Re: [pcp] IESG review of draft-ietf-pcp-third-party-id-option-04
Juergen Quittek <Quittek@neclab.eu> Fri, 11 December 2015 17:58 UTC
Return-Path: <Quittek@neclab.eu>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A5701B2DCA for <pcp@ietfa.amsl.com>; Fri, 11 Dec 2015 09:58:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.612
X-Spam-Level:
X-Spam-Status: No, score=-2.612 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0blxtrwB-pxG for <pcp@ietfa.amsl.com>; Fri, 11 Dec 2015 09:58:22 -0800 (PST)
Received: from mailer1.neclab.eu (mailer1.neclab.eu [195.37.70.40]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 799E01B2DCD for <pcp@ietf.org>; Fri, 11 Dec 2015 09:58:22 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mailer1.neclab.eu (Postfix) with ESMTP id 2E8F510B3F0; Fri, 11 Dec 2015 18:58:20 +0100 (CET)
X-Virus-Scanned: Amavisd on Debian GNU/Linux (netlab.nec.de)
Received: from mailer1.neclab.eu ([127.0.0.1]) by localhost (atlas-a.office.hd [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Xow6KzCSDghf; Fri, 11 Dec 2015 18:58:20 +0100 (CET)
X-ENC: Last-Hop-TLS-encrypted
X-ENC: Last-Hop-TLS-encrypted
Received: from METHONE.office.hd (methone.office.hd [192.168.24.54]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mailer1.neclab.eu (Postfix) with ESMTPS id 132C210B286; Fri, 11 Dec 2015 18:58:16 +0100 (CET)
Received: from PALLENE.office.hd ([169.254.1.163]) by METHONE.office.hd ([192.168.24.54]) with mapi id 14.03.0210.002; Fri, 11 Dec 2015 18:58:15 +0100
From: Juergen Quittek <Quittek@neclab.eu>
To: "mohamed.boucadair@orange.com" <mohamed.boucadair@orange.com>, "pcp@ietf.org" <pcp@ietf.org>
Thread-Topic: IESG review of draft-ietf-pcp-third-party-id-option-04
Thread-Index: AdEyeF/Duv+0xp9hSnSAQjm0WTV0owABw9HwAG8KQGA=
Date: Fri, 11 Dec 2015 17:58:14 +0000
Message-ID: <9AB93E4127C26F4BA7829DEFDCE5A6E8A9A683AF@PALLENE.office.hd>
References: <9AB93E4127C26F4BA7829DEFDCE5A6E8A9A641F7@PALLENE.office.hd> <787AE7BB302AE849A7480A190F8B933008CB2CC6@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
In-Reply-To: <787AE7BB302AE849A7480A190F8B933008CB2CC6@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
Accept-Language: de-DE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.1.99.69]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/pcp/oD5G2L7mpNcEQFVVfydbp5puZx0>
Subject: Re: [pcp] IESG review of draft-ietf-pcp-third-party-id-option-04
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pcp/>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Dec 2015 17:58:25 -0000
Hi Med, > -----Original Message----- > From: mohamed.boucadair@orange.com > [mailto:mohamed.boucadair@orange.com] > Sent: Mittwoch, 9. Dezember 2015 13:59 > To: Juergen Quittek; pcp@ietf.org > Cc: pcp-ads@ietf.org > Subject: RE: IESG review of draft-ietf-pcp-third-party-id-option-04 > > Hi Juergen, > > What are the security implications of a PCP client that inserts an information > that is required to the PCP server to enforce its policies (e.g., per-subscriber > quota) while both the PCP client and the PCP server belong to the same > administrative entity and the network in-between is trusted? What I understand from the security ADs is that any potential risk introduced by the option needs to be discussed. It is not enough to say: please use it only if sufficiently protected. We also need to state what the risks would be if protection was less than optimal. > I see THIRD_PARTY_ID as an extra information that can be communicated to > the PCP server in cases where the source IP address and the content of > THIRD_PARTY are not sufficient to demux connections or to select which policy > to enforce when receiving a PCP request. The actual ID to be carried in a > THIRD_PARTY_ID is really deployment-specific (e.g., it ca be a MAC@ for L2- > aware NAT, an interface ID, Context ID for RFC6674, etc.). If you define a > tunnel-ID as such then I'm in full agreement. I am afraid that we have to be more specific than this. We also need to specify the encoding of tunnel IDs as payload of the THIRD_PARTY_ID option. Cheers, Juergen > Cheers, > Med > > > -----Message d'origine----- > > De : pcp [mailto:pcp-bounces@ietf.org] De la part de Juergen Quittek > > Envoyé : mercredi 9 décembre 2015 12:55 > > À : pcp@ietf.org > > Cc : pcp-ads@ietf.org > > Objet : [pcp] IESG review of draft-ietf-pcp-third-party-id-option-04 > > > > Dear all, > > > > At the IESG telechat on Nov 19 the IESG discussed draft-ietf-pcp-third- > > party-id-option-04. The ISG raised two main concerns: > > > > 1. The draft elaborates use cases where the proposed THIRD_PARTY_ID > option > > is used for carrying an identifier of a tunnel and where it is used in > > addition to the THIRD_PARTY option that contains the IP address of a third > > party host. Beyond these use cases, the draft also refers to other > > protential use cases without elaborating them. The IESG has concerns about > > opening the THIRD_PARTY_ID option to unspecified use cases, because the > > implications cannot be foreseen. Particularly security concerns are > > difficult to address if it is not clear how sensitive information carried > > by THIRD_PARTY_ID option could be. > > > > 2. In light of point one, the IESG request further elaboration of the > > security considerations. > > > > As potential solution of the issue it was discussed at the IESG telechat > > to > > - restrict the use of the THIRD_PARTY_ID option in the draft to carrying > > tunnel IDs only > > - add a statement that for using the THIRS_PARTY_ID option for other use > > cases, a standards document would be needed that specifies this usage. > > > > The authors would be fine with updating the draft following these > > recommendations. A restriction to tunnel IDs only would also be a good > > starting point for addressing the security concerns raised by the IESG. > > > > Would people on this list have any concerns about implementing this > > solution in the next update o the draft? > > > > Best regards, > > Juergen > > > > _______________________________________________ > > pcp mailing list > > pcp@ietf.org > > https://www.ietf.org/mailman/listinfo/pcp
- [pcp] IESG review of draft-ietf-pcp-third-party-i… Juergen Quittek
- Re: [pcp] IESG review of draft-ietf-pcp-third-par… mohamed.boucadair
- Re: [pcp] IESG review of draft-ietf-pcp-third-par… Juergen Quittek