Re: [Rmt] AD comments on draft-ietf-rmt-pi-alc-revised-06
Vincent Roca <vincent.roca@inrialpes.fr> Fri, 15 May 2009 13:39 UTC
Return-Path: <vincent.roca@inrialpes.fr>
X-Original-To: rmt@core3.amsl.com
Delivered-To: rmt@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3E1973A680E for <rmt@core3.amsl.com>; Fri, 15 May 2009 06:39:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.204
X-Spam-Level:
X-Spam-Status: No, score=-6.204 tagged_above=-999 required=5 tests=[AWL=0.045, BAYES_00=-2.599, HELO_EQ_FR=0.35, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9fOPEcOkP-5n for <rmt@core3.amsl.com>; Fri, 15 May 2009 06:39:23 -0700 (PDT)
Received: from mail3-relais-sop.national.inria.fr (mail3-relais-sop.national.inria.fr [192.134.164.104]) by core3.amsl.com (Postfix) with ESMTP id 875103A68FA for <rmt@ietf.org>; Fri, 15 May 2009 06:39:21 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.41,199,1241388000"; d="scan'208";a="27795308"
Received: from ornon.inrialpes.fr (HELO [194.199.24.115]) ([194.199.24.115]) by mail3-relais-sop.national.inria.fr with ESMTP/TLS/DHE-RSA-AES256-SHA; 15 May 2009 15:40:53 +0200
Message-ID: <4A0D70E1.6070402@inrialpes.fr>
Date: Fri, 15 May 2009 15:40:49 +0200
From: Vincent Roca <vincent.roca@inrialpes.fr>
User-Agent: Thunderbird 2.0.0.21 (X11/20090318)
MIME-Version: 1.0
To: Magnus Westerlund <magnus.westerlund@ericsson.com>
References: <C62F6020.2D01A%watson@qualcomm.com> <4A0A95C1.2000808@ericsson.com>
In-Reply-To: <4A0A95C1.2000808@ericsson.com>
X-Enigmail-Version: 0.95.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: "draft-ietf-rmt-pi-alc-revised@tools.ietf.org" <draft-ietf-rmt-pi-alc-revised@tools.ietf.org>, "Watson, Mark" <watson@qualcomm.com>, "rmt@ietf.org" <rmt@ietf.org>
Subject: Re: [Rmt] AD comments on draft-ietf-rmt-pi-alc-revised-06
X-BeenThere: rmt@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Reliable Multicast Transport <rmt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/rmt>, <mailto:rmt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rmt>
List-Post: <mailto:rmt@ietf.org>
List-Help: <mailto:rmt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rmt>, <mailto:rmt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 May 2009 13:39:24 -0000
Hello Mark, Magnus and others,
A few comments concerning this I-D and the discussion.
Regards,
Vincent
>> A question is if we need to specify one mandatory to implement FEC
>> encoding?
Current DVB-H specifications have identified a single mandatory
to support FEC scheme: NULL-FEC. I don't see any reason to do a
different choice. In any case yes, we should mandate its support.
>> For security, as with NORM, we have text defining 'Baseline secure ALC
>> operation'. Do you think we should mandate support for this ?
>
> Yes, I think so. But I definitely would like to get WG input into this
> question.
I don't really understand what "mandate" means in this context.
I see several options, which one is appropriate?
1- all ALC sessions MUST use the IPsec configuration of section 5.1.1
2- for any insecure ALC session, there MUST be a parallel ALC session
secured with the IPsec configuration of section 5.1.1, so that a
receiver can choose what version he wants
3- for any ALC implementation, the host on which this ALC server or
client runs MUST be able to use the IPsec configuration of
section 5.1.1
I think option 3- is the right one. However since the ALC and IPsec
building blocks belong to different layers, it does not impose anything
to ALC developers (as a developer, I'm happy ;-)). And it does not say
anything about its actual use...
Additionally, is such a requirement compatible with current DVB-*
deployments? I'm not sure, unless we restrict the target and say
that such a requirement is specific to "Internet" use-cases...
More fundamentally, I have two comments:
First of all, do we agree that packet source authentication/packet
integrity is the most fundamental security service that is required
by ALC? It means we don't need to mandate confidentiality (even if
it's often desired).
Then, what about the solution consisting in mandating the simplest
technical solution, even if it does not fulfill all possible use-cases?
If this is the case, then the "group MAC" scheme proposed in the
simple-auth-for-alc-norm I-D is a good choice.
But here also, it's not compatible with current DVB-* deployments
unless we restrict the target to "Internet" use-cases... It's what
I'd recommend here today.
>>> 4. There are more references that are not updated. Cases where mechanism
>>> are available in IETF draft, like the TESLA solution. Which would impact
>>> the reference for example in Section 5, third paragraph.
>>>
>
> I added the TESLA for ALC/NORM draft as a reference and reference from that
> paragraph.
The ALC I-D should also refer to draft-ietf-rmt-simple-auth-for-alc-norm
in addition to draft-ietf-msec-tesla-for-alc-norm, IMHO. Its goal is
exactly what we are discussing here.
> The following paragraph repeats this problem and so I propose to replace
> that with:
>
> "Some packet authentication schemes such as TESLA
> [ietf-msec-tesla-for-alc-norm] do not allow an immediate authenticity check.
> In this case the receiver SHOULD check the authenticity of a packet as soon
> as possible, and if the packet fails the check then it MUST be silently
> discarded before step (5) above."
There is a coherency problem WRT draft-ietf-rmt-bb-lct-revised-09.txt
where it is said (section 5.2.1):
Some packet authentication schemes impose a delay of
several seconds between when a packet is received and
when the packet is fully authenticated. Any congestion
control related action that is appropriate MUST NOT be
postponed by any such full packet authentication.
The two versions are compatible, but they don't focus on the same point.
In ALC => discard TESLA packets that fail the check
In LCT => don't delay congestion control, even if the packet is not yet
checked by TESLA (i.e., protect the network, even if it creates
a potential DoS)
I suggest to use the same paragraph in both cases.
It's also in line with draft-ietf-msec-tesla-for-alc-norm-07 (section 4.3):
- perform congestion control ASAP, even if the packet is not authenticated
- discard silently any packet that fails the authentication test
Additional comments (sorry if they arrive a bit late...)
--------------------------------------------------------
** Fig 1, PSI bits:
It turns out that the PSI bits are called A and B, just like the
LCT A (close session) and B (close object) flags. Admittedly, these
are PSI bits, but it can be a little bit confusing if we omit "PSI"
as in Fig. 1. I suggest to call them differently (e.g., PSI1 and PSI2).
** section 4.3: It is said:
It is RECOMMENDED that packet authentication be used. If packet
authentication is used then the Header Extensions described in
Section 4.2 MUST be used to carry the authentication.
Well, this only applies if an ALC-level authentication scheme is used.
EXT_AUTH is useless in case of IPsec!
** section 4.4: It is said:
The receiver MUST be able to discard,
forward, store or process the other headers and the packet payload.
I don't understand what "forward" means here. Probably to the upper layer
or a processing unit? I'd remove it.
** section 4.4, item 1: It is said:
If multiple packets are received that cannot be parsed then
the receiver SHOULD leave the session.
Same kind of remark as that of Magnus: mounting a DoS is trivial since it
is sufficient to send a few packets with random content (since item 1
happens BEFORE ALC-level authentication). If IPsec is used, of course this
does not apply.
I suggest however to "silently discard".
Same remark for item 2 where it is said:
If multiple packets are received with non-matching
(sender IP address, TSI) values then the receiver SHOULD leave
the session.
** Section 5, second paragraph: It is said:
Because of the use of FEC, ALC is especially vulnerable to denial-
of-service attacks by attackers that try to send forged packets to
the session...
Though I agree that the use of FEC encoding *amplifies* the problem,
the problems remains with NULL-FEC. A single forged source packet can
corrupt the whole object too.
** Section 5, 4th paragraph: It is said:
...to ensure that each received packet is an
authentic and uncorrupted packet containing FEC data for the object
arriving from the specified sender.
I'd remove "FEC data" since it is rather ambiguous to me.
- [Rmt] AD comments on draft-ietf-rmt-pi-alc-revise… Magnus Westerlund
- Re: [Rmt] AD comments on draft-ietf-rmt-pi-alc-re… Watson, Mark
- Re: [Rmt] AD comments on draft-ietf-rmt-pi-alc-re… Magnus Westerlund
- Re: [Rmt] AD comments on draft-ietf-rmt-pi-alc-re… Vincent Roca
- Re: [Rmt] AD comments on draft-ietf-rmt-pi-alc-re… Magnus Westerlund
- Re: [Rmt] AD comments on draft-ietf-rmt-pi-alc-re… Watson, Mark
- Re: [Rmt] AD comments on draft-ietf-rmt-pi-alc-re… Rod.Walsh
- Re: [Rmt] AD comments on draft-ietf-rmt-pi-alc-re… Magnus Westerlund
- Re: [Rmt] AD comments on draft-ietf-rmt-pi-alc-re… Watson, Mark
- Re: [Rmt] AD comments on draft-ietf-rmt-pi-alc-re… Magnus Westerlund
- Re: [Rmt] AD comments on draft-ietf-rmt-pi-alc-re… Watson, Mark
- Re: [Rmt] AD comments on draft-ietf-rmt-pi-alc-re… Magnus Westerlund
- Re: [Rmt] AD comments on draft-ietf-rmt-pi-alc-re… Brian Adamson
- Re: [Rmt] AD comments on draft-ietf-rmt-pi-alc-re… Watson, Mark
- Re: [Rmt] AD comments on draft-ietf-rmt-pi-alc-re… Magnus Westerlund
- Re: [Rmt] AD comments on draft-ietf-rmt-pi-alc-re… Watson, Mark
- Re: [Rmt] AD comments on draft-ietf-rmt-pi-alc-re… Watson, Mark