Re: [RTG-DIR] RtgDir review: draft-ietf-intarea-provisioning-domains-09
Tommy Pauly <tpauly@apple.com> Mon, 06 January 2020 18:04 UTC
Return-Path: <tpauly@apple.com>
X-Original-To: rtg-dir@ietfa.amsl.com
Delivered-To: rtg-dir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5908120957; Mon, 6 Jan 2020 10:04:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7
X-Spam-Level:
X-Spam-Status: No, score=-7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iCzKaLt3wMyM; Mon, 6 Jan 2020 10:04:49 -0800 (PST)
Received: from ma1-aaemail-dr-lapp02.apple.com (ma1-aaemail-dr-lapp02.apple.com [17.171.2.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 20D7E1208A9; Mon, 6 Jan 2020 10:04:47 -0800 (PST)
Received: from pps.filterd (ma1-aaemail-dr-lapp02.apple.com [127.0.0.1]) by ma1-aaemail-dr-lapp02.apple.com (8.16.0.27/8.16.0.27) with SMTP id 006HlJHq000834; Mon, 6 Jan 2020 10:04:45 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apple.com; h=sender : from : message-id : content-type : mime-version : subject : date : in-reply-to : cc : to : references; s=20180706; bh=qzrK5TL9elQnH9X4QGeJC4WbNuym1RZOioWsfsUBq6s=; b=XPgiLPAR6v8kbhDB65MmbbLDHkVq3UVRBaYdu2NJSPvCpqvL6/31eHODM8OczmKwYjXE HL6S6OcWMGYrX2VjyKXTtgxpIoAD4ce58xy8gOPCZDhXzbUxWE49sMdpXKMZSRkHDCU3 T1en/GbZvymGozgHRv0XnlVg7NGWBbiOR3+5pgdLHnC7xBmGrn53sLrajNsP550QvEHq EvJGF5ekFZvGgZE53RYDDfCcLZLmDbsi1SzEjSOCzCCADkoFYwew/9TZCsbL3Wg31aMU 6GKyRiAQATpcxGMi9qSxz/a7lWUQEFn3CPjcPqkCtqVeUwgrWz+OHs1MNLNm/i7V4cs8 TA==
Received: from ma1-mtap-s03.corp.apple.com (ma1-mtap-s03.corp.apple.com [17.40.76.7]) by ma1-aaemail-dr-lapp02.apple.com with ESMTP id 2xar8wg1ug-12 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Mon, 06 Jan 2020 10:04:45 -0800
Received: from nwk-mmpp-sz10.apple.com (nwk-mmpp-sz10.apple.com [17.128.115.122]) by ma1-mtap-s03.corp.apple.com (Oracle Communications Messaging Server 8.0.2.4.20190507 64bit (built May 7 2019)) with ESMTPS id <0Q3P00CBE67U9DB0@ma1-mtap-s03.corp.apple.com>; Mon, 06 Jan 2020 10:04:44 -0800 (PST)
Received: from process_milters-daemon.nwk-mmpp-sz10.apple.com by nwk-mmpp-sz10.apple.com (Oracle Communications Messaging Server 8.0.2.4.20190507 64bit (built May 7 2019)) id <0Q3P00D005NHNV00@nwk-mmpp-sz10.apple.com>; Mon, 06 Jan 2020 10:04:44 -0800 (PST)
X-Va-A:
X-Va-T-CD: 262985928e764bda13614cad47e58a0d
X-Va-E-CD: 5a74260456795fe7c05ccf3413960f60
X-Va-R-CD: 66b91f48ef185abd13f288e19935133d
X-Va-CD: 0
X-Va-ID: 1363652c-5b12-4dff-bad2-c2229637fef7
X-V-A:
X-V-T-CD: 262985928e764bda13614cad47e58a0d
X-V-E-CD: 5a74260456795fe7c05ccf3413960f60
X-V-R-CD: 66b91f48ef185abd13f288e19935133d
X-V-CD: 0
X-V-ID: 79fd4d80-ee61-472d-9fd0-771570849b2d
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2020-01-06_05:,, signatures=0
Received: from [17.234.96.166] by nwk-mmpp-sz10.apple.com (Oracle Communications Messaging Server 8.0.2.4.20190507 64bit (built May 7 2019)) with ESMTPSA id <0Q3P0006Y67VTK50@nwk-mmpp-sz10.apple.com>; Mon, 06 Jan 2020 10:04:44 -0800 (PST)
Sender: tpauly@apple.com
From: Tommy Pauly <tpauly@apple.com>
Message-id: <41BFD9C3-4A42-4955-9DF8-75E25F530876@apple.com>
Content-type: multipart/alternative; boundary="Apple-Mail=_3F2D15A8-3EE2-4EF4-8314-552F28FA2FA1"
MIME-version: 1.0 (Mac OS X Mail 13.0 \(3594.4.17\))
Date: Mon, 06 Jan 2020 10:04:40 -0800
In-reply-to: <03cb01d5b47b$5b63c560$122b5020$@gmail.com>
Cc: rtg-ads@ietf.org, rtg-dir@ietf.org, draft-ietf-intarea-provisioning-domains.all@ietf.org, int-area@ietf.org
To: 7riw77@gmail.com
References: <03cb01d5b47b$5b63c560$122b5020$@gmail.com>
X-Mailer: Apple Mail (2.3594.4.17)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2020-01-06_05:, , signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-dir/ZTYkFac56z-sgrc7f2lF4eBFMTo>
Subject: Re: [RTG-DIR] RtgDir review: draft-ietf-intarea-provisioning-domains-09
X-BeenThere: rtg-dir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Routing Area Directorate <rtg-dir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-dir>, <mailto:rtg-dir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-dir/>
List-Post: <mailto:rtg-dir@ietf.org>
List-Help: <mailto:rtg-dir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-dir>, <mailto:rtg-dir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jan 2020 18:04:52 -0000
Hi Russ, Thanks for your review! We've posted a new -10 version (https://tools.ietf.org/html/draft-ietf-intarea-provisioning-domains-10) that should address your comments. > On Dec 16, 2019, at 5:43 PM, 7riw77@gmail.com wrote: > > Hello, > > I have been selected as the Routing Directorate reviewer for this draft. The Routing Directorate seeks to review all routing or routing-related drafts as they pass through IETF last call and IESG review, and sometimes on special request. The purpose of the review is to provide assistance to the Routing ADs. For more information about the Routing Directorate, please see http://trac.tools.ietf.org/area/rtg/trac/wiki/RtgDir <http://trac.tools.ietf.org/area/rtg/trac/wiki/RtgDir> > > Although these comments are primarily for the use of the Routing ADs, it would be helpful if you could consider them along with any other IETF Last Call comments that you receive, and strive to resolve them through discussion or by updating the draft. > > Document: draft-ietf-intarea-provisioning-domains-09 > Reviewer: Russ White > Review Date: 16 December 2019 > Intended Status: Standards Track > > Summary: > > I have some minor concerns about this document that I think should be resolved before publication. > > Comments: > > The draft is very readable, explaining the problems being addressed, the various options, and the solution in clear and precise language. > > Major Issues: > > No major issues found. > > Minor Issues: > > This is really more of a possible addition rather strictly being an issue. Section 3.4.4 notes the importance of not allowing DNS queries for PvD information to leak into recursive DNS servers. There are security issues here that are not mentioned, but might be worth mentioning. Specifically, if a DNS query for PvD information is somehow leaked into the recursive DNS system, it could reveal information about the querying hosts which could present a security breach. > > This would just be another reason to be added to this section as justification, and potentially added to the security considerations section. We've added some text here that specifically calls out the concern for leaking the resolution of the PvD Additional Information server name itself, with a reference to section 4.1 that also has text requiring that the query be performed to the PvDs resolver. We've also added a new paragraph to the Privacy Considerations section mentioning this concern. > > A second area to consider here is that it might be good to mention having a filter or mechanism on the implementing router that allows the user to configure filtering PvD information so it is only ever transmitted to attached hosts. It may be that some outside attacker could use this information to find attack surfaces or do network discovery to prepare for an attack, so it might be best to allow the user to keep this information "private" to only the intended recipients in some way or another. The network operator shouldn't really be using this information to query PvD information, but rather should be using some management interface, so this should not impair it's use in any way. This may be covered in section 7, but it might need to be a bit more explicit (?). Thanks for the suggestion! We added a paragraph to the Privacy Considerations to make this filtering a SHOULD. Best, Tommy > > /r