[secdir] SecDir Review of draft-ietf-lisp-alt-09
Catherine Meadows <meadows@itd.nrl.navy.mil> Mon, 28 November 2011 16:53 UTC
Return-Path: <meadows@itd.nrl.navy.mil>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FE0021F8CE9; Mon, 28 Nov 2011 08:53:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_43=0.6]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H-ldItZFr93a; Mon, 28 Nov 2011 08:53:54 -0800 (PST)
Received: from fw5540.nrl.navy.mil (fw5540.nrl.navy.mil [132.250.196.100]) by ietfa.amsl.com (Postfix) with ESMTP id BBC8021F8CE6; Mon, 28 Nov 2011 08:53:53 -0800 (PST)
Received: from chacs.nrl.navy.mil (sun1.fw5540.net [10.0.0.11]) by fw5540.nrl.navy.mil (8.13.8/8.13.6) with ESMTP id pASGrquZ003318; Mon, 28 Nov 2011 11:53:52 -0500 (EST)
Received: from chacs.nrl.navy.mil (sun1 [10.0.0.11]) by chacs.nrl.navy.mil (8.13.8/8.13.6) with SMTP id pASGrmVV019383; Mon, 28 Nov 2011 11:53:51 -0500 (EST)
Received: from siduri.fw5540.net ([10.0.3.73]) by chacs.nrl.navy.mil (SMSSMTP 4.1.16.48) with SMTP id M2011112811534704798 ; Mon, 28 Nov 2011 11:53:47 -0500
From: Catherine Meadows <meadows@itd.nrl.navy.mil>
Content-Type: multipart/alternative; boundary="Apple-Mail-7-595257620"
Date: Mon, 28 Nov 2011 12:04:01 -0500
Message-Id: <EDF32EE2-6FB1-4A08-8AF5-3F912EF562D0@itd.nrl.navy.mil>
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-lisp-alt.all@tools.ietf.org
Mime-Version: 1.0 (Apple Message framework v1084)
X-Mailer: Apple Mail (2.1084)
X-Mailman-Approved-At: Mon, 28 Nov 2011 08:58:09 -0800
Cc: Catherine Meadows <meadows@itd.nrl.navy.mil>
Subject: [secdir] SecDir Review of draft-ietf-lisp-alt-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Nov 2011 16:53:55 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document describes a distributed index system to be used by the Locator/ID Separation Protocol (LISP) Ingress Tunnel Router (ITR) or Map Resolver (MR) to find the Egress Tunnel Router (ETR) which holds the mapping information for a particular Endpoint Identifier (EID). The ITR or MR can then query the ETR to get the information it needs. This index, or Alternate Logical Topology, is built as an overlay network on the Internet using the Border Gateway Protocol (BGP) and the Generic Routing Encapsulation (GRE). Since LISP+ALT relies on BGP, the authors correctly point out that that it shares many of the security characteristics of BGP. They should be commended, however, for not merely pointing to the BGP document, but also addressing any new vulnerabilities that could arise from using LISP+ALT. These are mainly potential denial-of-service attacks, for which suggested countermeasures are included. Another is the possibility that EID-prefixes would be more vulnerable to leakage since they will be more widely propagated out to the global network. The authors point out that addressing this problem requires more strict prefix filtering and authentication on the global routing system. The authors also discuss, in a final paragraph (10.3), the potential use of emerging BGP security mechanisms that would provide this authentication. All in all, I think this is a very thorough and well-though-out discussion of the security considerations. My only suggestion would be to include a forward reference to paragraph 10.3 in the discussion of prefix leakage. Catherine Meadows Naval Research Laboratory Code 5543 4555 Overlook Ave., S.W. Washington DC, 20375 phone: 202-767-3490 fax: 202-404-7942 email: catherine.meadows@nrl.navy.mil
- [secdir] SecDir Review of draft-ietf-lisp-alt-09 Catherine Meadows
- Re: [secdir] SecDir Review of draft-ietf-lisp-alt… Vince Fuller
- Re: [secdir] SecDir Review of draft-ietf-lisp-alt… Catherine Meadows
- Re: [secdir] SecDir Review of draft-ietf-lisp-alt… Vince Fuller