RE: AD review of draft-ietf-bfd-intervals
Marc Binderberger <marc@sniff.de> Thu, 14 August 2014 03:14 UTC
Return-Path: <marc@sniff.de>
X-Original-To: rtg-bfd@ietfa.amsl.com
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 228B81A0746 for <rtg-bfd@ietfa.amsl.com>; Wed, 13 Aug 2014 20:14:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.218
X-Spam-Level:
X-Spam-Status: No, score=-2.218 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, RP_MATCHES_RCVD=-0.668] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fD_wJQPXsrPv for <rtg-bfd@ietfa.amsl.com>; Wed, 13 Aug 2014 20:14:04 -0700 (PDT)
Received: from door.sniff.de (door.sniff.de [IPv6:2001:6f8:94f:1::1]) by ietfa.amsl.com (Postfix) with ESMTP id 77F9B1A00B2 for <rtg-bfd@ietf.org>; Wed, 13 Aug 2014 20:14:03 -0700 (PDT)
Received: from [IPv6:::1] (localhost.sniff.de [127.0.0.1]) by door.sniff.de (Postfix) with ESMTP id 8B5B92AA0F; Thu, 14 Aug 2014 03:13:59 +0000 (GMT)
Date: Wed, 13 Aug 2014 20:14:39 -0700
From: Marc Binderberger <marc@sniff.de>
To: Nobo Akiya <nobo@cisco.com>, "adrian@olddog.co.uk" <adrian@olddog.co.uk>
Message-ID: <20140813201439097437.33605c21@sniff.de>
In-Reply-To: <CECE764681BE964CBE1DFF78F3CDD3943A3A54CB@xmb-aln-x01.cisco.com>
References: <03dd01cfb33b$40a2d7d0$c1e88770$@olddog.co.uk> <20140812003439717481.408f4350@sniff.de> <CECE764681BE964CBE1DFF78F3CDD3943A3A54CB@xmb-aln-x01.cisco.com>
Subject: RE: AD review of draft-ietf-bfd-intervals
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="Multipart_20140813201439096606"
X-Mailer: GyazMail version 1.5.15
Archived-At: http://mailarchive.ietf.org/arch/msg/rtg-bfd/X63Iv3wciSOXiR8vGMKZUzwzgc8
Cc: "rtg-bfd@ietf.org" <rtg-bfd@ietf.org>, "draft-ietf-bfd-intervals.all@tools.ietf.org" <draft-ietf-bfd-intervals.all@tools.ietf.org>, "Marc Binderberger (mbinderb)" <mbinderb@cisco.com>
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtg-bfd/>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Aug 2014 03:14:07 -0000
Hello Adrian, attached the (side-by-side) changes we plan to add to a new draft version, based on your comments. And I hope the replies we have provided are satisfactory for you - otherwise we need another round of discussion ;-) Thanks & Regards, Marc
On Tue, 12 Aug 2014 16:57:36 +0000, Nobo Akiya (nobo) wrote: > Hi Marc, Adrian, > >>> This is rally to check with you. Can influencing the interval value used >>> by a BFD session be used as part of an attack? For example, can forcing >>> the transmission time to be slower make it harder to detect naughtiness? >>> And can forcing the interval to be faster help cause DoS? If so, does >>> limiting the set of available values make attacks easier? >> >> okay, the sentence in section 5 is short I admit :-) But this draft is not >> introducing any new mechanism how to negotiate the interval; it only >> shows >> how the mechanism of RFC5880 can be used to build a negotiation- >> sequence. >> We do not force faster intervals, the adjustment is to slower intervals >> when >> the negotiation fails. >> There is a risk - although I don't see an attack vector - with the fact >> that >> the final interval may be slower than the initial request, i.e.you don't >> get >> the service requested. What the draft contributes is it helps to find a >> common interval and sessions go up where otherwise they may stay down. > > I've spent some time thinking about this, but my conclusion is still the > same: this document does not introduce any new security concerns. Attackers > knowing or not knowing the common intervals won't result in any additional > security concerns to devices implementing the common intervals. Perhaps we > can expand the Security Considerations section a bit to make it more > obvious on what we mean. > > This document does not introduce any additional security concerns. > The security considerations described in the BFD documents, [RFC5880] > and others, apply to devices implementing the BFD protocol, > regardless of whether or not the common interval set is implemented. > > Thanks! > > -Nobo >
- AD review of draft-ietf-bfd-intervals Adrian Farrel
- Re: AD review of draft-ietf-bfd-intervals Jeffrey Haas
- Re: AD review of draft-ietf-bfd-intervals Marc Binderberger
- Re: AD review of draft-ietf-bfd-intervals Marc Binderberger
- Re: AD review of draft-ietf-bfd-intervals Jeffrey Haas
- RE: AD review of draft-ietf-bfd-intervals Nobo Akiya (nobo)
- RE: AD review of draft-ietf-bfd-intervals Gregory Mirsky
- Re: AD review of draft-ietf-bfd-intervals Jeffrey Haas
- RE: AD review of draft-ietf-bfd-intervals Marc Binderberger
- RE: AD review of draft-ietf-bfd-intervals Adrian Farrel
- RE: AD review of draft-ietf-bfd-intervals Marc Binderberger