Re: [secdir] [ippm] Secdir last call review of draft-ietf-ippm-route-08
J Ignacio Alvarez-Hamelin <ihameli@cnet.fi.uba.ar> Mon, 29 June 2020 13:43 UTC
Return-Path: <ihameli@cnet.fi.uba.ar>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F22E93A0EEF; Mon, 29 Jun 2020 06:43:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3cd3wIO5oKv8; Mon, 29 Jun 2020 06:43:53 -0700 (PDT)
Received: from cnet.fi.uba.ar (cnet.fi.uba.ar [157.92.58.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D563C3A0EEE; Mon, 29 Jun 2020 06:43:52 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by cnet.fi.uba.ar (Postfix) with ESMTP id 396C6140077; Mon, 29 Jun 2020 10:43:48 -0300 (ART)
X-Virus-Scanned: Debian amavisd-new at cnet.fi.uba.ar
Received: from cnet.fi.uba.ar ([127.0.0.1]) by localhost (cnet.fi.uba.ar [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TTz2cGTfPF5s; Mon, 29 Jun 2020 10:43:37 -0300 (ART)
Received: from [192.168.1.34] (unknown [181.27.208.211]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by cnet.fi.uba.ar (Postfix) with ESMTPSA id 96240140068; Mon, 29 Jun 2020 10:43:37 -0300 (ART)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.80.23.2.2\))
From: J Ignacio Alvarez-Hamelin <ihameli@cnet.fi.uba.ar>
In-Reply-To: <CACsn0ckcZ8Wp3oruRsBnv3r846ea0CQ4pgVKhFdQV3uXArKm+Q@mail.gmail.com>
Date: Mon, 29 Jun 2020 10:43:39 -0300
Cc: "MORTON, ALFRED C (AL)" <acm@research.att.com>, "draft-ietf-ippm-route.all@ietf.org" <draft-ietf-ippm-route.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "ippm@ietf.org" <ippm@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <9E3E3976-499B-4362-950A-1BB95A7ED68D@cnet.fi.uba.ar>
References: <159326696737.10306.5653213903966509356@ietfa.amsl.com> <4D7F4AD313D3FC43A053B309F97543CF0108A69B10@njmtexg5.research.att.com> <CACsn0ckcZ8Wp3oruRsBnv3r846ea0CQ4pgVKhFdQV3uXArKm+Q@mail.gmail.com>
To: Watson Ladd <watsonbladd@gmail.com>
X-Mailer: Apple Mail (2.3608.80.23.2.2)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/FD6qm7eVcwf_R7V6IOk3naBnmuY>
Subject: Re: [secdir] [ippm] Secdir last call review of draft-ietf-ippm-route-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Jun 2020 13:43:55 -0000
Dear Watson, Thank you for your review. Concerning the security considerations, this method does not introduce new security problems, basically because it does not create any new field or option into packets. Eventually, we can imagine some man in the middle, changing some bits into the packet, but this kind of behavior does not affect the network. I think it can affect one measurement for a particular hop where he/she is intercepting, but this case is similar to any traffic; therefore, I do not see any potential problem. Are you visualized another security problem? Regards, J. Igancio _______________________________________________________________ Dr. Ing. José Ignacio Alvarez-Hamelin CONICET and Facultad de Ingeniería, Universidad de Buenos Aires Av. Paseo Colón 850 - C1063ACV - Buenos Aires - Argentina +54 (11) 5285 0716 / 5285 0705 e-mail: ihameli@cnet.fi.uba.ar web: http://cnet.fi.uba.ar/ignacio.alvarez-hamelin/ _______________________________________________________________ > On 28 Jun 2020, at 13:04, Watson Ladd <watsonbladd@gmail.com> wrote: > > On Sun, Jun 28, 2020 at 11:55 AM MORTON, ALFRED C (AL) > <acm@research.att.com> wrote: > <snip> >> >>> >>> Now for the meat: what about the security considerations? Since this draft is >>> describing enhancements to traceroute and ways to describe the measurements >>> taken by such enhanced traceroutes, the security impact is minimal and the >>> authors reference the existing RFCs describing the security impacts of >>> tracroutes on networks. >> [acm] >> I'm looking for the action implied in your comment. Do we add the sentences: >> >> This draft describes enhancements to traceroute and ways to describe the measurements taken by such enhanced traceroute tools. The security impact is minimal and the authors reference the existing RFCs describing the security impacts of active and hybrid measurements on networks (of which traceroute measurements are a subset) below. > > My apologies: you read as a suggestion which I thought was a > description. I don't think it has to change at all. > >> >> Or? >> >>> >>> Sincerely, >>> Watson Ladd >>> >> > > > -- > "Man is born free, but everywhere he is in chains". > --Rousseau. > > _______________________________________________ > ippm mailing list > ippm@ietf.org > https://www.ietf.org/mailman/listinfo/ippm
- [secdir] Secdir last call review of draft-ietf-ip… Watson Ladd via Datatracker
- Re: [secdir] Secdir last call review of draft-iet… MORTON, ALFRED C (AL)
- Re: [secdir] Secdir last call review of draft-iet… Watson Ladd
- Re: [secdir] Secdir last call review of draft-iet… MORTON, ALFRED C (AL)
- Re: [secdir] [ippm] Secdir last call review of dr… J Ignacio Alvarez-Hamelin