Re: [OPSAWG] Start of WGLC for TACACS+ document. - Security element (or not)
"Douglas Gash (dcmgash)" <dcmgash@cisco.com> Thu, 06 October 2016 20:10 UTC
Return-Path: <dcmgash@cisco.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0895A1296C8 for <opsawg@ietfa.amsl.com>; Thu, 6 Oct 2016 13:10:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.517
X-Spam-Level:
X-Spam-Status: No, score=-17.517 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-2.996, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uQpnDTaGxH1o for <opsawg@ietfa.amsl.com>; Thu, 6 Oct 2016 13:10:44 -0700 (PDT)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 97B47129408 for <OpsAWG@ietf.org>; Thu, 6 Oct 2016 13:10:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=5900; q=dns/txt; s=iport; t=1475784644; x=1476994244; h=from:to:cc:subject:date:message-id:content-id: content-transfer-encoding:mime-version; bh=8c7I6Q5LAh62oxQXn59Swz3hNyOfkkKvHYKgMa+MC+s=; b=k4aPYA5AHGIwzbh9SYrwN0B++XRneDrDu0NB9RmgqxigcMEOgs/byug6 Y51McpnpQsxym1oquU/kMysawcZvAil02IHKvMobLIu/d3toBZZNhXX9I m5D57MWMCwXM8R3em5q/O4C8+LNuKvnCFZyafshXV7qHcTWaAWvE5XHC6 0=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0C/AQCCrvZX/4ENJK1cGwEBAQMBAQEJAQEBgz0BAQEBAR6BUweNK6kdgg+CC4YgHoFYOBQBAgEBAQEBAQFeJ4RiAgQ0OAoDEgEIHCgEMCcEDgWITpUVnSkGjHABAQEBAQEBAQIBAQEBAQEBIYEBihCEXoJngkQdBZQlhVoBj3qBboRniR+Md4N+AR42GjGEWnKGYoEAAQEB
X-IronPort-AV: E=Sophos;i="5.31,454,1473120000"; d="scan'208";a="157229947"
Received: from alln-core-9.cisco.com ([173.36.13.129]) by rcdn-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 06 Oct 2016 20:10:43 +0000
Received: from XCH-ALN-011.cisco.com (xch-aln-011.cisco.com [173.36.7.21]) by alln-core-9.cisco.com (8.14.5/8.14.5) with ESMTP id u96KAhlv019750 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 6 Oct 2016 20:10:43 GMT
Received: from xch-aln-014.cisco.com (173.36.7.24) by XCH-ALN-011.cisco.com (173.36.7.21) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Thu, 6 Oct 2016 15:10:43 -0500
Received: from xch-aln-014.cisco.com ([173.36.7.24]) by XCH-ALN-014.cisco.com ([173.36.7.24]) with mapi id 15.00.1210.000; Thu, 6 Oct 2016 15:10:43 -0500
From: "Douglas Gash (dcmgash)" <dcmgash@cisco.com>
To: Alan DeKok <aland@deployingradius.com>
Thread-Topic: [OPSAWG] Start of WGLC for TACACS+ document. - Security element (or not)
Thread-Index: AQHSIA23Qk1eACCHMECzU4HZfySLXg==
Date: Thu, 06 Oct 2016 20:10:42 +0000
Message-ID: <D41C6B41.195491%dcmgash@cisco.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.6.8.160830
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.61.197.93]
Content-Type: text/plain; charset="euc-kr"
Content-ID: <D136DE4CBF772048A071E245E5AA2135@emea.cisco.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/yl5b-ESJCnAh2duBk-RwLxk-vfY>
Cc: "opsawg-chairs@tools.ietf.org" <OpsAWG-chairs@tools.ietf.org>, Andrej Ota <aota@google.com>, "draft-ietf-opsawg-tacacs-05@tools.ietf.org" <draft-ietf-opsawg-tacacs-05@tools.ietf.org>, Thorsten Dahm <thorstendlux@google.com>, "opsawg@ietf.org" <OpsAWG@ietf.org>
Subject: Re: [OPSAWG] Start of WGLC for TACACS+ document. - Security element (or not)
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Oct 2016 20:10:46 -0000
Hi, Regarding your a) b) c) elements, we are happy to work through the issues in a different thread, and will wait your final instalment. This specific question/thread regarded security, hence the handy change of subject. The reason I would go along the lines of your proposal at the end (but with a little modification) rather than analysing security of each part, is because such an inclusive statement covers the situation completely, and no one will be under any illusions. Thanks, Regards, Doug. On 06/10/2016 19:51, "Alan DeKok" <aland@deployingradius.com> wrote: >On Oct 6, 2016, at 1:34 PM, Douglas Gash (dcmgash) <dcmgash@cisco.com> >wrote: >> Regarding the security concern, the approach we have with the current >> document is: >> >> 1) A statement that the protocol does not provide security in a modern >> environment. > > I'm happy with that. > >> 2) The two common approaches to support T+ so that it may be used. > > OK... > >> 3) An indication that a version with built-in security is to follow, >>which >> will not require the mitigations in 2) (actually I suspect it may >>precede >> the info document ;-)) > > Except that the current document doesn't even document CHAP securely. > > RFC 1994 (published in 1996) says: > > Each challenge value SHOULD be unique, since repetition of a > challenge value in conjunction with the same secret would permit an > attacker to reply with a previously intercepted response. Since it > is expected that the same secret MAY be used to authenticate with > servers in disparate geographic regions, the challenge SHOULD exhibit > global and temporal uniqueness. > > Tho I'll also note that RFC 1994 also doesn't specify a minimum length >for the challenge. > > That is, the document doesn't even meet the security requirements in >place in 1994. > >> We need to make sure there is no ambiguity for 1) for any security >>review. >> No soft-peddalling. T+ provides the function, not the security. > > I'm fine with that. > > I want to document historical TACACS+. This means the document needs >to answer the following questions: > >a) can people implement it? > >b) can people gain the maximum amount of security available in the >historical protocol? > >c) can people be aware of the security concerns and trade-offs with using >the historical protocol? > > The push-back so far shows that the answers are: > >a) no > >b) no > >c) no > > I suggest these are the wrong answers. *All* of them are the wrong >answers. > >> My question would be: would this dissection of vulnerabilities and >> exploration of the attack vectors would help anyone from a security >> perspective, when we have established that the approaches 2) are >>required? > > Yes. See any of the RADIUS RFCs in the last 5 years. The SAAG reviews >require discussion not only of the issues with the new standards, but >also of the problems with the historical protocol. > >> I suspect that we¹d probably miss some, and that may give implementors >> more comfort than is afforded by the clear and simple statement. > > The argument that we can't be perfect isn't a reason to give up >entirely. > > If the statement is anything other than "no one should use this >protocol for anything", we might as well *try* to document security >issues. > >> Therefore, for security review, I¹d suggest we keep the statement >>simple, >> as defined above. However, if this statement is not clear enough/correct >> in the document, then certainly, it should be clarified. > > Then the introduction and/or abstract should say: > > "This document attempts to specify the historical TACACS+ protocol. >However, there are many portions of the protocol which are >under-specified or unspecified. We cannot second-guess twenty years of >practice here. As a result, this specification is incomplete, >under-specified, insecure, and should not be used by anyone to implement >anything. Please wait for the Standards track document to get the actual >TACACS+ specification that people can implement". > > It shouldn't be a contentious issue. Either document the protocol, or >admit we're not going to document the protocol. > > Alan DeKok. >
- Re: [OPSAWG] Start of WGLC for TACACS+ document. … Douglas Gash (dcmgash)
- Re: [OPSAWG] Start of WGLC for TACACS+ document. … Blumenthal, Uri - 0553 - MITLL