Re: [RTG-DIR] RtgDir review: draft-ietf-karp-bfd-analysis-04.txt
"Les Ginsberg (ginsberg)" <ginsberg@cisco.com> Thu, 31 July 2014 14:37 UTC
Return-Path: <ginsberg@cisco.com>
X-Original-To: rtg-dir@ietfa.amsl.com
Delivered-To: rtg-dir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 290EF1B28F2 for <rtg-dir@ietfa.amsl.com>; Thu, 31 Jul 2014 07:37:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OyGyna0iM2jI for <rtg-dir@ietfa.amsl.com>; Thu, 31 Jul 2014 07:37:30 -0700 (PDT)
Received: from alln-iport-3.cisco.com (alln-iport-3.cisco.com [173.37.142.90]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C159C1B28F3 for <rtg-dir@ietf.org>; Thu, 31 Jul 2014 07:37:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=23419; q=dns/txt; s=iport; t=1406817427; x=1408027027; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=Haj0GkxnYOZrqjHoAQQ3+NuSNRbYndRAUduO+7396Bk=; b=d7q00GRu/T0yw8vVqpCoIqhK5KLA/QomgB1KOe00j39lsFzxH7Kk94az b6VMHPUiGTWXPxApLHVG2orwhNJZ9fDIIqY86Fhp2I014jiGNwjM48nqb tWYXsh977WIkzRsvpd1pVWa3A0iLuG7f1MznWu4eY/HQaoo4ZHy4ZmbDP 4=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ai0FAOVT2lOtJV2Z/2dsb2JhbABZgkdHUlcEyyyHSwGBBhZ3hAMBAQEBAy1MEAIBCBEDAQEBCxYHByERFAkIAgQBDQUIAQsHiBMDEQ2zfA2HDheNH4F8IBEGAYMvgRsFjmWIWYIhkDOGJYNJbAGBBCQc
X-IronPort-AV: E=Sophos; i="5.01,772,1400025600"; d="scan'208,217"; a="65489686"
Received: from rcdn-core-2.cisco.com ([173.37.93.153]) by alln-iport-3.cisco.com with ESMTP; 31 Jul 2014 14:37:05 +0000
Received: from xhc-aln-x11.cisco.com (xhc-aln-x11.cisco.com [173.36.12.85]) by rcdn-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id s6VEb5CH004178 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Thu, 31 Jul 2014 14:37:05 GMT
Received: from xmb-aln-x02.cisco.com ([169.254.5.120]) by xhc-aln-x11.cisco.com ([173.36.12.85]) with mapi id 14.03.0123.003; Thu, 31 Jul 2014 09:37:05 -0500
From: "Les Ginsberg (ginsberg)" <ginsberg@cisco.com>
To: "Acee Lindem (acee)" <acee@cisco.com>, manav bhatia <manav@ionosnetworks.com>
Thread-Topic: [RTG-DIR] RtgDir review: draft-ietf-karp-bfd-analysis-04.txt
Thread-Index: AQHPrLoUFdmBB0mVgk+oxcK2WPmbF5u6hkMA//+4DtA=
Date: Thu, 31 Jul 2014 14:37:04 +0000
Message-ID: <F3ADE4747C9E124B89F0ED2180CC814F23E89092@xmb-aln-x02.cisco.com>
References: <F3ADE4747C9E124B89F0ED2180CC814F23E88A19@xmb-aln-x02.cisco.com> <CAGS6MpBU=3+JwsNCFK=-3JYSknKSHhktpqUhtGrgpuQoQHRP8Q@mail.gmail.com> <CFFFBE99.15F1%acee@cisco.com>
In-Reply-To: <CFFFBE99.15F1%acee@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.21.147.59]
Content-Type: multipart/alternative; boundary="_000_F3ADE4747C9E124B89F0ED2180CC814F23E89092xmbalnx02ciscoc_"
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/rtg-dir/UwLp95-OkL0MxNdBIHxmIbUfNt4
Cc: "rtg-dir@ietf.org" <rtg-dir@ietf.org>, "draft-ietf-karp-bfd-analysis@tools.ietf.org" <draft-ietf-karp-bfd-analysis@tools.ietf.org>, "zhangdacheng@huawei.com" <zhangdacheng@huawei.com>, "all@tools.ietf.org" <all@tools.ietf.org>, "rtg-ads@tools.ietf.org" <rtg-ads@tools.ietf.org>, "mjethanandani@gmail.com" <mjethanandani@gmail.com>
Subject: Re: [RTG-DIR] RtgDir review: draft-ietf-karp-bfd-analysis-04.txt
X-BeenThere: rtg-dir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Routing Area Directorate <rtg-dir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-dir>, <mailto:rtg-dir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtg-dir/>
List-Post: <mailto:rtg-dir@ietf.org>
List-Help: <mailto:rtg-dir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-dir>, <mailto:rtg-dir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Jul 2014 14:37:36 -0000
Manav/Acee - Thanx for the replies. Given that the IETF community at large does not favor use of UTC (as demonstrated by how various protocols have addressed the replay attack issue) AND the fact that at least one of the authors also doesn't favor it there seems little justification for keeping this text in the document. The responses from Manav and Acee advance the case for changing the text - though I am stopping short of saying this is a MUST - largely because as a practical matter the BFD WG seems to have been smart enough (in part because of you Manav) to ignore this recommendation. Les From: Acee Lindem (acee) Sent: Thursday, July 31, 2014 6:47 AM To: manav bhatia; Les Ginsberg (ginsberg) Cc: rtg-dir@ietf.org; draft-ietf-karp-bfd-analysis@tools.ietf.org; zhangdacheng@huawei.com; all@tools.ietf.org; rtg-ads@tools.ietf.org; mjethanandani@gmail.com Subject: Re: [RTG-DIR] RtgDir review: draft-ietf-karp-bfd-analysis-04.txt Hi Manav, I agree with Les though I may have logged this as a major issue. What if the next-hop used to reach your NTP server is validated using authenticated multi-hop BFD? Also, It is seems a bit superficial to recommend usage of UTC for the high order 32 bits of the sequence number without dealing without mentioning the 2038 wrap for the UNIX time. Thanks, Acee From: Manav Bhatia <manav@ionosnetworks.com<mailto:manav@ionosnetworks.com>> Date: Thursday, July 31, 2014 at 8:22 AM To: "Les Ginsberg (ginsberg)" <ginsberg@cisco.com<mailto:ginsberg@cisco.com>> Cc: "rtg-dir@ietf.org<mailto:rtg-dir@ietf.org>" <rtg-dir@ietf.org<mailto:rtg-dir@ietf.org>>, "draft-ietf-karp-bfd-analysis@tools.ietf.org<mailto:draft-ietf-karp-bfd-analysis@tools.ietf.org>" <draft-ietf-karp-bfd-analysis@tools.ietf.org<mailto:draft-ietf-karp-bfd-analysis@tools.ietf.org>>, "zhangdacheng@huawei.com<mailto:zhangdacheng@huawei.com>" <zhangdacheng@huawei.com<mailto:zhangdacheng@huawei.com>>, "all@tools.ietf.org<mailto:all@tools.ietf.org>" <all@tools.ietf.org<mailto:all@tools.ietf.org>>, "rtg-ads@tools.ietf.org<mailto:rtg-ads@tools.ietf.org>" <rtg-ads@tools.ietf.org<mailto:rtg-ads@tools.ietf.org>>, "mjethanandani@gmail.com<mailto:mjethanandani@gmail.com>" <mjethanandani@gmail.com<mailto:mjethanandani@gmail.com>> Subject: Re: [RTG-DIR] RtgDir review: draft-ietf-karp-bfd-analysis-04.txt Hi Les, Thanks for the comments. Minor Issues: I am a little surprised that the use of UTC is emphasized as a means of preventing replay attacks. While this is certainly a viable solution what has been more commonly used by a number of other protocols is reserving a portion of the sequence number for a boot count. In fact this is the way that http://www.ietf.org/id/draft-ietf-bfd-generic-crypto-auth-06.txt has chosen. Yet this document chooses to emphasize UTC encoding. I am the author of the standards that started using the boot count initially as a way to preserve the crypto sequence count. I am not a big fan of UTC and this was suggested as a plausible mechanism that did not appear to be outright loony (especially when you have increased the seq space to 64 bits). Let me put it this way - I wouldnt be baying for blood if the directorate believes that this is a retrogressive step and we need to snip out that section. Nits: 1)The affiliation for one of the authors (Manav) is inconsistent in the header vs the authors addresses section. Will fix this. For the record, i now work for Ionos Networks. 2)In the Introduction the last sentence of the second paragraph reads: "Moving the routing protocols to a stronger algorithm while using weaker algorithm for BFD would require the attacker to bring down BFD in order to bring down the routing protocol. " I think what is meant is that if the BFD authentication algorithm is weaker than that used by the routing protocols it is more likely to be the target of an attack. The phrase "require the attacker..." seems inappropriate. Gotcha. Will fix this. 3)Section 3 last sentence of the penultimate paragraph: s/reply/replay .. and this. 4)Section 6 Second paragraph second sentence s/notion/the notion .. and this as well. Thanks, Manav Thanx. Les
- [RTG-DIR] RtgDir review: draft-ietf-karp-bfd-anal… Les Ginsberg (ginsberg)
- Re: [RTG-DIR] RtgDir review: draft-ietf-karp-bfd-… manav bhatia
- Re: [RTG-DIR] RtgDir review: draft-ietf-karp-bfd-… Acee Lindem (acee)
- Re: [RTG-DIR] RtgDir review: draft-ietf-karp-bfd-… Les Ginsberg (ginsberg)