Re: [manet] AD Review of draft-ietf-manet-dlep-lid-extension-04

[Alvaro Retana <aretana.ietf@gmail.com>]

On July 30, 2019 at 12:13:46 PM, Rick Taylor (rick@tropicalstormsoftware.com)
wrote:

Rick:

Hi!

I am starting the IETF LC.

My only remaining comments are about security (see below), but we can deal
with that as we get other reviews.

Thanks!

Alvaro.




Comments inline, but a little forward:

We have done a rewrite of most of the descriptive text, focussing on
the use-cases, and attempting to clearly define terminology to aid the
reader.

I think that helps. :-)

The new text in the Abstract/Introduction says: "The core specification of
the protocol assumes that every modem in the radio network has an attached
DLEP router, and requires that the MAC address of the DLEP interface on the
attached router be used to identify the destination in the network…  This
document describes a DLEP Extension allowing modems that do not meet the
strict requirement above…”.   It is not clear if the “strict requirement”
you refer to is the assumption that a router is attached, or that its MAC
address is used…or both.   I think this is important to justify that, for
example, other Security Considerations are not created.  Just trying to
cover our bases…I don’t have anything specific to point out.


...

> ...
> 11 Abstract
>
> 13 There exists a class of modems that would benefit from
> supporting the
> 14 Dynamic Link Exchange Protocol (DLEP) [RFC8175] but do not
> present a
> 15 single Layer 2 network domain as required by DLEP. Such
> devices may
> 16 be:
>
> [nit] Don't include references in the Abstract.

I don't know how to avoid this - can you suggest some text please?

s/[RFC8175]/(RFC8175)  ;-)


...

>
> 173 2.1. Identifier Restrictions
>
> 175 A Link Identifier is by default 4 octets in length. If a
> modem
> 176 wishes to use a Link Identifier of a different length, it
> MUST be
> 177 announced using the Link Identifier Length Data Item
> (Section 3.1)
> 178 contained in the DLEP Session Initialization Response
> message sent by
> 179 the modem to the router.
>
> 181 During the lifetime of a DLEP session, the length of Link
> Identifiers
> 182 MUST remain constant, i.e. the Length field of the Link
> Identifier
> 183 Data Item MUST NOT differ between destinations.
>
> [major] This is another case where the session could be terminated if
> the wrong length is used... Call out as a risk.

Damn.. I missed this one. I shall have to uprev with specific
Termination rules.

Yup.


...

> ...
> 281 4. Security Considerations
>
> 283 As an extension to the core DLEP protocol, the security
> 284 considerations of that protocol apply to this extension.
> This
> 285 extension adds no additional security mechanisms or
> features.
>
> 287 None of the features introduced by this extension require
> extra
> 288 consideration by an implementation.
>
> [major] I think that the functionality in this extension may result
> in Invalid Data (and a terminated session) -- see the comments in
> §2/2.1 above. While this case may only be the result of a rogue
> modem/router, and rfc8175 already says something general about that,
> it is important to point it out here because the
> functionality/operation is new.
>

Having called out the additional reasons for termination, I don't see
that any of them cause any additional security considerations beyond
normal DLEP. The consideration is: deviate from the protocol and your
session will terminate - that's covered by DLEP.

True…but now with a bigger attack surface.  I would love to see something
pointing at rogue routers/modems taking advantage of termination
opportunities…but we can also wait and see what the SecDir/SEC ADs say…