Re: [MEXT] Potential new issues for rfc3775bis
arno@natisbad.org (Arnaud Ebalard) Mon, 11 May 2009 11:38 UTC
Return-Path: <arno@natisbad.org>
X-Original-To: mext@core3.amsl.com
Delivered-To: mext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CE3F53A6BF1 for <mext@core3.amsl.com>; Mon, 11 May 2009 04:38:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.58
X-Spam-Level:
X-Spam-Status: No, score=-3.58 tagged_above=-999 required=5 tests=[AWL=0.019, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I6Ja5PHccx8c for <mext@core3.amsl.com>; Mon, 11 May 2009 04:38:37 -0700 (PDT)
Received: from copper.chdir.org (copper.chdir.org [88.191.97.87]) by core3.amsl.com (Postfix) with ESMTP id 7E62A3A6D96 for <mext@ietf.org>; Mon, 11 May 2009 04:38:37 -0700 (PDT)
Received: from [2001:7a8:78df:2:20d:93ff:fe55:8f79] (helo=small.ssi.corp) by copper.chdir.org with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <arno@natisbad.org>) id 1M3Tqz-0006dd-TL; Mon, 11 May 2009 13:39:30 +0200
From: arno@natisbad.org
To: Julien Laganier <julien.laganier.ietf@googlemail.com>
References: <49AF10F3.8080403__23090.1656010703$1236210023$gmane$org@earthlink.net> <87zlf8mx6h.fsf@small.ssi.corp> <200905111320.54733.julien.laganier.IETF@googlemail.com>
X-PGP-Key-URL: http://natisbad.org/arno@natisbad.org.asc
X-Fingerprint: 47EB 85FE B99A AB85 FD09 46F3 0255 957C 047A 5026
X-Hashcash: 1:20:090511:marcelo@it.uc3m.es::SHEwgFPz3ghY2ciX:000000000000000000000000000000000000000000003XL
X-Hashcash: 1:20:090511:mext@ietf.org::wDyMa0DJLlbjeMpa:00003OBf
X-Hashcash: 1:20:090511:julien.laganier.ietf@googlemail.com::rcegK03emBZ/grPs:0000000000000000000000000050cx
X-Hashcash: 1:20:090511:charles.perkins@earthlink.net::qy+rGdUOBbmcSSdq:000000000000000000000000000000004lZ5
Date: Mon, 11 May 2009 13:40:12 +0200
In-Reply-To: <200905111320.54733.julien.laganier.IETF@googlemail.com> (Julien Laganier's message of "Mon, 11 May 2009 13:20:54 +0200")
Message-ID: <87hbzrrhpf.fsf@small.ssi.corp>
User-Agent: Gnus/5.110009 (No Gnus v0.9) Emacs/23.0.92 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Cc: IETF MEXT WG ML <mext@ietf.org>
Subject: Re: [MEXT] Potential new issues for rfc3775bis
X-BeenThere: mext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Mobile IPv6 EXTensions WG <mext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mext>
List-Post: <mailto:mext@ietf.org>
List-Help: <mailto:mext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 May 2009 11:38:38 -0000
Hi Julien, Julien Laganier <julien.laganier.ietf@googlemail.com> writes: > Sorry that I'm coming back late with this. See below: No problem. But see below >> The conclusion could be that this is not a 3775 problem, but a >> 3776/4877 one. Anyway, I think it is a MIPv6 security issue which >> should be considered, clarified and solved in the context of the WG. >> >> Marcelo and Julien, can you provide your chairs' thoughts on previous >> paragraph? > > There is no issue at all, and in particular no issue w.r.t. Mobile IPv6. > > It is a given that NDP alone is insecure, and the IETF has a solution: > Secure Neighbor Discovery (SEND) [RFC3971]. The mail you quote is almost 7 weeks old. Meanwhile (less than 2 weeks ago), I took the time to make a draft which *precisely* explains the issues (NDP as a trigger, BU/BA formatting, lose description of expected processing in RFC 3775, ...) and implementing attacks against a MIPv6 implementation. I understand you may have a limited amount of time but just nacking the issues with the 'SEND' magical keyword is a bit easy I think (just my opinion). If you find the time to just read the draft and still have the same opinion, then you get my word I won't bother you directly with with that again. You may even find the draft entertaining ... Cheers, a+ The mail I sent recently: > Hello, > > I have just submitted a draft describing possible attacks (implemented > for demonstration against an existing implementation) associated w/ the > Home Link Detection mechanism and the Home Return procedure. > > If some among you find some interest in the topic, I'd be interested by > some feedback (questions, comments). > > Link to the document: > > http://www.ietf.org/internet-drafts/draft-ebalard-mext-hld-security-00.txt > > Cheers, > > a+ > > IETF I-D Submission Tool <idsubmission@ietf.org> writes: > >> A new version of I-D, draft-ebalard-mext-hld-security-00.txt has been >> successfuly submitted by Arnaud Ebalard and posted to the IETF >> repository. >> >> Filename: draft-ebalard-mext-hld-security >> Revision: 00 >> Title: Mobile IPv6 Home Link Detection Mechanism Security considerations >> Creation_date: 2009-04-30 >> WG ID: Independent Submission >> Number_of_pages: 32 >> >> Abstract: >> >> MIPv6 defines the concept of Home Network for a MN, in opposition to >> the foreign network where this entity may find itself. A ``Home Link >> Detection'' mechanism is also specified to allow the MN to detect >> when it is at home. >> >> MIPv6 specification mandates the use of IPsec for protecting main >> signaling traffic and also defines how IPsec can be used to protect >> data traffic between the MN and its HA. Even if optional, it is >> expected that many deployments of MIPv6 will use it by default for MN >> which may roam outside a trusted infrastructure (e.g. outside a >> mobile operator network). >> >> When a MN detects it is at home, it is expected to stop IPsec >> protection for data traffic exchanged with its Home Agent. That >> event is the result of the Home Return procedure, triggered by the >> Home Link Detection mechanism. >> >> This document discusses the possible threats and security impacts >> associated with the use of this insecure NDP-based mechanism as a >> trigger to drop IPsec protection of data traffic for the MN. It also >> provides some results on the implementation of the attacks against an >> existing MIPv6 module. Possible solutions are suggested.
- [MEXT] Potential new issues for rfc3775bis Charles E. Perkins
- Re: [MEXT] Potential new issues for rfc3775bis Arnaud Ebalard
- Re: [MEXT] Potential new issues for rfc3775bis Julien Laganier
- Re: [MEXT] Potential new issues for rfc3775bis Arnaud Ebalard