Re: [secdir] Sector Review: draft-ietf-ospf-te-metric-extensions-09

Stephen Farrell <stephen.farrell@cs.tcd.ie> Mon, 05 January 2015 21:47 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4DF941A8ADD; Mon, 5 Jan 2015 13:47:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O7j9kTSQc16d; Mon, 5 Jan 2015 13:47:52 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C446B1A0049; Mon, 5 Jan 2015 13:47:52 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 362DEBEC0; Mon, 5 Jan 2015 21:47:51 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gvo3RhdPOHXY; Mon, 5 Jan 2015 21:47:50 +0000 (GMT)
Received: from [10.87.48.73] (unknown [86.42.19.48]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id D48C2BEBC; Mon, 5 Jan 2015 21:47:49 +0000 (GMT)
Message-ID: <54AB0685.7080602@cs.tcd.ie>
Date: Mon, 05 Jan 2015 21:47:49 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0
MIME-Version: 1.0
To: Randy Bush <randy@psg.com>, Ben Laurie <benl@google.com>
References: <4E0F5009-4811-4FFE-AA26-ECFAC2398101@ogud.com> <m28uhj2wxg.wl%randy@psg.com> <96B524C4-B2E8-443E-871D-60B5FCD2F44A@ogud.com> <m2bnmdym1g.wl%randy@psg.com> <CABrd9STqBsPQpp_N751ybF_0uF8C3MGG3hKhzoPCBO_pgoCULw@mail.gmail.com> <m2a91wzze6.wl%randy@psg.com>
In-Reply-To: <m2a91wzze6.wl%randy@psg.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Archived-At: http://mailarchive.ietf.org/arch/msg/secdir/8dI5e1jN7VQgx0itZqMroGgZy2Q
Cc: ietf <ietf@ietf.org>, secdir <secdir@ietf.org>
Subject: Re: [secdir] Sector Review: draft-ietf-ospf-te-metric-extensions-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Jan 2015 21:47:55 -0000


On 05/01/15 21:33, Randy Bush wrote:
>>>>> and the new lsas could not be used in path shortening attacks,
>>>>> right?
>>>>
>>>> this document only defines the format of the LSA’s it does not talk
>>>> about processing by the routing engines.
>>>
>>> so the secdir sees no need to warn about it.  got it.  </sarcasm>
>>
>> If secdir is going to warn about it through this process, then surely
>> the right place to do that is in the comments on the document that
>> does talk about processing by the routing engines?
> 
> a naïve person might think that all documents in a series that have
> security implications would be flagged in the security considerations
> section.
> 
> but i have had my say.  let's get back to work.

Yeah, I don't think arguing about it between secdir reviewers
will help us so much:-)

I noted that this had been raised in my ballot ([1] at the end)
and asked if text is needed. Randy - if you have suggested text
that could go in there that'd be good. I'm not clear enough
about the relationship between that attack and this draft to
know what'd be good to be honest.

Cheers,
S.


[1]
https://datatracker.ietf.org/doc/draft-ietf-ospf-te-metric-extensions/ballot/#stephen-farrell

> 
> randy
> 
> 
>