[secdir] Secdir review of draft-ietf-dime-ovli

"Paul Hoffman" <paul.hoffman@vpnc.org> Fri, 24 July 2015 14:30 UTC

Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 786AF1A1ABF for <secdir@ietfa.amsl.com>; Fri, 24 Jul 2015 07:30:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.053
X-Spam-Status: No, score=0.053 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, HELO_MISMATCH_COM=0.553] autolearn=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 43CCK-JBhS0Z for <secdir@ietfa.amsl.com>; Fri, 24 Jul 2015 07:30:27 -0700 (PDT)
Received: from hoffman.proper.com (Opus1.Proper.COM []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 963FD1A1A82 for <secdir@ietf.org>; Fri, 24 Jul 2015 07:30:27 -0700 (PDT)
Received: from [] (chwl001.hbnet.cz [] (may be forged)) (authenticated bits=0) by hoffman.proper.com (8.15.1/8.14.9) with ESMTPSA id t6OEUPrk019723 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <secdir@ietf.org>; Fri, 24 Jul 2015 07:30:26 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
X-Authentication-Warning: hoffman.proper.com: Host chwl001.hbnet.cz [] (may be forged) claimed to be []
From: "Paul Hoffman" <paul.hoffman@vpnc.org>
To: secdir <secdir@ietf.org>
Date: Fri, 24 Jul 2015 16:30:25 +0200
Message-ID: <F9066F07-294E-4CD4-83C5-C59949D981DF@vpnc.org>
MIME-Version: 1.0
Content-Type: text/plain; format=flowed
X-Mailer: MailMate (1.9.1r5084)
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/2cyoWx9QzPm22Xvk0FNUvIEJKCA>
Subject: [secdir] Secdir review of draft-ietf-dime-ovli
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jul 2015 14:30:29 -0000

Greetings again. This document, "Diameter Overload Indication 
Conveyance", is a way for a Diameter server in a cluster to tell other 
servers in the cluster "don't send so many requests to me". It is pretty 
complex and fiddly, but seems sensible. The security considerations are 
numerous, but fairly well covered in the extensive Security 
Considerations section.

Note that there is not much that can really be done here to address the 
biggest concern of spoofing. As the document says:

    Diameter does not include features to provide end-to-end
    authentication, integrity protection, or confidentiality.  This may
    cause complications when sending overload reports between non-
    adjacent nodes.

(Nice use of "may" there...) So, there isn't much that can be demanded 
of this document without some obvious controls. Still, the Security 
Considerations section covers the likely attacks and problems.

--Paul Hoffman