[Rift] draft update after today's interim (last nonce corner case discussions) ...
Tony Przygienda <tonysietf@gmail.com> Thu, 06 June 2019 18:26 UTC
Return-Path: <tonysietf@gmail.com>
X-Original-To: rift@ietfa.amsl.com
Delivered-To: rift@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5217412011B for <rift@ietfa.amsl.com>; Thu, 6 Jun 2019 11:26:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DsbZqB03Hlve for <rift@ietfa.amsl.com>; Thu, 6 Jun 2019 11:26:27 -0700 (PDT)
Received: from mail-ed1-x533.google.com (mail-ed1-x533.google.com [IPv6:2a00:1450:4864:20::533]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 430561200B9 for <rift@ietf.org>; Thu, 6 Jun 2019 11:26:27 -0700 (PDT)
Received: by mail-ed1-x533.google.com with SMTP id a8so4706852edx.3 for <rift@ietf.org>; Thu, 06 Jun 2019 11:26:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=skb3KZeVl5o+tZg9VXG8bIgpWsgPmqDKdkay4olyzSM=; b=hf2hGu3uPgphHaxVLVTXPW4artPLdqwZLglHPG8k2Ni5ufPzIo5lG/mpjzaLovnRby ccKVYsx9ZJ8AI2Ikcm6Xemksqw3YTOMx6J5ME/UPWAwS6pHlOV16DYwngPZi7K2jOed2 o1yBSowOIEd2NjTLlRH1mY0b15nYRAblD/WodObh2dm6bBkGmADa3vTlnPmQy4rmsGIG W3TPtnPv1cZ5b2g5I/v386U2N2TRIado2EmSKRGEB1tpfAqtZ3SPbYPQBS1OXqq/j/5k jrrEokOz3gQnuJI0SwTwdCrjiE4GhoRuOCDQwpaWfecUXyh2nLul2h/gqR6cizvNb76Y 5F0g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=skb3KZeVl5o+tZg9VXG8bIgpWsgPmqDKdkay4olyzSM=; b=WXc4NH66vEdCFjlYw0vnND9GwWN9axRYAKTHuqB/WLHf4CkJcxG9Kgack0yJ9u5ZcS e6Zcd44eY37XCCopztwkqKzmXLh9MVf9/MKcmuZxfF0jrslURpcLPpECR/4dBJ3AvIuf FdSylEH83UtG/D9oPLZX3+dsc8qqumFk8t3MFLod/ZeEsjUU+DUS7h4kQTU4yDujxN+9 ktotFc7Tas0rOt5kA7WtHZSXLaiHLkqHb1A5x4lO7O0MKYx128bfke8zy4BNdsBRjOUz eQa1OJ8zZ/tcxSCnaT4iBaYj+W3lHshYMtaAn9IXeUgQILE+x7+jbx+6VVzw+HGbKthB QO7A==
X-Gm-Message-State: APjAAAVsLRX5fyqpEQpPdzuKr0WeFpR8DTXmgrr4rXEDWp1yQj5LBmzc /BZSSZNaU8z+osUHg04vKN9/r7P9krYXclzpIY9x3wijxlY=
X-Google-Smtp-Source: APXvYqwQxb6a+e0KBnUjpa4ROXbepHvzrGPF+pAL+aa6f6S2fXo6WYsa43cuIFWeZnSW03vCb6la7czrNuuivhcFZmE=
X-Received: by 2002:a50:b87c:: with SMTP id k57mr12894949ede.226.1559845585791; Thu, 06 Jun 2019 11:26:25 -0700 (PDT)
MIME-Version: 1.0
From: Tony Przygienda <tonysietf@gmail.com>
Date: Thu, 06 Jun 2019 11:25:49 -0700
Message-ID: <CA+wi2hPOoLDPy2k6KX=5cOvGKHei=sN7eUPfu+Qeqwiy8qXrdg@mail.gmail.com>
To: rift@ietf.org
Content-Type: multipart/alternative; boundary="0000000000000bad7d058aabdac1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rift/elbx7dNLo9jZMM69wwdacqsr3Gs>
Subject: [Rift] draft update after today's interim (last nonce corner case discussions) ...
X-BeenThere: rift@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of Routing in Fat Trees <rift.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rift>, <mailto:rift-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rift/>
List-Post: <mailto:rift@ietf.org>
List-Help: <mailto:rift-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rift>, <mailto:rift-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Jun 2019 18:26:29 -0000
After today's discussion in the interim (and Bruno's detailed thread on security) here's the update to draft that should resolve all outstaning comments and insight from implementation 5.4.3. Security Envelope RIFT MUST be carried in a mandatory secure envelope illustrated in Figure 31. *Any value in the packet following a security fingerprint MUST be used only after the according fingerprint has been validated.* Local configuration can *MAY* allow to skip the checking of the envelope's integrity. *This should address the outstanding issue of whether nonces can be used before security envelope is validated* Any implementation including RIFT security MUST generate and wrap around local nonces properly. *When a nonce increment leads to `undefined_nonce` value the value SHOULD be incremented again immediately.* *That should resolve the comment on nonce rollback. * As a necessary exception, an implementation MUST advertise `undefined_nonce` for remote nonce value when the FSM is not in 2-way or 3-way state and accept an `undefined_nonce` for its local nonce value on packets in any other state than 3-way. *As optional optimization, an implemenation MAY send one LIE with previously negotiated neighbor's nonce to try to speed up a neighbor's transition from 3-way to 1-way and MUST revert to sending `undefined_nonce` after that.* 5.4.5. Lifetime Protecting lifetime on flooding can *may* lead to excessive number of security fingerprint computation and hence an application generating such fingerprints on TIEs SHOULD *MAY* round the value down to the next `rounddown_lifetime_interval` defined in the schema when sending TIEs. *TIEs albeit such optimization in presence of security hashes over advancing weak nonces may not be feasible.* *This describes optimization to shut down neighbor faster (helpful in ZTP) and the other text is a consideration how much recomputation of security envelopes can we really save on rounding up lifetimes and having 'weak nonces'* *I also looked @ the expired OSPF karp, it's clever but it's a new protocol to negotiate and I didn't see any treatement of losses/reordering which IMO will force it towards equivalent of 'weak nonces' and with that make* *it equivalent of what we have in RIFT already * *So, please comments ...* *--- tony *
- [Rift] draft update after today's interim (last n… Tony Przygienda