Re: [Pana] IESG discussions on draft-ohba-pana-relay

"Alper Yegin" <alper.yegin@yegin.org> Fri, 24 June 2011 09:29 UTC

Return-Path: <alper.yegin@yegin.org>
X-Original-To: pana@ietfa.amsl.com
Delivered-To: pana@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE5EE21F854C for <pana@ietfa.amsl.com>; Fri, 24 Jun 2011 02:29:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.15
X-Spam-Level:
X-Spam-Status: No, score=-101.15 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, MSGID_MULTIPLE_AT=1.449, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7wyysWIEJyC4 for <pana@ietfa.amsl.com>; Fri, 24 Jun 2011 02:29:13 -0700 (PDT)
Received: from mout.perfora.net (mout.perfora.net [74.208.4.194]) by ietfa.amsl.com (Postfix) with ESMTP id 7C07221F854A for <pana@ietf.org>; Fri, 24 Jun 2011 02:29:13 -0700 (PDT)
Received: from ibm (dsl88-247-34762.ttnet.net.tr [88.247.135.202]) by mrelay.perfora.net (node=mrus1) with ESMTP (Nemesis) id 0MPF2u-1QeQPM3aEq-004oeq; Fri, 24 Jun 2011 05:29:08 -0400
From: "Alper Yegin" <alper.yegin@yegin.org>
To: "'Carsten Bormann'" <cabo@tzi.org>
References: <4DF04217.3080304@toshiba.co.jp> <6491375641982933760@unknownmsgid> <BANLkTinVZ2Bvd6A+znQTiB7X-P6XXh3Cow@mail.gmail.com> <4E037743.2060602@gridmerge.com> <4E037A9D.8080200@piuha.net> <021a01cc3246$0b890390$229b0ab0$@yegin@yegin.org> <E42296DA-CE9A-408C-AF9C-D2F5A3AD3AFE@tzi.org>
In-Reply-To: <E42296DA-CE9A-408C-AF9C-D2F5A3AD3AFE@tzi.org>
Date: Fri, 24 Jun 2011 12:28:48 +0300
Message-ID: <027601cc3251$25ba06f0$712e14d0$@yegin@yegin.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AcwyTC69x8mAZjI7RC+CPJltAZf4OAABFcgQ
Content-Language: en-us
X-Provags-ID: V02:K0:IpDFK+FvcbHZK+rwsPIjRywlHCnZXTd03MapoL0pbAn CnTMvV4HuIafYwAYPWCl4zDy35j0fyMg2OFFRs/w6rC9GVwZbh eg6WWT0wxi4jJ6YFiMOHZTbgAXWzNf7y6yzh/2hImEhgjILTCf mbr1YprP97PYTy8TVMyJr78knzGTvt60Wo6pzAh20SOa1pvKjQ R/fRRAJ1hriUxSIJ0M4Gim8EGnVWF8eoIkoxUWUhB0=
Cc: draft-ohba-pana-relay@tools.ietf.org, 'Stephen Farrell' <stephen.farrell@cs.tcd.ie>, pana@ietf.org
Subject: Re: [Pana] IESG discussions on draft-ohba-pana-relay
X-BeenThere: pana@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Protocol for carrying Authentication for Network Access <pana.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pana>, <mailto:pana-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pana>
List-Post: <mailto:pana@ietf.org>
List-Help: <mailto:pana-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pana>, <mailto:pana-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jun 2011 09:29:14 -0000

Carsten,

Section 6. Security Considerations talks about the threats, some of which
are already handled by the base EAP/PANA design. Other threats that are
relevant to introduction of the PRE, they are described and the PRE-PAA
security is pointed accordingly.

Alper




> -----Original Message-----
> From: Carsten Bormann [mailto:cabo@tzi.org]
> Sent: Friday, June 24, 2011 11:52 AM
> To: Alper Yegin
> Cc: 'Jari Arkko'; 'Yoshihiro Ohba'; pana@ietf.org; draft-ohba-pana-
> relay@tools.ietf.org; 'Stephen Farrell'
> Subject: Re: [Pana] IESG discussions on draft-ohba-pana-relay
> 
> On Jun 24, 2011, at 10:09, Alper Yegin wrote:
> 
> > PRE/PAA security is OPTIONAL since PANA messages are designed to be
> > used in untrusted networks, but if cryptographic mechanism is
> > supported, it SHOULD be IPsec. When the device characteristics
> preclude
> > support for IPsec, an alternative mechanism such as DTLS [REF], or
> > link-layer cryptographic security, etc. may be used instead. This
> section
> > describes how IPsec [RFC4301] can be used for securing the PANA relay
> > messages.
> 
> It would be useful to be very explicit what the objectives for this
> "PRE/PAA security" might be.
> Section 6 seems to suggest there is no real need for this at all (but
> then nebulously talks about "residual risks").
> So, unless we say what this is good for, it is hard to assess whether
> the "PRE/PAA security" is actually meeting those objectives.
> (E.g., if the purpose is DoS mitigation, a security scheme that is as
> susceptible to DoS attacks as the PAA itself, isn't that useful.)
> 
> Gruesse, Carsten