[mile] AD review of draft-ietf-mile-xmpp-grid-08
Alexey Melnikov <alexey.melnikov@isode.com> Thu, 06 December 2018 12:21 UTC
Return-Path: <alexey.melnikov@isode.com>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0017B130DCC for <mile@ietfa.amsl.com>; Thu, 6 Dec 2018 04:21:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isode.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SNCOkVvlk_vn for <mile@ietfa.amsl.com>; Thu, 6 Dec 2018 04:21:49 -0800 (PST)
Received: from statler.isode.com (Statler.isode.com [62.232.206.189]) by ietfa.amsl.com (Postfix) with ESMTP id D22B4130DDB for <mile@ietf.org>; Thu, 6 Dec 2018 04:21:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1544098906; d=isode.com; s=june2016; i=@isode.com; bh=NGSXTXFxLgivzN6J0VoYM6LR9tVPbBqUK7RrIXwNT8s=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=D3A/PMDGYpMOc3OtQRQG39v35+fljTVPUiGxB6Iw9sErGFKmS/xO9VTorzGRkrXY/Q+dHl 7dkkkVJITGAyZTr/f7YYAZfkxG3p9RuATgFrRFn8Qc5PeJy9TifZ/fu+EQQhix5RQkpFpX sJmAXYTx7NGUBzk43z3JjWdZ8wvPsII=;
Received: from [172.20.1.215] (dhcp-215.isode.net [172.20.1.215]) by statler.isode.com (submission channel) via TCP with ESMTPSA id <XAkUWQB0CY3z@statler.isode.com>; Thu, 6 Dec 2018 12:21:45 +0000
From: Alexey Melnikov <alexey.melnikov@isode.com>
To: "mile@ietf.org" <mile@ietf.org>
Message-ID: <63dc7282-3db0-08c0-64db-bc3280665048@isode.com>
Date: Thu, 06 Dec 2018 12:20:46 +0000
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.0
MIME-Version: 1.0
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Language: en-GB
Content-transfer-encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/fWVWTD3ge7hfY13k01-zoyHU6N0>
Subject: [mile] AD review of draft-ietf-mile-xmpp-grid-08
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Dec 2018 12:21:51 -0000
Hi, This document reads well and I am grateful for the extensive Security Considerations section! Some specific comments, most of which are nits/minor things: The following references need to be Normative, as they describe documents that need to be read and understood in order to implement various requirements specified in this draft: [XEP-0060] [XEP-0030] (used in a SHOULD) [XEP-0004] (used in a SHOULD) The following need to have References: SASL EXTERNAL - Normative reference to RFC 4422 DHCP - Informative reference 8.2.1. Network Attacks A variety of attacks can be mounted using the network. For the purposes of this subsection the phrase "network traffic" can be taken to mean messages and/or parts of messages. Any of these attacks can be mounted by network elements, by parties who control network elements, and (in many cases) by parties who control network-attached devices. o Network traffic can be passively monitored to glean information from any unencrypted traffic [snip] o A "Man In The Middle" (MITM) attack can be mounted where an attacker interposes itself between two communicating parties and poses as the other end to either party or impersonates the other end to either or both parties o Resist attacks (including denial of service and other attacks from XMPP-Grid Platforms) This seems out of place or not worded quite right. All other items describe various attacks. What exactly does this item mean? o Undesired network traffic can be sent in an effort to overload an architectural component, thus mounting a denial of service attack 8.3.6. Securing the Certification Authority As noted above, compromise of a Certification Authority (CA) trusted to issue certificates for the XMPP-Grid Controller and/or XMPP-Grid Platforms is a major security breach. Many guidelines for proper CA security have been developed: the CA/Browser Forum's Baseline Requirements, the AICPA/CICA Trust Service Principles, etc. The CA operator and relying parties should agree on an appropriately rigorous security practices to be used. Even with the most rigorous security practices, a CA can be compromised. I think it might be good to reference Certificate Transparency WG work here (informatively), see <https://datatracker.ietf.org/wg/trans/documents/> Best Regards, Alexey
- [mile] AD review of draft-ietf-mile-xmpp-grid-08 Alexey Melnikov
- Re: [mile] AD review of draft-ietf-mile-xmpp-grid… Nancy Cam-Winget (ncamwing)
- Re: [mile] AD review of draft-ietf-mile-xmpp-grid… Peter Saint-Andre