Re: [secdir] secdir Review of draft-ietf-v6ops-3gpp-eps
Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 30 August 2011 11:51 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B1F921F872A; Tue, 30 Aug 2011 04:51:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.171
X-Spam-Level:
X-Spam-Status: No, score=-106.171 tagged_above=-999 required=5 tests=[AWL=0.428, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tcyuKkkp9kyl; Tue, 30 Aug 2011 04:51:21 -0700 (PDT)
Received: from scss.tcd.ie (hermes.cs.tcd.ie [134.226.32.56]) by ietfa.amsl.com (Postfix) with ESMTP id 033E621F86E0; Tue, 30 Aug 2011 04:51:20 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by hermes.scss.tcd.ie (Postfix) with ESMTP id DBEB81535EF; Tue, 30 Aug 2011 12:52:40 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; h= content-transfer-encoding:content-type:in-reply-to:references :subject:mime-version:user-agent:from:date:message-id:received :received:x-virus-scanned; s=cs; t=1314705160; bh=vmbMeFgmRdLsIs a3hoC5lG/+TpPTYTH4sMfE3PoNG7E=; b=rZW/Umr0ctQ+JrwC4nqcG1ViUlWClL R5gli9r3pd/IWlKqHgtfa8TFprAO6d5pjOeIRe1elEfqXEmcbzsGrgEVtQTbPZTs tdKne4kHaQgFm/Vg0UgPeFo1zvE4PFiedRDR09Gjdae2Caxr7yTy5nk+ovFKOm1z IwEUIrHoR/K+iA42VqP4q0Vx34v93lbYf2WU3iya7RXvZXTD7lxrqOZ04tUteJbq yuxovrb2jtVYLsjsLsk2j2psOAtx5+leBGOBFssGIJw1ZEy+/Bed5yEm+NUoGEMR zmsyiBg55cH/zDT9sV6R4mi5rVZWuRo9YvOClGQR3t5IUcX4w8KhlhBw==
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from scss.tcd.ie ([127.0.0.1]) by localhost (scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10027) with ESMTP id FAvB7m9TkyQ5; Tue, 30 Aug 2011 12:52:40 +0100 (IST)
Received: from [IPv6:2001:770:10:203:a288:b4ff:fe9c:bc5c] (unknown [IPv6:2001:770:10:203:a288:b4ff:fe9c:bc5c]) by smtp.scss.tcd.ie (Postfix) with ESMTPSA id A74261535EE; Tue, 30 Aug 2011 12:52:31 +0100 (IST)
Message-ID: <4E5CCEF5.1020303@cs.tcd.ie>
Date: Tue, 30 Aug 2011 12:52:21 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:6.0) Gecko/20110812 Thunderbird/6.0
MIME-Version: 1.0
To: jouni korhonen <jouni.nospam@gmail.com>
References: <CA7AE8B2.C2F68%mundy@sparta.com> <6425C318-F3AB-4321-A238-2828F43580E0@gmail.com>
In-Reply-To: <6425C318-F3AB-4321-A238-2828F43580E0@gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: secdir@ietf.org, draft-ietf-v6ops-3gpp-eps.all@tools.ietf.org, iesg@ietf.org, Russ Mundy <mundy@sparta.com>
Subject: Re: [secdir] secdir Review of draft-ietf-v6ops-3gpp-eps
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Aug 2011 11:51:22 -0000
Hi Jouni, Just checking - do you intend to push out a new version with this included before the telechat next week? A few nits below as well. Ta, Stephen. On 08/25/2011 11:50 AM, jouni korhonen wrote: > Russ, > > Thanks for the review. You are echoing the same thing as the most in IESG. I crafted a bit of text that could be put into the security considerations section. I don't know if this would be enough. > > - JOuni > > ---- > > > In 3GPP access the UE and the network always perform a mutual > authentication during the network attachment [TS.33102][TS.33401]. > Furthermore, each time a PDP Context/PDN Connection gets created, > a new connection, a modification of an existing connection and > an assignment of an IPv6 prefix or an IP address can be authorized > against the PCC infrastructure [TS.23203] and/or PDN's AAA server. > > The wireless part of the 3GPP link between the UE and the (e)NodeB > as well as the signaling messages between the UE and the MME/SGSN > can be protected depending on the regional regulation an operator > deployment policy. User plane traffic can be confidentially s/confidentially/confidentiality/ would be better. If you can add references as to how that can be achieved that would also be good. The same points apply for the control plane I guess. > protected. The control plane is always at least integrity and > replay protected, and may also be confidentially protected. The > protection within the transmission part of the network depends > on the operator deployment policy. > > Due the nature of 3GPP point-to-point link model, the UE and the > first hop router (PGW/GGSN or SGW) are the only nodes on the link, > which mitigates most of the known on-link attacks. For off-link IPv6 > attacks the 3GPP EPS is as vulnerable as any IPv6 system. There has s/has/have/ > also been concerns that UE IP stack might use permanent subscriber s/UE IP stack/the UE IP stack/ > identities, such as IMSI and MSISDN, as the source for IPv6 address > Interface Identifier. This would be a privacy threat and allow > tracking of subscribers, and therefore use of IMSI and MSISDN as the > Interface Identifier is prohibited. However, there is no standardized > method to block such misbehaving UEs. Prohibited by whom? Maybe add a reference? > > > > > [TS.33102] > 3GPP, "3G Security; Security architecture", > 3GPP TS 33.102 10.0.0, December 2010. > > > [TS.33401] > 3GPP, "3GPP System Architecture Evolution (SAE); > Security architecture", 3GPP TS 33.401 10.1.1, > June 2011. > > On Aug 25, 2011, at 12:43 AM, Russ Mundy wrote: > >> >> I have reviewed this document as part of the security directorate's ongoing >> effort to review all IETF documents being processed by the IESG. These >> comments were written primarily for the benefit of the security area >> directors. Document editors and WG chairs should treat these comments just >> like any other last call comments. >> >> While I do agree with the factual correctness of the Security Considerations >> section (the document does not _introduce_ any security related concerns), >> the support for IPv6 in 3GPP networks described in document certainly does >> have a number of security concerns. Some obvious examples, use of DHCP >> based address management and access control/authorization of the PDN >> Connection (shown in Figure 8). Although these and other security issues >> are likely addressed in various other documents, it would be useful to make >> a definitive statement to that effect in the Security Considerations >> section. It would be even more useful if some more specific references were >> to be included in parts of the document that clearly deal with security >> issues such as address management and access control and authorization. >> >> >> Russ Mundy >> >> >> >> >> >> > >
- [secdir] secdir Review of draft-ietf-v6ops-3gpp-e… Russ Mundy
- Re: [secdir] secdir Review of draft-ietf-v6ops-3g… jouni korhonen
- Re: [secdir] secdir Review of draft-ietf-v6ops-3g… Stephen Farrell
- Re: [secdir] secdir Review of draft-ietf-v6ops-3g… jouni korhonen
- Re: [secdir] secdir Review of draft-ietf-v6ops-3g… Stephen Farrell
- Re: [secdir] secdir Review of draft-ietf-v6ops-3g… jouni korhonen
- Re: [secdir] secdir Review of draft-ietf-v6ops-3g… Ronald Bonica
- Re: [secdir] secdir Review of draft-ietf-v6ops-3g… Russ Mundy