[secdir] SecDir review of draft-ietf-ipfix-mib-variable-export.

Warren Kumari <warren@kumari.net> Fri, 13 November 2015 17:17 UTC

Return-Path: <warren@kumari.net>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 60E3F1B2CF0 for <secdir@ietfa.amsl.com>; Fri, 13 Nov 2015 09:17:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IN9WzaMzRwZW for <secdir@ietfa.amsl.com>; Fri, 13 Nov 2015 09:17:21 -0800 (PST)
Received: from mail-yk0-x232.google.com (mail-yk0-x232.google.com [IPv6:2607:f8b0:4002:c07::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 45F011B2CEF for <secdir@ietf.org>; Fri, 13 Nov 2015 09:17:21 -0800 (PST)
Received: by ykfs79 with SMTP id s79so157963241ykf.1 for <secdir@ietf.org>; Fri, 13 Nov 2015 09:17:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari_net.20150623.gappssmtp.com; s=20150623; h=mime-version:date:message-id:subject:from:to:content-type; bh=dFhnATy8F/0nXfHh7OxEsl+t3X+XoeXCM5pR7hwAdTI=; b=FZZ7wLSQY2s1EtPdeezL5S5PtDuQVy8jOzmchmY3ypZrgI9KekjDTNOln5G4S3/CwY b904LX+epz3dOMm+O2UXfMJU+t8P7YufLn91/qV2NzXSjlFYVYptOM2BmLcRD8o4hnJ6 pLtwjw2pfTc/rV9+5CMT7MgWL3HdJP+NIiHSN4SvTaq0LVmEfHxiQaDhrSS/fSkw0dN+ jrWuW6jpuP6xaDAqEXRKrrOefPNLM0e2WE2mhEs1XfIlAb7eja2DMAOilXXgOVxwUGuQ U19w/7LFoctcveNL73lirmVmwW84JO62GxI0AhqPgV8pCApT4mHk7x5XpESaaOyxk/KY lD1A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to :content-type; bh=dFhnATy8F/0nXfHh7OxEsl+t3X+XoeXCM5pR7hwAdTI=; b=ZyaOJV4+DYLTVdqAIu7EGg+gJtsxGr4+W/DEW5+0c63lAxZ4YRvO+JYhFUcpKevJbk 4yo4FjsCrxKQvMgy3D8Xx+89YiJzpq0YrvTnanGpb2mY7W3/UMA/JSlP6qA4RorNK/A3 DQAxtpiyV5voGSzmU7RUWXKQmHpR009zrP62JdkRdzrMFXJlYyh7UzUqHXfqsNfRyhUy TWbjyX8agWGhDV2O4bad1Ayd7lhPFvVgXotvxTp7yvvLrEPWbYVQ8ahGvc5zX8ui0+fj n50GS8pAP0n2kIdS4krVRf++4cqgDTiba62H2bztv9ZNmjT0mL+AAGajqhXrp+kiuVLq 7m2A==
X-Gm-Message-State: ALoCoQmF83OBVOv81e8ZDNexdOvNHHDL8dM7X2AzhYwmeJ8gu2Rd5NN8cZB/Qo3buamv6uvxxaIP
MIME-Version: 1.0
X-Received: by 10.13.194.193 with SMTP id e184mr16377629ywd.203.1447435040463; Fri, 13 Nov 2015 09:17:20 -0800 (PST)
Received: by 10.37.202.11 with HTTP; Fri, 13 Nov 2015 09:17:20 -0800 (PST)
Date: Sat, 14 Nov 2015 02:17:20 +0900
Message-ID: <CAHw9_i+qp7Y1Eu8YiJj6AOUG22NMz=1PCK3k=BkHoxPgxR-8rw@mail.gmail.com>
From: Warren Kumari <warren@kumari.net>
To: IETF Security Directorate <secdir@ietf.org>, draft-ietf-ipfix-mib-variable-export.all@tools.ietf.org
Content-Type: text/plain; charset=UTF-8
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/KJN30ec7DoxjoJhBljkbSXG6BVs>
Subject: [secdir] SecDir review of draft-ietf-ipfix-mib-variable-export.
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Nov 2015 17:17:22 -0000

Be ye not afraid...
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

Version reviewed: draft-ietf-ipfix-mib-variable-export-09 - Exporting
MIB Variables using the IPFIX Protocol

Summary:
LGTM, Security AD attention not required, modulo questions below.

I'm not quite sure what:
"However if the exporter is a client of an SNMP engine on the same
 device it MUST abide by existing SNMP security rules." is supposed to
mean. What exactly are "existing SNMP security rules"? Those defined
in RFCs? Configured on the device?

Also:
"Network operators should take care that the only MIB objects which
are included in IPFIX Data Records are ones which the receiving flow
collector is allowed to receive."
It may be worth mentioning that multiple users may have access to the
data from the flow collector.
I don't think that this is a major issue, as the sorts of data that
are likely to be exported are not (in my wild-ass guess) likely to be
sensitive.


I suspect that the MIB Doctors should review this (if they haven't
already) - while not a MIB, they will probably have useful input.

W



-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf