Re: [secdir] Secdir review of draft-ietf-dime-erp-14

Glen Zorn <glenzorn@gmail.com> Mon, 10 December 2012 08:07 UTC

Return-Path: <glenzorn@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3240121F8F88; Mon, 10 Dec 2012 00:07:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.382
X-Spam-Level:
X-Spam-Status: No, score=-3.382 tagged_above=-999 required=5 tests=[AWL=0.217, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WuNB-wsegq7E; Mon, 10 Dec 2012 00:07:53 -0800 (PST)
Received: from mail-pb0-f44.google.com (mail-pb0-f44.google.com [209.85.160.44]) by ietfa.amsl.com (Postfix) with ESMTP id 88B2F21F8F87; Mon, 10 Dec 2012 00:07:53 -0800 (PST)
Received: by mail-pb0-f44.google.com with SMTP id uo1so1640250pbc.31 for <multiple recipients>; Mon, 10 Dec 2012 00:07:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=VNesiRZqKRoJQQ4L6GZGgzulnRBQi2xcSIZOxy4CAg0=; b=R0IS+iBdlUvQ5EcRl1vh61SJHECpoYnJI1hFXUE6FNcesTHUksStTo49Zi6Nn6EzWi we+Dd6TmdiF4sXIaNf+Tiy0fE/kDKBpoIYBVTbg1+V66FR3OMn/ItqY0hD4OCN81MuPm iwGN5bmJ6UCwu7J81ePyd3PBI8kkhIzfIInNuRqHbtWHcmCbrrnyyjvponP+vcWqaO9+ td+C2HSH05nSuuu1ycX8U0DknPEfg9HQAOOIUl+HZh2PJfFImo8mMsl1+hYiIFfQV688 NU9ZOXNTmx8QIZTUtxsiWsuc8Xg6FSG3T5xZOdYVgtYpSI/IzmX2DgDBUBODh0xirHeT imJQ==
Received: by 10.66.81.37 with SMTP id w5mr33906876pax.81.1355126873244; Mon, 10 Dec 2012 00:07:53 -0800 (PST)
Received: from [192.168.0.102] (ppp-171-96-12-38.revip8.asianet.co.th. [171.96.12.38]) by mx.google.com with ESMTPS id ug6sm11455088pbc.4.2012.12.10.00.07.50 (version=SSLv3 cipher=OTHER); Mon, 10 Dec 2012 00:07:52 -0800 (PST)
Message-ID: <50C59852.30009@gmail.com>
Date: Mon, 10 Dec 2012 15:07:46 +0700
From: Glen Zorn <glenzorn@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:16.0) Gecko/20121030 Thunderbird/16.0.2
MIME-Version: 1.0
To: Vincent Roca <vincent.roca@inria.fr>
References: <5DE1DFCC-00A7-4F54-BF14-75878273895C@inria.fr>
In-Reply-To: <5DE1DFCC-00A7-4F54-BF14-75878273895C@inria.fr>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: IESG IESG <iesg@ietf.org>, draft-ietf-dime-erp.all@tools.ietf.org, secdir@ietf.org
Subject: Re: [secdir] Secdir review of draft-ietf-dime-erp-14
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Dec 2012 08:07:54 -0000

On 11/05/2012 04:55 AM, Vincent Roca wrote:

> Hello,
>
> I have reviewed this document as part of the security directorate's
> ongoing effort to review all IETF documents being processed by the
> IESG.  These comments were written primarily for the benefit of the
> security area directors. Document editors and WG chairs should treat
> these comments just like any other last call comments.

Thank you for taking the time to review the draft.

>
> --
>
> The security section of this document is pretty simple as it refers to
> the security section of 4 related documents and that's all. On the
> opposite, each of these 4 documents includes a very detailed security
> analysis.  The contrast is extremely important!

Why?

>
> This is all the more annoying as draft-ietf-dime-erp-14 introduces new
> mechanisms, and thereby new potential threats and issues (it's usually
> the case).

 From a Diameter POV, a Diameter ERP "server" is actually just a form of 
Diameter agent and the Diameter ERP client is just a standard Diameter 
client; a new application is only required to ensure the correct routing 
of Diameter messages.  So I'm not sure what the new mechanisms you refer 
to are; perhaps you can elucidate?

>
> What should I understand? Is the proposal guaranteed to be secure?

There are no guarantees in life, let alone security ;-).

> Or have all the potential weaknesses been already addressed in the
> 4 related documents?

It would seem that that is the very strong implication.

> I can not conclude after reading this security section
> and this is a problem.

It seems as if the big problem is that the draft doesn't tell you what 
to think about the security properties of the protocol but I don't think 
that is really a problem with the document.  As I mentioned above, it 
appears to me that the authors believe that security-related issues are 
dealt with in the Security Considerations sections of RFCs 4072, 6696, 
6733 and 6734.  Is that the case?  If not, please point out a security 
problem with this protocol that is not covered by those texts.

>
> So, I'd like that the authors clarify this, and if need be, I'd like 
> the authors
> explicitly mention which items in each of the 4 related documents apply.
> It would be helpful IMHO.

Only if you believe our conclusions ;-).

>
>
> Cheers,
>
>    Vincent
>
>
> _______________________________________________
> secdir mailing list
> secdir@ietf.org
> https://www.ietf.org/mailman/listinfo/secdir
> wiki: http://tools.ietf.org/area/sec/trac/wiki/SecDirReview