Re: [Raw] Roman Danyliw's Discuss on draft-ietf-raw-ldacs-10: (with DISCUSS and COMMENT)

Nils.Maeurer@dlr.de Thu, 21 April 2022 12:52 UTC

IronPort-PHdr: A9a23:3HRQ5BH7SwFMmkyqCbAbLp1Gf+1LhN3EVzX9CrIZgr5DOp6u447ld BSGo6k31xmRB86Gt7oE07OQ7/q6HzRYoN6oizMrSNR0TRgLiMEbzUQLIfWuLgnFFsPsdDEwB 89YVVVorDmROElRH9viNRWJ+iXhpTEdFQ/iOgVrO+/7BpDdj9it1+C15pbffxhEiCCybL9sI hi6txndutcZjYZiJas61x/FrmdVd+hMym5kO0yfkwzg6sus+ZJo7jhdte8m+8NcS6vxYr42T aZfDDQoMmA14NPkuBzeRgaR5XUST3sbnANQDwfK8B/1UJHxsjDntuVmwymVIdf2TbEvVju86 apgVQLlhz0GNz4992HXl9BwgadGqx+vuxBz34jZa5ybO/pkeqPWYM0US2xPUM1MUyBNG4KxY 44JAuEcP+hXspP9qkMOoxWgGAesGO3hxDxGhnD03K01z+svHg7d0Qw8BN0OsmjYoMnpOKoQV +2+0anGzS/Eb/NTwTrw75DGchElofGXR75+dtDexlcyFwPfkFqQs5foMC6R1uQXqWSU8vRvW PuphmU6pA5/viKhyd0wionVmI0V0FbE+D15zYs3K9O1S092bMC5HJVfuCyWKY97T8ciTWxqp Ss0xaAKtIK/cSUK1Jgq2wLTZfybfoWJ4h/uSPudLCpliX94fr+0mhi88U+lyuLmV8m01k5Hr ixEktnXqnABzRPT6s+ZSvZ740yv2i6P2hjO5u1YO0w4iKnWJpE7zrItmJcesl7PEjHolEnuk aObdFso9vK25+j6eLnqu52ROo5uhg3jNKklh9axDv4iMgcUWmiW4eG81Lr+8kLnWLhKlfg2k rXBsJDdOMQbura1Aw9L3YYn7BayFzmo3tIWk3cILFxLeBWJgYvuNV/UPvz0E/ixjFWynTtxx vDGOKHhAo/XIXTZjbjheax951RBxwUt1dxf5pRUBa8dIP/rR0P9qMbUAgI6PgG72errFdtw2 4AEVW6RHKOVKKbSvkWJ5uIrLemMfogVuDPlJvY95v7uiWQ5lUUac6azw5QXdWq4Eep8I0iCf HXshs0BHX0XsQUgVODqjkaNXiZJZ3muR6I8+i07CIW+AIrCXoytmqCO3D+nHp1KYWBLEkqMH mr1eIifR/gDdjiSItN7njwDT7ihRJct1Quyuw/i17pnMu3U9zUZtZ39z9h16PbelRAs+jxoA cSRyWaNT3t7nm8QXT85wLh/oVBhyleEyaV3nuZYGsZd5/NVSws6NIDTz/B0C9zrQALOZNmIR E+iQtq7Gz4+UskxzsQPY0ljB9WigArP3y2wA78aj7CLHoA78rrA33jtIMZw02zG27MvjlU/X sRPNXephq9l9wjIHIPJkluWl7qkdagG2y7N7miDwXKUvE5ESA5wTbnFXXcHa0vMt9v46FjPT 76wBrQ7PAtN08mCKrFFatHxl1VJWO/jOMjCY2K2g2qwHQqIxrORbIXxZWodxjndBVMYnAAS5 naJKQ8+Cj29rGLZCTw9XW7oNhf2/eVWo36hUgkz1Q7cKwU11reu9TYUiOCSDfQJ0eRXlj0mr mAgOle5xJTzAtedvQd7VKlYe5Ux7QEUhiriqwVhM8n4fOhZjVkEflEy4SvT
IronPort-Data: A9a23:Ooqqdqz2QMCt3+NoKPV6t+dDxyrEfRIJ4+MujC+fZmUNrF6WrkVVz DBJCmqOOKncNzChf9h3bd+xox8Av56GydFlHgtlqFhgHilAwSbn6XV1DatS0we6dJCroJdPt p1GAjX4BJloCCea/39BC5C5xZVG/fjgqoHUVaiVYkideSc+EH170U45wrZg6mJVqYHR7z2l6 IuaT/L3ZQfNNw5cagr4PIra9XuDFNyr0N8plgRWicJj5TcypFFJZH4rHpxdGlOjKmVi8k9Wc M6YpF2x1juxEx7AkbpJmJ6jGqEBaua60QRjFhO68kVt6/RPjnVa70o1CBYTQRZFjQ+LwtFp9 OsXv7C7VSBzB4SPvM1IBnG0EwkmVUFH0JPjDVWRn+my6nWcKVbc6LNvCl0sNMsU/vwxDWwmG f4wcWhLN0DfwbvtkPThEIGAhex6RCXvFKUevmom6DjUEOwrW7jPR7+M6dIwMDIY2JARRKmHO pBxhTxHVRbQbF5dAworB4MsuqSCn2LFTCZ/kQfAzUYwyy2JpOBr65D3PNb9cdGQWYNShEnwj mPL5GvRAxwGOpqY0zXt2n62j+HT2CL2RIxXDrSns/pmiVaI7m0eFBNQUkG0ydGjg1H7UNJWK lYP0isjsaZ081akJvHnVgKQoXOYsFgbQdU4O/Um6ByHx7DIyw2YHWMDCDVGbbQbWNQeSTgm2 1GHmtLsHWY1va2eD3Ob6q2d6z+2I24ZIAfueBM5cOfM2PG7yKlbs/4FZo0L/HKd5jEtJQzN/ g==
IronPort-HdrOrdr: A9a23:wXyuYqtBdPWaJsmdy0ZuUfWL7skDrdV00zEX/kB9WHVpm5Sj5q eTdPRy73DJYUUqKRcdcLe7SdW9qBLnhONICOYqTNSftWXd1VdAabsSibcKoAeQZBEWlNQtt5 uIGpIWYLabMbE5t7ee3ODSKbgdKay8kJxA8t2+854Cd21Xgupbnn5E406gYzVLrSd9dOEE/N T33Ls8mwad
From: Nils.Maeurer@dlr.de
To: rdd@cert.org, iesg@ietf.org
CC: draft-ietf-raw-ldacs@ietf.org, raw-chairs@ietf.org, raw@ietf.org, pthubert@cisco.com
Thread-Topic: Roman Danyliw's Discuss on draft-ietf-raw-ldacs-10: (with DISCUSS and COMMENT)
Thread-Index: AQHYVS9EEut6kHkxkUGC8pwJpTWBw6z6Swrw
Date: Thu, 21 Apr 2022 12:52:16 +0000
Message-ID: <144cdfeda65e483d8e0a9cacf873f79a@dlr.de>
References: <165051144508.10144.8716794585897313093@ietfa.amsl.com>
In-Reply-To: <165051144508.10144.8716794585897313093@ietfa.amsl.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/raw/O-oD5YszJPL8ia1RCoVgNHqykLk>
Subject: Re: [Raw] Roman Danyliw's Discuss on draft-ietf-raw-ldacs-10: (with DISCUSS and COMMENT)
Precedence: list

Dear Roman Danyliw,

Thank you for your comments. Please find out answers inline below.

Best,
Nils Mäurer

-----Ursprüngliche Nachricht-----
Von: Roman Danyliw via Datatracker <noreply@ietf.org> 
Gesendet: Donnerstag, 21. April 2022 05:24
An: The IESG <iesg@ietf.org>
Cc: draft-ietf-raw-ldacs@ietf.org; raw-chairs@ietf.org; raw@ietf.org; pthubert@cisco.com; pthubert@cisco.com
Betreff: Roman Danyliw's Discuss on draft-ietf-raw-ldacs-10: (with DISCUSS and COMMENT)

Roman Danyliw has entered the following ballot position for
draft-ietf-raw-ldacs-10: Discuss


----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------

** With the upfront acknowledgement that I have little familiarity with LDACS,
I had significant difficulty in assessing the alignment of most this document
to the defined charter of RAW.  It appears to me that only a narrow portion of
the document is in-charter scope. References were provided for LDACS (e.g.,
[ICAO2015]), but as they were behind a paywall I was not able to review them. 
Relying primarily on Section 7.3 and Figure 3 of the [MAE20192], it appears
that LDACS is a series of technologies that operate below layer-3.  Operating
on top of LDACS at layer3+ is the FCI.  Section 4 reminds us that “The IPv6
architecture for the aeronautical telecommunication network is called the FCI.”

Per the RAW charter, “RAW will stay abstract to the radio layers underneath,
addressing the Layer 3 aspects in support of applications requiring high
reliability and availability.”  With that in mind, I was looking for the in
scope RAW work items to produce “Use Cases, Requirements,
Architecture/Framework Aspects for a Wireless Network, and an Evaluation of
Existing IETF Technologies and Gap Analysis” for technologies at or above layer
3.  In Section 5.2.3, I first found specifics on FCI that appear to a use cases
within that scope.  In Section 7.3.3,  there is text on the SNP which describes
activity germane to handling layer-3 services.  However, this section also
excludes this work as out of scope -- “[t]his work is ongoing and not part of
this document.”

In my assessment the overwhelming majority of the text in this document is
describing technologies and architecture not in RAW’s in-scope remit of layer
3+.

If the WG finds documenting this otherwise paywalled information in an
information document valuable, I see no issue keeping this material in an
Appendix.  However, the framing of this document needs to be clearer to
highlight the in-scope materials around FCI.

- Reply: LDACS is a cellular, ground-based digital communications system for flight guidance and communications related to the safety and regularity of flight. It is responsible for safely and reliably delivering Aeronautical Telecommunications Network (ATN)/Internet Protocol Suite (IPS) communications, which consist of Aeronautical Operational Control (AOC), Air Traffic Services (ATS) and Air Traffic Control (ATC) data. As such, LDACS interacts directly with IPv6 and uses the SNP layer in its protocol stack to translate IP traffic to LDACS specific packet format. While it is true, that a majority of this document describes below layer 3 technology, it is also explicitly mentioned in the charter of the RAW WG: "RAW extends the DetNet Working Group concepts to provide for high reliability and availability for an IP network utilizing scheduled wireless segments and other media, e.g., frequency/time-sharing physical media resources with stochastic traffic: IEEE Std. 802.15.4 timeslotted channel hopping (TSCH), 3GPP 5G ultra-reliable low latency communications (URLLC), IEEE 802.11ax/be, and L-band Digital Aeronautical Communications System (LDACS)." 
The reason, why it is explicitly listed here is, that all future aeronautical communications will be routed over IP (ATN/IPS) and LDACS is one data-link candidate within the Future Communications Infrastructure (FCI) doing that.
We thought it beneficial to bring this fact to the attention of the IETF and also start working on an IETF agreed upon LDACS draft upon which future work, such as how translation from IP to LDACS/FCI datalinks works in detail, will be based upon.
We will update the draft with a clearer framing.

** Section 9.  Please explicitly document the Security Considerations of FCI
(i.e., the IPv6/layer behaviors).  Is that Section 9.2?

- Reply: ATN/IPS security considerations are listed in ARINC P858 and ICAO Doc 9896, both unfortunately behind a paywall. Currently, DTLS is foreseen as transport layer security for ATN/IPS traffic. Data-links within the FCI need to provide "a secure channel between the airborne radio systems and the peer radio access endpoints on the ground [...] to ensure authentication and integrity of air-ground message exchanges in support of an overall defense-in-depth security strategy." [ARINC P858].
We can extend our draft based on that and include all relevant points from both paywalled documents.

-- Section 9, Per “These requirements imply that LDACS must provide layer 2
security in addition to any higher layer mechanisms”, it isn’t clear how this
is in-scope given the remit of RAW (see above).

-- Section 9.1 is helpful background but what of that applies to layer 3?  The
specifics in the threat analysis of [STR2016] and the advent of SDRs appears to
be largely data link considerations.

-- Section 9.2  How does [MAE20181] inform layer 3 threats as it’s explicitly
focused on data link issues?

-- Section 9.3.  Which of these security objectives apply to the FCI?

-- Section 9.5.3.  Architecturally, it isn’t clear how IPSec, TLS are being
used by the FCI.

- Reply: Any data-link transporting ATN/IPS related traffic needs to establish a secure channel (here in ARINC/ICAO documents usually NIST is cited with "A path for transferring data between two entities or components that ensures confidentiality, integrity, and replay protection as well as mutual authentication between the entities or components" [https://csrc.nist.gov/glossary/term/secure_channel]) between " radio systems and the peer radio access endpoints on the ground ". That means, the data-link itself needs to implements all that, before any FCI traffic is allowed here. On the actual ATN/IPS layer, DTLS with own dedicated ATN/IPS certificates and PKI is foreseen. We will update the section, clearly stating, what the document is looking at, in terms of security, and how security is applied on the above layers.


----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

I was unable to review the security claims of this document as several of the
references were not available to me. For example, [ARI2021], [ICAO2015], and
[ICA2018].  I leave it the judgement of the responsible AD to that the WG had
appropriate access and that they are being appropriately used.

** Section 1.  Editorial

(2) the introduction of IPv6 based networking protocols in
   aeronautical networks [RFC4291], [RFC7136], [ICAO2015].

I didn’t understand the link between [RFC4291] and [RFC7136] and aeronautical
networks.  If these are only intended to be citations to IPv6, then the text
would be clearer as:

(2) the introduction of IPv6 based networking protocols [RFC4291], [RFC7136] in
aeronautical networks  [ICAO2015].

- Reply: We will change that and reference RFC 8200 as was suggested.

** Section 5.2.1

The related protocol
   stack is currently under development by ICAO, within SESAR, and the
   IETF [I-D.haindl-lisp-gb-atn] [I-D.ietf-rtgwg-atn-bgp]

Judged entirely on datatracker meta-data, it appears to be a
mis-characterization to say that draft-haindl-lisp-gb-atn is under-development
in the IETF.  All I can confirm is the existence of an individual submission
that has been updated a number of times over 4+ years that has not been adopted
by a WG.

- Reply: We will correct that statement.

** From idnits:
  == Missing Reference: 'KOB1987' is mentioned on line 1211, but not defined

- Reply: We will update the missing reference.

[Raw] Roman Danyliw's Discuss on draft-ietf-raw-l… Roman Danyliw via Datatracker
Re: [Raw] Roman Danyliw's Discuss on draft-ietf-r… Nils.Maeurer