Re: [secdir] secdir review of draft-ietf-tsvwg-sctp-prpolicies-05
Joseph Salowey <joe@salowey.net> Mon, 01 December 2014 19:44 UTC
Return-Path: <joe@salowey.net>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C533A1A8ABF for <secdir@ietfa.amsl.com>; Mon, 1 Dec 2014 11:44:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UJAhfHKEVQBO for <secdir@ietfa.amsl.com>; Mon, 1 Dec 2014 11:44:34 -0800 (PST)
Received: from mail-qc0-f171.google.com (mail-qc0-f171.google.com [209.85.216.171]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D82B31A8ABE for <secdir@ietf.org>; Mon, 1 Dec 2014 11:44:33 -0800 (PST)
Received: by mail-qc0-f171.google.com with SMTP id r5so8353328qcx.30 for <secdir@ietf.org>; Mon, 01 Dec 2014 11:44:33 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=bJk7omLYLC+YrFasmeomF+QRRRn1X8Nrwgvnzcs0AU4=; b=GtOIM2lzKob70O5Uh1BfOk/aKwHJ5y7h0rGqslI3XdpoOz4w0fh298oVploeethSHX /19MkmGYEp9tRDBCTI+kV+DLEqjpFRsiZn9F+dWlM6zC8Lfm3+yY7t3LwzPUy7+SvzFv WhYCM+58A1/WOayynglCutn7gEg6zlRQq7IF/USG910gwaMO6+zt0BjZ0c1EBU/Yq9Qw lNGuNAuq2JuqNy0CrEoKgGQ/VgCD5utH+Ks073+3yKA9jBs39uuCxNpsyPkpZh2F+djn 6Wi1g2tfXh5FKM3zGRCFqoujBGftzJRlSBUORCd2sGYN3QtgBucoyLvZ8dpyUS8Hw2+u n6nw==
X-Gm-Message-State: ALoCoQmhGProJbBg1z7w3nZ6+rxwGLsY8SitRB1edz9hqtY60hPycafoWY1twDbQEe4BDQo5DMvl
MIME-Version: 1.0
X-Received: by 10.224.167.209 with SMTP id r17mr60937263qay.18.1417463072998; Mon, 01 Dec 2014 11:44:32 -0800 (PST)
Received: by 10.96.238.73 with HTTP; Mon, 1 Dec 2014 11:44:32 -0800 (PST)
X-Originating-IP: [2601:8:b300:a5:dc6:d9e5:2339:fbb3]
In-Reply-To: <C4F8E721-C808-4497-B185-112C9A702016@fh-muenster.de>
References: <CAOgPGoCrkz5pKT-qCnCNwEVsWE-9zzK9erMAU+_10NSvMTmrtQ@mail.gmail.com> <C4F8E721-C808-4497-B185-112C9A702016@fh-muenster.de>
Date: Mon, 01 Dec 2014 11:44:32 -0800
Message-ID: <CAOgPGoD+qwGNSNhr__+FGAnMqK3AA=OJrFXSagEP-D6ho-V5AA@mail.gmail.com>
From: Joseph Salowey <joe@salowey.net>
To: Michael Tuexen <tuexen@fh-muenster.de>
Content-Type: multipart/alternative; boundary="089e0149cd74f2dc1805092cd616"
Archived-At: http://mailarchive.ietf.org/arch/msg/secdir/GInB0PJI2bNSl_7csjPodH7BQb4
Cc: draft-ietf-tsvwg-sctp-prpolicies.all@tools.ietf.org, iesg@ietf.org, secdir@ietf.org
Subject: Re: [secdir] secdir review of draft-ietf-tsvwg-sctp-prpolicies-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Dec 2014 19:44:36 -0000
On Mon, Dec 1, 2014 at 11:28 AM, Michael Tuexen <tuexen@fh-muenster.de> wrote: > On 01 Dec 2014, at 19:39, Joseph Salowey <joe@salowey.net> wrote: > > > I have reviewed this document as part of the security directorate's > ongoing effort to review all IETF documents being processed by the IESG. > These comments were written primarily for the benefit of the security area > directors. Document editors and WG chairs should treat these comments just > like any other last call comments. > > > > I have reviewed this document and believe it is Ready with minor issues. > Hi Joe, > > thank you very much for your review. See my comments below. > > Best regards > Michael > > > > This document describes new policies for the users of the SCTP Partial > Reliability service (SCTP-PR). These policies cover discarding data after > too many retransmissions and discarding lower priority data. > > > > The security considerations are a bit thin. They mostly refer to RFC > 3758 which is also a bit thin and was published before SCTP-DTLS was > available. There is some useful text in RFC 6083 (SCTP-DTLS) : > > > > "If PR-SCTP as defined in [RFC3758 > > ] is used, FORWARD-TSN chunks MUST > > also be sent in an authenticated way as described in [ > > RFC4895 > > ]. This > > makes sure that it is not possible for an attacker to drop messages > > and use forged FORWARD-TSN, SACK, and/or SHUTDOWN chunks to hide this > > dropping." > > > > > > I think it would be good to include similar text in this document since > it is relevant. Are there any problems > I see your point, but this usage of AUTH in combination with DTLS is not > related to the > particular PR-SCTP policy. One could add a sentence stating that if DTLS > over SCTP as specified > in RFC 6083, the corresponding security considerations also apply. Would > that address your issue? > [Joe] Yea, I think that would be OK. > > introduced if the INIT or the INIT-ACK messages are not protected? > No. You can't protect them, see > https://tools.ietf.org/html/rfc4895#section-3.2 > [Joe] Ah, OK. So it seems the INIT negotiation is unprotected and may be modified by an attacker. Probably not something to address in this draft, but I wonder if there are some potential issues here. > > > > Cheers, > > > > Joe > >
- [secdir] secdir review of draft-ietf-tsvwg-sctp-p… Joseph Salowey
- Re: [secdir] secdir review of draft-ietf-tsvwg-sc… Michael Tuexen
- Re: [secdir] secdir review of draft-ietf-tsvwg-sc… Joseph Salowey
- Re: [secdir] secdir review of draft-ietf-tsvwg-sc… Michael Tuexen