Re: [secdir] Secdir last call review of draft-ietf-rmcat-video-traffic-model-06

"Xiaoqing Zhu (xiaoqzhu)" <xiaoqzhu@cisco.com> Thu, 21 February 2019 17:05 UTC

Return-Path: <xiaoqzhu@cisco.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3280A130F96; Thu, 21 Feb 2019 09:05:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=FX0VfZFW; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=Cs3jHdjR
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4ReGcCPF0A9s; Thu, 21 Feb 2019 09:05:33 -0800 (PST)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B668C130EEA; Thu, 21 Feb 2019 09:05:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=5452; q=dns/txt; s=iport; t=1550768732; x=1551978332; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=+MOhbNm3wtvRA+hho0mGFojXs2E06+3gvuPhrL5TpK0=; b=FX0VfZFWHWveTAx+ZfOrJ1nkofbMFdGzrIHJ8hIUMDGmc8aszjEJGvbM JneWydRtvos7sUPCTtLXrdUbrfVUDVWkg7mJoNjvsmYCqdloZ6158URXX XLI3o3WF2g0D7XdY/OUkKkmKwwUCIQWPZi0QxtByH/kSW877XdNUkQ4DK o=;
IronPort-PHdr: =?us-ascii?q?9a23=3AubWxvx9FVLRZ7/9uRHGN82YQeigqvan1NQcJ65?= =?us-ascii?q?0hzqhDabmn44+8ZR7E/fs4iljPUM2b8P9Ch+fM+4HYEW0bqdfk0jgZdYBUER?= =?us-ascii?q?oMiMEYhQslVd6EAEriPv73Ryc7B89FElRi+iLzPA=3D=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0AEAADn2W5c/49dJa1kGgEBAQEBAgE?= =?us-ascii?q?BAQEHAgEBAQGBUQUBAQEBCwGBMCknA2d0BAsnhAeDRwOEUIsLgjIliS2OcRS?= =?us-ascii?q?BEANUCwEBGxGEQAIXg2MiNAkNAQMBAQIBAQJtHAyFSgEBAQMBIxEMAQE3AQ8?= =?us-ascii?q?CAQgOCgICJgICAh8RFRACBAENBYMgAYFaAw0IAaFrAooUcYEvgngBAQWFAw0?= =?us-ascii?q?LggsDBYELhHCGTReBQD+BEScME4JMgleBdwESAR+DCTGCJqJ5BSQzCQKGd0W?= =?us-ascii?q?DMoQygzwZgXGFWotAihovhU6BLYsMAgQCBAUCDQEBBYFHOGVxcBVlAYJBghy?= =?us-ascii?q?BIwEJgkGFFIU/coEojCWCPgEB?=
X-IronPort-AV: E=Sophos;i="5.58,396,1544486400"; d="scan'208";a="437490319"
Received: from rcdn-core-7.cisco.com ([173.37.93.143]) by rcdn-iport-9.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 21 Feb 2019 17:05:31 +0000
Received: from XCH-ALN-011.cisco.com (xch-aln-011.cisco.com [173.36.7.21]) by rcdn-core-7.cisco.com (8.15.2/8.15.2) with ESMTPS id x1LH5VZi011098 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 21 Feb 2019 17:05:31 GMT
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by XCH-ALN-011.cisco.com (173.36.7.21) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Thu, 21 Feb 2019 11:05:30 -0600
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Thu, 21 Feb 2019 12:05:29 -0500
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1395.4 via Frontend Transport; Thu, 21 Feb 2019 12:05:29 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector1-cisco-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+MOhbNm3wtvRA+hho0mGFojXs2E06+3gvuPhrL5TpK0=; b=Cs3jHdjRVG1emiFscFFhVg+Jy1e6rAp8gsIUHokE+DJk6V7Ob8iTDph6rLMq92wbsIx9qr+1HV2t+KI94dcW96n4E+FYExZVEyRtIoLYeKBDzIvdDMs5tOKlpFwhYTrX/B81rUV2j1HeEGMI1NzcNGYmAh1PeI5bTeTgp+GMjMg=
Received: from CY4PR11MB1559.namprd11.prod.outlook.com (10.172.70.138) by CY4PR11MB2022.namprd11.prod.outlook.com (10.173.16.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1643.15; Thu, 21 Feb 2019 17:05:28 +0000
Received: from CY4PR11MB1559.namprd11.prod.outlook.com ([fe80::d540:fdd4:ed72:856b]) by CY4PR11MB1559.namprd11.prod.outlook.com ([fe80::d540:fdd4:ed72:856b%7]) with mapi id 15.20.1643.014; Thu, 21 Feb 2019 17:05:28 +0000
From: "Xiaoqing Zhu (xiaoqzhu)" <xiaoqzhu@cisco.com>
To: Colin Perkins <csp@csperkins.org>, Yoav Nir <ynir.ietf@gmail.com>
CC: "secdir@ietf.org" <secdir@ietf.org>, "rmcat@ietf.org" <rmcat@ietf.org>, "draft-ietf-rmcat-video-traffic-model.all@ietf.org" <draft-ietf-rmcat-video-traffic-model.all@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>
Thread-Topic: Secdir last call review of draft-ietf-rmcat-video-traffic-model-06
Thread-Index: AQHUtBpSU4CXq0B8J0mNm5Q/WldUeqW/NX6AgCsNAIA=
Date: Thu, 21 Feb 2019 17:05:28 +0000
Message-ID: <1F131783-6786-4D6D-BDE4-A33DFFDF56CE@cisco.com>
References: <154835782178.29376.11315332570255821000@ietfa.amsl.com> <4474F01B-D594-485D-BAC5-E64703406A34@csperkins.org>
In-Reply-To: <4474F01B-D594-485D-BAC5-E64703406A34@csperkins.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.16.1.190220
x-originating-ip: [2001:420:c0cc:1006::fb]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 6afe1a04-f5f0-43d0-f94f-08d6981ec789
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600110)(711020)(4605104)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(7193020); SRVR:CY4PR11MB2022;
x-ms-traffictypediagnostic: CY4PR11MB2022:
x-ms-exchange-purlcount: 1
x-microsoft-exchange-diagnostics: =?utf-8?B?MTtDWTRQUjExTUIyMDIyOzIzOktDUjd2Wk9nd2o0MGRjNUxEUWg4c3VmYXFU?= =?utf-8?B?RFRsbEk5cnJFNVlYdTVzZkw2WEg0bVMyY2Y0N3RsODdnNWx3Qk91SkJTZkcr?= =?utf-8?B?cU9Ya1FJWTBZUWlDQ0o3a3phZTl3TE1yQ2VTNjFNOWtoQURuWEZQRE4zVjZ2?= =?utf-8?B?Wnl2UHBKM0NER0tVTENOdXo5Vis2Rm9VL3Z2STZHVVFxZk9GUGhOSWlzN3h5?= =?utf-8?B?cGFxS3IvdHlib1BpMDRmcW1KRDdzWlQ4WWpmUVRHdmJQaUg2MDFNTTR5ME5a?= =?utf-8?B?S1JZOFRHZlJyUXZOOEtoanUzRUF6cDBrVWlQYWdNcUM5MEtyVUtocGNoZDhH?= =?utf-8?B?cHRXcmdlTjdzWSthRTZRdUtkaTZQWWZBL0F3SFdJWEpzYURLM09kSVhXN00v?= =?utf-8?B?UGE2dFBTMDhhUE1NTDd0WG5VdVFBcis5eGtVbzJ5Tmx3VVl4ek4rQ2E3L2M1?= =?utf-8?B?bmRTSEN2Qy9MZTVmcElOOWRNM3NXQklIdk81b3psSE1VZ0E0VWZPR3pRTjB6?= =?utf-8?B?MFRpenF5eEt1dVUxeDd5Nk5wSXE2M1NIRHNHQmpRNlQ0Y0NLOUxUVFUraDBE?= =?utf-8?B?MkhzeVVrWGFqM2wzb0NPRldEUUtreWZ6RGFhQk04ODdOeGpuTU9nSFZxYVUz?= =?utf-8?B?aW4rRjNld0trdUFiNGJTa0Z1RWpsSXZiYjVLbG5Ybmw2c1RaZEZmVlkxb2Vq?= =?utf-8?B?bHFNUm5ZYnRjY2Q2VDRMMkJXSEtYTjhPUisra2xnOWdhNVN3WmdUWm9tTjBH?= =?utf-8?B?ajNEV0h3UFVSR3ZRNUYvcDZoTXFsUVVlajFxeXRwbXRUaEhoUjJ4ZXJMMXVS?= =?utf-8?B?RlZLbnh4K1ZWOTlrMTB5VTVYQmQxUEhVRG1HeXoyUzV3aFROdGRONnJuSG5t?= =?utf-8?B?ai9xcGp4SExFT1g5c0FBbXhsTjgySENZakJxWUk5NEtmWlJnRUxaTXk5RHNl?= =?utf-8?B?Y3dpYVYzUDFvNHpSekkveGNMckNaSHhrYlVEalNMcEVjNkJjSWw4Sk1LZnZX?= =?utf-8?B?V3ZvdjBCenBFNWtycCtEZVRoNy9IZXorZDlBVlFLVXRWMzc3cU9DekZsVEZR?= =?utf-8?B?QmUzRDJnVWZtL09tOHpCWFlxdElDZk1MM2FNUE9aYmV3aWdhd05MaWVwQzVM?= =?utf-8?B?citzL2RzV3FxUnRZaEo2MWNML2ZER0lRd3NoNmRCS3NtWVJMRk1EWlJKeXJt?= =?utf-8?B?RlFkd3RsMjVHQUMvWld3MDVCb2NHdUdWcnBnME41MEJuRjlHTElaNG8rRmZo?= =?utf-8?B?VmZpYnBST0M3RVBlOStieXk4Wm85dEpYTWRmMmZYdUdZWi96UC80ZnRqazFD?= =?utf-8?B?REJZK3NKeFphQy9ZcEo5Y3hyM2dxbHlzZEJPTVpudkR0RW5BaXBkS2ZlSlMr?= =?utf-8?B?d3lPdC9RVnZ5RFlJSS8ybzR3bjYzdkx2YXVHYndnNTVZc0taK2dIK1RTVUM2?= =?utf-8?B?akdlNFdjWTM2azZlV0Fzb2E4OUs0R3dnRXRCenFjeXVyTlV4eUl4MXMwUVBO?= =?utf-8?B?cFVjUUhwSzRtOHVpVTh1aUM2MHRjdkU2bTlqd2F4bGU0dFZLRUZLbkg3aHNG?= =?utf-8?B?MTVvVHFMRGdGaXhsWFJ5dWUvYmxLTDVVaWlXUUN3NFA0L1pZUTNFOFpaU1VI?= =?utf-8?B?ZTJxL0xOMXBxbnMwbXdXNGN1cWovWS9vRllmMGhEaEhYMWlEYm5QQ242Ulg3?= =?utf-8?B?WTBvdjdpWXlqbGdBR0NkcUsrN2taeE1JcjQ4VWE3b1l6REJGVDlQcWY1WkZN?= =?utf-8?B?QVM3cTYva3ZRL0ErU2NhaXMxOWFzRExCOVJaQ2FyM0hLNXMwRzAvNVh2SVZW?= =?utf-8?Q?ZdqDzH+uTpGKS?=
x-microsoft-antispam-prvs: <CY4PR11MB202210A8C2E2CE444BF1142CC97E0@CY4PR11MB2022.namprd11.prod.outlook.com>
x-forefront-prvs: 09555FB1AD
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(376002)(346002)(136003)(39860400002)(366004)(199004)(189003)(6436002)(97736004)(446003)(5660300002)(186003)(86362001)(6306002)(106356001)(11346002)(83716004)(105586002)(476003)(6486002)(53936002)(478600001)(7736002)(305945005)(2616005)(46003)(6512007)(486006)(2906002)(53546011)(6116002)(82746002)(8676002)(966005)(102836004)(8936002)(256004)(33656002)(68736007)(76176011)(71190400001)(71200400001)(4326008)(6506007)(36756003)(6246003)(66574012)(81156014)(229853002)(316002)(99286004)(6346003)(14454004)(14444005)(54906003)(110136005)(58126008)(25786009)(81166006); DIR:OUT; SFP:1101; SCL:1; SRVR:CY4PR11MB2022; H:CY4PR11MB1559.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=xiaoqzhu@cisco.com;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 0C80SQxhPYeKy8uNAvn9XXSFLGn9YD0XxH/pH3ALg6e3wDGjaghpI6UkEkI//+tX3yPGSiJNbgxjDfi70T9kkwP6yDbk3fyBL6uLjz3aU02JQXsE1PBiko4uowEGTK0nLOQ4aN/Omw/P0wwCkwL5/CxroPbNvNqJvnL+2+680A4ahVTpGOQH1B51BVgs7EZxY+JBiJiQKEBGV4vFScmMaqsE+x09EB89BaxRpxYxJttINaMNZPBp+P9HPdxxNt1rXyi/8TjDGCx26yaHhPXjxmibZeNxvCycJCn5T/S5C4t5oEHN/qsP/yGr7PGZREGeuxMx3zh35rsND/WeA1y05bdkVEn/zTFdI1PlXtdMELuZTx/xcE93WLay3zUYbT5df6tMn1vjAXrAxwfxD//5Kix79qWRNUJ6CP2hsQJO9n4=
Content-Type: text/plain; charset="utf-8"
Content-ID: <0FC37502C744FE4592EAFD3242E9C27F@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 6afe1a04-f5f0-43d0-f94f-08d6981ec789
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Feb 2019 17:05:28.2822 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR11MB2022
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.21, xch-aln-011.cisco.com
X-Outbound-Node: rcdn-core-7.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/PZI5Wt1QlKV6A-nxBrLElfJ2TAE>
Subject: Re: [secdir] Secdir last call review of draft-ietf-rmcat-video-traffic-model-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Feb 2019 17:05:35 -0000

Hello, 

Thanks to Yoav for your review and to Colin for chiming in with your comments. 

We authors have discussed over email regarding this section. We recently submitted the
updated draft (version -07).  The text has been revised as below to clarify that this draft
itself does not impose security concerns. Instead, it can be used for evaluating candidate
algorithms to prevent them from hurting the Internet: 

The synthetic video traffic models as described in this draft do not
   impose any security threats.  They are designed to mimic realistic
   traffic patterns for evaluating candidate RTP-based congestion
   control algorithms, so as to ensure stable operations of the network.
   It is RECOMMENDED that candidate algorithms be tested using the video
   traffic models presented in this draft before wide deployment over
   the Internet.  If the generated synthetic traffic flows are sent over
   the Internet, they also need to be congestion controlled.

Please let us know if the above revised version is sufficient in addressing your concerns. Further
discussions/suggestions are welcome. 

Best regards,
Xiaoqing (on behalf of all authors). 



On 1/24/19, 1:40 PM, "Colin Perkins" <csp@csperkins.org> wrote:

    > On 24 Jan 2019, at 19:23, Yoav Nir <ynir.ietf@gmail.com> wrote:
    > 
    > Reviewer: Yoav Nir
    > Review result: Has Nits
    > 
    > I have reviewed this document as part of the security directorate's ongoing
    > effort to review all IETF documents being processed by the IESG.  Document
    > editors and WG chairs should treat these comments just like any other last call
    > comments.
    > 
    > To quote from the abstract, the document "describes two reference video traffic
    > models for evaluating RTP congestion control algorithms". Indeed it does not
    > describe any protocol or algorithm that is going to get deployed on the
    > Internet, but rather a model for evaluating congestion control algorithm before
    > they are standardized or deployed. As such, I would not expect it to have much
    > to say on security, either good or bad.
    > 
    > It is conceivable that a congestion control algorithm would be exploitable by
    > an attacker. For example, some pattern of traffic might trigger such an
    > algorithm to block or slow down traffic for a victim. It may be a good idea to
    > evaluate whether such algorithms are conducive to such attacks. But speculation
    > such as this are not related to the draft. This draft is about evaluating
    > congestion control algorithms for their effect on video quality and frame rates.
    > 
    > So what is my nit with this?  Why does the Security Considerations section
    > contains what it does?
    > 
    >   It is important to evaluate RTP-based congestion control schemes
    >   using realistic traffic patterns, so as to ensure stable operations
    >   of the network.  Therefore, it is RECOMMENDED that candidate RTP-
    >   based congestion control algorithms be tested using the video traffic
    >   models presented in this draft before wide deployment over the
    >   Internet.
    > 
    > This is interesting, but I don't think it has much to do with security. IMO it
    > would be enough to say that this document introduces models for evaluation and
    > doesn't have any security implications.  The existing text should go somewhere
    > else.
    
    To my mind, the security implication is that the algorithm be tested to demonstrate that it doesn’t cause denial-of-service when operating with realistic traffic. This could be, as you note above, that it disrupts the video application by forcing the sending rate to zero; but it’s also important to check that it doesn’t send overly quickly and congest the network, so denying service to other flows. 
    
    -- 
    Colin Perkins
    https://csperkins.org/