[secdir] secdir review of draft-ietf-tictoc-multi-path-synchronization-05

Watson Ladd <watsonbladd@gmail.com> Sun, 18 September 2016 19:41 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F68112B00D; Sun, 18 Sep 2016 12:41:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NvmaYxpSQuzR; Sun, 18 Sep 2016 12:41:07 -0700 (PDT)
Received: from mail-yw0-x22e.google.com (mail-yw0-x22e.google.com [IPv6:2607:f8b0:4002:c05::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BC13F12B0E0; Sun, 18 Sep 2016 12:41:06 -0700 (PDT)
Received: by mail-yw0-x22e.google.com with SMTP id g192so121840094ywh.1; Sun, 18 Sep 2016 12:41:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to; bh=gDRRKyKmw0KpPGOBLVUHX2xfqcOweRhuSTgcvdznwl4=; b=xoDare4NQUiVvljNVXvB9jUTnvKofrpX8dpPin1pBXE2XaT6n+JeTrwPhmUXas92dA N4buMDQUg0skzwg2qToI7F7m5zV2o1YgVHEC4oAVZKkQQc0RikAxWz/T/mOiBO9YyKPF 9r8cEfx2pjB4LBHYxAplaOQmjqtJSNfaDKODg9HiQg/xJeVDVHlLPeyVzlO2koS9RmBy X3CRrqneDvifHb4VC+8BPyI+s3eLo2i6H66V21XeT10SBz3OPco/75z+EgL5P5giU3fS DTi49Gn4I6w9jnKmFBbe15ruIhy/02kFvvXU9HW8peqBNg62BLiCVcC5mMHBzAl/O8YI WeiA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=gDRRKyKmw0KpPGOBLVUHX2xfqcOweRhuSTgcvdznwl4=; b=NYAkRW36poecKsL1km/Ua9cVhqxWhpBH1ucmtv/cggAFyWnl6m0uV/TjRq2O+fmcPR gG+JYSiqUQ3w6/Bb1o6RFHIMTE3rbmqFclUekmVqZZWH4b4jbeROyM756aT7+Xol5g3Z 7IgpL7n4INOOkvzXTx7/zK7jEmXBz0+t8a8P4zwBA39B3CY5nYXY8L1IKO1aZtrM6njd nHr+lIMPse8q2JjhUqMQsFcm1/GVEj7kdz/Kvc710OzcERPeeCbmasaywGmxkKyribRS KkslXAxLBAcXKgQkBXtZYpYOdIfakrrwgfaD9lf7wyZQ3ncO7yDHB1zPKo1ltzP874xq 1FWQ==
X-Gm-Message-State: AE9vXwMU8mSwnWJL38oQFb5ORW+L1MlnWCVIUComz7qwIRHuD2yqXHi+zdO2kIClI9GfaGWkfMst//oO3ddNLA==
X-Received: by 10.13.203.79 with SMTP id n76mr21258547ywd.122.1474227665844; Sun, 18 Sep 2016 12:41:05 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.176.4.102 with HTTP; Sun, 18 Sep 2016 12:41:05 -0700 (PDT)
From: Watson Ladd <watsonbladd@gmail.com>
Date: Sun, 18 Sep 2016 12:41:05 -0700
Message-ID: <CACsn0cmCGrpaHtiLNEpnN52_+FqM4XiCtUHhZm9XQD1qfbFH3w@mail.gmail.com>
To: "<iesg@ietf.org>" <iesg@ietf.org>, secdir@ietf.org, draft-ietf-tictoc-multi-path-synchronization.all@tools.ietf.org
Content-Type: text/plain; charset=UTF-8
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/JDier95ax6ClP5e8VFfAbhaQBMc>
Subject: [secdir] secdir review of draft-ietf-tictoc-multi-path-synchronization-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 18 Sep 2016 19:41:08 -0000

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

The document presents a mechanism for servers and clients to conduct
synchronization protocols over multiple paths. I didn't see anything
wrong with the mechanism, but I am worried that its security benefits
are overstated: independent paths may only be partially independent,
and attackers can easily migrate from one router to another in most
networks.

Sincerely,
Watson Ladd