Re: [secdir] Secdir Review of draft-ietf-tcpm-dctcp-07
"Eggert, Lars" <lars@netapp.com> Tue, 27 June 2017 07:10 UTC
Return-Path: <lars@netapp.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 189EE12EBDA; Tue, 27 Jun 2017 00:10:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.901
X-Spam-Level:
X-Spam-Status: No, score=-6.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=netapp.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HUbYzctralVR; Tue, 27 Jun 2017 00:10:43 -0700 (PDT)
Received: from mx143.netapp.com (mx143.netapp.com [216.240.21.24]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BD63712EBD4; Tue, 27 Jun 2017 00:10:43 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="5.39,399,1493708400"; d="asc'?scan'208";a="202352178"
Received: from hioexcmbx06-prd.hq.netapp.com ([10.122.105.39]) by mx143-out.netapp.com with ESMTP; 26 Jun 2017 23:46:28 -0700
Received: from VMWEXCCAS03-PRD.hq.netapp.com (10.122.105.19) by hioexcmbx06-prd.hq.netapp.com (10.122.105.39) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Tue, 27 Jun 2017 00:05:27 -0700
Received: from NAM03-BY2-obe.outbound.protection.outlook.com (10.120.60.153) by VMWEXCCAS03-PRD.hq.netapp.com (10.122.105.19) with Microsoft SMTP Server (TLS) id 15.0.1210.3 via Frontend Transport; Tue, 27 Jun 2017 00:05:27 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netapp.onmicrosoft.com; s=selector1-netapp-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=NsYZEnUdzBt4mZ7D9WZIlBb9hvhPEWPzYhlBG4rlDpw=; b=PGj+kWYSVdn5QRhAtUiHQ0xbaA74E4ZtLeNtAuHZWm7oxQ+d2SklBi9QHSBZ7dLdBEs4lEMYV/uw9VVKgpubsVTz3ut8l8ljzJAXQCjUum0MtMiNX2M7Re2quftLEWkaOiYOYiaSAqGNPFBjqgOgbr93cj2hzN8oVLRoz0G4n/I=
Received: from BY2PR06MB1765.namprd06.prod.outlook.com (10.163.33.19) by BY2PR06MB1768.namprd06.prod.outlook.com (10.163.33.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1199.15; Tue, 27 Jun 2017 07:05:40 +0000
Received: from BY2PR06MB1765.namprd06.prod.outlook.com ([10.163.33.19]) by BY2PR06MB1765.namprd06.prod.outlook.com ([10.163.33.19]) with mapi id 15.01.1199.019; Tue, 27 Jun 2017 07:05:40 +0000
From: "Eggert, Lars" <lars@netapp.com>
To: Catherine Meadows <catherine.meadows@nrl.navy.mil>
CC: "secdir@ietf.org" <secdir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "draft-ietf-tcpm-dctcp.all@ietf.org" <draft-ietf-tcpm-dctcp.all@ietf.org>
Thread-Topic: Secdir Review of draft-ietf-tcpm-dctcp-07
Thread-Index: AQHS5JSzX2xxbIqzV0O2QjKFfQxmJqI4XmUA
Date: Tue, 27 Jun 2017 07:05:40 +0000
Message-ID: <DA458263-5399-4548-BB82-141D184C289E@netapp.com>
References: <5270D796-928E-466F-96D3-3F8A401FFE7D@nrl.navy.mil>
In-Reply-To: <5270D796-928E-466F-96D3-3F8A401FFE7D@nrl.navy.mil>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3273)
authentication-results: nrl.navy.mil; dkim=none (message not signed) header.d=none;nrl.navy.mil; dmarc=none action=none header.from=netapp.com;
x-originating-ip: [217.70.211.15]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BY2PR06MB1768; 7:3waCcGUPN3HFC03Bcy4y7QBT1WLaBHKTDjnrCGYKwLflHlZiRKK63h9UqSQtRnktR4RxTXScYbCo/L2mb1GDO9z5BRQimBo0nm5YGBGy5ox2kJA/7lKNeAwDuBWt8FW0RIFf8G4jvHadgleMjH8TPUQut0PbAal7pGmT2Q5ohuY9JCW2TXawI4DP833bPIIVmoN2b+BEFiWAB2SDrnUag6xMuLyLOaCXl11csDrv53TR4lKNMVgKIqmTEsKCdQl0zDjeQzutd1OJXY9IE9bcQ7KDmPSRn3H4wcxgUx3dw0rS2JIOQUpvlBE+yER9wfi3Am7jzKGLKP3VFEKcC0wAC6Z+EqhRM4Szg5dWP1VRR0J9sYO6pw7FW5c0gkbZegG1B4qdbZmIC/J8Jd4uLf4ZaZaGAedYBvckBtXkTbUnzO6fQvkbch7seKFd2GLuDBYcSL9qSSoDyEVYGBqZqMXuEw7QZ6siZCBoZWqNqH8SqxjXWqJQ4RMEVOiUd4/gCu2DfSA4rMgAipnvN06T4VmzKGf2yl+HS8SCiqgh248lURkLbopYMtgiKTNHN5X8+v/2G7II8gtWdvQNB9ObGTK//YGmilxjYE9vVm9+BeJu6iTpMoQDzVBwSvwW8CGPaQcMGSsdyrU42YF/o9bdq5ZSKpfs9xqvWDwx3iI2KRp1J448GQ0/ctAMAkDXNyRFrzvMg0k3rTSRKUdcySm+lJlGNpvICNbhptIe4CfPMQJNZniv5ZWViJHmb/BXr1eRwaAWiS91IPXJGaWWjc2LVITr3IyH1xhJ82+cTKeMqw8mt2s=
x-ms-office365-filtering-correlation-id: e4c94ba7-cca5-46df-cb94-08d4bd2aeb96
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254075)(300000503095)(300135400095)(49563074)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506067)(300135500095); SRVR:BY2PR06MB1768;
x-ms-traffictypediagnostic: BY2PR06MB1768:
x-microsoft-antispam-prvs: <BY2PR06MB1768BAE70BBE5B6108D9A4E2A7DC0@BY2PR06MB1768.namprd06.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(278178393323532)(236129657087228)(192374486261705)(48057245064654)(148574349560750)(4659246709749);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(102415395)(6040450)(601004)(2401047)(8121501046)(5005006)(10201501046)(100000703101)(100105400095)(3002001)(93006095)(93001095)(6055026)(6041248)(20161123560025)(20161123564025)(20161123562025)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123558100)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:BY2PR06MB1768; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:BY2PR06MB1768;
x-forefront-prvs: 0351D213B3
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(39410400002)(39400400002)(39850400002)(39840400002)(39450400003)(24454002)(377424004)(252514010)(51914003)(3660700001)(4001150100001)(6436002)(6116002)(66066001)(3846002)(230783001)(6916009)(102836003)(99286003)(4326008)(189998001)(305945005)(25786009)(110136004)(53936002)(2950100002)(36756003)(38730400002)(2906002)(6246003)(3280700002)(82746002)(6512007)(86362001)(14454004)(229853002)(7736002)(33656002)(122556002)(83716003)(2900100001)(6486002)(6506006)(478600001)(5660300001)(53546010)(76176999)(77096006)(99936001)(50226002)(8936002)(8676002)(50986999)(81166006); DIR:OUT; SFP:1101; SCL:1; SRVR:BY2PR06MB1768; H:BY2PR06MB1765.namprd06.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/signed; boundary="Apple-Mail=_5CC5C1A9-591A-44BB-9B34-57F9AAF28D92"; protocol="application/pgp-signature"; micalg="pgp-sha512"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Jun 2017 07:05:40.2699 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4b0911a0-929b-4715-944b-c03745165b3a
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR06MB1768
X-OriginatorOrg: netapp.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/KKbDdk3rXX4GSPDLni4Ty3tmMeY>
Subject: Re: [secdir] Secdir Review of draft-ietf-tcpm-dctcp-07
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Jun 2017 07:10:46 -0000
Hi Catherine, thanks for the review! I'll try and address your suggestions in the next revision. Lars On 2017-6-14, at 0:30, Catherine Meadows <catherine.meadows@nrl.navy.mil> wrote: > > I have reviewed this document as part of the security directorate's > ongoing effort to review all IETF documents being processed by the > IESG. These comments were written primarily for the benefit of the > security area directors. Document editors and WG chairs should treat > these comments just like any other last call comments. > > The summary of the review is Almost Ready. > > This draft concerns a variant of TCP intended > for datacenters: DCTCP. Much of this takes advantage of the > fact that datacenters are controlled environments managed by a single > authority. The chief new feature is that the Explicit Notification Congestion > Field gives information about the amount of congestion present, > instead of simply indicating whether there is congestion or not. > > The Security Considerations section notes that DCTCP inherits the > security considerations of RFC3168, The only change > that has a potential affect on security beyond those already mentioned in > RFC3168 is a statement that ECT markings (used to indicate whether > endpoints explicit congestion notification) markings SHOULD be applied > to control packets. RFC3168 does not allow this, and RFC5562 does not allow this for SYN packets because of the possibility > it such packets, since they would live longer, would facilitate SYN flooding attacks. > However, it is argued here that in a controlled environment SYN flooding would not be an > issue. > > The section ends as follows: > > The security concerns addressed > by both these RFCs might not apply in controlled environments like > datacenters, and it might not be necessary to account for the > presence of non-ECN servers. Since most servers run virtualized in > datacenters, additional security can be imposed in the physical > servers to intercept and drop traffic resembling an attack. > > I wasn’t sure how to take this. The first sentence indicates uncertainty, but the second sentence > gives a clear description of how security can be enforced on the perimeter in datacenters. It also contradicts the > statement at the beginning, that DCTCP inherits the security considerations of RFC3168. I think that this needs to > be stated more clearly. Perhaps, at the beginning you could say something like > > DCTCP enhances ECN and thus inherits the security considerations > discussed in [RFC3168]. However, because most servers run virtualized in > datacenters, additional security can be imposed in the physical > servers to intercept and drop traffic resembling an attack. This makes it less likely that > it will be necessary to account for the presence of non-ECN servers, thus mitigating the > security considerations in RFC3168. > > Also, a nit: ECT is never defined in the document. > > > Catherine Meadows > Naval Research Laboratory > Code 5543 > 4555 Overlook Ave., S.W. > Washington DC, 20375 > phone: 202-767-3490 > fax: 202-404-7942 > email: catherine.meadows@nrl.navy.mil >
- [secdir] Secdir Review of draft-ietf-tcpm-dctcp-07 Catherine Meadows
- Re: [secdir] Secdir Review of draft-ietf-tcpm-dct… Eggert, Lars