Re: [OPSEC] Iotdir early review of draft-ietf-opsec-v6-21

Gyan Mishra <hayabusagsm@gmail.com> Wed, 20 November 2019 01:12 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5ADBC1208E2; Tue, 19 Nov 2019 17:12:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.996
X-Spam-Level:
X-Spam-Status: No, score=-1.996 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sVNqdQV7Nd1x; Tue, 19 Nov 2019 17:12:05 -0800 (PST)
Received: from mail-qk1-x736.google.com (mail-qk1-x736.google.com [IPv6:2607:f8b0:4864:20::736]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 75333120116; Tue, 19 Nov 2019 17:12:05 -0800 (PST)
Received: by mail-qk1-x736.google.com with SMTP id z16so19813874qkg.7; Tue, 19 Nov 2019 17:12:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:mime-version:subject:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=lPBSy53ka5MPVoWneWjl2VArd8+BUyJXs8O9iz5T/DA=; b=J4lCWRMYQSiVO2u+9chb09CC2khOobbYn6paSGHb8w3ZPOLrxe/kAnTKk1J0BnbMzt nyPbnkdfsbq0TTZ7VjiMFjnna5VzEM0DBL6jt92zv3A12nRhjaAuzQaNIOLTGigLnYoe pGFIaiWETjEJGKitq6XlGjfkIF8crEWQq6CVDjOjAxBssEDoMsq0UtqViiNbSrKMVt+r 8hhdSYYEmnbmmI5Yq14J8Hwa/i3sZAMIfJG9pgXiX/CGtC1aeJKGBQZ4e3Dy1Ew6AzL8 3oVGkw4UTNxcBdQ/pH7gwWEoSye7Fdf2J35215PHQin4pXjpxWszuCv4vsXaFrMXUNy4 u/RA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:subject:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=lPBSy53ka5MPVoWneWjl2VArd8+BUyJXs8O9iz5T/DA=; b=d3pO6E5Mm8HDtbMRa8UBwzprjwjW5VD/4tV6ju9MeHUG2iPHf+dIY915h/2PmnAxKC W8r8HmHxPkRWmsER7o8aR2uOeTdbTLODRw8UWqdxvE39+NHOlkL9yjgX6lhrLnm//Mq5 Jt+lf8mPtpbkAAOZ/KLJD2GMeFbIL2hCcsmLbOQXjvG2d3zpabZ/ZsDnETRI23vE81FV PFxKXE6blZWfoUCc3jlyOkz1x33whUKEwgOr722m9n5UFhGl+W0i7akxhUS4YcRIu4GY 56pu9PRCHcIJVLSxO+1QXKysj4YajWDT61LKDi7RaW9Q5AcvFAkjw7smLNrXdhBHfHIk BjUA==
X-Gm-Message-State: APjAAAUYzeL7u6ldoWBUnrMoaox2V49q4r/hZjAVmZG4bi34VJFQ3X0+ C5k/I7jf4RaeIM6vpiJf1HcqobkC
X-Google-Smtp-Source: APXvYqxaIeb3z6HNAeAGutOhCm197rDvzO6kPn+2pIgZdnG7vWimqrJLXefHLZfMd4dGRB25bWUN3A==
X-Received: by 2002:a05:620a:911:: with SMTP id v17mr190916qkv.88.1574212323887; Tue, 19 Nov 2019 17:12:03 -0800 (PST)
Received: from ?IPv6:2600:1003:b110:b21f:a8af:6a7b:f98:340b? ([2600:1003:b110:b21f:a8af:6a7b:f98:340b]) by smtp.gmail.com with ESMTPSA id l132sm11203232qke.38.2019.11.19.17.12.02 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 19 Nov 2019 17:12:03 -0800 (PST)
From: Gyan Mishra <hayabusagsm@gmail.com>
X-Google-Original-From: Gyan Mishra <hayabusaGSM@gmail.com>
Content-Type: multipart/alternative; boundary=Apple-Mail-33B08C89-5147-4FFA-AFE6-641B3517196C
Mime-Version: 1.0 (1.0)
X-Mailer: iPhone Mail (16G102)
In-Reply-To: <CDB76F51-CDF0-4079-ABA7-FCD7DF65DB9D@fugue.com>
Date: Tue, 19 Nov 2019 20:12:01 -0500
Cc: Iot-dir@ietf.org, opsec@ietf.org, draft-ietf-opsec-v6.all@ietf.org
Content-Transfer-Encoding: 7bit
Message-Id: <95B1A8FE-A74F-47C3-AC91-66A10B727D32@gmail.com>
References: <157394737956.25908.2003745932020934234@ietfa.amsl.com> <A9940795-4D4C-45C3-910E-E57EBAF850A3@gmail.com> <CDB76F51-CDF0-4079-ABA7-FCD7DF65DB9D@fugue.com>
To: Ted Lemon <mellon@fugue.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/SCIESWrNUP3zyqmaJkNA4U4tkbw>
Subject: Re: [OPSEC] Iotdir early review of draft-ietf-opsec-v6-21
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Nov 2019 01:12:08 -0000


>> On Nov 19, 2019, at 2:30 AM, Ted Lemon <mellon@fugue.com> wrote:
>> 
>> On Nov 18, 2019, at 1:50 AM, Gyan Mishra <hayabusagsm@gmail.com> wrote:
>> ULA mentioned in section 2.1 mentions use case described in RFC 4864 but should mention section 3.2 of that document.  I think we could add some verbiage that ULA is used for local scope communications only. Also maybe a case of SHIM6 multi homing or where 6to6  nat - nat64 is used where ULA is inside local Nat to outside global address use case. Maybe also mention default address selection RFC 6724 where a host is configured with both ULA and Global and how ULA is used for internal local communications and how the global address is used for external internet communications.
> 
> I don’t think you should mention anything that’s not ready to deploy.  SHIM6 is a neat idea that nobody has deployed, as far as I know, and it’s not clear that it can be deployed.  I may be wrong about that—that’s just my impression—but the point is that if you’re going to suggest something, it should be readily actionable.

Agreed.
> 
>> 2.1.4 static does mention obfuscation of static address but 2.1.6 does not since DHCPv6 ISC or other DHCPV6 server implementations the pool address picked let’s say within the scope is randomly picked each time the server doles ourt an IPv6 lease by default and not picked sequentially by the server which is why obfuscation is not mentioned.   We could mention that is how the DHCPv6 sever picks the address so that is not confused.  We don’t mention split scope is required for redundancy which should be mentioned and how that works in comparison to IPv4 where state sharing is done between active and backup server where with DHCPV6 no active leases state sharing.  We will get that added as well.  Also a caveat with DHCPv6 that when the primary server goes down and the lease has to be renewed rebind time that the IPv6 address has to change at which time any active session will have to reset.  I have actually deployed this with BT Diamond which used ISC and to get around this issue we ended up setting a long 7 day lease time with larger block size for the scope being a /112 versus our initial /116 scope.  Also good to mention that since the 128 bits is managed to use smaller scope size for split scope then 2 /65 since their is not any privacy extension which stateful that for security it’s better to have a smaller DHCPv6 scope for managed address.  In section 2.1.6 the DUID has the mac embedded in the address embedded in the DUID as the 48 LSB bits.  Can you provide the use case where the DUID does not have embedded mac.  I agree  that 2.1.7 needs to some extra verbiage as to the use case of when and why addressing would be done as /64 per host and refer back to 2.1.4 static addressing use case.
> 
> Why do you need a split scope?  If the prefix is managed, just give out random addresses.   Use a good random number generator.  Use failover to keep the servers in sync.

See RFC 6853.

https://tools.ietf.org/html/rfc6853#section-6.1

With DHCPV6 all servers are active and that is why there is not any state sharing since the pool has to be different and there a a preference option as to which server is preferred.  This does go deeper into host configuration which is out of scope for this document so will leave out.
> 
> DUID is opaque.  We recommended generating it using the MAC address because we hadn’t thought about privacy.   RFC7824 makes it clear that this is a problem.  Any DHCP implementation on a device where privacy is a likely issue should already be randomizing the DUID.  DUID-LLT with a random MAC address should be safe to use and unique.  It can be regenerated as frequently as the client decides.
> 
DUID-LLT which is most commonly used still uses an embedded Mac but now along with time source to generate the DUID versus DUID-LL.

> But this isn’t really your problem.  You’re talking about network operational security, not about host operational security.   From the network perspective, you should just assume that this problem either is solved, or will be solved, because the network operator’s behavior is the same in either case.  In fact, given that we are talking about firewalls and filtering here, the fact that any client already can just fabricate a DUID means that you have to account for that when talking about the policy implications of this.
> 
Agreed. I think staying on point with network operational security which is the goal of this draft and not drift into the weeds on host security.  That in itself could be a separate host operational security draft.