Re: [Roll] Roman Danyliw's No Objection on draft-ietf-roll-turnon-rfc8138-14: (with COMMENT)

"Pascal Thubert (pthubert)" <pthubert@cisco.com> Wed, 09 September 2020 15:25 UTC

Return-Path: <pthubert@cisco.com>
X-Original-To: roll@ietfa.amsl.com
Delivered-To: roll@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C2B503A0E2F; Wed, 9 Sep 2020 08:25:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.601
X-Spam-Level:
X-Spam-Status: No, score=-9.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=KN7Bla5K; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=a7TIcw2S
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k8pO1lQ7TXHD; Wed, 9 Sep 2020 08:24:59 -0700 (PDT)
Received: from alln-iport-6.cisco.com (alln-iport-6.cisco.com [173.37.142.93]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F4213A0EEB; Wed, 9 Sep 2020 08:24:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3002; q=dns/txt; s=iport; t=1599665091; x=1600874691; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=W3xcOQ6+H8Q71AgVJ9XPexj2lzuiQoDZHIL8gSqHRX4=; b=KN7Bla5KIgXKI9l0t8zQZJh4eTcPDLPGvYPBxFGijexm1Z4ydWWQBM30 uAaQ3tYIZFyiH/H5Dm3bS2TqxYZFxF0ISo5RNe/xsPaZs7/VcH7TBdpZj aa81SQUYZ5ndeKrA2a8XA4H5fNABSIv0TAcmdiO9Wn/5NCMJ4I4Xym9MM E=;
IronPort-PHdr: =?us-ascii?q?9a23=3A7yyUzBJwLFzK1EZvuNmcpTVXNCE6p7X5OBIU4Z?= =?us-ascii?q?M7irVIN76u5InmIFeGvK8/h1LTQcPc8f0Xw+bVsqW1X2sG7N7BtX0Za5VDWl?= =?us-ascii?q?cDjtlehA0vBsOJSCiZZP7nZiA3BoJOAVli+XzoOkVPBID5fVKB6nG35CQZTx?= =?us-ascii?q?P4Mwc9L+/pG4nU2sKw0e36+5DabwhSwjSnZrYnJxStpgKXvc4T0oY=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0DdCABl8lhf/4ENJK1fHQEBAQEJARI?= =?us-ascii?q?BBQUBQIFPgVJRB4FJLywKgSWCSUCDRgONcYUok0mBQoERA1ULAQEBDAEBLQI?= =?us-ascii?q?EAQEPhDwCF4F6AiQ4EwIDAQELAQEFAQEBAgEGBG2FXAyFcgEBAQECAQwGERE?= =?us-ascii?q?MAQE3AQ8CAQYCDgwCJgICAjAVEAIEAQ0NGoVQAw4gAQOXVJBpAoE5iGF2gTK?= =?us-ascii?q?DAQEBBYUMGIIQCYEOKoJxgltLQoJAgUaCSxuBQT+BVFGBfD6EJBuDFTOCLY9?= =?us-ascii?q?9gmEBPKNTCoJlmlOgVpJRmy+EKAIEAgQFAg4BAQWBayOBV3AVgyRQFwINjh8?= =?us-ascii?q?3gzqKVnQ3AgYBCQEBAwl8jDsBgRABAQ?=
X-IronPort-AV: E=Sophos;i="5.76,409,1592870400"; d="scan'208";a="572605193"
Received: from alln-core-9.cisco.com ([173.36.13.129]) by alln-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 09 Sep 2020 15:24:50 +0000
Received: from XCH-ALN-001.cisco.com (xch-aln-001.cisco.com [173.36.7.11]) by alln-core-9.cisco.com (8.15.2/8.15.2) with ESMTPS id 089FOoja007767 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 9 Sep 2020 15:24:50 GMT
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by XCH-ALN-001.cisco.com (173.36.7.11) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 9 Sep 2020 10:24:50 -0500
Received: from xhs-aln-003.cisco.com (173.37.135.120) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 9 Sep 2020 10:24:49 -0500
Received: from NAM10-MW2-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-003.cisco.com (173.37.135.120) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Wed, 9 Sep 2020 10:24:49 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Z0HTS0osCLQlP2Lwv53AMulgSCEh67YuLrj1sjGo6v34MRfhIvcPV7ap8KYlUWuDOoaDOZ/TlbNC07v7bSBDTQwrGgC3PwWuxGIwDaeK+6vNa6FSIrKV8i4yidD0HSAAwjeeAWDxx7ec9sA2uhWflmQzlpukAtxmmtYHsvJcIOeHUs7wFxhFRgHP8yrUqIYVR34M67bhIpiTL4TdKESear3jbNrAs6AJf4hjUtLCARbIkh8YrSVMx0oXLxn5uK9LjwDpaoPiviEp0nZ+m2swJXRkAN1JRox6/lZ4SB0iRpOE5RwdsxUP+1nn7bVZq/4K1yt6QfcvMXyXK8h6Kt7tyQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=W3xcOQ6+H8Q71AgVJ9XPexj2lzuiQoDZHIL8gSqHRX4=; b=evbEr9Y4Uyb+VmVpiLZaZoBZFPk3JT6ca7cEK3nZ7efJcS33Gto5HZBZMajamSXweDcxB1dUySjvHtjwP2rJeIH+25+400C9uT0+bkjqwnHnPowM1liCnewCQP5iBDBv0rxqOMM/kCy7MTnYmpplRQslTcGe2/GpTkoLJx1+qTqSzqXmS7qjmsuFtMj2pBruv6GbaIf37ZWEcTeoPWyuJMhzW7hC4wI8sbXAXxzRHykBw9cu0j+bGjKk5PgUqAFtxau1peSsFka0QXILFRjn4/uM3VhFhIFCI1gJX+JffZyiMN6A4s3uf9O5SKTghr7F4eK357DsdvA/14HfND+BJQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=W3xcOQ6+H8Q71AgVJ9XPexj2lzuiQoDZHIL8gSqHRX4=; b=a7TIcw2SJyOge0ck3vasB06smgrgRW1oLhpf40RIbAxxUhLPiP9XDJjYQcGkO79v8fl93WWVz7MG2boOkY3btLYhHHPmi5up14zoNbtFAHD6DJkUot5l+BKarP5gNLRS1l+B/bGmBGsW1aEP6ZyYM+thM5oKItvgaX0fMihdNXs=
Received: from MN2PR11MB3565.namprd11.prod.outlook.com (2603:10b6:208:ea::31) by MN2PR11MB3855.namprd11.prod.outlook.com (2603:10b6:208:f6::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3370.16; Wed, 9 Sep 2020 15:24:48 +0000
Received: from MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::119:f851:5860:da95]) by MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::119:f851:5860:da95%4]) with mapi id 15.20.3348.019; Wed, 9 Sep 2020 15:24:48 +0000
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: Roman Danyliw <rdd@cert.org>, The IESG <iesg@ietf.org>
CC: "draft-ietf-roll-turnon-rfc8138@ietf.org" <draft-ietf-roll-turnon-rfc8138@ietf.org>, "roll-chairs@ietf.org" <roll-chairs@ietf.org>, "roll@ietf.org" <roll@ietf.org>, Ines Robles <mariainesrobles@googlemail.com>, "aretana.ietf@gmail.com" <aretana.ietf@gmail.com>
Thread-Topic: Roman Danyliw's No Objection on draft-ietf-roll-turnon-rfc8138-14: (with COMMENT)
Thread-Index: AQHWhrjDA/p5NhV/YE21cylcrcYTp6lgaDqg
Date: Wed, 9 Sep 2020 15:24:45 +0000
Deferred-Delivery: Wed, 9 Sep 2020 15:24:14 +0000
Message-ID: <MN2PR11MB356548E58C054951B6519D7BD8260@MN2PR11MB3565.namprd11.prod.outlook.com>
References: <159966310991.32249.4584030650116177263@ietfa.amsl.com>
In-Reply-To: <159966310991.32249.4584030650116177263@ietfa.amsl.com>
Accept-Language: fr-FR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: cert.org; dkim=none (message not signed) header.d=none;cert.org; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [90.118.154.54]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: efda6a9a-bd49-49a8-64b5-08d854d47d34
x-ms-traffictypediagnostic: MN2PR11MB3855:
x-microsoft-antispam-prvs: <MN2PR11MB3855FDE715D551E38C8BF6A4D8260@MN2PR11MB3855.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: I+HR/9Lwo/GLGYlm1bTc/bq0/MaTPGlqZGx72npSAzRsms40n1qOPSqZr/0K0ce2qsSvfgyDJNsJTF8sWIm0EZTKWP3d06BXyH9s7Wxd+s2kHxvlEkzwFSxX/GPSiYWveZrfNurY/RgZmKwjRU5TxBLUZLetNQVHc+IInOoCj8q80BgYXfFzLigIFSqdV+a3Xaw9HYGx35kmJXv2l9mo2hgAgMUyAs6T1vpdmc9D+FDZ8pLMNxcUhsRHuKF3+0alTS0r8v+0Zgo4jaXS2C3vit62frfajcXr/pYaHbDRt0rikckRmlBOTmDVh4zrm2w9lOdDnh4LEJ6Ric8eivTvJw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR11MB3565.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(396003)(376002)(346002)(136003)(39860400002)(66946007)(66446008)(86362001)(66556008)(76116006)(6666004)(33656002)(8676002)(66476007)(64756008)(8936002)(7696005)(26005)(6506007)(478600001)(186003)(71200400001)(54906003)(2906002)(316002)(9686003)(4326008)(55016002)(83380400001)(110136005)(5660300002)(52536014); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: IydkZQW7km+8dGRZ4fFrs3bJVMvKiej+Lc9X3q7XD1sSmwkB4TC5jIHOkcFLgIOl9Smz3sG/CPgWYYcB3lMdZZ5giQqjs7PTRx2WzELzgbQpXhh6Z0rzAWp6U/CX/Pm3SiHDb+VPmTzmKukH5zjcsdMFwjUdqq3FaaQBA+Yns27XDr7DS9O+FsQZ5Pw0OEcbmoh8wyGwahTBCIQoZN1c9AXBYWjQccJ9/WFemESSlw83hwTqXbwPKnpBXRhwr4vjW8IhtYxFmDx5gwC8Wfa4h+8tOXUVVdV/EKkmrKhwZ8Tw+06nN6TIfMsYsC9+x5iPpZomtNktv9NtXrG0+Mf95mjgmZbEJ9PQUnmGwcifBpkLd+IUm+J2gGA2N9Y8WP/gH2NfgHeO066W4c/8prH9Cu+S3LA6tFg3VPk3BxZQFn8tQzN4/ELZ46+xCpLvuTVunmdwmMphoz8pd7uQsMacrYmd76jP7JNxFiM2wMgR5Q0fUJTAsfnpSfhZ+JBjit6PSy3/NbKICd9uBCSzdwGjwI8/9ei7pjVMo0oK1km3OUj22kLQi+GH3kmhTRq0e18asm0UV7vS1G/C74SAaR0zr+F8WS3DWcloLGssQrtQGLlhpaP3672IMPjtjRy5ouWtQ74D9ZCeLisvwj0fY9n2Kw==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR11MB3565.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: efda6a9a-bd49-49a8-64b5-08d854d47d34
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Sep 2020 15:24:48.1931 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: kstUQHCGTD2oboRjac5N37QVsoJe8030oicoMT03wkZCd0Z4mY4QUvgMYdvLvbtdBr5WwN9XJD0suDV+K6Mv+g==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB3855
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.11, xch-aln-001.cisco.com
X-Outbound-Node: alln-core-9.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/roll/0WhsdJNGzt6ayWviqZUPkftHkZs>
Subject: Re: [Roll] Roman Danyliw's No Objection on draft-ietf-roll-turnon-rfc8138-14: (with COMMENT)
X-BeenThere: roll@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Routing Over Low power and Lossy networks <roll.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/roll>, <mailto:roll-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/roll/>
List-Post: <mailto:roll@ietf.org>
List-Help: <mailto:roll-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/roll>, <mailto:roll-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Sep 2020 15:25:01 -0000

Hello Roman

Many thanks for your time on this review, and for your comments below : )

Let's see:
 
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
> 
> Section 5.  Typo. s/an homogenous/a homogeneous/

Fixed

> 
> Section 7.  Editorial. To be clearer on where the attacker is in the topology and
> on who is incurring the cost:
> 
> OLD
> An attacker in the middle of the network may reset the "T" flag to cause extra
> energy spending in its subDAG.
> 
> NEW
> An on-path attacker may reset the “T” flag to force additional energy
> consumption by the nodes in the subDAG.
> 

Hum, I believe we're not there yet, because worded as this it looks like the attacker is along a unicast path. This is not the case.

The "T" flag is in a message (the DIO) that is propagated in a fashion that is akin to multicast though it's not. The RPL node receives DIO messages from neighbors that are willing to be parents. If this node decides to also be a parent, it will regenerate a DIO that contains some fields unchanged, including the DODAG configuration option. 

In that process, the bad guy may change some fields it shouldn't, including the "T" flag, but it's just one of many fields in that same situation. His children and their descendant will repeat that wrong setting. Note that this is not a tree but a DODAG. So you get DIOs from not one (candidate) parent but multiple ones. A descendant may discover an inconsistency between its parents (if some descend from the attacker and others do not) and could raise an alert, but the case can be normal, e.g., during a transition. RPL does not really specify that, it is left to implementations, e.g., constrained nodes will not spend code looking for anomalies.

Bottom line, there is no path to be on. There's a wave coming, the attacker relays that wave, and modifies it. If it is in the middle of the network this has an effect - on its descendants. If the attacker is at the leaf edge, the attack as no effect since this node has no descendant. 

What do you think?

Take care,

Pascal