[secdir] Secdir Review of draft-ietf-ccamp-flexi-grid-fwk-05

Sam Hartman <hartmans-ietf@mit.edu> Fri, 31 July 2015 15:08 UTC

Return-Path: <hartmans@mit.edu>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3BD231A21BD; Fri, 31 Jul 2015 08:08:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.235
X-Spam-Level:
X-Spam-Status: No, score=-1.235 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_SOFTFAIL=0.665] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QKdIcLuW3WsE; Fri, 31 Jul 2015 08:08:55 -0700 (PDT)
Received: from mail.painless-security.com (mail.painless-security.com [23.30.188.241]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 110641A21B8; Fri, 31 Jul 2015 08:08:54 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.painless-security.com (Postfix) with ESMTP id 0A0B520778; Fri, 31 Jul 2015 11:08:07 -0400 (EDT)
Received: from mail.painless-security.com ([127.0.0.1]) by localhost (mail.suchdamage.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y_0igvm567e9; Fri, 31 Jul 2015 11:08:06 -0400 (EDT)
Received: from carter-zimmerman.suchdamage.org (unknown [10.1.10.105]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "laptop", Issuer "laptop" (not verified)) by mail.painless-security.com (Postfix) with ESMTPS; Fri, 31 Jul 2015 11:08:06 -0400 (EDT)
Received: by carter-zimmerman.suchdamage.org (Postfix, from userid 8042) id 679608271A; Fri, 31 Jul 2015 11:08:53 -0400 (EDT)
From: Sam Hartman <hartmans-ietf@mit.edu>
To: secdir@ietf.org, iesg@ietf.org
Date: Fri, 31 Jul 2015 11:08:53 -0400
Message-ID: <tsl1tfobbzu.fsf@mit.edu>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/B-8V_DR4XPjNUQ-q9IYxuvfMgAo>
Cc: draft-ietf-ccamp-flexi-grid-fwk-05.all@tools.ietf.org
Subject: [secdir] Secdir Review of draft-ietf-ccamp-flexi-grid-fwk-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jul 2015 15:08:57 -0000


I've been assigned at the secdir reviewer for
draft-ietf-ccamp-flexi-grid-fwk-05.

This document appears ready for publication.

This document describes a framework and requirements for the GMPLS
control plane for flexible grid DWDM optical transport networks.
The basic change is that rather than having a fixed grid of frequencies,
the frequency and slot widthof each media channel are parameters of the
control plane.


I read through section 1, 2, good chunks of section3, 4 and 7.

The authors claim in section 7 that the security implications are the
same between a flexible grid network and a fixed grip netwerk.

This seems to generally be true.
I think that the flexible grid network introduces new ways that attacks
can result.  As an example, the control plane might be able to loosen
restrictions on a filter so that an attacker was able to see more than
they should.  (my physics is entirely inadequate to the task of figuring
out whether this is interesting or would for example just create a DOS)
It might be harder to express this particular misconfiguration/attack in
a fixed network.
However it seems that the general issue is as the authors claim present
in the fixed grid network.

Which is to say, that I don't think the security is identical, but I
agree with the authors that the security considerations seem
substantially similar.
I don't see value for changes in the text in this document.

I did not read the cited references and confirm that the described
security considerations in those documents are adequate.

Thanks for a well-written document.