Re: [OPSAWG] Last Call Review of draft-ietf-opsawg-mud-acceptable-urls-10
Christian Huitema <huitema@huitema.net> Fri, 01 March 2024 01:44 UTC
Return-Path: <huitema@huitema.net>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 83DE0C15107F for <opsawg@ietfa.amsl.com>; Thu, 29 Feb 2024 17:44:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_PERMERROR=0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m7EA_L9u_wFR for <opsawg@ietfa.amsl.com>; Thu, 29 Feb 2024 17:44:34 -0800 (PST)
Received: from out16-27.antispamcloud.com (out16-27.antispamcloud.com [185.201.18.27]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1680DC151079 for <opsawg@ietf.org>; Thu, 29 Feb 2024 17:44:33 -0800 (PST)
Received: from [66.113.192.7] (helo=xse.mail2web.com) by mx195.antispamcloud.com with esmtp (Exim 4.92) (envelope-from <huitema@huitema.net>) id 1rfrwq-00GSZu-Nn for opsawg@ietf.org; Fri, 01 Mar 2024 02:44:32 +0100
Received: from xsmtp21.mail2web.com (unknown [10.100.68.60]) by xse.mail2web.com (Postfix) with ESMTPS id 4Tm9qw06bLz5SC for <opsawg@ietf.org>; Thu, 29 Feb 2024 17:44:28 -0800 (PST)
Received: from [10.5.2.14] (helo=xmail04.myhosting.com) by xsmtp21.mail2web.com with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.92) (envelope-from <huitema@huitema.net>) id 1rfrwp-0004V0-SY for opsawg@ietf.org; Thu, 29 Feb 2024 17:44:27 -0800
Received: (qmail 14292 invoked from network); 1 Mar 2024 01:44:27 -0000
Received: from unknown (HELO [192.168.1.101]) (Authenticated-user:_huitema@huitema.net@[172.56.169.138]) (envelope-sender <huitema@huitema.net>) by xmail04.myhosting.com (qmail-ldap-1.03) with ESMTPA for <mcr+ietf@sandelman.ca>; 1 Mar 2024 01:44:27 -0000
Message-ID: <e70d42b9-e2df-4686-a9ce-4a01f9c896ae@huitema.net>
Date: Thu, 29 Feb 2024 17:44:26 -0800
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: Michael Richardson <mcr+ietf@sandelman.ca>, Eliot Lear <lear@lear.ch>
Cc: "sec-ads@ietf.org" <sec-ads@ietf.org>, "opsawg@ietf.org" <opsawg@ietf.org>, draft-ietf-opsawg-mud-acceptable-urls@ietf.org
References: <8a2c556a-905b-46f9-926c-03f09ed98f32@lear.ch> <66588cac-0f33-4924-920f-6b4dbd5c2964@huitema.net> <51cc9f21-748b-4527-9809-f51c11cd9144@lear.ch> <cc555621-e17e-44b1-97e2-6802d263fa8c@huitema.net> <e15571db-8758-4eeb-b7e2-0a33ed888a34@lear.ch> <9364.1709254162@obiwan.sandelman.ca>
From: Christian Huitema <huitema@huitema.net>
Autocrypt: addr=huitema@huitema.net; keydata= xjMEXtavGxYJKwYBBAHaRw8BAQdA1ou9A5MHTP9N3jfsWzlDZ+jPnQkusmc7sfLmWVz1RmvN J0NocmlzdGlhbiBIdWl0ZW1hIDxodWl0ZW1hQGh1aXRlbWEubmV0PsKWBBMWCAA+FiEEw3G4 Nwi4QEpAAXUUELAmqKBYtJQFAl7WrxsCGwMFCQlmAYAFCwkIBwIGFQoJCAsCBBYCAwECHgEC F4AACgkQELAmqKBYtJQbMwD/ebj/qnSbthC/5kD5DxZ/Ip0CGJw5QBz/+fJp3R8iAlsBAMjK r2tmyWyJz0CUkVG24WaR5EAJDvgwDv8h22U6QVkAzjgEXtavGxIKKwYBBAGXVQEFAQEHQJoM 6MUAIqpoqdCIiACiEynZf7nlJg2Eu0pXIhbUGONdAwEIB8J+BBgWCAAmFiEEw3G4Nwi4QEpA AXUUELAmqKBYtJQFAl7WrxsCGwwFCQlmAYAACgkQELAmqKBYtJRm2wD7BzeK5gEXSmBcBf0j BYdSaJcXNzx4yPLbP4GnUMAyl2cBAJzcsR4RkwO4dCRqM9CHpVJCwHtbUDJaa55//E0kp+gH
In-Reply-To: <9364.1709254162@obiwan.sandelman.ca>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Originating-IP: 66.113.192.7
X-Spampanel-Domain: xsmtpout.mail2web.com
X-Spampanel-Username: 66.113.192.0/27
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=66.113.192.0/27@xsmtpout.mail2web.com
X-Spampanel-Outgoing-Class: unsure
X-Spampanel-Outgoing-Evidence: Combined (0.15)
X-Recommended-Action: accept
X-Filter-ID: Pt3MvcO5N4iKaDQ5O6lkdGlMVN6RH8bjRMzItlySaT9WLQux0N3HQm8ltz8rnu+BPUtbdvnXkggZ 3YnVId/Y5jcf0yeVQAvfjHznO7+bT5zW1cVNaPy0Svy7+rHdNzP342UuDhyzVYcwl2RB+0AaenVh jKNj5M784pKWZSb1MNAh55uqY3MhMgFAHq5BxPxPXn36fLqvhISQ5ykyqUZqUd1jhnM/Mbva2XLV /LIEzaL2KoAZhJekBPedneT7f699rEueMcbwHiStu2b2gG2awIPAgTtUp75uqlx0KezvZHXcy3aK sxt+zk7K9pSjwHryWQaaSSaRcFTFxaRvADgOuFdAU5fRzM/QzQW9/IoH33AG8ECuCwECazCwODtO F78PiyQEs+dlGXUJLWZ+Gc08Nmllke3azHdKmySKNUVQl4ntlVxnbS8qIO7oudHyb2T1VQ58xe/l rqiRGalI3YPsxOTrFXToVyBmRCgQVX6zVyFUu8qzeMQP6uTHL0d9UjfYgBBNGjSbbSRA1Z+Pmb5M C1YFvf25LVONYbYifH5OzZDcG6hsRQZiAIgw+z837AqgX7ewI8e1h7RITgN14BHmGVt/ReJ9Mfhz zmbKTH7wI9GEU1utNskUAORCV2WFZX0jT1iQRxohh2ROXu/Au8DwWOkKGP9ktTEytgd2lQdzoWzH xtIs9vrjsIeK2ehJViHlDRojSVizNl0ce/s7u0P9bx3VD1xfDpd/9m4H1mC7L0vvIUzTXkDAiiJi mGhLUFuSyiOsBy1ym5qkqYCBhwIgLixA6X70WBjez7U1JZT8TWbS/bZm8j/NZRFlshxoMAA6PAlb DjazCbhs7qBpykynMu5yHx2WI7y20bVXusugTATQDlB96wLxQcobxcyI/o7+2fa5Z8JMyvt2otFY eJV5EEl45oFndAaW0zhwtclwNLITiSzBvtjMqHJKbcoJ3LAWa8Mrc8quJ4btPpt/2FLuFDHRLWyH Qs+3RVQ97CmIM68WJB4pGe8YrEHjBXb8vVkXYd/jKzjiuDYHz/0WYr1rU3B7HfKjI1eYNYaA4ur2 /Is=
X-Report-Abuse-To: spam@quarantine14.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/UDIfTxxLUGJA3jUGFy1P9d5PxS0>
Subject: Re: [OPSAWG] Last Call Review of draft-ietf-opsawg-mud-acceptable-urls-10
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Mar 2024 01:44:34 -0000
On 2/29/2024 4:49 PM, Michael Richardson wrote: > > Eliot Lear <lear@lear.ch> wrote: > > The data we are talking about scales to number of devices X number of > > MUD-URL changes. This can further be reduced by whether or not the MUD > > file actually exists. These are not large #s in the home, and in the > > enterprise, we have iron for such cases. > > Also, if you have 1000 instances of device-type X, then one could put all the > potential MUD-URLs into a single table, and then reference them from the > device X definition. That is, 3rd normal form it, and do data deduplication. > Such a table also can keep one from retrieving the same MUD file (and > signature) 1000 times. > > If you really had a problem with the number of URLs stored, which I don't > think anyone will really have. > > I don't think we need to keep track of malicious URLs that we ignored. Yes, I realize that this scales as the number of device types, not the number of devices, times the number of valid URL revisions per type, not the number of attack URL. So, you are right, this should be manageable. I did approve your PR on GitHub. -- Christian Huitema
- Re: [OPSAWG] Last Call Review of draft-ietf-opsaw… Eliot Lear
- Re: [OPSAWG] Last Call Review of draft-ietf-opsaw… Christian Huitema
- Re: [OPSAWG] Last Call Review of draft-ietf-opsaw… Eliot Lear
- Re: [OPSAWG] Last Call Review of draft-ietf-opsaw… Christian Huitema
- Re: [OPSAWG] Last Call Review of draft-ietf-opsaw… Eliot Lear
- Re: [OPSAWG] Last Call Review of draft-ietf-opsaw… Michael Richardson
- Re: [OPSAWG] Last Call Review of draft-ietf-opsaw… Michael Richardson
- Re: [OPSAWG] Last Call Review of draft-ietf-opsaw… Michael Richardson
- Re: [OPSAWG] Last Call Review of draft-ietf-opsaw… Christian Huitema
- Re: [OPSAWG] Last Call Review of draft-ietf-opsaw… Michael Richardson
- Re: [OPSAWG] Last Call Review of draft-ietf-opsaw… Michael Richardson
- Re: [OPSAWG] Last Call Review of draft-ietf-opsaw… Christian Huitema