IETF Logo Mail Archive

Re: [mile] Eric Rescorla's Discuss on draft-ietf-mile-xmpp-grid-09: (with DISCUSS and COMMENT)

"Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com> Mon, 04 March 2019 19:04 UTC

Return-Path: <ncamwing@cisco.com>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 940AE130DDA; Mon, 4 Mar 2019 11:04:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=L3Fs7Ttb; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=gT9H+OC5
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bx3GHeWwXxrN; Mon, 4 Mar 2019 11:04:30 -0800 (PST)
Received: from rcdn-iport-3.cisco.com (rcdn-iport-3.cisco.com [173.37.86.74]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7AAB31277D2; Mon, 4 Mar 2019 11:04:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=44099; q=dns/txt; s=iport; t=1551726269; x=1552935869; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=jKAjuAC2N2Z8Ge/n0vQ9oj2uEa3BsACnJAa9dYlQVhQ=; b=L3Fs7TtbmVSbmfdUE8/uByiAHAJWHJm+vf3cicyIzv36mAulRSVzUhJc iu0bIXEYeubZBdc1gopWaglMLoNPzaOqQUMdG4WQaI2I2kVbjKwufoET5 d5OMjGtr97EivIALhKHf/JnqJTLZKpu5Ge3ihzUhhtQP9tzPZALvQAP1D 4=;
IronPort-PHdr: 9a23:k6Vw8xXWvSV+gzE9j09i2rUc2iHV8LGuZFwc94YnhrRSc6+q45XlOgnF6O5wiEPSA9yJ8OpK3uzRta2oGXcN55qMqjgjSNRNTFdE7KdehAk8GIiAAEz/IuTtank8F81HS15j8FmwMFNeH4D1YFiB6nA=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BUAABSdn1c/5NdJa1lGQEBAQEBAQEBAQEBAQcBAQEBAQGBZYEOLyQsA2h0BAsnhAiDRwOPUYJXiS6QFwNQBAsBARgBCgmEQAIXhA4iOBIBAQMBAQMBAwJtHAyFSgEBAQECAQEBGAkEGQEBJQUCCwEECwIBCA4DAwECAQwBEwcDAgICHwYLFAkIAgQBCQQFgyIBgRFMAw0IAQ6eFgKKFHF8M4J4AQEFgTABg08NC4ILAwWBL4hggisdF4F/gREnH4JMgldHAQGCAQ0JglQxgiaKFYIFKoQFHZJtMwkCh0GHdIM9GYF0hWKDSIRBg0OKZIVbgS6LGgIEAgQFAg0BAQWBXiGBVnAVOyoBgkGCCgcFFxODOIRZO4U/cgGBJ49tAQE
X-IronPort-AV: E=Sophos;i="5.58,441,1544486400"; d="scan'208,217";a="518320069"
Received: from rcdn-core-11.cisco.com ([173.37.93.147]) by rcdn-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 Mar 2019 19:04:27 +0000
Received: from XCH-RCD-016.cisco.com (xch-rcd-016.cisco.com [173.37.102.26]) by rcdn-core-11.cisco.com (8.15.2/8.15.2) with ESMTPS id x24J4Re1020382 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 4 Mar 2019 19:04:27 GMT
Received: from xhs-rtp-002.cisco.com (64.101.210.229) by XCH-RCD-016.cisco.com (173.37.102.26) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 4 Mar 2019 13:04:26 -0600
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by xhs-rtp-002.cisco.com (64.101.210.229) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 4 Mar 2019 14:04:24 -0500
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Mon, 4 Mar 2019 13:04:24 -0600
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector1-cisco-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jKAjuAC2N2Z8Ge/n0vQ9oj2uEa3BsACnJAa9dYlQVhQ=; b=gT9H+OC5vnFkPal9QtFGtvFd0sMaepJRh4E954zS5Z6tr1zSFjjmcmss7zOdnWQDXYl70D9AHzal15DuWloPfzJdWLBZaWiIJsuIVbKMrmMTZczUmbFBvOAgCkRKH+ok0lCFsrOJdcXViPDtAhqp7GeNTIc+FCspQgXmoa2MpO4=
Received: from BN6PR11MB1732.namprd11.prod.outlook.com (10.175.99.7) by BN6PR11MB4035.namprd11.prod.outlook.com (10.255.129.225) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1665.15; Mon, 4 Mar 2019 19:04:23 +0000
Received: from BN6PR11MB1732.namprd11.prod.outlook.com ([fe80::3df6:de14:447c:4146]) by BN6PR11MB1732.namprd11.prod.outlook.com ([fe80::3df6:de14:447c:4146%3]) with mapi id 15.20.1665.019; Mon, 4 Mar 2019 19:04:22 +0000
From: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>
To: Eric Rescorla <ekr@rtfm.com>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
CC: The IESG <iesg@ietf.org>, "mile@ietf.org" <mile@ietf.org>, "mile-chairs@tools.ietf.org" <mile-chairs@tools.ietf.org>, "draft-ietf-mile-xmpp-grid@ietf.org" <draft-ietf-mile-xmpp-grid@ietf.org>, "mile-chairs@ietf.org" <mile-chairs@ietf.org>
Thread-Topic: [mile] Eric Rescorla's Discuss on draft-ietf-mile-xmpp-grid-09: (with DISCUSS and COMMENT)
Thread-Index: AQHUs+t+u3PCBXuL40SIOaViE4Ov8aXCCRkAgADt4ICAOJU8gA==
Date: Mon, 04 Mar 2019 19:04:22 +0000
Message-ID: <B0BD72B1-B6E3-428D-8A53-6D47A29928FD@cisco.com>
References: <154833770862.25104.14121457719973234955.idtracker@ietfa.amsl.com> <312B7C3D-8DFA-4539-9E31-E4B1E8ADDDE3@gmail.com> <CABcZeBOVJ0SScEYY0LHgJMf0MekNgYXbaxWy5E-rL16e-9m4vg@mail.gmail.com>
In-Reply-To: <CABcZeBOVJ0SScEYY0LHgJMf0MekNgYXbaxWy5E-rL16e-9m4vg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.7.190210
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ncamwing@cisco.com;
x-originating-ip: [2001:420:292:1260:1dfe:3a6c:3efe:7107]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 2aef70dd-1ad3-4923-39e7-08d6a0d436a2
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600127)(711020)(4605104)(2017052603328)(7153060)(7193020); SRVR:BN6PR11MB4035;
x-ms-traffictypediagnostic: BN6PR11MB4035:
x-ms-exchange-purlcount: 2
x-microsoft-exchange-diagnostics: 1;BN6PR11MB4035;23:KdXDkej0G/7N9AiaJhDZ36tod4kvrxnBvlaAOGDFZ3gd6TzCGvXqieCXK/s5NEl1juEg9rBkyRRQF6T0lGRgSCdmO5gYvk02UsXe/5ETJj1bVJgoHHdGEYfsyi/BNeM8NVCN8jOfH+FU3aReK0BKAdMb0iBipePLJ2w2b0V/HHvzBTfWhTxwXQtrlgYRw5kZotB8HYfvrEgT1Sak40d9/8RAjb9zG6Yak5Vj3lWmDOmp9SNOS6HEoASgJ/dWIshnf4eI70cv+rLekUOavLQjFUVdxcsSgQ8YXAQe3SuLEYFrbb1LACXlzwbHQsl4wNBSnU601OC/XZRARz3rHKh8Vwme8eaoN8oemkeWrsum4hcpx/MYTQMcP3c3JeN0Jp8lM/v5ntbJ4Ct5bPse5PLRnA0L1rzMvSvkHxwdyLLrNPBmmzKu8Hd5IOUmpn8djBUICZOKzFN52LJdkwJJ9Za/rGPeS99bBbCUDZYgOov91C7vqTG7cT2FTJAEtveJBcFHWxFtDILwHJYfRosBso36Ey3WlaLiXqx3e3T1Sm2RmTW1toNEI+eTj7usPeIOEjm+DuUE++idCaWYP2eTZ2BZHOX/o0MIbYqOVOykpa7kW97sMONP/upJ6qkb4iWxDlo7MjA4X8chjSPGdMnNl9RNLRZwRk3X4uUrVhZbSvotLFLrNduXlC9ueQxq10l6jRh6+UZzksbUxn9wUXu/mnizXgqV2eCOeM0W9cqetichza0udIbn0CRQ5FPFu1Da7SdJmamI20p6c/tlkRcv96YTHcA8UUt1QUINlZXixx9nouvRVgSzJ8SgbPx7RvbtI9i6xFus8UWy+LmyUW0Sj4/TgsCxkvj1Xbxl+2Nutj3DqHyb1avPyDOnUP/P468CbvsFQxZzEpV2hr+8a2abDEItMxZK2eHOCGmFxRuto/iFLDiWLiWo8z+569cwvFaAoooNnwbckiHQEH6KQJkL4HveNmpyvwJT5Fwd8I/5Gxg0UE/w4sZVXSY9rScHxU5TGXiPhA8FcQaAxRhCFxnPrBhQwZaq1OkltfmfdCGbuoETUjOEUF/IWOazz+L527DrEORKXtXlx77AovmMEjp6gGTYtHjone981A+gYZyqDc1x6UqsWZEGNVFPqHX79Y7Y/fPZJpe0/6Eb0dXRr+hS48OvCAeYLbrS7IJhHsBQK6xjunO0pRlkIqu8ee8HFSAe/UBDXdqaQnAqVUvVZ/mPqeMoEzYMGDJk1xXUfGA6H1JgXHveevPfebgdGFP/goVuyZLFH8J6lcPERlB04dvwhTveYGxFsMT0zhfj9SDv41zSR4khU7b2pIAvhFGJChWqs2L4
x-microsoft-antispam-prvs: <BN6PR11MB4035035331E758678E5EFE43D6710@BN6PR11MB4035.namprd11.prod.outlook.com>
x-forefront-prvs: 09669DB681
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(366004)(346002)(396003)(376002)(39860400002)(199004)(189003)(6436002)(6306002)(186003)(11346002)(606006)(316002)(6512007)(446003)(81166006)(99286004)(54896002)(110136005)(2616005)(68736007)(486006)(476003)(58126008)(229853002)(86362001)(83716004)(71200400001)(71190400001)(53936002)(30864003)(102836004)(53546011)(5660300002)(236005)(6486002)(46003)(6506007)(256004)(14444005)(76176011)(54906003)(966005)(105586002)(106356001)(97736004)(33656002)(2906002)(7736002)(6246003)(82746002)(478600001)(14454004)(8676002)(4326008)(25786009)(6116002)(81156014)(36756003)(8936002); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR11MB4035; H:BN6PR11MB1732.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: ueG8nbvtTWkZVPsHV2+u4wCvnvmb4/mh2IF5ODPEOkUN/3MeFITcbFcFsvXN9AwWg6EL75DV48L9ChobVkQAi1I5khs/B9B/FanQMJWPN+Vd5fsRfIu2y53cvHy80pzJr/bJ7CcW1NywkW1T8R5JCY41++3As508v342m9OBjUcEbPCUSi67M7HWLlqIXpOqwuFFM51b7Kn16VJS0Tw5Fhg2j7MlciltFGr4mt7pHiehWGh7oljFMI/oShI5PJ81UO/YvByhhcHmij/oYpASW1xG3fRuNW5nTmQWFg/buQxY+PD9bgJhDFZsVc/acBBY2P0QPu6RoK40ysFoWPK72VOMX0kEYwNdLKfOu4AtzfxF3ErmV1XJXr6F1xFf4rJO1zbbyltJkVuxpKEEyEpK16Km/rNHahAVu1wRRMHaVPk=
Content-Type: multipart/alternative; boundary="_000_B0BD72B1B6E3428D8A536D47A29928FDciscocom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 2aef70dd-1ad3-4923-39e7-08d6a0d436a2
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Mar 2019 19:04:22.8014 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR11MB4035
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.26, xch-rcd-016.cisco.com
X-Outbound-Node: rcdn-core-11.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/jylGGt1YphR3L5hBFzWffB9W7HU>
Subject: Re: [mile] Eric Rescorla's Discuss on draft-ietf-mile-xmpp-grid-09: (with DISCUSS and COMMENT)
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Mar 2019 19:04:34 -0000

Hi EKR
(and thanks Kathleen for helping!),  please see further comments below:

From: Eric Rescorla <ekr@rtfm.com>
Date: Saturday, January 26, 2019 at 22:00
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Cc: The IESG <iesg@ietf.org>, "mile@ietf.org" <mile@ietf.org>, "mile-chairs@tools.ietf.org" <mile-chairs@tools.ietf.org>, "draft-ietf-mile-xmpp-grid@ietf.org" <draft-ietf-mile-xmpp-grid@ietf.org>, "mile-chairs@ietf.org" <mile-chairs@ietf.org>
Subject: Re: [mile] Eric Rescorla's Discuss on draft-ietf-mile-xmpp-grid-09: (with DISCUSS and COMMENT)
Resent-From: <alias-bounces@ietf.org>
Resent-To: "Nancy (ncamwing)" <ncamwing@cisco.com>, Syam Appala <syam1@cisco.com>, "Scott (scottp)" <scottp@cisco.com>, <stpeter@mozilla.com>
Resent-Date: Saturday, January 26, 2019 at 22:00



On Sat, Jan 26, 2019 at 7:48 AM Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail.com>> wrote:
Just trying to help on some of the comments as one point in the draft may need further clarification in the draft if EKR is raising this point since he knows the underlying protocol.

Sent from my mobile device

> On Jan 24, 2019, at 8:48 AM, Eric Rescorla <ekr@rtfm.com<mailto:ekr@rtfm.com>> wrote:
>
> Eric Rescorla has entered the following ballot position for
> draft-ietf-mile-xmpp-grid-09: Discuss
>
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
>
> Rich version of this review at:
> https://mozphab-ietf.devsvcdev.mozaws.net/D4730
>
>
> I have marked a number of places where I do not consider this fully
> specified.
>
> DETAIL
> S 4.
>>             |                      | Request Topic Creation  |
>>             |                      | (XEP-0060)              |
>>             |                      |<------------------------|
>>             |                      | Topic Creation Success  |
>>             |                      | (XEP-0060)              |
>>             |                      |------------------------>|
>
> Why Isn't XEP-0060 a normative reference?
[NCW] It is a normative reference. Noted in Section 12.1 (e.g. Normative references)

>
>
> S 5.
>>     </iq>
>>
>>     The Broker responds with the "disco#info" description, which SHOULD
>>     include an XMPP Data Form [XEP-0004] including a 'pubsub#type' field
>>     that specifies the supported namespace (in this example, the IODEF
>>     namespace defined in [RFC7970]):
>
> This seems underspecified.  What does the consumer look at to
> "determine the exact nature of each topic"? This text implies it's the
> 'pubsub#type' but doesn't quite say so. I am imagining changing this
> SHOULD to a MUST and then stating how the consumer behaves.

[NCW] Yes, it is a MUST as that is how the namespace is provided.

We can add a sentence after the “result” XML to state that the platform (e.g. consumer) can then
Discover the topics through the supported namespaces in the result.

>
>
>
> S 8.3.1.
>>     mechanism [RFC4422] or using the SASL SCRAM mechanism (with the
>>     SCRAM-SHA-256-PLUS variant being preferred over the SCRAM-SHA-256
>>     variant and SHA-256 variants [RFC7677] being preferred over SHA-1
>>     varients [RFC5802]).  XMPP-Grid Platforms and XMPP-Grid Controllers
>>     using mutual certificate-based authentication SHOULD each verify the
>>     revocation status of the other party's certificate.  All XMPP-Grid
>
> I am having trouble reading these two sentences together. Is the
> implication that I must use SCRAM and may also use mutual certificate
> auth?

 [NCW] Thank you for catching this.  I’ve cleaned up the paragraph, so hopefully it is more readable now.

>
>
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
> S 5.
>>         <item node='NEA1'
>>               name='Endpoint Posture Information'
>>               jid='broker.security-grid.example'/>
>>         <item node='MILEHost'
>>               name='MILE Host Data'
>>               jid='broker.security-grid.example'/>
>
> Assuming I am understanding this correctly, there's no machine-
> readable description of the topics; they are just freeform
> descriptions and then some human has to decide what to consume.
> Assuming that's correct you should state it upfront.
[NCW] The response itself doesn’t provide a full description of the topic, but further in Section 5
We do describe how the broker responds with the supported namespace.  Is that not sufficient?

>
>
> S 6.
>>             jid='xmpp-grid-client@mile-host.example'
>>             subscription='subscribed'/>
>>       </pubsub>
>>     </iq>
>>
>>     Third, a Provider would publish an incident as follows:
>
> The "as follows" here also seems underspecified. You need to define
> exactly where the payload goes and what permitted payloads are.

[NCW] We can clarify that this is an IODEF formatted incident by stating:

“Third, a Provider would publish an incident to the broker on MILEHost topic as follows:”

So that should be understood from the document that MILEHost is carrying the IODEF payload.

As to the format we do state after the snippet example that the payload is in adherence to

IODEF, e.g. RFC7970 and RFC 8274.


>
>
> S 6.
>>        </publish>
>>      </pubsub>
>>    </iq>
>>
>>     (The payload in the foregoing example is from [RFC7970]; payloads for
>>     additional use cases can be found in [RFC8274].)
>
> Just to be clear: there's no negotiation here or even advertisement of
> payload types? The Consumer just takes whatever it gets?

[NCW] Yes. The expectation is the consumer, would understand RFC7970 and RFC8274

To be able to interpret the data.  XMPP is a pubsub mechanism so previous sections describe

How to discover the different topics (payloads) that are available by the Providers.


>
>
> S 6.
>>
>>     (The payload in the foregoing example is from [RFC7970]; payloads for
>>     additional use cases can be found in [RFC8274].)
>>
>>     The Broker would then deliver that incident report to all Consumers
>>     who are subscribe to the Topic:
>
> Nit: "are subscribed"

[NCW] Thanks for pointing this out. We will fix it in the next revision.


>
>
> S 8.1.4.
>>
>>  8.1.4.  Certification Authority
>>
>>     The Certification Authority (CA) that issues certificates for the
>>     XMPP-Grid Controller and/or XMPP-Grid Platforms (or each CA, if there
>>     are several) is trusted to:
>
> Well, any trusted CA, whether or not it is actually issuing
> certificates.
[NCW] We’ve updated the beginning of that section to describe the need for the CA.

>
>
> S 8.2.1.
>>     o  Network traffic can be passively monitored to glean information
>>        from any unencrypted traffic
>>
>>     o  Even if all traffic is encrypted, valuable information can be
>>        gained by traffic analysis (volume, timing, source and destination
>>        addresses, etc.)
>
> This text is kind of misleading because below you require TLS.



The point here is that data is exposed at relays and a grid is used where data may be exposed on XMPP servers that are not the source or destination.  The need for object level encryption is important when sensitive data is exchanged.

If this is clearer, then it addresses several comments as TLS doesn’t suffice in this case.

Thanks. I agree that TLS doesn't address attack by the XMPP relay servers and that object level encryption would help. What's confusing here, at least to me, however, is that this section is entitled "Network Attacks" and there is a separate section (8.2.2) that talks about what the XMPP-Grid-Controller can do. Moreover S 8.3.1 talks about requiring TLS and says "These protocol security measures provide protection against all the  network attacks listed in the above document section [I'm assuming 8.2.1 -- EKR] except denial of service attacks." So, these are odd read in context.

[NCW] I’m open to suggestions on reworking or shuffling to improve readability


-Ekr


Best regards,
Kathleen

>
> S 8.2.1.
>>     o  Network traffic can be blocked, perhaps selectively
>>
>>     o  A "Man In The Middle" (MITM) attack can be mounted where an
>>        attacker interposes itself between two communicating parties and
>>        poses as the other end to either party or impersonates the other
>>        end to either or both parties
>
> How would this be possible? Is it only in the case of unencrypted
> transport or something else?

[NCW] Yes, it is only the case with unencrypted transport.


>
>
> S 8.3.1.
>>
>>  8.3.1.  Securing the XMPP-Grid Data Transfer Protocol
>>
>>     To address network attacks, the XMPP-Grid data transfer protocol
>>     described in this document requires that the XMPP-Grid messages MUST
>>     be carried over TLS (minimally TLS 1.2 [RFC8446]) as described in
>
> It would have been useful to state this earlier.

[NCW] Actually Section 8.2 presents the Threat Model and the issues whereas

Section 8.3 presents the countermeasures to the issues.


>
>
> S 8.3.1.
>>  8.3.1.  Securing the XMPP-Grid Data Transfer Protocol
>>
>>     To address network attacks, the XMPP-Grid data transfer protocol
>>     described in this document requires that the XMPP-Grid messages MUST
>>     be carried over TLS (minimally TLS 1.2 [RFC8446]) as described in
>>     [RFC6120] and updated by [RFC7590].  The XMPP-Grid Platform MUST
>
> Perhaps you should require 1.3 at this point?

[NCW] As this is based on the current XMPP which uses TLS 1.2, I’m not sure we can make such a recommendation?


>
>
> S 8.3.1.
>>     authentication technique to use in any particular deployment is left
>>     to the administrator.
>>
>>     These protocol security measures provide protection against all the
>>     network attacks listed in the above document section except denial of
>>     service attacks.  If protection against these denial of service
>
> This is a bit hard to read in context. It seems almost like you wrote
> the "network attacks" section as if TLS wasn't required and then added
> the TLS requirement? In any case, if all those attacks are prevented,
> I would rewrite that section

[NCW] I am not sure why you believe TLS solves passive monitoring (especially of metadata or general traffic analysis as noted above)?


>
>
> S 11.
>>
>>     The authors would like to acknowledge the contributions, authoring
>>     and/or editing of the following people: Joseph Salowey, Lisa
>>     Lorenzin, Clifford Kahn, Henk Birkholz, Jessica Fitzgerald-McKay,
>>     Steve Hanna, and Steve Venema.  In addition, we want to thank Takeshi
>>     Takahashi, Panos Kampanakis, Adam Montville, Chris Inacio, and Dave
>
> "Ignacio", right?

[NCW] No. It is Chris Inacio.


>
>
> _______________________________________________
> mile mailing list
> mile@ietf.org<mailto:mile@ietf.org>
> https://www.ietf.org/mailman/listinfo/mile

v2.23.0 | Report a Bug | By Email