[OSPF] Adam Roach's No Objection on draft-ietf-ospf-encapsulation-cap-06: (with COMMENT)
Adam Roach <adam@nostrum.com> Thu, 31 August 2017 01:25 UTC
Return-Path: <adam@nostrum.com>
X-Original-To: ospf@ietf.org
Delivered-To: ospf@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id A09ED1204DA; Wed, 30 Aug 2017 18:25:43 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Adam Roach <adam@nostrum.com>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-ospf-encapsulation-cap@ietf.org, Acee Lindem <acee@cisco.com>, ospf-chairs@ietf.org, acee@cisco.com, ospf@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.59.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <150414274365.16920.7812788361564927226.idtracker@ietfa.amsl.com>
Date: Wed, 30 Aug 2017 18:25:43 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ospf/hzQyWbIot8LeUdJ4aleBajQi7jI>
Subject: [OSPF] Adam Roach's No Objection on draft-ietf-ospf-encapsulation-cap-06: (with COMMENT)
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.22
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ospf/>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Aug 2017 01:25:44 -0000
Adam Roach has entered the following ballot position for draft-ietf-ospf-encapsulation-cap-06: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-ospf-encapsulation-cap/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Section 5 specifies that unknown Sub-TLVs are ignored, but that known-and-invalid Sub-TLVs ruin the whole TLV. It seems a bit odd that a less capable implementation would be able to act on an announcement of a tunnel, yet a more capable one would not -- and that's the exact consequence of this arrangement. It would seem to make more sense to allow implementations to ignore invalid Sub-TLVs as if they didn't know them. Section 7.2 allocates the value 65535 twice (once as "Experimental", once as "Reserved"). I believe that this mechanism introduces an attack vector that is not discussed in the Security Considerations section. Specifically: because this allows routers to send OSPF announcements containing arbitrary tunnel termination addresses, it can cause other routers to attempt to connect to arbitrary third parties; and, since (by my admittedly shaky understanding of OSPF), I can distribute this information to a large community of routers with a single message by sending it to an RR, I can easily cause a *lot* of routers to potentially send such traffic. For example, if I were able to inject an announcement that has (a) a tunnel type of 13 ("MPLS in UDP Encapsulation"), (b) an "Endpoint Sub-TLV" of a victim web server that I know runs QUIC, and (c) a "UDP Destination Port" of 443, wouldn't this result in a potential DDoS of that web server? I don't know what the security model of OSPF is or how difficult it would be to mount this attack (or even how bad it would be compared to other attacks one might mount in OSPF), but it seems that a brief treatment of this -- along with any operational mitigation techniques that might be employed against it -- should be part of the Security Considerations.
- [OSPF] Adam Roach's No Objection on draft-ietf-os… Adam Roach
- Re: [OSPF] Adam Roach's No Objection on draft-iet… bruno.decraene