Re: [mif] I-D Action: draft-mglt-mif-security-requirements-00.txt
Jong-Hyouk Lee <jonghyouk@gmail.com> Mon, 26 March 2012 15:36 UTC
Return-Path: <jonghyouk@gmail.com>
X-Original-To: mif@ietfa.amsl.com
Delivered-To: mif@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F27D21E80BB for <mif@ietfa.amsl.com>; Mon, 26 Mar 2012 08:36:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.598
X-Spam-Level:
X-Spam-Status: No, score=-3.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LZ0ZDUy4WvHW for <mif@ietfa.amsl.com>; Mon, 26 Mar 2012 08:36:19 -0700 (PDT)
Received: from mail-iy0-f172.google.com (mail-iy0-f172.google.com [209.85.210.172]) by ietfa.amsl.com (Postfix) with ESMTP id 40AE621E80A3 for <mif@ietf.org>; Mon, 26 Mar 2012 08:36:19 -0700 (PDT)
Received: by iazz13 with SMTP id z13so9934893iaz.31 for <mif@ietf.org>; Mon, 26 Mar 2012 08:36:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=CfhLkLqxZtxlEr6LUTRDlDWfVltQfk+7iWRZ3w6dobw=; b=pFDweYx0NZS/H2sF6TTmT7J23Ks5yjpLOJohqrskbQUIsD8ZoNC7XOVo/OAP6+3ooN lzwrwDCYW+WgI9x8EwwNivB+BB8euqCd06+YtbvF8kLvWHiSa6OA/Ok19P5lEJJcQLDe kkIwnUV1DFEPYM/eN6WljLwV0Owv6scWcwOjitlKO497CBNUXJwYG5uTD8k8dnFiYaNb Ds/WtEoeXqkdRs1EeLWRFspWlPJ0k5jk8nEP14F2s4fpYar9xLmxhx4mgHrp9J61MHaa FPFqJ9VHMnvjBte0UpWL67o+5YxNmAMBfpdGcnyMI3C4O9fJ/NQbUsoPS/1jv4nSp/ph hFgw==
MIME-Version: 1.0
Received: by 10.50.106.226 with SMTP id gx2mr6043867igb.42.1332776178863; Mon, 26 Mar 2012 08:36:18 -0700 (PDT)
Received: by 10.64.30.200 with HTTP; Mon, 26 Mar 2012 08:36:18 -0700 (PDT)
In-Reply-To: <CADZyTkkw-Z5UE357mDE41HRXdDYL3bfjRCJKUYdmsqihq=YkyQ@mail.gmail.com>
References: <20120301144229.28186.7229.idtracker@ietfa.amsl.com> <4F4FFE91.8020906@gmail.com> <CADZyTkkw-Z5UE357mDE41HRXdDYL3bfjRCJKUYdmsqihq=YkyQ@mail.gmail.com>
Date: Mon, 26 Mar 2012 17:36:18 +0200
Message-ID: <CAB2CD_U=sheYYYRb-y+zGXYdRq3r=w2o63NKXTuw5HHykRjohw@mail.gmail.com>
From: Jong-Hyouk Lee <jonghyouk@gmail.com>
To: Daniel Migault <mglt.ietf@gmail.com>
Content-Type: multipart/alternative; boundary="e89a8f2351e1b4ce6504bc27227e"
Cc: mif@ietf.org
Subject: Re: [mif] I-D Action: draft-mglt-mif-security-requirements-00.txt
X-BeenThere: mif@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multiple Interface Discussion List <mif.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mif>, <mailto:mif-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mif>
List-Post: <mailto:mif@ietf.org>
List-Help: <mailto:mif-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mif>, <mailto:mif-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Mar 2012 15:36:21 -0000
Dear Daniel. I would like to encourage you not to only focus IPsec cases for securing communication in multiple interface environments. As the title of this draft shows it should address and point out general security requirements for multiple interface environments. IPsec is not the sole solution. Note that the document 00 is not addressing the general security requirements. Access network attachment and flow security in multiple interface environments should be addressed in such a security requirement document. Cheers. On Sun, Mar 25, 2012 at 5:05 PM, Daniel Migault <mglt.ietf@gmail.com> wrote: > Hi Brian, > > Thank you for your remarks we are considering for the 01 version of the > draft that will be published soon. I briefly provide inline responses. > > > On Thu, Mar 1, 2012 at 11:56 PM, Brian E Carpenter < > brian.e.carpenter@gmail.com> wrote: > >> Hi, >> >> I don't understand the scope or the threat model for this draft. >> >> The scope seems to be less than the whole of MIF. It seems to be >> limited to a subset of MIF cases where a provider is in some way >> in control of the acquisition and use of additional interfaces. >> In the general case, nobody is in control - the user device simply >> discovers and uses whatever connectivity appears. If this is a >> correct understanding, could the title, Abstract and Introduction >> make it very clear what the scope is? >> >> No. we are considering the general case of MIF. The confusion comes > probably from the section that considered ISP hosted services. What we > pointed out in this section was that the ISP would be able to adapt the > security of the Service according to the type of network. I remove this > confusing section in 01. > > > >> I don't understand the threat model because it isn't described >> at all. So I can't evaluate any of the assertions about security >> requirements. > > > The model is that a communication being carried on a RAN MAY not need any > protection because RAN is a trusted Network. WLAN MAY not be trusted > Network, and EU switching to WLAN MAY want to protect the communication. We > describe why we recommend IPsec and what IPsec currently misses to address > the Multiple Interfaces Security Requirements. > There is no threats description in 01, but we provide a better description > of the motivations for Security Requirements. > > I do know that a conclusion that IPsec must be used >> for everything is very unpalatable. > > > I agree. For ISPs, IPsec is recommended, but we also insist that there is > no systematic solutions. > > There are risks in any public >> WLAN of course, but they exist whatever crypto is used. >> >> One detail: >> >> > Alternate IP addresses are provided for a given >> > communication, a Primary IP addresses is replaced by an >> > Alternate IP address, and Primary and Alternate are not used >> > simultaneously for the same communication. >> >> This is not true if the device uses recent techniques such as >> MPTCP, which automatically shares the available paths. Such end >> to end techniques are outside the control of the provider. >> > > Right. Version 01 should clarify this. The draft is focused on IPsec > configuration for Multihoming. I considered IKEv2 own mechanisms to deal > with Multihoming. I known work has previously been done to make IKEv2 work > over SCTP to make IKEv2 benefit from SCTP features but do not considered > here. > The idea is to make IKEv2 resistant to change of Interfaces, Interface > fail-over so that IKEv2 can proceed to the IPsec configuration for the > communication. Mobility, Multihoming, Multiple Interfaces do not concern > the communication in itself, but the way to configure IPsec. Configuring > properly IPsec is necessary to avoid IPsec blocking the communication, when > other protocols like SCTP, MTCP performs Mobility or Multihoming. > > Regards, > Daniel > >> Brian >> >> _______________________________________________ >> mif mailing list >> mif@ietf.org >> https://www.ietf.org/mailman/listinfo/mif >> > > > > -- > Daniel Migault > Orange Labs -- Security > +33 6 70 72 69 58 > > _______________________________________________ > mif mailing list > mif@ietf.org > https://www.ietf.org/mailman/listinfo/mif > > -- RSM Department, TELECOM Bretagne, France Jong-Hyouk Lee, living somewhere between /dev/null and /dev/random #email: jonghyouk (at) gmail (dot) com #webpage: http://sites.google.com/site/hurryon/
- Re: [mif] I-D Action: draft-mglt-mif-security-req… Brian E Carpenter
- Re: [mif] I-D Action: draft-mglt-mif-security-req… Daniel Migault
- Re: [mif] I-D Action: draft-mglt-mif-security-req… Jong-Hyouk Lee