Re: OSPF WG Minutes

Acee Lindem <acee@CISCO.COM> Tue, 16 August 2005 11:46 UTC

Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1E4ztR-0006bq-Cm for ospf-archive@megatron.ietf.org; Tue, 16 Aug 2005 07:46:09 -0400
Received: from cherry.ease.lsoft.com (cherry.ease.lsoft.com [209.119.0.109]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA04492 for <ospf-archive@LISTS.IETF.ORG>; Tue, 16 Aug 2005 07:46:07 -0400 (EDT)
Received: from vms.dc.lsoft.com (209.119.0.2) by cherry.ease.lsoft.com (LSMTP for Digital Unix v1.1b) with SMTP id <12.010CE624@cherry.ease.lsoft.com>; Tue, 16 Aug 2005 7:46:05 -0400
Received: by PEACH.EASE.LSOFT.COM (LISTSERV-TCP/IP release 14.4) with spool id 82751994 for OSPF@PEACH.EASE.LSOFT.COM; Tue, 16 Aug 2005 07:46:03 -0400
Received: from 171.71.176.70 by WALNUT.EASE.LSOFT.COM (SMTPL release 1.0m) with TCP; Tue, 16 Aug 2005 07:46:03 -0400
Received: from sj-core-2.cisco.com (171.71.177.254) by sj-iport-1.cisco.com with ESMTP; 16 Aug 2005 04:46:03 -0700
X-IronPort-AV: i="3.96,111,1122879600"; d="scan'208"; a="654959767:sNHT36926468"
Received: from xbh-rtp-211.amer.cisco.com (xbh-rtp-211.cisco.com [64.102.31.102]) by sj-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id j7GBjvQM006744 for <OSPF@PEACH.EASE.LSOFT.COM>; Tue, 16 Aug 2005 04:45:58 -0700 (PDT)
Received: from xfe-rtp-202.amer.cisco.com ([64.102.31.21]) by xbh-rtp-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.211); Tue, 16 Aug 2005 07:46:00 -0400
Received: from [10.82.241.69] ([10.82.241.69]) by xfe-rtp-202.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.211); Tue, 16 Aug 2005 07:46:00 -0400
User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)
X-Accept-Language: en-us, en
MIME-Version: 1.0
References: <BB6D74C75CC76A419B6D6FA7C38317B290E932@sinett-sbs.SiNett.LAN>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 16 Aug 2005 11:46:00.0134 (UTC) FILETIME=[12833E60:01C5A258]
Message-ID: <4301D1F7.2090000@cisco.com>
Date: Tue, 16 Aug 2005 07:45:59 -0400
Reply-To: Mailing List <OSPF@PEACH.EASE.LSOFT.COM>
Sender: Mailing List <OSPF@PEACH.EASE.LSOFT.COM>
From: Acee Lindem <acee@CISCO.COM>
Subject: Re: OSPF WG Minutes
To: OSPF@PEACH.EASE.LSOFT.COM
In-Reply-To: <BB6D74C75CC76A419B6D6FA7C38317B290E932@sinett-sbs.SiNett.LAN>
Precedence: list
Content-Transfer-Encoding: 7bit

Vishwas Manral wrote:
Hi Vishwas,

>Hi Acee,
>
>  
>
>>Acee: In practice, for OSPFv2 the sequence numbers are not monotically
>>increasing; Usage of router's clock for cryptographic sequence number 
>>generation reduces the chance for replay attacks across restarts. 
>>?: OSPF spec does not say it ...
>>    
>>
>Acee, what I meant was that although the OSPF spec does not state that
>we need to use clocks. 
>  
>
Ok - got the update.


>I think the vulnerabilities draft is the right place to state the
>problems that can happen if we do not use a clock (or something
>equivalent which increments even when a system goes down).
>  
>
Ok. I was just state that in practice it is not as easy to exploit as it 
appears.

>Another issue is that even if the sender uses clock for the "sequence
>number" and goes down, all the packets of a previous session can still
>be replayed by another router. So the chance of replay attacks is still
>there.
>  
>
You don't mean all the packets do you? You mean all the packets with the 
last sequence number. So,
if the last packet was a hello, the session could be kept up indefinitely.

Thanks,
Acee

>Thanks,
>Vishwas
>-----Original Message-----
>From: Mailing List [mailto:OSPF@PEACH.EASE.LSOFT.COM] On Behalf Of Acee
>Lindem
>Sent: Monday, August 15, 2005 7:50 PM
>To: OSPF@PEACH.EASE.LSOFT.COM
>Subject: OSPF WG Minutes
>
>Attached are the minutes from the Paris OSPF WG meeting. Thanks to
>Dimitri for taking them.
>
>Acee
>
>  
>