[secdir] review of draft-ietf-hip-via-01.txt

Catherine Meadows <catherine.meadows@nrl.navy.mil> Thu, 03 June 2010 20:34 UTC

Return-Path: <catherine.meadows@nrl.navy.mil>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BA42828C12C; Thu, 3 Jun 2010 13:34:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.002
X-Spam-Level:
X-Spam-Status: No, score=0.002 tagged_above=-999 required=5 tests=[BAYES_50=0.001, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Mh5j-MMZTN3I; Thu, 3 Jun 2010 13:34:14 -0700 (PDT)
Received: from fw5540.nrl.navy.mil (fw5540.nrl.navy.mil [132.250.196.100]) by core3.amsl.com (Postfix) with ESMTP id 53F463A68B3; Thu, 3 Jun 2010 13:34:14 -0700 (PDT)
Received: from chacs.nrl.navy.mil (sun1.fw5540.net [10.0.0.11]) by fw5540.nrl.navy.mil (8.13.8/8.13.6) with ESMTP id o53KXrt4011436; Thu, 3 Jun 2010 16:33:53 -0400 (EDT)
Received: from chacs.nrl.navy.mil (sun1 [10.0.0.11]) by chacs.nrl.navy.mil (8.13.8/8.13.6) with SMTP id o53KXmx9022572; Thu, 3 Jun 2010 16:33:48 -0400 (EDT)
Received: from siduri.fw5540.net ([10.0.3.73]) by chacs.nrl.navy.mil (SMSSMTP 4.1.16.48) with SMTP id M2010060316334817031 ; Thu, 03 Jun 2010 16:33:48 -0400
From: Catherine Meadows <catherine.meadows@nrl.navy.mil>
Content-Type: multipart/alternative; boundary=Apple-Mail-5-937510487
Date: Thu, 3 Jun 2010 16:37:33 -0400
Message-Id: <0F572519-857A-44A2-B676-85F58D3FF585@nrl.navy.mil>
To: Gonzalo.Camarillo@ericsson.com, secdir@ietf.org, iesg@ietf.org, dward@juniper.net, Ari.Keranen@ericsson.com
Mime-Version: 1.0 (Apple Message framework v1078)
X-Mailer: Apple Mail (2.1078)
Subject: [secdir] review of draft-ietf-hip-via-01.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Jun 2010 20:34:19 -0000

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.


This document concerns extensions to the Host Identity Protocol (HIP) to provide multi-hop routing.
The first is that a host sending a HIP packet can define a set of hosts the packet should traverse.
The other allows a HIP packet to carry and record the list of hosts that forwarded it.

The only security concern mentioned is the possibility of malicious hosts creating forwarding loops.
However, it appears to me that their are also the usual problems of malicious hosts tampering
with and spoofing packets.  

It's not clear to me though why issues such as malicious hosts spoofing or tampering with routing
lists is not addressed, especially since HIP is a security protocol.  Are there features of HIP or other
HIP documents where this is addressed?  If so, they should be pointed to here.  If not, this should be pointed out,
and if possible, other recommendations made.


Catherine Meadows
Naval Research Laboratory
Code 5543
4555 Overlook Ave., S.W.
Washington DC, 20375
phone: 202-767-3490
fax: 202-404-7942
email: catherine.meadows@nrl.navy.mil