Re: [secdir] Secdir review of draft-ietf-sidr-bgpsec-threats-06
"Joseph Salowey (jsalowey)" <jsalowey@cisco.com> Wed, 02 October 2013 00:32 UTC
Return-Path: <jsalowey@cisco.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 498921F0ED6; Tue, 1 Oct 2013 17:32:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.599
X-Spam-Level:
X-Spam-Status: No, score=-110.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XEFQXuE68d8V; Tue, 1 Oct 2013 17:32:45 -0700 (PDT)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) by ietfa.amsl.com (Postfix) with ESMTP id DE2E61F0D1A; Tue, 1 Oct 2013 17:32:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2520; q=dns/txt; s=iport; t=1380673965; x=1381883565; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=XqMJP0soofef0BbNInNexvLO+/DQs1LLTFzCojUTjDw=; b=We5dCJwNajgwFpOf6VWOctt0Nwk31H1Nhw1ndaNLGIWdr1zxrFDuSeGq m9VFj9xvWhzjnCIBsQX4Lbn2YEgxYmNM6WCXrt11Gb6q1C1bRV4EvkunS NzMtHTGi7PruxA62up2w9EHKzx/JmsJwKQYfVFSKSj6KRKOue3iuxfylt A=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AhAFAF9oS1KtJXG//2dsb2JhbABYgweBCsEMgSoWdIIlAQEBAwF5BQsCAQgiJDIlAgQOBQiHeAa9RY8eAjEHgx+BAwOJAaB4gySCKg
X-IronPort-AV: E=Sophos;i="4.90,1016,1371081600"; d="scan'208";a="266956969"
Received: from rcdn-core2-4.cisco.com ([173.37.113.191]) by rcdn-iport-6.cisco.com with ESMTP; 02 Oct 2013 00:32:44 +0000
Received: from xhc-rcd-x15.cisco.com (xhc-rcd-x15.cisco.com [173.37.183.89]) by rcdn-core2-4.cisco.com (8.14.5/8.14.5) with ESMTP id r920Wi6v016231 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 2 Oct 2013 00:32:44 GMT
Received: from xmb-rcd-x09.cisco.com ([169.254.9.23]) by xhc-rcd-x15.cisco.com ([173.37.183.89]) with mapi id 14.02.0318.004; Tue, 1 Oct 2013 19:32:43 -0500
From: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
To: Stephen Kent <kent@bbn.com>
Thread-Topic: [secdir] Secdir review of draft-ietf-sidr-bgpsec-threats-06
Thread-Index: AQHOuOtQNP014ejpdES76SMyLe+X85ne2RaAgAIWtAA=
Date: Wed, 02 Oct 2013 00:32:43 +0000
Message-ID: <A95B4818FD85874D8F16607F1AC7C628F00847@xmb-rcd-x09.cisco.com>
References: <A95B4818FD85874D8F16607F1AC7C628EA86FF@xmb-rcd-x09.cisco.com> <5249A91F.6020003@bbn.com>
In-Reply-To: <5249A91F.6020003@bbn.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.33.248.127]
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <06B1CFA6B1161E41A4C1D6C79A184512@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: The IESG <iesg@ietf.org>, "draft-ietf-sidr-bgpsec-threats-06.all@tools.ietf.org" <draft-ietf-sidr-bgpsec-threats-06.all@tools.ietf.org>, "<secdir@ietf.org>" <secdir@ietf.org>
Subject: Re: [secdir] Secdir review of draft-ietf-sidr-bgpsec-threats-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Oct 2013 00:32:57 -0000
On Sep 30, 2013, at 9:38 AM, Stephen Kent <kent@bbn.com> wrote: > Joe, > >> Some issues: >> >> 1. I found it difficult to link the threats in section 3 to the attacks in section 4. This is more of a consistency of terminology issue and is probably just a nit. > There is not 1-to-1 correspondence between threats and attacks. So, for each attacks in > Section 4, there may be more than one threat that is motivated and capable of effecting > the attack. [Joe] OK >> 2. The attacks in sections 4.1, 4.2, and 4.3 seem to be largely discounted as out of scope, yet they seem to impact the goals of PATHSEC. Is it assumed that there are countermeasures in place such as link protection between RGP peers? If other countermeasures besides PATHSEC are expected to be in place this should probably be mentioned in the security considerations. > The text in 4.1, 4.2, and 4.3 does not say that those attacks are out of scope. In 4.1, > there is little text because the attacks are not specific to the RPKI/PATHSEC context. > Countermeasures are generic for IP and TCP layer attacks, as noted in the requirements > doc. In 4.2 and 4.3 we give a number of examples of these classes of attacks, which > is what this doc is intended to do. (Recall, it is not a requirements doc.) [Joe] OK >> 3. I found the argument against not including 'route leakage' a bit weak since the documents seems to be able to define what it means. Wouldn't 'route leakage' be a mechanism to realize one or more of the threats in section 3? > There is not yet an accepted definition of route leak that represents a violation of BGP > specs. The GROW WG is supposed to look into this issue. If it develops a suitable proposal, then IDR may elect to modify the BGP spec to address the concern. If IDR does so, SIDR's charter could be modified to develop countermeasures for the concern. But, for now, this is out of scope. So I disagree with the comment that the argument is weak. Also, your use of the term "threat" in the last sentence above is not consistent with the way the term is defined and used in Section 3; you seem to have switched "threat" and "attack" as well as section numbers. > [Joe] As long as the issue is not being dropped then much of my concern is addressed. If it turns out to be something of concern to BGP then mechanisms can be modified or developed to address it. > Steve
- [secdir] Secdir review of draft-ietf-sidr-bgpsec-… Joseph Salowey (jsalowey)
- Re: [secdir] Secdir review of draft-ietf-sidr-bgp… Stephen Kent
- Re: [secdir] Secdir review of draft-ietf-sidr-bgp… Joseph Salowey (jsalowey)