Re: [secdir] SecDir Review of draft-ietf-sidr-bgpsec-reqs-11

Randy Bush <randy@psg.com> Thu, 10 July 2014 23:13 UTC

Return-Path: <randy@psg.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC9AF1A008B; Thu, 10 Jul 2014 16:13:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.551
X-Spam-Level:
X-Spam-Status: No, score=-2.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.651] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4qQLP7SSIXM6; Thu, 10 Jul 2014 16:13:41 -0700 (PDT)
Received: from ran.psg.com (ran.psg.com [IPv6:2001:418:8006::18]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F3A41A0078; Thu, 10 Jul 2014 16:13:41 -0700 (PDT)
Received: from localhost ([127.0.0.1] helo=ryuu.psg.com.psg.com) by ran.psg.com with esmtp (Exim 4.76) (envelope-from <randy@psg.com>) id 1X5NX1-0002B6-EQ; Thu, 10 Jul 2014 23:13:40 +0000
Date: Fri, 11 Jul 2014 08:13:38 +0900
Message-ID: <m2y4w06c4d.wl%randy@psg.com>
From: Randy Bush <randy@psg.com>
To: "Adam W. Montville" <adam@stoicsecurity.com>
In-Reply-To: <468FCC23-2398-4165-BACA-E9F0AEF742E7@stoicsecurity.com>
References: <468FCC23-2398-4165-BACA-E9F0AEF742E7@stoicsecurity.com>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.7 - "Harue")
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/secdir/8WvSIO2_RIUP-u7RgObnQXSrzjc
Cc: draft-ietf-sidr-bgpsec-reqs.all@tools.ietf.org, iesg@ietf.org, secdir@ietf.org
Subject: Re: [secdir] SecDir Review of draft-ietf-sidr-bgpsec-reqs-11
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Jul 2014 23:13:44 -0000

> 2. Requirement 3.13 indicates that BGPsec “MUST provide backward
>    compatibility”, but we are left to assume that downgrade prevention
>    is enabled.  We might assume that it is, but it’s probably better
>    not to.  Perhaps adding a statement to the effect of “MUST provide
>    backward compatibility…. but also allow for strict BGPsec
>    adherence” or something similar.  I also recognize that there may
>    be obviating circumstances behind this requirement (i.e. it’s not
>    practical to *not* allow strict adherence), which I might also
>    assume as a reader.

i have added the following to sec cons,

    The requirement of backward compatibility to BGP4 may open an avenue
    to downgrade attacks.

> 4. In the Security Considerations section (6) it seems that more
>    explanation pertaining to the following sentence might be
>    warranted: “The data plane might not follow the control plane.”
>    This might be readily apparent to anyone in-the-know, but it’s not
>    so apparent to those not-in-the-know.

per alia atlas

   The data plane might not follow the path signaled by the control
   plane.

randy