[secdir] Security review of draft-ietf-rmcat-wireless-tests-08
"Hilarie Orman" <hilarie@purplestreak.com> Tue, 21 January 2020 06:21 UTC
Return-Path: <hilarie@purplestreak.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 26E00120071; Mon, 20 Jan 2020 22:21:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZkHACpsuAB4u; Mon, 20 Jan 2020 22:21:17 -0800 (PST)
Received: from out03.mta.xmission.com (out03.mta.xmission.com [166.70.13.233]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E8B0112006E; Mon, 20 Jan 2020 22:21:16 -0800 (PST)
Received: from in01.mta.xmission.com ([166.70.13.51]) by out03.mta.xmission.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from <hilarie@purplestreak.com>) id 1itmuZ-0007CW-DA; Mon, 20 Jan 2020 23:21:15 -0700
Received: from [166.70.232.207] (helo=rumpleteazer.rhmr.com) by in01.mta.xmission.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.87) (envelope-from <hilarie@purplestreak.com>) id 1itmuY-0004ah-H2; Mon, 20 Jan 2020 23:21:15 -0700
Received: from rumpleteazer.rhmr.com (localhost [127.0.0.1]) by rumpleteazer.rhmr.com (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id 00L6JdEw025428; Mon, 20 Jan 2020 23:19:39 -0700
Received: (from hilarie@localhost) by rumpleteazer.rhmr.com (8.14.4/8.14.4/Submit) id 00L6JdAc025427; Mon, 20 Jan 2020 23:19:39 -0700
Date: Mon, 20 Jan 2020 23:19:39 -0700
Message-Id: <202001210619.00L6JdAc025427@rumpleteazer.rhmr.com>
From: Hilarie Orman <hilarie@purplestreak.com>
Reply-To: Hilarie Orman <hilarie@purplestreak.com>
To: iesg@ietf.org, secdir@ietf.org
Cc: draft-ietf-rmcat-wireless-tests.all@tools.ietf.org
X-XM-SPF: eid=1itmuY-0004ah-H2; ; ; mid=<202001210619.00L6JdAc025427@rumpleteazer.rhmr.com>; ; ; hst=in01.mta.xmission.com; ; ; ip=166.70.232.207; ; ; frm=hilarie@purplestreak.com; ; ; spf=none
X-XM-AID: U2FsdGVkX19ByW0nQgL6N1nDTIgiiSMm
X-SA-Exim-Connect-IP: 166.70.232.207
X-SA-Exim-Mail-From: hilarie@purplestreak.com
X-Spam-DCC: XMission; sa06 1397; Body=1 Fuz1=1 Fuz2=1
X-Spam-Combo: ***;iesg@ietf.org, secdir@ietf.org
X-Spam-Relay-Country:
X-Spam-Timing: total 563 ms - load_scoreonly_sql: 0.04 (0.0%), signal_user_changed: 3.1 (0.5%), b_tie_ro: 2.2 (0.4%), parse: 0.73 (0.1%), extract_message_metadata: 3.3 (0.6%), get_uri_detail_list: 0.93 (0.2%), tests_pri_-1000: 2.7 (0.5%), tests_pri_-950: 1.42 (0.3%), tests_pri_-900: 1.15 (0.2%), tests_pri_-90: 18 (3.2%), check_bayes: 16 (2.9%), b_tokenize: 4.8 (0.9%), b_tok_get_all: 5 (0.9%), b_comp_prob: 1.97 (0.3%), b_tok_touch_all: 2.4 (0.4%), b_finish: 0.66 (0.1%), tests_pri_0: 520 (92.5%), check_dkim_signature: 0.46 (0.1%), check_dkim_adsp: 215 (38.2%), poll_dns_idle: 209 (37.1%), tests_pri_10: 2.9 (0.5%), tests_pri_500: 7 (1.2%), rewrite_mail: 0.00 (0.0%)
X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600)
X-SA-Exim-Scanned: Yes (on in01.mta.xmission.com)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/-x7K00OlaQGT66AgPi-hXm1I-sk>
Subject: [secdir] Security review of draft-ietf-rmcat-wireless-tests-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jan 2020 06:21:24 -0000
Security review of Evaluation Test Cases for Interactive Real-Time Media over Wireless Networks draft-ietf-rmcat-wireless-tests-08 Do not be alarmed. I generated this review of this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written with the intent of improving security requirements and considerations in IETF drafts. Comments not addressed in last call may be included in AD reviews during the IESG review. Document editors and WG chairs should treat these comments just like any other last call comments. The focus of this document is the definition of test cases that can be used evaluate congestion control algorithms for cellular and Wi-Fi networks. If the testing is done on isolated testbed networks, there are are few, if any, security considerations. The Security Considerations section mentions safeguards to avoid "congestion collapse of the Internet" and "leaking non-responsive traffic from unproven congestion avoidance techniques onto the open Internet". The former seems overly general (shouldn't all IETF protocols strive to avoid breaking the Internet?), and I am not at all sure what the latter means. I would recommend that test setups use passwords and keys that are specific to the test environment, but that is a generic recommendation for all test environments. It is probably not needed in this document. Hilarie
- [secdir] Security review of draft-ietf-rmcat-wire… Hilarie Orman
- Re: [secdir] Security review of draft-ietf-rmcat-… Mirja Kuehlewind