Re: [Model-t] Model-t Perspective and Method Questions
"Rezaki, Ali (Nokia - DE)" <ali.rezaki@nokia.com> Fri, 08 November 2019 17:00 UTC
Return-Path: <ali.rezaki@nokia.com>
X-Original-To: model-t@ietfa.amsl.com
Delivered-To: model-t@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4DA6412083B for <model-t@ietfa.amsl.com>; Fri, 8 Nov 2019 09:00:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nokia.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GfRXpRr5_Gy9 for <model-t@ietfa.amsl.com>; Fri, 8 Nov 2019 09:00:01 -0800 (PST)
Received: from EUR03-DB5-obe.outbound.protection.outlook.com (mail-eopbgr40096.outbound.protection.outlook.com [40.107.4.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6F7D4120019 for <model-t@iab.org>; Fri, 8 Nov 2019 09:00:01 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Pd6ZLTBqbKZliBsQljyXQ8gNojJWCA3EFX2iiXMp0KsVvhRS5OIF95Jt4Q5EffVfB21wPJ9QqU83J3If5FxVBStwoYyxJ6w8VAerhHPlYD6nxiuET6q642HoePyJhhWLPwxGlIjE4R+dFfXq/Ng4ikKJqHVNt6Xg6D6vhpGNy7GOJ9hM7/LiC8i0basBnnpGwk/OmKA2h7qXBlPmtSy5UmEbLYlAiFjKw1mp2kCGKzm43L2OWv2kXlNT94jnfZ5lohTUVCBRczr2PGrpZvINMpIn6cIZk9if+BWxjOIxwWAyUP+a6lmdVaNZy7hJi8MBQDsN5Jr8ifew46rRerQe2w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sukFL3VN1i0bMRcLjd7nm3Lab0Cv3DJpTW1A8F+7Css=; b=PdjIUl32+3+Ksv36qqxutIY8gEQoX01eksP9BlDMRbmfK6m3zp8efzAWO+UU2cMXUebkGkMCyO/5CXLI0lkBQnXd1LkzKSEPoJZMQfSPwViBcFrJMQs4LisectkNcSQAbPacz51JQO1S+wfgvLTqhvV+wx7Kj3cpOcJh/DEHS9yTSWbLo3t/tLbdTlSZLIlagz2fxuPDQNkwyMN6Dm347d8LVLf5IA3JiwHUyKj4A2k09tplWKbtd33gcJNbye/hjzD2UIhWwq3JU0ZCFYQUhryL0OWPmUlKfflYxP8jAkr5mSQwkB7LE/NkuaflwhRrDzRu9oa39LfLJirX4X1EYg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nokia.com; dmarc=pass action=none header.from=nokia.com; dkim=pass header.d=nokia.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.onmicrosoft.com; s=selector1-nokia-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sukFL3VN1i0bMRcLjd7nm3Lab0Cv3DJpTW1A8F+7Css=; b=pgtNa8wKfxi8a3ZBsrPnNjd9Z9i981I29sNItMttE+nQKzZz1HtbISLlnV8B35rjKzuAxsL9Un12sZ1XpWZ3dyys02+FXHEPIuHSoPXva0wyg/0OeLb0DpYcA6W7SipWjg42McPCNRwMB+aXd7p95xNWq0qWg0PPSW3FA8ePVpo=
Received: from HE1PR0701MB2953.eurprd07.prod.outlook.com (10.168.95.140) by HE1PR0701MB2778.eurprd07.prod.outlook.com (10.168.188.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2451.16; Fri, 8 Nov 2019 16:59:58 +0000
Received: from HE1PR0701MB2953.eurprd07.prod.outlook.com ([fe80::e9a2:f4a5:1c3e:3666]) by HE1PR0701MB2953.eurprd07.prod.outlook.com ([fe80::e9a2:f4a5:1c3e:3666%12]) with mapi id 15.20.2451.013; Fri, 8 Nov 2019 16:59:58 +0000
From: "Rezaki, Ali (Nokia - DE)" <ali.rezaki@nokia.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, "model-t@iab.org" <model-t@iab.org>
Thread-Topic: [Model-t] Model-t Perspective and Method Questions
Thread-Index: AdWJrkVpsio8zy3WTn2tQl85jfl9wAL4iDMAADBpQtA=
Date: Fri, 08 Nov 2019 16:59:58 +0000
Message-ID: <HE1PR0701MB295390E6F623517DCAEF10CA937B0@HE1PR0701MB2953.eurprd07.prod.outlook.com>
References: <HE1PR0701MB2953A82FC4D71E30A5AA9FB8936B0@HE1PR0701MB2953.eurprd07.prod.outlook.com> <17322e43-cf31-a530-c0a9-9248af950807@cs.tcd.ie>
In-Reply-To: <17322e43-cf31-a530-c0a9-9248af950807@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ali.rezaki@nokia.com;
x-originating-ip: [131.228.32.174]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 2b4d43b6-9a26-44a9-535f-08d7646d1642
x-ms-traffictypediagnostic: HE1PR0701MB2778:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <HE1PR0701MB2778121A3174161C9631EA5A937B0@HE1PR0701MB2778.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0215D7173F
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(396003)(366004)(346002)(376002)(39860400002)(136003)(189003)(13464003)(199004)(52544003)(51444003)(52536014)(5660300002)(3846002)(6116002)(6246003)(25786009)(110136005)(86362001)(2906002)(316002)(71200400001)(296002)(478600001)(71190400001)(14454004)(2501003)(26005)(9686003)(305945005)(6436002)(102836004)(7696005)(76176011)(476003)(66574012)(33656002)(6506007)(53546011)(486006)(66066001)(7736002)(99286004)(66946007)(66446008)(76116006)(66556008)(8936002)(74316002)(81166006)(81156014)(14444005)(256004)(55016002)(229853002)(11346002)(446003)(64756008)(66476007)(8676002)(186003); DIR:OUT; SFP:1102; SCL:1; SRVR:HE1PR0701MB2778; H:HE1PR0701MB2953.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: nokia.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: w69+H08Y/oiI8Mds3oNLYiGpk3fS0PebtTwri+kAgrEq5GItj0XRBpqwDwbsrZ8roBcUuBFBn4XEr0yLQ+hCiyPiyMy21ah7TDRJkAR0IU8Z5/YRGTNaq+3PN08kXFDPSQTBETcrUtoXZvyKaW/dZ1kS+a7ZGWOE7I1rvIleFW2bWTp8N3l+hWw3rScKeI+xuyAWjHuY5unWhFOjir6C4F+c/93/rX6bcunv6DjMimMz21zZb8JPkMXvqOAHotApiwgxXVCwJWRoAq2jWApf171/UsF/s01QiIHz5LE/vr6JFyQnN60cVHC0/YJbWhwsnPQ3+xG8UeICOpKtAOnQl2HweT0PYHqRDU1KuKWRzW2nCHNIXfaCf6xSSGI9Vu5MCOFVr1VHSFWb3N954vAf9vEQgS9odDGSi0SvBG6aVoimkvGN3qBT4Mdj89FzQZZY
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: nokia.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 2b4d43b6-9a26-44a9-535f-08d7646d1642
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Nov 2019 16:59:58.2213 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: +O1zBcWyHXkzv+7Q2qihn2Qg5ftTzFBBg1olJZOTeuEJjeBVgi6mkCfD0uiVwf8RoL0y18FiBeEEUQzzXFi+7g==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2778
Archived-At: <https://mailarchive.ietf.org/arch/msg/model-t/XUC9g2kl4kVC2GILB29d1W49dvY>
Subject: Re: [Model-t] Model-t Perspective and Method Questions
X-BeenThere: model-t@iab.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions of changes in Internet deployment patterns and their impact on the Internet threat model <model-t.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/model-t>, <mailto:model-t-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/model-t/>
List-Post: <mailto:model-t@iab.org>
List-Help: <mailto:model-t-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/model-t>, <mailto:model-t-request@iab.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Nov 2019 17:00:05 -0000
Hi Stephen, Thanks very much for your feedback. It has been very helpful. I will then start with documenting the attacks that exploited vulnerabilities in IETF protocol specifications, covering also implementation and deployment vulnerabilities, with an eye on mitigation options. Thanks also for mentioning the heartbleed case for a start. I would appreciate it if other colleagues would also be able to send me pointers to additional cases. Looking forward to good discussions in Singapore. Cheers, Ali -----Original Message----- From: Stephen Farrell <stephen.farrell@cs.tcd.ie> Sent: Thursday, November 7, 2019 6:26 PM To: Rezaki, Ali (Nokia - DE) <ali.rezaki@nokia.com>; model-t@iab.org Subject: Re: [Model-t] Model-t Perspective and Method Questions Hi Ali, Sorry for the slow response, I had a bunch of travels... On 23/10/2019 15:42, Rezaki, Ali (Nokia - DE) wrote: > If this perspective would make sense, would it be helpful then to > initially work on: > > 1. Examples of attacks that exploited vulnerabilities in IETF > protocols that could not have been prevented by the current threat > model in BCP 72, and in what way the threat model in BCP 72 could be > modified to address these vulnerabilities? I think that'd be really useful. I'd say documenting those however you find easiest would be fine - no need to worry about stuff being in Internet drafts for now anyway. If doing that you might also want to note cases where the vulnerability was in the implementation or deployment but where (perhaps) some change to IETF protocols might have made exploitation harder. I guess heartbleed might be the canonical example there: had the TLS hearbeat response been e.g. a hash of the request then the implementation flaw might not have been near as bad, and IIRC we nearly did (but didn't quite) stumble on that change in IESG discussion of what became RFC6520, so I feel a little responsible myself for not spotting that then;-( > 2. Requesting information from related IETF contributors about a map > of areas that IETF considers to be in scope for its work, and its > evolution over the years, also identifying the underlying principles? Not as sure about that one - I suspect it could be a major time sink for you and it might be hard to get people to help you get it done. Hope that helps, S.
- [Model-t] Model-t Perspective and Method Questions Rezaki, Ali (Nokia - DE)
- Re: [Model-t] Model-t Perspective and Method Ques… Stephen Farrell
- Re: [Model-t] Model-t Perspective and Method Ques… Rezaki, Ali (Nokia - DE)