Re: [secdir] Secdir last call review of draft-ietf-pce-stateful-hpce-11

Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 27 August 2019 22:53 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CEA7812012E; Tue, 27 Aug 2019 15:53:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.964
X-Spam-Level:
X-Spam-Status: No, score=-0.964 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_SBL_CSS=3.335, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gjkIS-uNv0s5; Tue, 27 Aug 2019 15:53:53 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9BB9B12001A; Tue, 27 Aug 2019 15:53:53 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 0F0CABE53; Tue, 27 Aug 2019 23:53:50 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UlcXLxzNrTEn; Tue, 27 Aug 2019 23:53:48 +0100 (IST)
Received: from [10.244.2.138] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 3173EBE2E; Tue, 27 Aug 2019 23:53:48 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1566946428; bh=tvL5r7BOvtnYVPxftcpm12wtdZAjkQLfe+agPwb0eCk=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=v3DendElxAN04OMNz8gPOceXizy9I/DAMfHgiNB6vkz7tNjXFifWchm+lOrRpnwmb y9msVl7fV9ujuZijrgnGEx52xlTHYJ6chLDjt/R8z7VuLynKQrRVl3DTdgLf94ixjx RERG7+8+xBxMioadMgtKELidbz3Vrnl5Bfea3jYk=
To: adrian@olddog.co.uk, secdir@ietf.org
Cc: pce@ietf.org, ietf@ietf.org, draft-ietf-pce-stateful-hpce.all@ietf.org
References: <156694513536.5875.13874927498225306603@ietfa.amsl.com> <009d01d55d28$a1e40d10$e5ac2730$@olddog.co.uk>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=5BB5A6EA5765D2C5863CAE275AB2FAF17B172BEA; url=
Autocrypt: addr=stephen.farrell@cs.tcd.ie; prefer-encrypt=mutual; keydata= mQINBFo9UDIBEADUH4ZPcUnX5WWRWO4kEkHea5Y5eEvZjSwe/YA+G0nrTuOU9nemCP5PMvmh 5Cg8gBTyWyN4Z2+O25p9Tja5zUb+vPMWYvOtokRrp46yhFZOmiS5b6kTq0IqYzsEv5HI58S+ QtaFq978CRa4xH9Gi9u4yzUmT03QNIGDXE37honcAM4MOEtEgvw4fVhVWJuyy3w//0F2tzKr EMjmL5VGuD/Q9+G/7abuXiYNNd9ZFjv4625AUWwy+pAh4EKzS1FE7BOZp9daMu9MUQmDqtZU bUv0Q+DnQAB/4tNncejJPz0p2z3MWCp5iSwHiQvytYgatMp34a50l6CWqa13n6vY8VcPlIqO Vz+7L+WiVfxLbeVqBwV+4uL9to9zLF9IyUvl94lCxpscR2kgRgpM6A5LylRDkR6E0oudFnJg b097ZaNyuY1ETghVB5Uir1GCYChs8NUNumTHXiOkuzk+Gs4DAHx/a78YxBolKHi+esLH8r2k 4LyM2lp5FmBKjG7cGcpBGmWavACYEa7rwAadg4uBx9SHMV5i33vDXQUZcmW0vslQ2Is02NMK 7uB7E7HlVE1IM1zNkVTYYGkKreU8DVQu8qNOtPVE/CdaCJ/pbXoYeHz2B1Nvbl9tlyWxn5Xi HzFPJleXc0ksb9SkJokAfwTSZzTxeQPER8la5lsEEPbU/cDTcwARAQABtDJTdGVwaGVuIEZh cnJlbGwgKDIwMTcpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPokCQAQTAQgAKgIbAwUJ CZQmAAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAUCWj6jdwIZAQAKCRBasvrxexcr6o7QD/9m x9DPJetmW794RXmNTrbTJ44zc/tJbcLdRBh0KBn9OW/EaAqjDmgNJeCMyJTKr1ywaps8HGUN hLEVkc14NUpgi4/Zkrbi3DmTp25OHj6wXBS5qVMyVynTMEIjOfeFFyxG+48od+Xn7qg6LT7G rHeNf+z/r0v9+8eZ1Ip63kshQDGhhpmRMKu4Ws9ZvTW2ACXkkTFaSGYJj3yIP4R6IgwBYGMz DXFX6nS4LA1s3pcPNxOgrvCyb60AiJZTLcOk/rRrpZtXB1XQc23ZZmrlTkl2HaThL6w3YKdi Ti1NbuMeOxZqtXcUshII45sANm4HuWNTiRh93Bn5bN6ddjgsaXEZBKUBuUaPBl7gQiQJcAlS 3MmGgVS4ZoX8+VaPGpXdQVFyBMRFlOKOC5XJESt7wY0RE2C8PFm+5eywSO/P1fkl9whkMgml 3OEuIQiP2ehRt/HVLMHkoM9CPQ7t6UwdrXrvX+vBZykav8x9U9M6KTgfsXytxUl6Vx5lPMLi 2/Jrsz6Mzh/IVZa3xjhq1OLFSI/tT2ji4FkJDQbO+yYUDhcuqfakDmtWLMxecZsY6O58A/95 8Qni6Xeq+Nh7zJ7wNcQOMoDGj+24di2TX1cKLzdDMWFaWzlNP5dB5VMwS9Wqj1Z6TzKjGjru q8soqohwb2CK9B3wzFg0Bs1iBI+2RuFnxLkCDQRaPVAyARAA+g3R0HzGr/Dl34Y07XqGqzq5 SU0nXIu9u8Ynsxj7gR5qb3HgUWYEWrHW2jHOByXnvkffucf5yzwrsvw8Q8iI8CFHiTYHPpey 4yPVn6R0w/FOMcY70eTIu/k6EEFDlDbs09DtKcrsT9bmN0XoRxITlXwWTufYqUnmS+YkAuk+ TLCtUin7OdaS2uU6Ata3PLQSeM2ZsUQMmYmHPwB9rmf+q2I005AJ9Q1SPQ2KNg/8xOGxo13S VuaSqYRQdpV93RuCOzg4vuXtR+gP0KQrus/P2ZCEPvU9cXF/2MIhXgOz207lv3iE2zGyNXld /n8spvWk+0bH5Zqd9Wcba/rGcBhmX9NKKDARZqjkv/zVEP1X97w1HsNYeUFNcg2lk9zQKb4v l1jx/Uz8ukzH2QNhU4R39dbF/4AwWuSVkGW6bTxHJqGs6YimbfdQqxTzmqFwz3JP0OtXX5q/ 6D4pHwcmJwEiDNzsBLl6skPSQ0Xyq3pua/qAP8MVm+YxCxJQITqZ8qjDLzoe7s9X6FLLC/DA L9kxl5saVSfDbuI3usH/emdtn0NA9/M7nfgih92zD92sl1yQXHT6BDa8xW1j+RU4P+E0wyd7 zgB2UeYgrp2IIcfG+xX2uFG5MJQ/nYfBoiALb0+dQHNHDtFnNGY3Oe8z1M9c5aDG3/s29QbJ +w7hEKKo9YMAEQEAAYkCJQQYAQgADwUCWj1QMgIbDAUJCZQmAAAKCRBasvrxexcr6qwvD/9b Rek3kfN8Q+jGrKl8qwY8HC5s4mhdDJZI/JP2FImf5J2+d5/e8UJ4fcsT79E0/FqX3Z9wZr6h sofPqLh1/YzDsYkZDHTYSGrlWGP/I5kXwUmFnBZHzM3WGrL3S7ZmCYMdudhykxXXjq7M6Do1 oxM8JofrXGtwBTLv5wfvvygJouVCVe87Ge7mCeY5vey1eUi4zSSF1zPpR6gg64w2g4TXM5qt SwkZVOv1g475LsGlYWRuJV8TA67yp1zJI7HkNqCo8KyHX0DPOh9c+Sd9ZX4aqKfqH9HIpnCL AYEgj7vofeix7gM3kQQmwynqq32bQGQBrKJEYp2vfeO30VsVx4dzuuiC5lyjUccVmw5D72J0 FlGrfEm0kw6D1qwyBg0SAMqamKN6XDdjhNAtXIaoA2UMZK/vZGGUKbqTgDdk0fnzOyb2zvXK CiPFKqIPAqKaDHg0JHdGI3KpQdRNLLzgx083EqEc6IAwWA6jSz+6lZDV6XDgF0lYqAYIkg3+ 6OUXUv6plMlwSHquiOc/MQXHfgUP5//Ra5JuiuyCj954FD+MBKIj8eWROfnzyEnBplVHGSDI ZLzL3pvV14dcsoajdeIH45i8DxnVm64BvEFHtLNlnliMrLOrk4shfmWyUqNlzilXN2BTFVFH 4MrnagFdcFnWYp1JPh96ZKjiqBwMv/H0kw==
Message-ID: <ef694375-b23d-d593-f33c-fba2ad588364@cs.tcd.ie>
Date: Tue, 27 Aug 2019 23:53:47 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0
MIME-Version: 1.0
In-Reply-To: <009d01d55d28$a1e40d10$e5ac2730$@olddog.co.uk>
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="oUFTTkidFpRTEkXzGRQOwtWSECAiLt3zG"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/FSOij3_PMBGfv_j75ppu9nqmL4E>
Subject: Re: [secdir] Secdir last call review of draft-ietf-pce-stateful-hpce-11
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Aug 2019 22:53:56 -0000

Hiya,

On 27/08/2019 23:41, Adrian Farrel wrote:
> You had me at the mention of beer.

That's a deal then:-)

> Actually, that would be a useful conversation both in a PCE context
> and in a wider SDN context. (Always said that the SDN architecture
> was missing a bit of security work).
>
> I'd also love us to have some clarity about TCP-AO. It's like we were
> all told we must use TCP-AO in our protocol specifications as the
> silver bullet, and now the shiny outer layer has tarnished a bit. But
> that is worthy of a separate thread.

Yeah. TCP-AO is a fine thing and would've solved some problems
had it been deployed but I guess reality chose otherwise and it
has now been 9 years so maybe it's time to call that one. But I
guess that's a question that the esteemed routing and sec ADs
can figure out. I think the main downside of text such as is in
this draft is that some RFC readers may waste effort on it for
no benefit so it seems a bit of a disservice for us to keep on
pretending. OTOH, maybe all the relevant implementers already
know to ignore it already. (Or ignore all crypto stuff all the
time;-)

BTW - I'd still love to know if TLS is as fictional as TCP-AO
for PCEP:-)

Cheers,
S.

> 
> Best, Adrian
> 
> -----Original Message----- From: Stephen Farrell via Datatracker
> <noreply@ietf.org> Sent: 27 August 2019 23:32 To: secdir@ietf.org Cc:
> pce@ietf.org; ietf@ietf.org;
> draft-ietf-pce-stateful-hpce.all@ietf.org Subject: Secdir last call
> review of draft-ietf-pce-stateful-hpce-11
> 
> Reviewer: Stephen Farrell Review result: Has Nits
> 
> 
> Hiya,
> 
> This draft doesn't define new protocol but rather describes a way to
> use existing PCE stuff in what I guess is a new way.
> 
> The nit I see is the usual, presumably fictional, reference to
> TCP-AO.  I mean, if nobody actually does that, why bother? Esp. if
> you have a TLS option that's (I hope) less fictional. (Is TLS less
> fictional for PCEP btw?) OTOH, I guess that nearly everyone now knows
> that referring to TCP-AO is just a figleaf to try keep security nerds
> happy, so maybe it's ok that we all suspend disbelief;-(
> 
> Other than that, I did have two questions that occurred to me, but
> that are by no means a reason to hold up this draft - if answers
> required some action, it'd almost certainly not be something that'd
> be fixed here. But I'm still curious:-)
> 
> 1. Has anyone spent any significant amount of time/effort attempting
> to attack an H-PCE network  as a PCEP speaker? (And written that
> up:-) It looks to me like there're enough moving parts here that any
> real stateful hierarchical PCE  network could be fairly likely to
> have interestingly exploitable problems in the face of such an
> attacker.
> 
> 2. I see a reference to SPEAKER-IDENTITY-TLV. I wondered if the 
> ability to e.g. use different SubjectAltNames in x.509 certificates 
> might create the potential for some kind of deliberate or accidental 
> loops to be created somewhere.
> 
> Again, there's no reason to hold this up to try answer (or even to 
> understand) those questions. I'd be happy to chat over a beer with 
> someone  at IETF106 about 'em as that might be easier than a bunch of
> mail.
> 
> Cheers, S.
> 
> 
>