
>>>          +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>>>          :                          ...                  |  DS Field Qn  |
>>>          +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>>>
>>> So we have the chunk of stuff for a given queue (index), and the size of
>>> that queue, then a separate array/length for the DS values.  The various DS
>>> values that can match this queue index are the contents of this array, but
>>> this is the only array in the sub data item describing this queue index.
>>> If that's correct, then isn't the description of "DS Field Qn" just "The
>>> sub data item contains a sequence of 8 bit DS Fields for this queue index.
>>> The number of DS Fields present MUST equal this value."?
>> Yes - I'm fine with a specific text revision if you have one.
> How about:
>
> OLD:
>
>        The data item contains a sequence of 8 bit DS Fields.  The number
>        of DS Fields present MUST equal the sum of all Num DSCPs field
>        values.
>
> NEW:
>
>        The data item contains a sequence of 8 bit DS Fields.  The number
>        of DS Fields present MUST equal the value of the Num DSCPs field.
yes, this is better.
>>>>> In Section 3.3:
>>>>>
>>>>>      A router which receives the Restart Data Item SHOULD resume
>>>>>      transmission of the identified traffic to the modem.
>>>>>
>>>>> Why is this only a "SHOULD"?
>>>> to cover the case where the router is choosing not to send data, e.g.,
>>>> due to lack of available data or other policy such as traffic rate shaping.
>>> Okay.  Frequently documents will give the reader some hint as to what the
>>> exceptional cases might be, but I will not insist on it here.
>>>
>>>
>>>>> Section 4
>>>>>
>>>>>                                    The extension does not inherently
>>>>>      introduce any additional vulnerabilities above those documented in
>>>>>      [RFC8175].  [...]
>>>>>
>>>>> As noted by others, this sentence is just not true.
>>>>> I will not duplicate the suggestions for additional considerations that
>>>>> need to be documented.
>>>> Please see comments / discussion elsewhere on this.
>>> Sorry, most of these threads have aged out of my cache; could you give me a
>>> hint about whose ballot thread to look in, or a link?
>> Perhaps it's just best to point you at the current text and see if
>> you're okay with it -- see
>>
>> https://tools.ietf.org/html/draft-ietf-manet-dlep-pause-extension-07#section-4
>>
>> and let me/us know if you still have any unresolved comments.
> My main issue is with "does not inherently introduce any additional
> vunlerabilities" -- there's a new signal that if received by the router,
> causes all traffic to stop.  There is some inherent risk of such a signal
> being received erroneously, even if an attacker that could introduce such a
> signal would need to be highly capable (and thus also capable of doing
> damage in other ways), and of course the risk of random accidents is always
> present.
>
> So I think the intent here may be to say instead that "this extension does
> not introduce any vulnerabilities that are inherently different from those
> documented in [RFC8175]", since there are already other ways that an
> attacker could cause the router to stop sending traffic to the modem.

This works for me too.

I'll push a new version in a few moments.

Thanks,

Lou

>>>>> In particular, I agree with Roman that the use
>>>>> of TLS needs to be mandatory, especially since this protocol is
>>>>> nominally only defined for use with radio links.
>>>> As covered elsewhere, in particular this is really a comment on base
>>>> DLEP and I think this extension should be consistent with that document.
>>>> (Consider an example from when 8175 was issued, consider the case where
>>>> the modem and router use MACsec, 802.1X and 802.1 AE, why is TLS needed
>>>> as well.)
>>> Perhaps.  I think it's highly dependent on whether DLEP is only conveyed
>>> over wired links and the physical scope of those links, though -- my
>>> understanding is that most of the IESG was treating this protocol as
>>> running over the radio link.
>> umm, DLEP is *NEVER* expected to run over the air.  This is covered in
>> RFC8175 and is not impacted by this extension.
> I'm sorry that I (and the collective IESG) missed that; you are quite
> correct.  (I think I was under severe time pressure reviewing this document
> and only did targetted keyword searches in 8175 as I was reading.)
>
> -Ben
>
>