[secdir] SecDir review of draft-ietf-p2psip-service-discovery-14

Alexey Melnikov <alexey.melnikov@isode.com> Thu, 07 August 2014 10:33 UTC

Return-Path: <alexey.melnikov@isode.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E5731B27E5; Thu, 7 Aug 2014 03:33:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KeS49imd5Tzj; Thu, 7 Aug 2014 03:33:26 -0700 (PDT)
Received: from waldorf.isode.com (ext-bt.isode.com [217.34.220.158]) by ietfa.amsl.com (Postfix) with ESMTP id D56BC1A00EA; Thu, 7 Aug 2014 03:33:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1407407604; d=isode.com; s=selector; i=@isode.com; bh=lsQabdr7+Ydvx5jXUplLXCKvb0G7AXHJJ1bzLqC6sQI=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=rHRSDC2s3G3yyCQ7/V8FvHotWwwkKcIJdVxmZCADbeSn+FVPqmd5ArSyeIKa+VXh/bhKig hfSBBUOpGkSS5/WdZ2Eq4VC5tIQDCQOMpp3U3YdZyrpuySidWxPW35UtqJZTpsnWQf3PSt hW+uoQ4pWKfWcJ0btY+rPbo8/vaECqY=;
Received: from [192.168.0.4] (cpc5-nmal20-2-0-cust24.19-2.cable.virginm.net [92.234.84.25]) by waldorf.isode.com (submission channel) via TCP with ESMTPA id <U-NV8wAvQ7lO@waldorf.isode.com>; Thu, 7 Aug 2014 11:33:24 +0100
Message-ID: <53E355FB.5000101@isode.com>
Date: Thu, 07 Aug 2014 11:33:31 +0100
From: Alexey Melnikov <alexey.melnikov@isode.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
To: draft-ietf-p2psip-service-discovery.all@tools.ietf.org, "iesg@ietf.org" <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/secdir/SAixIKwWdv-4LVYBuFYZ1d49fSA
Subject: [secdir] SecDir review of draft-ietf-p2psip-service-discovery-14
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Aug 2014 10:33:27 -0000

Hi,

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the IESG. 
  These comments were written primarily for the benefit of the security 
area directors.  Document editors and WG chairs should treat these 
comments just like any other last call comments.

I believe this document is "ready with issues."

REsource LOcation and Discovery (RELOAD) does not define a generic
service discovery mechanism as a part of the base protocol.  This
document defines how the Recursive Distributed Rendezvous (ReDiR)
service discovery mechanism used in OpenDHT can be applied to RELOAD
overlays to provide a generic service discovery mechanism.

The Security Considerations section points to the Security 
Considerations section of RFC 6940, which is quite extensive and relevant.

The document also defines a new access control policy called 
NODE-ID-MATCH. As only nodes that own service discovery information can 
update it, it looks like there are no additional security issue raised 
beyond what is already covered in RFC 6940. As the information is 
public, I can't think of any privacy concerns.

While I was able to follow the document, I think it lacks attention to 
details which are not obvious for somebody not following the technology. 
Minor issues that should be easy to fix:

  On page 4: H(x) - missing reference to SHA-1. Any specific properties 
required from H(x)?

  Namespace - missing reference to UTF-8.

  On page 6: H() with multiple arguments is not defined, especially if 
they can be both strings and integers (what byte order)? b' is not 
defined. Typo in the description?

In 4.2 I read "the mode of those depths". Can you explain what this 
means? Or is this a typo?