[RPSEC] Comments on draft-ietf-rpsec-bgpsecrec-07
Joe Touch <touch@ISI.EDU> Thu, 21 June 2007 20:34 UTC
Return-path: <rpsec-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com)
by megatron.ietf.org with esmtp (Exim 4.43)
id 1I1TMH-0001tH-0E; Thu, 21 Jun 2007 16:34:25 -0400
Received: from rpsec by megatron.ietf.org with local (Exim 4.43)
id 1I1TMG-0001t5-Ba
for rpsec-confirm+ok@megatron.ietf.org; Thu, 21 Jun 2007 16:34:24 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org)
by megatron.ietf.org with esmtp (Exim 4.43) id 1I1TMG-0001sn-0L
for rpsec@ietf.org; Thu, 21 Jun 2007 16:34:24 -0400
Received: from vapor.isi.edu ([128.9.64.64])
by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I1TME-0006K8-KO
for rpsec@ietf.org; Thu, 21 Jun 2007 16:34:23 -0400
Received: from [75.215.104.154] (154.sub-75-215-104.myvzw.com [75.215.104.154])
by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id l5LKXsFN004342;
Thu, 21 Jun 2007 13:33:54 -0700 (PDT)
Message-ID: <467AE0B1.8030300@isi.edu>
Date: Thu, 21 Jun 2007 13:33:53 -0700
From: Joe Touch <touch@ISI.EDU>
User-Agent: Thunderbird 2.0.0.4 (Windows/20070604)
MIME-Version: 1.0
To: rpsec@ietf.org
X-Enigmail-Version: 0.95.1
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 02ec665d00de228c50c93ed6b5e4fc1a
Subject: [RPSEC] Comments on draft-ietf-rpsec-bgpsecrec-07
X-BeenThere: rpsec@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Routing Protocol Security Requirements <rpsec.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/rpsec>,
<mailto:rpsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/rpsec>
List-Post: <mailto:rpsec@ietf.org>
List-Help: <mailto:rpsec-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/rpsec>,
<mailto:rpsec-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0817995109=="
Errors-To: rpsec-bounces@ietf.org
Hi, all, Sorry for the belated reply to this draft; it was only recently brought to the attention of the TCP-MD5 update design team in the TCPM working group. I hope these comments will be useful, and will track responses to this post on the rpsec wg mailing list. Joe ------------------------------------------ Abstract - Securing the info between the parties is not an easy technical matter; if it were, IPsec would be in regular use. The current situation is that TCP-MD5 (created for this purpose) has weaknesses (RFC4808), and that there is IPsec is not used for this (draft-ietf-tcpm-tcp-antispoof). The TCPM WG has created a design team to explore two current proposals (draft-touch-tcpm-tcp-simple-auth, draft-bonica-tcp-auth). 1.2 - "Attacks that do not involve..." is contrary to section 10 pg 15, as well as the abstract itself. 10 - GTSM is not a security mechanism; it is an heuristic that happens to work when tunneling is suitably secured (i.e., when there are uncontrolled tunnels from a host, hopcount checking is useless). IPsec should have been cited, certainly more prominently than GTSM. It's confusing to propose that transport protection "MAY" be a component; BGP without graceful restart treats transport failure as routing failure (as noted in draft-tcpm-tcp-antispoof), and there are substantial problems with graceful restart (as noted in RFC4724), both of which should be summarized here. -- ---------------------------------------- Joe Touch Sr. Network Engineer, USAF TSAT Space Segment
Hi, all, Sorry for the belated reply to this draft; it was only recently brought to the attention of the TCP-MD5 update design team in the TCPM working group. I hope these comments will be useful, and will track responses to this post on the rpsec wg mailing list. Joe ------------------------------------------ Abstract - Securing the info between the parties is not an easy technical matter; if it were, IPsec would be in regular use. The current situation is that TCP-MD5 (created for this purpose) has weaknesses (RFC4808), and that there is IPsec is not used for this (draft-ietf-tcpm-tcp-antispoof). The TCPM WG has created a design team to explore two current proposals (draft-touch-tcpm-tcp-simple-auth, draft-bonica-tcp-auth). 1.2 - "Attacks that do not involve..." is contrary to section 10 pg 15, as well as the abstract itself. 10 - GTSM is not a security mechanism; it is an heuristic that happens to work when tunneling is suitably secured (i.e., when there are uncontrolled tunnels from a host, hopcount checking is useless). IPsec should have been cited, certainly more prominently than GTSM. It's confusing to propose that transport protection "MAY" be a component; BGP without graceful restart treats transport failure as routing failure (as noted in draft-tcpm-tcp-antispoof), and there are substantial problems with graceful restart (as noted in RFC4724), both of which should be summarized here. -- ---------------------------------------- Joe Touch Sr. Network Engineer, USAF TSAT Space Segment
_______________________________________________ RPSEC mailing list RPSEC@ietf.org https://www1.ietf.org/mailman/listinfo/rpsec