Re: [secdir] Review of draft-ietf-pce-lsp-control-request-07
Shawn Emery <shawn.emery@gmail.com> Sun, 25 August 2019 19:17 UTC
Return-Path: <shawn.emery@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D317912010C; Sun, 25 Aug 2019 12:17:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JwdRP0KFsH6Y; Sun, 25 Aug 2019 12:17:53 -0700 (PDT)
Received: from mail-ed1-x535.google.com (mail-ed1-x535.google.com [IPv6:2a00:1450:4864:20::535]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2754C120026; Sun, 25 Aug 2019 12:17:53 -0700 (PDT)
Received: by mail-ed1-x535.google.com with SMTP id a21so23220589edt.11; Sun, 25 Aug 2019 12:17:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Mz/fZqbzmfE7EnawcgrXjSqv0hfJbp9PWS1bXvFjxPo=; b=n7Nu34s80DfUsBGzNFdg0ps7Ns0IbBCGVadjeG/cs/CPXAqDexLjAtO1I2af0FDsLd 5fEudLyC7rAoxZgjPi5KkkQuaBaOL9KTHvvyvzpB689BgLOzSrNc3lX5XTeGzn+vfcHo vjL9a4wecLX/0i1guo+CezYYIr7I+vpGVUHKby/a/ngPde8jNMVcsIZ2J1PqwxYKgG5m v5N4kjVfyXhg4+XyA67QpJTN4jSe+ZK65peTn5stBjcxRt457jYt4nC/7sXGwdkfPH7x ZuJE4XtPfuJsoJWoVj6AS0LWMf/FoFpH9hh9yDCg78hUCPKoWYkWZl+XCiHB1vUTZ/Z7 ttRw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Mz/fZqbzmfE7EnawcgrXjSqv0hfJbp9PWS1bXvFjxPo=; b=La539IuIe5XP+Gp58R5zHEdf27kpLi2pccWvaW2djCxfRGn3n8uJRcmgUAJ5+LRmaj szteoqwjVjJ+kazfY0VGYwi4ZW71KxI5FSRxNCfCs+I3QOJ+yx+nBo8V9f4F6mnL5LTJ Z9VltIF6pThzOfbB9UZmC6rpOeSzLEqnEVNH7sivyMzfXA4QOk4NIT3YmHnq0Ns+JD8k 5K73MYnLe4SoMAqsbzDuSICwZQTx9Mvi5Jmr0kBwCQAXZiJ/Jz52CaugBFW8uWXNv5l4 4lLimEJr01QTO57B02SfFl1lU6Za183DOVffHd/zVCtFqm/8yTAwgTkUkf24pSN2IHuI xmwg==
X-Gm-Message-State: APjAAAXXjdGttFr4SMXBA1zOD1riEN3gfu2WPqrxBUGpGSz1KJyM5tJo AF5de9BLZhvvjsS9GKK08HaAorgeBMvg1hLarHA=
X-Google-Smtp-Source: APXvYqx6v3xJfe20+QsJHEDXGw7dDqQYOOJHPUXT0TqA5p7wqG5qwxqOMbAUrOkghYTu/EavH7nXr+BZ6tTZ4wXQWew=
X-Received: by 2002:a17:906:135b:: with SMTP id x27mr13525037ejb.291.1566760671455; Sun, 25 Aug 2019 12:17:51 -0700 (PDT)
MIME-Version: 1.0
References: <CAChzXmauwuia34m8wVM4T8+_hB6dOWOsXdjB9E1HUc7H+GKc2g@mail.gmail.com> <CAB75xn6ULjr9qybLx696+_SBxhLmV37hFXuYbMKhFTBS8iYrvw@mail.gmail.com> <CAM5Nu_x0DDPLEEOUqArKkE6PCauk1=13Mi0bt-KXDVstsdRyxg@mail.gmail.com>
In-Reply-To: <CAM5Nu_x0DDPLEEOUqArKkE6PCauk1=13Mi0bt-KXDVstsdRyxg@mail.gmail.com>
From: Shawn Emery <shawn.emery@gmail.com>
Date: Sun, 25 Aug 2019 13:17:39 -0600
Message-ID: <CAChzXmaNs=mxXZJuowmecGc3xQyEe0S90MVa4tYzARbX-o-PHA@mail.gmail.com>
To: Mahend Negi <mahend.ietf@gmail.com>
Cc: secdir <secdir@ietf.org>, draft-ietf-pce-lsp-control-request.all@ietf.org, pce@ietf.org, Dhruv Dhody <dhruv.ietf@gmail.com>
Content-Type: multipart/alternative; boundary="000000000000452e2e0590f5e562"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/OWphd8so7qP6gLhDqyqDRT9eu-A>
Subject: Re: [secdir] Review of draft-ietf-pce-lsp-control-request-07
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 25 Aug 2019 19:17:56 -0000
The changes look good. Thank you for the follow-up. Shawn. -- On Sun, Aug 25, 2019 at 11:13 AM Mahend Negi <mahend.ietf@gmail.com> wrote: > Hi Shawn/Dhruv, > > Thanks for the review and clarifications, we have fixed all the editorial > comments in new version. > > New Version: > https://tools.ietf.org/html/draft-ietf-pce-lsp-control-request-08 > > Version Diff: > https://www.ietf.org/rfcdiff?url2=draft-ietf-pce-lsp-control-request-08 > > Regards, > Mahendra > > > On Tue, Aug 20, 2019 at 11:14 AM Dhruv Dhody <dhruv.ietf@gmail.com> wrote: > >> Hi Shawn, >> >> <adding WG> >> >> Thanks for your security review and comments. >> >> On Mon, Aug 19, 2019 at 6:17 AM Shawn Emery <shawn.emery@gmail.com> >> wrote: >> > >> > Reviewer: Shawn M. Emery >> > Review result: Ready >> > >> > I have reviewed this document as part of the security directorate's >> > ongoing effort to review all IETF documents being processed by the IESG. >> > These comments were written primarily for the benefit of the security >> > area directors. Document editors and WG chairs should treat these >> > comments just like any other last call comments. >> > >> > This draft specifies an extension to the Path Computation Element >> communication >> > Protocol (PCE) that allows a PCE to request control of Label Switched >> Paths (LSPs). >> > >> > The security considerations section does exist and discusses a new DoS >> vector >> > that this draft creates. The attack involves sending control requests >> for delegate >> > control of all of its LSPs to the Path Computation Client (PCC). The >> proposed >> > solution is to set a threshold rate of the delegation requests for the >> PCC per PCE. >> > I agree with the proposed solution, though I don't know if guidance can >> be provided >> > on what these thresholds would be per environment. >> > >> >> As you noted the document does not provide default for the threshold >> as it dependent on the deployment/environment. The same is true for >> RFC 8231. >> >> > The section goes on to refer to RFC 8231 to justify that the PCP >> extension should >> > be deployed with authenticated and encrypted sessions in TLS using RFC >> 8253. >> > I agree with this prescription as well else an attacker would now be >> able to take >> > control over all local LSPs with this extension. I think that this >> should at least be >> > stated if an attacker is able to compromise a PCE. >> > >> >> The security consideration includes "...either by spoofing messages or >> by compromising the PCE itself". >> >> > General comments: >> > >> > None. >> > >> > Editorial comments: >> > >> > s/sends PCRpt/sends a PCRpt/ >> > s/also specify/also specifies/ >> > s/all its/all of its/ >> > s/If threshold/If the threshold/ >> > s/explicitly set aside/explicitly excluded/ >> > >> >> Thanks for these, request authors to handle them. >> >> Thanks! >> Dhruv >> >> > Shawn. >> > -- >> >
- [secdir] Review of draft-ietf-pce-lsp-control-req… Shawn Emery
- Re: [secdir] Review of draft-ietf-pce-lsp-control… Dhruv Dhody
- Re: [secdir] Review of draft-ietf-pce-lsp-control… Mahend Negi
- Re: [secdir] Review of draft-ietf-pce-lsp-control… Shawn Emery