IETF Logo Mail Archive

Re: [manet] AB#1 Comments for WGLC draft-ietf-manet-nhdp-sec-threats-02

Jiazi Yi <ietf@jiaziyi.com> Tue, 09 April 2013 09:52 UTC

Return-Path: <yi.jiazi@gmail.com>
X-Original-To: manet@ietfa.amsl.com
Delivered-To: manet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C4D421F9354 for <manet@ietfa.amsl.com>; Tue, 9 Apr 2013 02:52:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 4.58
X-Spam-Level: ****
X-Spam-Status: No, score=4.58 tagged_above=-999 required=5 tests=[AWL=-2.610, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_DYNAMIC_IPADDR2=4.395, HELO_DYNAMIC_SPLIT_IP=3.493, HELO_EQ_FR=0.35, RDNS_NONE=0.1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zploXgeVPuf9 for <manet@ietfa.amsl.com>; Tue, 9 Apr 2013 02:52:57 -0700 (PDT)
Received: from mail-wi0-x235.google.com (mail-wi0-x235.google.com [IPv6:2a00:1450:400c:c05::235]) by ietfa.amsl.com (Postfix) with ESMTP id 6181321F934C for <manet@ietf.org>; Tue, 9 Apr 2013 02:52:56 -0700 (PDT)
Received: by mail-wi0-f181.google.com with SMTP id hj8so3456860wib.8 for <manet@ietf.org>; Tue, 09 Apr 2013 02:52:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:sender:content-type:mime-version:subject:from :in-reply-to:date:cc:content-transfer-encoding:message-id:references :to:x-mailer; bh=CkS9wcf6+oCSfbJh+KKMvBDogZhwOdpKkNX/eYlgCG8=; b=XJ/HLcrq6txOAbYGDHXuTyE6lJ9dTPzA8zGV9vcdYaatMak+GlmLImNE0tnXH7Y5Dy wfvZH6Lxhy+SGW5I7K960NTqNpWCWL8QfEuOoGdx5R2LqhOo09COvcRAj6u6tyezdw7z vg41Egc58eD0a1vAibQ//dmApyU3ojykzpqC7Yuncu0m/QDleSACWSh3kY/cgDGJNKyV 9MxBy5skrAlEUvtSIK89XaBxJuZmbIzmeL7ixOBHm91OXlDXH6BwFKFBHy1+3Ksz/oMr U2FIzMwL8q45rrrXdEXOTfh7xCvWAbRxLq/r9bkpPLUPFb9gEWoCFqWKnzg+nepz4P6t PFww==
X-Received: by 10.194.235.196 with SMTP id uo4mr37084842wjc.30.1365501175340; Tue, 09 Apr 2013 02:52:55 -0700 (PDT)
Received: from 193.55.177-98.saclay.inria.fr ([193.55.177.98]) by mx.google.com with ESMTPS id s2sm27670236wib.4.2013.04.09.02.52.53 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 09 Apr 2013 02:52:54 -0700 (PDT)
Sender: Jiazi YI <yi.jiazi@gmail.com>
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\))
From: Jiazi Yi <ietf@jiaziyi.com>
In-Reply-To: <CAK=bVC8V_U5G9+2OhUZbMO+q_nsqs07UAsTVNyaAyGjHusWV6Q@mail.gmail.com>
Date: Tue, 09 Apr 2013 11:52:53 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <B5DA0B35-DC91-49DA-B9FA-24C230A14288@jiaziyi.com>
References: <CADnDZ8_JzCupDar=0CORuAOenw3VYBG4eTVh1Z=cEtdBOsJ7jQ@mail.gmail.com> <CAK=bVC8V_U5G9+2OhUZbMO+q_nsqs07UAsTVNyaAyGjHusWV6Q@mail.gmail.com>
To: Ulrich Herberg <ulrich@herberg.name>
X-Mailer: Apple Mail (2.1503)
Cc: manet <manet@ietf.org>
Subject: Re: [manet] AB#1 Comments for WGLC draft-ietf-manet-nhdp-sec-threats-02
X-BeenThere: manet@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Mobile Ad-hoc Networks <manet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/manet>, <mailto:manet-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/manet>
List-Post: <mailto:manet@ietf.org>
List-Help: <mailto:manet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/manet>, <mailto:manet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Apr 2013 09:52:58 -0000

I agree with Ulrich's reply. 

We can change 

>> [I-D] As wireless radio waves can be captured as well as transmitted
>> by any wireless
>> device within radio range


to 

> As radio signals can be received as well as transmitted
> by any compatible wireless device within radio range

It would be clearer. 

best

Jiazi

On Apr 8, 2013, at 9:00 PM, Ulrich Herberg <ulrich@herberg.name> wrote:

> AB,
> 
> see my answer below (note my reply represents my individual opinion; I
> don't claim to speak for the whole author group):
> 
> On Mon, Apr 8, 2013 at 11:35 AM, Abdussalam Baryun
> <abdussalambaryun@gmail.com> wrote:
> [...]
>> This message is to comment on the MANET WG work in progress I-D:
>> draft-ietf-manet-nhdp-sec-threats-02 [I-D], which means this message
>> may contain parts/texts of the I-D under review
>> ====================================
>> 
>> [I-D] Abstract:
>> [I-D] This document analyses common security threats of the Neighborhood
>> Discovery Protocol (NHDP), and describes their potential impacts on
>> MANET routing protocols using NHDP.
>> 
>> AB>question> What is the meaning of *common* security threats?
>> Mentioned in the abstract,
> 
> I think the word is fairly clear. See
> http://dictionary.reference.com/browse/common
> (definition 4/5)
> 
> 
>> 
>> AB>question> How can I define threats when I don’t know on which layer
>> NHDP[RFC6130] is located in router, is it in L4 or L3. Please define
>> that you concern with IP layer if it is the only you concern with.
> 
> That is given by RFC6130, which is running on the IP layer. I think
> this is not a task of NHDP-sec-threats to define.
> 
> 
>> 
>> [I-D] Section 1.Introduction:
>> 
>> [I-D] The information acquired by NHDP is used by other protocols, such as
>> OLSRv2 [OLSRv2] and SMF [RFC6621].
>> 
>> AB> please add> AODVv2 as reactive protocol using NHDP, not only proactive,
> 
> AODVv2 has no normative reference to RFC6130. In many cases of AODVv2
> deployments, I don't think that RFC6130 would be used (whereas it must
> be used for OLSRv2 and SMF). I am against adding a reference. Anyway,
> the sentence just lists some example protocols ("such as...").
> 
> 
>> 
>> [I-D] As wireless radio waves can be captured as well as transmitted
>> by any wireless
>> device within radio range
>> 
>> AB>confused> not true, different antennas have different
>> waves/frequencies, please delete.
> 
> I think that this is fairly clear; it's about contrasting
> communication over cable vs wireless, where the access to the channel
> is much easier, i.e., security threats can be exploited more easily
> since there is no physical access protection (read: cable).
> 
> 
>> 
>> [I-D] The document analyses possible attacks and mis-configurations on
>> NHDP and outlines the consequences of such attacks/mis-configurations
>> to the state
>> maintained by NHDP in each router (and, thus, made available to
>> protocols using this state).
>> 
>> AB> I don’t think it makes full analyses for NHDP threats? Please see
>> threat analysis by Tsao et al (2013) [1].
>> 
>> AB> the doc should consider information exchanged attacks and network
>> attacks as well.
> 
> 
> I think that this is exactly what NHDP-sec-threats does; section 4
> describes the possible exploits when using no protection of NHDP.
> Section 5 outlines the consequences for protocols using NHDP.
> 
> 
>> 
>> Section 2. Terminology:
>> 
>> AB> you don’t define *Threat*, and *Attack*, please do same definition
>> as threat analysis draft in ROLL WG (or refer to it).
> 
> The words "threat" and "attack" are pretty well known; I don't see any
> reason why they are ambiguous. I don't see any reason to cite the ROLL
> draft; why is that related in any way to NHDP? It describes security
> threats to a completely different protocol.
> 
> 
>> 
>> [I-D] Compromised NHDP Router: An attacker, present in the network and
>> which generates syntactically correct NHDP control messages.
>> Control messages emitted by a Compromised NHDP router may contain
>> additional information, or omit information, as compared to a
>> control message generated by a non-compromized NHDP router located
>> in the same topological position in the network.
>> 
>> AB> you mention network position, or topological position, but why the
>> document ignores the network domain(s) (just topology), could the NHDP
>> threats affect the network domain policy/states? If not say so,
> 
> 
> I don't understand your point. What do you mean?
> 
> Best regards
> Ulrich
> 
> 
>> 
>> The Message-References:
>> [1] http://tools.ietf.org/html/draft-ietf-roll-security-threats-01
>> 
>> =======================================
>> This is not the last comment, still under process,
>> 
>> Regards
>> AB
>> 
>> ---------------------------------------------------------------------------------------
>> This message is not sent to private email boxes, but sent to IETF
>> MANET mail box.
>> This message and any attachments are confidential to the intended
>> recipient and may also be privileged. If you are not the intended
>> recipient please delete it from your system and notify the sender.
>> This message is in compliance with the IETF regulations.
>> ---------------------------------------------------------------------------------------
>> 
>> On 3/25/13, Stan Ratliff (sratliff) <sratliff@cisco.com> wrote:
>>> WG,
>>> 
>>> I've re-started the WGLC on this document. There's a 2-week WGLC period,
>>> ending on April 8, 2013.
>>> 
>>> Regards,
>>> Stan
>>> _______________________________________________
>>> manet mailing list
>>> manet@ietf.org
>>> https://www.ietf.org/mailman/listinfo/manet
>> _______________________________________________
>> manet mailing list
>> manet@ietf.org
>> https://www.ietf.org/mailman/listinfo/manet
> _______________________________________________
> manet mailing list
> manet@ietf.org
> https://www.ietf.org/mailman/listinfo/manet

v2.23.0 | Report a Bug | By Email