[secdir] Review of draft-ietf-pce-lsp-control-request-07

Shawn Emery <shawn.emery@gmail.com> Mon, 19 August 2019 00:47 UTC

Return-Path: <shawn.emery@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id BE0B712009C; Sun, 18 Aug 2019 17:47:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id M4-0rDTyzc4U; Sun, 18 Aug 2019 17:47:57 -0700 (PDT)
Received: from mail-ed1-x536.google.com (mail-ed1-x536.google.com [IPv6:2a00:1450:4864:20::536]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B1C6112007A; Sun, 18 Aug 2019 17:47:53 -0700 (PDT)
Received: by mail-ed1-x536.google.com with SMTP id z51so105015edz.13; Sun, 18 Aug 2019 17:47:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=a2K/lBsJD799OmfrYgEUyE560WiB/D1XGsNRBrp5Vfo=; b=SkeTXefx2kPdYqQ9kz54gzKWgYqkcvSczAW5aqNr4Of5I2daXOh8Q0EKFHX/gvceY2 PCFLdInetWEDJKAHn5dbyiBi+p6BAe9Y3k/VtBHNuj8VxqM6DRa5k2nNI0hFrWPv/pyg QYpPRTIxlvYSjvYFVt4necC3scSe+cmvqJYxgimf1blTgZrn38j7Sip+pLv0+DlpG4B2 sjrsLKXxqCubdUPg5xGWxGl1fp1wAXmfUNWRRvuS4cMvTU9hmXxOYcACa+g/JNhpkBUt YhHXuBCtuEfqMpig8goqAWgiKg75zgSIfPunnjAGE+5UvG3oGl7x80gn3FnslpEx9QZx UtZw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=a2K/lBsJD799OmfrYgEUyE560WiB/D1XGsNRBrp5Vfo=; b=C1p5TykQHq5BDTNeTIFb5pnc8T/QBe7BqrFxNiI1yvJt3mNCxk7NMJkY8FmtOPJ01r g+RIxQRTC24mK55TFcoewrleNFW0nxH45C1zyNGRzm2V3KQppfMSxHte4yDy2stfbxtW 8phzsop1klYuEsuRf7u04spNOa8xzGdko80sSbEDCoK1TLVHFu3am1rWMYcnWMGJF3Je QhcP2CXin7fdeyScebmSGH27+CKo8yIXE1SP55yMf6PW2AGGPQuYUKVt4GNSIMO7rrJM +YceLHZ4HYN673sw0OnsY2I7luNM5qoqMpTMx/fp3cmDPmYgG9GCMOZnb7GdtKZ8iXOb Ufdg==
X-Gm-Message-State: APjAAAV1gW/ydEE6HkdjiNkEt7k1lbtGKcLIy6RnpPc32rQxsCdAJysO PteiXcjSa3KOBYwxweWc0b9A69TqRY75v3lmNu3MoNIi
X-Google-Smtp-Source: APXvYqwJeBVBB1z84j/OF8NyKIMKJnWWvLzpmx2JZ0FpXaoO+0emxTzNSbsiMrqs96dxrAgLU93fVsy5+Xe55P5vj3M=
X-Received: by 2002:a50:a48a:: with SMTP id w10mr22820761edb.1.1566175671900; Sun, 18 Aug 2019 17:47:51 -0700 (PDT)
MIME-Version: 1.0
From: Shawn Emery <shawn.emery@gmail.com>
Date: Sun, 18 Aug 2019 18:47:40 -0600
Message-ID: <CAChzXmauwuia34m8wVM4T8+_hB6dOWOsXdjB9E1HUc7H+GKc2g@mail.gmail.com>
To: secdir@ietf.org, draft-ietf-pce-lsp-control-request.all@ietf.org
Cc: Shawn Emery <semery@uccs.edu>
Content-Type: multipart/alternative; boundary="000000000000945e8605906db0c9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/6KKCzY-jLuOYHE842nFTyPaIMW0>
Subject: [secdir] Review of draft-ietf-pce-lsp-control-request-07
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Aug 2019 00:47:59 -0000

Reviewer: Shawn M. Emery
Review result: Ready

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors. Document editors and WG chairs should treat these
comments just like any other last call comments.

This draft specifies an extension to the Path Computation Element
Protocol (PCE) that allows a PCE to request control of Label Switched Paths

The security considerations section does exist and discusses a new DoS
that this draft creates.  The attack involves sending control requests for
control of all of its LSPs to the Path Computation Client (PCC).  The
solution is to set a threshold rate of the delegation requests for the PCC
per PCE.
I agree with the proposed solution, though I don't know if guidance can be
on what these thresholds would be per environment.

The section goes on to refer to RFC 8231 to justify that the PCP extension
be deployed with authenticated and encrypted sessions in TLS using RFC 8253.
I agree with this prescription as well else an attacker would now be able
to take
control over all local LSPs with this extension.  I think that this should
at least be
stated if an attacker is able to compromise a PCE.

General comments:


Editorial comments:

s/sends PCRpt/sends a PCRpt/
s/also specify/also specifies/
s/all its/all of its/
s/If threshold/If the threshold/
s/explicitly set aside/explicitly excluded/