Re: [secdir] secdir review of draft-ietf-spring-segment-routing-13
David Mandelberg <david+work@mandelberg.org> Fri, 23 March 2018 22:56 UTC
Return-Path: <david+work@mandelberg.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AADC612E03F for <secdir@ietfa.amsl.com>; Fri, 23 Mar 2018 15:56:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TjxndizQgm_k for <secdir@ietfa.amsl.com>; Fri, 23 Mar 2018 15:56:55 -0700 (PDT)
Received: from smtp.rcn.com (smtp.rcn.com [69.168.97.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D76A312E03B for <secdir@ietf.org>; Fri, 23 Mar 2018 15:56:53 -0700 (PDT)
X_CMAE_Category: , ,
X-CNFS-Analysis: v=2.2 cv=Le5+0XXi c=1 sm=1 tr=0 a=OXtaa+9CFT7WVSERtyqzJw==:117 a=OXtaa+9CFT7WVSERtyqzJw==:17 a=KGjhK52YXX0A:10 a=IkcTkHD0fZMA:10 a=NTnny0joGdQA:10 a=v2DPQv5-lfwA:10 a=bmmO2AaSJ7QA:10 a=BTUBnpS-AAAA:8 a=AUd_NHdVAAAA:8 a=48vgC7mUAAAA:8 a=cVtrvwxoAORve3k4lU8A:9 a=QEXdDO2ut3YA:10 a=pblkFgjdBCuYZ9-HdJ6i:22 a=w1C3t2QeGrPiZgrLijVG:22
X-CM-Score: 0
X-Scanned-by: Cloudmark Authority Engine
X-Authed-Username: ZHNlb21uQHJjbi5jb20=
Authentication-Results: smtp01.rcn.cmh.synacor.com header.from=david+work@mandelberg.org; sender-id=neutral
Authentication-Results: smtp01.rcn.cmh.synacor.com smtp.mail=david+work@mandelberg.org; spf=neutral; sender-id=neutral
Authentication-Results: smtp01.rcn.cmh.synacor.com smtp.user=dseomn@rcn.com; auth=pass (LOGIN)
Received-SPF: neutral (smtp01.rcn.cmh.synacor.com: 209.6.43.168 is neither permitted nor denied by domain of mandelberg.org)
Received: from [209.6.43.168] ([209.6.43.168:42632] helo=uriel.mandelberg.org) by smtp.rcn.com (envelope-from <david+work@mandelberg.org>) (ecelerity 3.6.25.56547 r(Core:3.6.25.0)) with ESMTPSA (cipher=DHE-RSA-AES256-GCM-SHA384) id D2/7B-58381-33685BA5; Fri, 23 Mar 2018 18:56:52 -0400
Received: from [192.168.1.152] (DD-WRT [192.168.1.1]) by uriel.mandelberg.org (Postfix) with ESMTPSA id 570E71C609C; Fri, 23 Mar 2018 18:56:51 -0400 (EDT)
To: "Les Ginsberg (ginsberg)" <ginsberg@cisco.com>, "iesg@ietf.org" <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>, "draft-ietf-spring-segment-routing.all@ietf.org" <draft-ietf-spring-segment-routing.all@ietf.org>
References: <3b7c6cdc-0e9e-0a57-e030-ae3a715c6a03@mandelberg.org> <e32e5f9bc00043e3a8b86205d434c35d@XCH-ALN-001.cisco.com> <56ce2942-388f-d03b-721a-3b06af5559bc@mandelberg.org> <ef5efa3a9f1d434580946f1012ebb0bc@XCH-ALN-001.cisco.com>
From: David Mandelberg <david+work@mandelberg.org>
Organization: David Mandelberg, LLC
Message-ID: <9521bc0e-a1f2-046e-8e92-9e4a64237036@mandelberg.org>
Date: Fri, 23 Mar 2018 18:56:48 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <ef5efa3a9f1d434580946f1012ebb0bc@XCH-ALN-001.cisco.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/HqyuohUZ8IUmIQWpbsnphWHk8M8>
Subject: Re: [secdir] secdir review of draft-ietf-spring-segment-routing-13
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Mar 2018 22:56:57 -0000
Thanks, I didn't know it was in the IGP specs. If the usage you describe would be clear to anybody using this, then I think you've fully addressed my original comment. On 03/23/2018 06:43 PM, Les Ginsberg (ginsberg) wrote: > David - > > Thanx for the very prompt response. > > If a controller (for example) is defining a SID stack for an SR Policy, it can choose to use an Adj-SID which is advertised as Persistent and be confident that the SID will not be reused for some other purpose no matter what happens on the owning node. > > BTW, the flag isn’t new - it has been part of the IGP specifications for quite a long while. It just wasn't mentioned in the SR Architecture in earlier versions. > > HTH > > Les > >> -----Original Message----- >> From: David Mandelberg <david+work@mandelberg.org> >> Sent: Friday, March 23, 2018 3:17 PM >> To: Les Ginsberg (ginsberg) <ginsberg@cisco.com>; iesg@ietf.org; >> secdir@ietf.org; draft-ietf-spring-segment-routing.all@ietf.org >> Subject: Re: secdir review of draft-ietf-spring-segment-routing-13 >> >> Hi, >> >> How will the indication of persistence be used? I scanned the changes from -13 >> to -15, but I didn't notice any other text about the new flag. >> >> On 03/23/2018 06:34 AM, Les Ginsberg (ginsberg) wrote: >>> David - >>> >>> Apologies. It appears that I neglected to respond to this old review >>> comment. >>> >>> This was not intentional. Authors actively discussed your comment >>> promptly and we did add text in V14 of the draft to address this point: >>> >>> Please see: >>> https://tools.ietf.org/html/draft-ietf-spring-segment-routing-15#secti >>> on-3.4 >>> >>> /o Indication whether the Adj-SID is persistent across control plane/ >>> >>> / restarts. Persistence is a key attribute in ensuring that an >>> SR/ >>> >>> / Policy does not temporarily result in misforwarding due to/ >>> >>> / reassignment of an Adj-SID./ >>> >>> // >>> >>> Please let us know if this adequately addresses your comment. >>> >>> Again, apologies for the long delay. >>> >>> Les >>> >>> > -----Original Message----- >>> >>> > From: David Mandelberg <david@mandelberg.org> >>> >>> > Sent: Thursday, November 02, 2017 10:53 AM >>> >>> > To: iesg@ietf.org; secdir@ietf.org; draft-ietf-spring-segment- >>> >>> > routing.all@ietf.org >>> >>> > Subject: secdir review of draft-ietf-spring-segment-routing-13 >>> >>> > >>> >>> > I have reviewed this document as part of the security directorate's >>> ongoing >>> >>> > effort to review all IETF documents being processed by the IESG. >>> These >>> >>> > comments were written primarily for the benefit of the security >>> area directors. >>> >>> > Document editors and WG chairs should treat these comments just >>> like any >>> >>> > other last call comments. >>> >>> > >>> >>> > The summary of the review is Ready with nits. >>> >>> > >>> >>> > This document affects routing within a trusted domain, and the >>> security >>> >>> > considerations section adequately talks about filtering at the >>> border of a trusted >>> >>> > domain. >>> >>> > >>> >>> > I do have one question about something I didn't see in the >>> document, what >>> >>> > happens when SIDs change while packets are in transit? Here's a >>> hypothetical >>> >>> > situation that could be bad for security, but I'm not sure whether >>> or not it could >>> >>> > happen: 1. An internal node calculates an SR Policy and sends out a >>> packet that >>> >>> > will eventually egress towards a BGP peer. 2. Multiple links on the >>> BGP router go >>> >>> > down and then back up, but are allocated different PeerAdj SIDs >>> than they had >>> >>> > before. 3. The packet reaches the BGP router, but egresses to the >>> wrong BGP >>> >>> > peer because the original PeerAdj SID is now mapped to a different >>> PeerAdj >>> >>> > segment. >>> >>> > >>> >>> > -- >>> >>> > Freelance cyber security consultant, software developer, and more >>> >>> > https://david.mandelberg.org/ >>> >> >> >> -- >> Freelance cyber security consultant, software developer, and more >> https://david.mandelberg.org/ -- Freelance cyber security consultant, software developer, and more https://david.mandelberg.org/
- [secdir] secdir review of draft-ietf-spring-segme… David Mandelberg
- Re: [secdir] secdir review of draft-ietf-spring-s… Les Ginsberg (ginsberg)
- Re: [secdir] secdir review of draft-ietf-spring-s… David Mandelberg
- Re: [secdir] secdir review of draft-ietf-spring-s… Les Ginsberg (ginsberg)
- Re: [secdir] secdir review of draft-ietf-spring-s… David Mandelberg
- Re: [secdir] secdir review of draft-ietf-spring-s… Les Ginsberg (ginsberg)
- Re: [secdir] secdir review of draft-ietf-spring-s… David Mandelberg
- Re: [secdir] secdir review of draft-ietf-spring-s… Les Ginsberg (ginsberg)
- Re: [secdir] secdir review of draft-ietf-spring-s… Eric Rescorla
- Re: [secdir] secdir review of draft-ietf-spring-s… Les Ginsberg (ginsberg)
- Re: [secdir] secdir review of draft-ietf-spring-s… Eric Rescorla
- Re: [secdir] secdir review of draft-ietf-spring-s… Benjamin Kaduk
- Re: [secdir] secdir review of draft-ietf-spring-s… David Mandelberg
- Re: [secdir] secdir review of draft-ietf-spring-s… Benjamin Kaduk
- Re: [secdir] secdir review of draft-ietf-spring-s… Tero Kivinen
- Re: [secdir] secdir review of draft-ietf-spring-s… Benjamin Kaduk
- Re: [secdir] secdir review of draft-ietf-spring-s… David Mandelberg
- Re: [secdir] secdir review of draft-ietf-spring-s… Benjamin Kaduk