IETF Logo Mail Archive

Re: [secdir] [Detnet] Secdir last call review of draft-ietf-detnet-mpls-05

"Black, David" <David.Black@dell.com> Tue, 17 March 2020 14:26 UTC

Return-Path: <David.Black@dell.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 087CE3A0832; Tue, 17 Mar 2020 07:26:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.088
X-Spam-Level:
X-Spam-Status: No, score=-2.088 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=dell.com header.b=gYobrsGK; dkim=pass (1024-bit key) header.d=dell.onmicrosoft.com header.b=mHrbZ24Y
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1qPcdXJE3bcN; Tue, 17 Mar 2020 07:26:12 -0700 (PDT)
Received: from mx0a-00154904.pphosted.com (mx0a-00154904.pphosted.com [148.163.133.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1E6283A082E; Tue, 17 Mar 2020 07:26:12 -0700 (PDT)
Received: from pps.filterd (m0170389.ppops.net [127.0.0.1]) by mx0a-00154904.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 02HELEYh008616; Tue, 17 Mar 2020 10:26:11 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dell.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=smtpout1; bh=OuvJNw1eP4w3X/bgnPv7VdSAuIZI0ygUUVTg3WK7/Fo=; b=gYobrsGKhsve4pkcfRtkyk1IUR31vs6WZQXkk673+0bdSQGGdKJ3bTMmcAU6SG+/1T1F UApyITDJL5oOMIUAUczehb4uUuBXMc1H8ePrnbP9CXwX85W5LuLRpXlQ9ZYDc1K9rfvs sEt7Zqb9gvVKReSoXXZDfjgF/xJwCMF10TVbnGastfaRf4BJLhU1meWGcFVp7ynTw76C IPd0QlJsM0bDQUP8p/6w+nK7a35oHOATizjgx9KACdAo6dFsTr69oDN+1Xs0T7gDqcxq NBXKh7BlC59/LPs4KWCMXFzcTawChKDzYmX8DNNWRMFFDWdtSt+d0QahkKUM8DTJSsCc WA==
Received: from mx0b-00154901.pphosted.com (mx0b-00154901.pphosted.com [67.231.157.37]) by mx0a-00154904.pphosted.com with ESMTP id 2yru9jr8ju-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 17 Mar 2020 10:26:10 -0400
Received: from pps.filterd (m0144103.ppops.net [127.0.0.1]) by mx0b-00154901.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 02HE9rfj043573; Tue, 17 Mar 2020 10:26:09 -0400
Received: from nam12-mw2-obe.outbound.protection.outlook.com (mail-mw2nam12lp2045.outbound.protection.outlook.com [104.47.66.45]) by mx0b-00154901.pphosted.com with ESMTP id 2yrstacg8j-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 17 Mar 2020 10:26:09 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WQVfdgp40w9oGyKqrjtBUFL4CEHeGuTrmVmyqrxJfIu1nK4TAdW7e41iOioaQLHwjjHMmCckNt/sYO0JVtP32NVXbsGwqjAtZJL9AimdxrByG1yY16U8GtsHpSfoAJpNxt+NsLtPpo/0B4SgGOM/vEhb+YBtemqCcnw37nFazaoXDkYWCi4FMlgZq+9V/gyoChGxzs6hekTZyRPyjTSr4OZ9t/X+lx95jozctM4KHxuPRBWzbY5G/cu/ANqhtf7kOm6lbvyY4rFDYCrJ/hcF0rpx0j1Oc1eauc39FhiHWQI31tjfQUX1ye0PGNxhsWHkTtXSq4zlNr+A3/aDVBYVvw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;bh=OuvJNw1eP4w3X/bgnPv7VdSAuIZI0ygUUVTg3WK7/Fo=; b=Ami3WaOMqVADYOsSBRRes2b+26G4ice2M6qAft5wvLzoGeFB0ssqY3k4uGb5iJJFwuTNT6TMisv7xYClqClvpoSEPLhlY5alYSxi9oBjdXEIzUxDlFnZQmgI4prQK0Eo8ucLS//Y25ybxz8UqPIa+VZfc8ZHEHx4enQKyjrNaXmSt9ujEgAw2nyq2GmOJ30aPmqGh5WUmoD3XR/KaFT9fX1YdFIMTLVTyPxnjE7sTc1dyx3ob9My4qUqkZW47yALDdInhwoysFMrnyuU2DpQfwPi+JKBwt1CSauCASqjAjvAipMVyGPy8g7WyoJtGTH/FHWXv7o+tsEjZs1uyS8sqQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=dell.com; dmarc=pass action=none header.from=dell.com; dkim=pass header.d=dell.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Dell.onmicrosoft.com; s=selector1-Dell-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OuvJNw1eP4w3X/bgnPv7VdSAuIZI0ygUUVTg3WK7/Fo=; b=mHrbZ24YWnLkHYOkjrCLNjLBNmnAuKkozpmNfA8V5XPlC/CX8RGgVpKyGJrzmtRZqc4O6gTT/qSOJuWbCxis0EizFAWE0m1NNGSpJDVHq9H6dL0L9cXJxhHxdXimM5pYOkINyAElib7aKyibPPhgNbAU9buvLEsQ5lAzNpnVj04=
Received: from MN2PR19MB4045.namprd19.prod.outlook.com (2603:10b6:208:1e4::9) by MN2PR19MB4111.namprd19.prod.outlook.com (2603:10b6:208:1e6::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2814.21; Tue, 17 Mar 2020 14:26:05 +0000
Received: from MN2PR19MB4045.namprd19.prod.outlook.com ([fe80::8d12:8a24:ccb2:b2bd]) by MN2PR19MB4045.namprd19.prod.outlook.com ([fe80::8d12:8a24:ccb2:b2bd%3]) with mapi id 15.20.2814.021; Tue, 17 Mar 2020 14:26:05 +0000
From: "Black, David" <David.Black@dell.com>
To: Lou Berger <lberger@labn.net>, Uri Blumenthal <uri@mit.edu>
CC: secdir <secdir@ietf.org>, "rtg-ads@ietf.org" <rtg-ads@ietf.org>, Watson Ladd <watsonbladd@gmail.com>, "draft-ietf-detnet-mpls.all@ietf.org" <draft-ietf-detnet-mpls.all@ietf.org>, Stewart Bryant <stewart.bryant@gmail.com>, "<sec-ads@ietf.org>" <sec-ads@ietf.org>, DetNet WG <detnet@ietf.org>, "Black, David" <David.Black@dell.com>
Thread-Topic: [Detnet] [secdir] Secdir last call review of draft-ietf-detnet-mpls-05
Thread-Index: AQHV+xtp7w5BDHT69kClfjdrlTdzvKhLBnsAgAAec4CAABtoAIAABQwAgAABIwCAAB/vAIAAJP2AgAAYUACAARhTgIAAGoLA
Date: Tue, 17 Mar 2020 14:26:05 +0000
Message-ID: <MN2PR19MB404529C87F0765CDA8D202D583F60@MN2PR19MB4045.namprd19.prod.outlook.com>
References: <a8dfd766-7770-0baa-7ec7-bd844f769716@labn.net> <73942657-B55A-431F-AB55-444C3C587AE1@mit.edu> <d6b84f92-cf52-dfcd-3148-49cd260c2531@labn.net> <CE2A9856-0663-4576-B248-0D5FD1189815@mit.edu> <c0fb4878-4631-ea83-cdcf-3ccc5fcf7c4a@labn.net>
In-Reply-To: <c0fb4878-4631-ea83-cdcf-3ccc5fcf7c4a@labn.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_17cb76b2-10b8-4fe1-93d4-2202842406cd_Enabled=True; MSIP_Label_17cb76b2-10b8-4fe1-93d4-2202842406cd_SiteId=945c199a-83a2-4e80-9f8c-5a91be5752dd;MSIP_Label_17cb76b2-10b8-4fe1-93d4-2202842406cd_Owner=david.black@emc.com; MSIP_Label_17cb76b2-10b8-4fe1-93d4-2202842406cd_SetDate=2020-03-17T14:23:39.8221899Z; MSIP_Label_17cb76b2-10b8-4fe1-93d4-2202842406cd_Name=External Public; MSIP_Label_17cb76b2-10b8-4fe1-93d4-2202842406cd_Application=Microsoft Azure Information Protection; MSIP_Label_17cb76b2-10b8-4fe1-93d4-2202842406cd_Extended_MSFT_Method=Manual; aiplabel=External Public
x-originating-ip: [72.74.71.221]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 6016c16a-a58c-4fcb-630b-08d7ca7f20cb
x-ms-traffictypediagnostic: MN2PR19MB4111:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <MN2PR19MB4111BC1D1B85999C7C274C9683F60@MN2PR19MB4111.namprd19.prod.outlook.com>
x-exotenant: 2khUwGVqB6N9v58KS13ncyUmMJd8q4
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0345CFD558
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(376002)(346002)(366004)(39860400002)(396003)(136003)(199004)(26005)(107886003)(30864003)(786003)(316002)(4326008)(52536014)(8676002)(81166006)(81156014)(5660300002)(71200400001)(9326002)(33656002)(6506007)(8936002)(2906002)(53546011)(7696005)(66446008)(66476007)(66946007)(76116006)(66556008)(64756008)(86362001)(186003)(478600001)(55016002)(54906003)(110136005)(966005)(9686003); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR19MB4111; H:MN2PR19MB4045.namprd19.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1;
received-spf: None (protection.outlook.com: dell.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Y4rVLhEItjBWWe7DEkisx6smQTknW6LzlC+XWV7vt8z3jSoZwqei73zPNVlaqpt9uycrgucAeXsNhSrVqvkqB4Yz5SIrj35lYRTv3l6u9n+wcxGNjgbHSpRUOf7Fe9NgeczSQ9BSLWAU1H3Iy3ArIPKhVwxcd0cihquaJ0Ap+Fy8U4cWkJn3UwjSSwHwVcw8o5OqTmpAidZSZbWC/RQlzSE2dchwkiEOHwHMU6RcFbKMsiI3pVvpnwA/FgC/iAcLwKsCNiAId2hSf9nob1ghcsJxxLS2byMjs1hzqNwBmMBtT2tZ7Blb4Mqm9e5ADCCRN+zsN8PLdV3H0O9lMadRfbYOvGP74fdJ/9burNGa2Sh7W20pC4es0dloE7uq1r25K9AuGqPcGEFNQz7dCz8iRg0yPFpz4cJ8R/JGDylRW5EO7fnxCp5PD3O7c3byaKv09PNPiUOJQlhGTjOKqZcPsWxzzfRQW8diZh/tTkTkoAymqbs27Q+QZN0oJj5Q25Vz/pmROvdIhue5niunr0x+8A==
x-ms-exchange-antispam-messagedata: E3aItv2d0Rv6srl5mwexgdbpJCQ1VwCMpwgVGNnkO7uu19KZfBBTFV25zKjPMXbTzYGwJUP6KzrOFklk0s1K4fyB8Xw5ZLjTkLiPb4lf8RAENJmYHp09kHaJRqBJkx0uy90bsW5MO08mVOm/t13jxw==
Content-Type: multipart/alternative; boundary="_000_MN2PR19MB404529C87F0765CDA8D202D583F60MN2PR19MB4045namp_"
MIME-Version: 1.0
X-OriginatorOrg: Dell.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6016c16a-a58c-4fcb-630b-08d7ca7f20cb
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Mar 2020 14:26:05.4180 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 945c199a-83a2-4e80-9f8c-5a91be5752dd
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: bzUiAXVLS03rvkYUAkWiwGKG2POQ52lgQAHDe7nmfe070qoJqst0dW7A+kTMO1cCgcBZC9KICCttbNiQEtxvrA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR19MB4111
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.645 definitions=2020-03-17_05:2020-03-17, 2020-03-17 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 spamscore=0 clxscore=1011 mlxlogscore=999 malwarescore=0 priorityscore=1501 lowpriorityscore=0 suspectscore=0 bulkscore=0 mlxscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2003170061
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 impostorscore=0 lowpriorityscore=0 malwarescore=0 phishscore=0 adultscore=0 suspectscore=0 bulkscore=0 priorityscore=1501 spamscore=0 mlxscore=0 mlxlogscore=999 clxscore=1015 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2003170061
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/2NLl2yRGU-mkPbPnc5_QDIH5jY4>
Subject: Re: [secdir] [Detnet] Secdir last call review of draft-ietf-detnet-mpls-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Mar 2020 14:26:17 -0000

Hi Lou,

Weighing in late in the discussion ... trying to make a positive contribution ...

>> If the authors, however, believe this - their analysis (put in the Security Considerations section) should show why there are no new exposures.
>> It doesn’t have to be lengthy - but it does have to make sense.

> This is a good solution -- in other words, I do think it's fair to add something on this to the section.  I suspect it will be at most two sentences.
Two important differences between DetNet and MPLS are that DetNet uses a fraction of the resources of the MPLS data plane and DetNet has rather tight timing requirements.  By comparison to ordinary MPLS, that combination reduces the effort requires to overwhelm the DetNet forwarding resources and increases the ability to do serious damage (to DetNet service, not MPLS overall) at relatively low levels of overload.

My initial hunch is that Stewart is correct that MPLS’s existing resistance to denial of service attacks suffices for DetNet without additional measures, but a brief explanation of why would be a good thing to add to this draft.

Thanks, --David

From: detnet <detnet-bounces@ietf.org> On Behalf Of Lou Berger
Sent: Tuesday, March 17, 2020 8:40 AM
To: Uri Blumenthal
Cc: secdir; rtg-ads@ietf.org; Watson Ladd; draft-ietf-detnet-mpls.all@ietf.org; Stewart Bryant; <sec-ads@ietf.org>; DetNet WG
Subject: Re: [Detnet] [secdir] Secdir last call review of draft-ietf-detnet-mpls-05


[EXTERNAL EMAIL]

Hi,
On 3/16/2020 3:56 PM, Uri Blumenthal wrote:
On Mar 16, 2020, at 14:29 , Lou Berger <lberger@labn.net<mailto:lberger@labn.net>> wrote:

If indeed, as Stewart says, detnet does not add any security considerations to those already described in the MPLS documents - the draft should state so explicitly. Though I personally find it hard to believe.
What is an "obvious common sense" for you and Stewart, may not be so obvious to other readers.

As a note to others, it is expected that RFC authors do perform a comprehensive security analysis, and document their findings in the Security Considerations section. I thought that was obvious.
I think either we agree or that the words "a comprehensive security analysis" is the source of a disconnect.  My view is that the such analysis is a *delta* analysis for previous IETF work/RFCs.
Yes, it should be a *comprehensive* analysis of the possible security impacts that the *changes* introduce.

I.e., in general, when you add some capability, you describe

  *   What your security assumptions are - what kind of access you assume your adversary can or cannot have.
  *   How your added capability impacts/changes the existing security posture (and what you assume that posture is/was) - new attack surface(s), etc.
  *   What of the newly-introduced stuff may require protection, and what kind of protection (should stay secret, no problem if disclosed but a big deal if modified, etc).
  *   How you recommend protecting the above.

The reader should learn what new requires protection, ideally - why, and probably, how. But (IMHO) saying “just use TLS” is not nearly good enough - it doesn’t tell me what I’m trying to protect, and why (what harm could come if left unprotected).

explaining why a security mechanism is needed seems reasonable to me.



Certainly authors should reference the prior work/RFCs that are needed to understand the analysis, but they need not (even should not) rehash all the material form this existing work -- only what has changed.
Correct. BTW, by “reference” I mean stating what concepts from those RFCs apply.


so you want to repeat all the concepts from prior work/rfcs?  This makes little sense to me as it means the likely introduction of differences and errors from the original work.  Pointers to the relevant work/sections seem right to me as the implementations are going to have to support the prior work in any case.
Does this match your expectation or do you expect something different?  If so, what do you expect?
I think it does, with the above caveat ;).

We may nit-argue about what “rehashing existing work” means.

Referring the reader to go to RFC XXXX for details on specific concerns/issues/etc is fine. We wouldn’t be able to operate if every RFC had to be self-contained, and included everything related.

very happy we agree on this key point.
But you should tell the reader why you’re referring him to an external document, and what in particular he’s supposed to find/look for there.

Sure, but it sounds like we may differ on detail level needed in the reference.

To just say “this is MPLS-based, so to figure it’s security risks go read MPLS RFCs” IMHO is not good enough. Mainly because I don’t agree that  no new exposures are introduced.

I don't think this is a valid solution to your concern.
If the authors, however, believe this - their analysis (put in the Security Considerations section) should show why there are no new exposures. It doesn’t have to be lengthy - but it does have to make sense.

This is a good solution -- in other words, I do think it's fair to add something on this to the section.  I suspect it will be at most two sentences.

Lou





On Mar 16, 2020, at 10:22, Lou Berger <lberger@labn.net><mailto:lberger@labn.net> wrote:
Watson, Uri,
would a reference to https://tools.ietf.org/html/draft-ietf-detnet-security-08#section-7 help? note that Detnet operates/extends the IP and MPLS layers.  It is not a service that rides on general IP or separate from the MPLS layers.
Lou
On 3/16/2020 10:18 AM, Watson Ladd wrote:

On Mon, Mar 16, 2020, 7:01 AM Stewart Bryant <stewart.bryant@gmail.com<mailto:stewart.bryant@gmail.com>> wrote:
The requirement is NOT for a draft to provide the security analysis of all of all of the technologies that it calls up. It is, I believe, to describe the deltas that apply to the new idea. Anything else and the text would be a security analysis with a short technology preamble.

We are describing a technology that is overlaid on MPLS. We should not need to describe the security model of MPLS,  but instead confine our remarks to issues that specifically apply to the additional technology we are describing.

RFC 3552 requires that in a case such as this you explicitly describe what the lower layer is providing to the top layer. RFC 3552 section 5 also demands that attacks be enumerated and those out of scope be called out.

E.g "use TLS" isn't good enough and imho neither is "use MPLS".

Again, the sentences in the security considerations as it stands are about MPLS and Detnet, and they don't seem to come together. Are there really no security considerations when putting the two together? Every MPLS network will just work with Detnet on top, no matter how rushed the deploy is?


Early in the document we call up RFC3031 and RFC3032, the fundamental MPLS RFCs. They are in section 3.1 the first part of the serious technical discussion. In my view these establish a baseline of understand that the reader is expected to have.

It is important to realise, as I have said before, that without understanding that baseline the rest of the document is meaningless.

Regards

Stewart

BTW

It might be as well if you refrained from illustrating the lack of professionalism that the security area applies to its reviews by continuing with the flippancy. There is a serious point that needs to be debated here about what assumptions are a given and what assumptions need to be spelled out when modifying or layering a technology.


> On 16 Mar 2020, at 12:22, Uri Blumenthal <uri@mit.edu<mailto:uri@mit.edu>> wrote:
>
> IETF position (add fat as I remember) regarding RFCs has been that RFCs should provide with everything information for a reasonable developer to implement correctly and securely the standard they define, and provide enough information for the person who will deploy a compliant implementation to do that correctly and securely.
>
> One purpose of Security Review is to ensure that a person doesn't have to be an expert in the field to deal with the proposed document.
>
> In a flippant way, if using your stuff is requires special classes - perhaps it belongs to a book rather than an RFC.
>
> In a non-flippant way - what's the problem in mentioning the issues and providing the appropriate references? A "normal" RFC cannot be self-contained, but it's unreasonable to epect a reader to just "know" where all the omitted things are described.
>
>> On Mar 16, 2020, at 06:33, Stewart Bryant <stewart.bryant@gmail.com<mailto:stewart.bryant@gmail.com>> wrote:
>>
>> Uri,
>>
>> That is a ridiculous position, and you flippancy demonstrates that.
>>
>> This technology fundamentally rests on MPLS and it is reasonable that the reader of this RFC will understand MPLS and the security model it uses before they implement or deploy it. Indeed I cannot think of any implementor or operator that would not already have that knowledge before taking on the task of building or running DN over MPLS.
>>
>> If SecDir reviews are to retain any credibility as expert reviews as opposed to Genart random reader reviews they have to be carried out with shared knowledge of both the security area and the draft’s host area.
>>
>> I have been thinking for some time that there needs to be a fundamental review of the security review process.
>>
>> Stewart
>>
>>> On 15 Mar 2020, at 22:44, Uri Blumenthal <uri@mit.edu<mailto:uri@mit.edu>> wrote:
>>>
>>> I say yes - unless you expect a person who wants just one RFC to have to read every cr^h^h stuff that came out of the routing area.
>>>
>>> "Just do it"
>>>
>>>
>>>>> On Mar 15, 2020, at 17:39, Lou Berger <lberger@labn.net<mailto:lberger@labn.net>> wrote:
>>>>
>>>> 
>>>>> On 3/15/2020 5:22 PM, Watson Ladd wrote:
>>>>>> On Sun, Mar 15, 2020 at 2:14 PM Lou Berger <lberger@labn.net<mailto:lberger@labn.net>> wrote:
>>>>>> Hi Watson,
>>>>>>
>>>>>>   I think Stewart's response really covers the main points. DetNet is
>>>>>> really just MPLS (and IP) with some specific forwarding behaviors and
>>>>>> queuing.  The only thing I'd add, is I see DetNet in general as a
>>>>>> specific form of policy based routing. (The general form of which is
>>>>>> pretty much as old as IP).
>>>>> Then Stewart can put those points in the security considerations
>>>>> section. What's the disadvantage of doing so?
>>>>
>>>> At one level, it would be easiest for the authors to just put these in.  On the other hand, this would mean that every RFC produced in the routing area will acquire similar notes, e.g., routing protocols are currently built with a chain of trust model.  Is this what the sec-dir really is asking the routing area to do?
>>>>
>>>> ADs,
>>>>
>>>>  any opinion on this?     (for context, Stewart's response can be found at: https://mailarchive.ietf.org/arch/msg/detnet/-epL5Fb6bFIUltMrjH53C2316ZA/)
>>>>
>>>> Thanks,
>>>>
>>>> Lou
>>>>
>>>>>> Lou
>>>>>>
>>>>>> On 3/12/2020 9:35 PM, Watson Ladd wrote:
>>>>>>> On Thu, Mar 12, 2020 at 4:07 AM Lou Berger <lberger@labn.net<mailto:lberger@labn.net>> wrote:
>>>>>>>> Watson,
>>>>>>>>
>>>>>>>> Can you provide context here? Can you be explicit on what you see needs to
>>>>>>>> be addressed (beyond what is in this document as well as related rfcs)?
>>>>>>> You have to talk about how the layers interact, and can't just say the
>>>>>>> lower level handles anything without any guide as to what needs to be
>>>>>>> provided by that lower layer.
>>>>>>>
>>>>>>> I think my concerns about the assumptions this could be fixed by
>>>>>>> saying. "All nodes are trusted and any of them can misbehave in ways
>>>>>>> that affect the network.  If the MPLS layer cannot provide sufficient
>>>>>>> determinism, then the DetNet mechanisms won't work".  I agree we
>>>>>>> shoudn't require an entire massive security framework to be quoted
>>>>>>> again here, but there must be some details of this embedding that are
>>>>>>> worth noting, and yet I don't see them called out in the security
>>>>>>> considerations section.
>>>>>>>
>>>>>>> Are there really no specific concerns about the interaction between
>>>>>>> DetNet and MPLS?
>>>>>>>
>>>>>>>> Thank you,
>>>>>>>> Lou
>>>>>>>>
>>>>>>>>
>>>>>>>> ----------
>>>>>>>> On March 11, 2020 10:30:27 PM Watson Ladd <watsonbladd@gmail.com<mailto:watsonbladd@gmail.com>> wrote:
>>>>>>>>
>>>>>>>>> I don't see any reason why RFC 3552's guidelines shoudn't apply to this draft.
>>>>>>>>>
>>>>>>>>> If there is a MPLS exception I'd like to see the rules that should be applied.
>>>>>>>>>
>>>>>>>>> As is I don't see any reason why the assumptions can't be explicitly
>>>>>>>>> spelled out, either in the Security Considerations or elsewhere.
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> detnet mailing list
>>>>>>>>> detnet@ietf.org<mailto:detnet@ietf.org>
>>>>>>>>> https://www.ietf.org/mailman/listinfo/detnet
>>>>>>>>>
>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> secdir mailing list
>>>> secdir@ietf.org<mailto:secdir@ietf.org>
>>>> https://www.ietf.org/mailman/listinfo/secdir
>>>> wiki: http://tools.ietf.org/area/sec/trac/wiki/SecDirReview
>>



_______________________________________________

detnet mailing list

detnet@ietf.org<mailto:detnet@ietf.org>

https://www.ietf.org/mailman/listinfo/detnet

Uri




_______________________________________________

detnet mailing list

detnet@ietf.org<mailto:detnet@ietf.org>

https://www.ietf.org/mailman/listinfo/detnet

v2.23.0 | Report a Bug | By Email