[secdir] sec-dir review of draft-ietf-avtcore-clksrc-09

Derek Atkins <derek@ihtfp.com> Tue, 21 January 2014 17:32 UTC

Return-Path: <derek@ihtfp.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 088A01A03F1; Tue, 21 Jan 2014 09:32:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 6gvtt2TSJ58C; Tue, 21 Jan 2014 09:32:33 -0800 (PST)
Received: from mail2.ihtfp.org (mail2.ihtfp.org [IPv6:2001:4830:143:1::3a11]) by ietfa.amsl.com (Postfix) with ESMTP id 21EE81A042E; Tue, 21 Jan 2014 09:32:32 -0800 (PST)
Received: from localhost (localhost []) by mail2.ihtfp.org (Postfix) with ESMTP id 77BEEE247C; Tue, 21 Jan 2014 12:32:31 -0500 (EST)
Received: from mail2.ihtfp.org ([]) by localhost (mail2.ihtfp.org []) (amavisd-maia, port 10024) with ESMTP id 20908-10; Tue, 21 Jan 2014 12:32:29 -0500 (EST)
Received: from mocana.ihtfp.org (unknown [IPv6:fe80::224:d7ff:fee7:8924]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id 2B952E246B; Tue, 21 Jan 2014 12:32:29 -0500 (EST)
Received: (from warlord@localhost) by mocana.ihtfp.org (8.14.7/8.14.7/Submit) id s0LHWOLL005539; Tue, 21 Jan 2014 12:32:24 -0500
From: Derek Atkins <derek@ihtfp.com>
To: iesg@ietf.org, secdir@ietf.org
Date: Tue, 21 Jan 2014 12:32:24 -0500
Message-ID: <sjmwqhtnsuv.fsf@mocana.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: Maia Mailguard 1.0.2a
Cc: aidan.williams@audinate.com, hans.stokking@tno.nl, avtcore-chairs@tools.ietf.org, kevin.gross@avanw.com, ray.vanbrandenburg@tno.nl
Subject: [secdir] sec-dir review of draft-ietf-avtcore-clksrc-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jan 2014 17:32:36 -0000


I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

   NTP format timestamps are used by several RTP protocols for
   synchronisation and statistical measurements.  This memo specifies
   SDP signalling identifying timestamp reference clock sources and SDP
   signalling identifying the media clock sources in a multimedia

I see no security concerns with this document.  I believe the security
considerations section explains the ramifications of trusting
unverified clock sources.

Note, there is a typo in the Security Considerations section:

                            Enough devices fraudulently assigned to
   a specific clock source (e.g. a particular IEEE 1588 grandmaster)
   may, however, constitute a successful a denial of service attack on
   that source.

I think this should read "...constitute a successful denial..."  (the
extra "a" between "successful" and "denial" should be removed).


       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant