Re: [mpls] Kathleen Moriarty's Discuss on draft-ietf-mpls-lsp-ping-reply-mode-simple-04: (with DISCUSS)

Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Wed, 30 September 2015 16:12 UTC

Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: mpls@ietfa.amsl.com
Delivered-To: mpls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63A651B5EE0; Wed, 30 Sep 2015 09:12:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iolkERNOH0eP; Wed, 30 Sep 2015 09:12:54 -0700 (PDT)
Received: from mail-wi0-x234.google.com (mail-wi0-x234.google.com [IPv6:2a00:1450:400c:c05::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5EA9E1B5EF5; Wed, 30 Sep 2015 09:12:29 -0700 (PDT)
Received: by wiclk2 with SMTP id lk2so206195090wic.0; Wed, 30 Sep 2015 09:12:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=NFhcc38MxOdA2jJPe48SbywMWwPUptEWWKi1iOadf9I=; b=Fh1sXBfnPv0dkVeL9m8QZUUOvx7Ehfjc6D3LTVLXNaW4c+iNT81tPMTYwm0xASI9+W gaphU3kmkCU1Czr/9sU/oeAMMhJf4+tTCMMrUZgB54zsvuZgl9/aEa3FnIL9L9XuhrzL CG9E+fak8MRX5caIDD4tdIxYWNKUkQi8vrxnLPdTwwyaAOQ4FUGrR+kimYoaCER4v8Oe 3WowYZV9Xuk2oLuKlHq1sJoVJJi+QSdWP52nkJo3kgREP66qp67+pU81+5Qg7prrwIAO hYiXUEPgb9DAarNrjkvdHHyNp9gCr/rZXIZtRlbV5CyOP8W9ZnDICeIxqITdzvEiK74J pgrQ==
MIME-Version: 1.0
X-Received: by 10.195.13.138 with SMTP id ey10mr5986794wjd.14.1443629547828; Wed, 30 Sep 2015 09:12:27 -0700 (PDT)
Received: by 10.28.214.213 with HTTP; Wed, 30 Sep 2015 09:12:27 -0700 (PDT)
In-Reply-To: <F73A3CB31E8BE34FA1BBE3C8F0CB2AE28B606F0D@SZXEMA510-MBX.china.huawei.com>
References: <20150929151503.2931.97454.idtracker@ietfa.amsl.com> <F73A3CB31E8BE34FA1BBE3C8F0CB2AE28B606E58@SZXEMA510-MBX.china.huawei.com> <562A4F65-2A63-4D75-BCF6-6F6ECC77CC41@gmail.com> <F73A3CB31E8BE34FA1BBE3C8F0CB2AE28B606F0D@SZXEMA510-MBX.china.huawei.com>
Date: Wed, 30 Sep 2015 12:12:27 -0400
Message-ID: <CAHbuEH7WetBik3eJtUB1yyQSTRazpLimLhDov48Kym9miFrJsQ@mail.gmail.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
To: Mach Chen <mach.chen@huawei.com>
Content-Type: text/plain; charset=UTF-8
Archived-At: <http://mailarchive.ietf.org/arch/msg/mpls/B8WgDYohqn-CIbI4raTGpJlo_Uc>
Cc: "mpls@ietf.org" <mpls@ietf.org>, "draft-ietf-mpls-lsp-ping-reply-mode-simple.shepherd@ietf.org" <draft-ietf-mpls-lsp-ping-reply-mode-simple.shepherd@ietf.org>, "draft-ietf-mpls-lsp-ping-reply-mode-simple@ietf.org" <draft-ietf-mpls-lsp-ping-reply-mode-simple@ietf.org>, "mpls-chairs@ietf.org" <mpls-chairs@ietf.org>, "draft-ietf-mpls-lsp-ping-reply-mode-simple.ad@ietf.org" <draft-ietf-mpls-lsp-ping-reply-mode-simple.ad@ietf.org>, The IESG <iesg@ietf.org>, "rcallon@juniper.net" <rcallon@juniper.net>
Subject: Re: [mpls] Kathleen Moriarty's Discuss on draft-ietf-mpls-lsp-ping-reply-mode-simple-04: (with DISCUSS)
X-BeenThere: mpls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Multi-Protocol Label Switching WG <mpls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mpls>, <mailto:mpls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mpls/>
List-Post: <mailto:mpls@ietf.org>
List-Help: <mailto:mpls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mpls>, <mailto:mpls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Sep 2015 16:12:56 -0000

On Tue, Sep 29, 2015 at 11:13 PM, Mach Chen <mach.chen@huawei.com> wrote:
> Hi Kathleen,
>
> Thanks for your prompt response!
>
> Please see my reply inline...
>
>> -----Original Message-----
>> From: Kathleen Moriarty [mailto:kathleen.moriarty.ietf@gmail.com]
>> Sent: Wednesday, September 30, 2015 10:39 AM
>> To: Mach Chen
>> Cc: The IESG; draft-ietf-mpls-lsp-ping-reply-mode-simple.shepherd@ietf.org;
>> mpls-chairs@ietf.org; draft-ietf-mpls-lsp-ping-reply-mode-simple@ietf.org;
>> draft-ietf-mpls-lsp-ping-reply-mode-simple.ad@ietf.org; rcallon@juniper.net;
>> mpls@ietf.org
>> Subject: Re: Kathleen Moriarty's Discuss on
>> draft-ietf-mpls-lsp-ping-reply-mode-simple-04: (with DISCUSS)
>>
>> Hi,
>>
>> Thanks for suggesting text quickly to address this.  Inline
>>
>> Sent from my iPhone
>>
>> > On Sep 29, 2015, at 10:28 PM, Mach Chen <mach.chen@huawei.com>
>> wrote:
>> >
>> > Hi Kathleen,
>> >
>> > Thanks for reviewing the draft and the suggestion!
>> >
>> > Regarding the DISCUSS, how about the following update?
>> >
>> > OLD:
>> > Beyond those specified in [RFC4379] and [RFC7110], there are no further
>> security measures required.
>> >
>> > NEW:
>> > Those security considerations specified in [RFC4379] and [RFC7110] apply for
>> this document.
>> > In addition, this document introduces the Reply Mode Order TLV. It provides a
>> new way for an unauthorized source to gather more network information,
>> especially the potential return path(s) information of an LSP. To protect against
>> unauthorized sources using MPLS echo request messages with the Reply Mode
>> Order TLV to obtain network information, similar to [RFC4379], it is
>> RECOMMENDED that implementations provide a means of checking the source
>> addresses of MPLS echo request messages against an access list before
>> accepting the message.
>>
>> If the message is not encrypted, this content is still exposed potentially, right?
>
> Yes, but it is exposed within the MPLS domain.
>
>> This helps, but also mentioning lack of confidentiality protection might be
>> helpful too.
>
> I'm not sure whether this issue is specific to this document, seems this is a common issue for MPLS OAM and control plane.
>
> If this is a concern, how about adding the following text:
> "
> Another potential security issue is that the MPLS echo request and
>    reply messages are not encrypted, the content of the MPLS echo
>    request and reply messages may be potentially exposed. Although the
>    exposure is within the MPLS domain, if such exposure is a concern,
>    some encryption mechanisms may be employed.
> "

This additional text puts int he caveat that you are concerned with
and limits the scope to the MPLS domain, so I think that is helpful on
both fronts.  The two combined would cover any additional
considerations for this draft nicely, thank you.

Please let me know when the updated text has been incorporated and I will clear.

Thanks,
Kathleen
>
> Best regards,
> Mach
>
>>
>> Thank you,
>> Kathleen
>>
>> >
>> >
>> > Best regards,
>> > Mach
>> >
>> >
>> >> -----Original Message-----
>> >> From: Kathleen Moriarty [mailto:Kathleen.Moriarty.ietf@gmail.com]
>> >> Sent: Tuesday, September 29, 2015 11:15 PM
>> >> To: The IESG
>> >> Cc: draft-ietf-mpls-lsp-ping-reply-mode-simple.shepherd@ietf.org;
>> >> mpls-chairs@ietf.org;
>> >> draft-ietf-mpls-lsp-ping-reply-mode-simple@ietf.org;
>> >> draft-ietf-mpls-lsp-ping-reply-mode-simple.ad@ietf.org;
>> >> rcallon@juniper.net; mpls@ietf.org
>> >> Subject: Kathleen Moriarty's Discuss on
>> >> draft-ietf-mpls-lsp-ping-reply-mode-simple-04: (with DISCUSS)
>> >>
>> >> Kathleen Moriarty has entered the following ballot position for
>> >> draft-ietf-mpls-lsp-ping-reply-mode-simple-04: Discuss
>> >>
>> >> When responding, please keep the subject line intact and reply to all
>> >> email addresses included in the To and CC lines. (Feel free to cut
>> >> this introductory paragraph, however.)
>> >>
>> >>
>> >> Please refer to
>> >> https://www.ietf.org/iesg/statement/discuss-criteria.html
>> >> for more information about IESG DISCUSS and COMMENT positions.
>> >>
>> >>
>> >> The document, along with other ballot positions, can be found here:
>> >> https://datatracker.ietf.org/doc/draft-ietf-mpls-lsp-ping-reply-mode-
>> >> simple/
>> >>
>> >>
>> >>
>> >> ---------------------------------------------------------------------
>> >> -
>> >> DISCUSS:
>> >> ---------------------------------------------------------------------
>> >> -
>> >>
>> >> This should be easy to resolve.  SInce this draft adds a new
>> >> capability to include the return path, this provides another attack
>> >> vector to observe path information that could be part of
>> >> reconnaissance gathering to later attack the network or path.  While
>> >> the referenced RFC4379 mentions the following in the security
>> considerations section:
>> >>
>> >>   The third is an
>> >>   unauthorized source using an LSP ping to obtain information about the
>> >>   network.
>> >>
>> >> The equivalent should be added for this new capability in this draft,
>> >> since now it's possible to gather the path information from the new feature.
>> >



-- 

Best regards,
Kathleen