[secdir] SecDir review of draft-ietf-dhc-dhcpv6-opt-netboot-08

"Laganier, Julien" <julienl@qualcomm.com> Thu, 01 April 2010 18:32 UTC

Return-Path: <julienl@qualcomm.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2BE943A6817; Thu, 1 Apr 2010 11:32:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -105.237
X-Spam-Level:
X-Spam-Status: No, score=-105.237 tagged_above=-999 required=5 tests=[AWL=0.233, BAYES_00=-2.599, DNS_FROM_OPENWHOIS=1.13, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AqE4iwuPJ1cB; Thu, 1 Apr 2010 11:32:58 -0700 (PDT)
Received: from wolverine01.qualcomm.com (wolverine01.qualcomm.com [199.106.114.254]) by core3.amsl.com (Postfix) with ESMTP id EAAF63A692C; Thu, 1 Apr 2010 11:32:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=qualcomm.com; i=julienl@qualcomm.com; q=dns/txt; s=qcdkim; t=1270146811; x=1301682811; h=from:to:cc:date:subject:thread-topic:thread-index: message-id:accept-language:content-language: x-ms-has-attach:x-ms-tnef-correlator:acceptlanguage: content-type:content-transfer-encoding:mime-version; z=From:=20"Laganier,=20Julien"=20<julienl@qualcomm.com> |To:=20"secdir@ietf.org"=20<secdir@ietf.org>,=20"iesg@iet f.org"=20<iesg@ietf.org>|CC:=20"draft-ietf-dhc-dhcpv6-opt -netboot@tools.ietf.org"=0D=0A=09<draft-ietf-dhc-dhcpv6-o pt-netboot@tools.ietf.org>,=0D=0A=09"dhc-chairs@tools.iet f.org"=20<dhc-chairs@tools.ietf.org>|Date:=20Thu,=201=20A pr=202010=2011:33:26=20-0700|Subject:=20SecDir=20review =20of=20draft-ietf-dhc-dhcpv6-opt-netboot-08 |Thread-Topic:=20SecDir=20review=20of=20draft-ietf-dhc-dh cpv6-opt-netboot-08|Thread-Index:=20AcrRydFxSa5l9ppOQnGpk w22tuQLvQ=3D=3D|Message-ID:=20<BF345F63074F8040B58C00A186 FCA57F1C6AA56DE3@NALASEXMB04.na.qualcomm.com> |Accept-Language:=20en-US|Content-Language:=20en-US |X-MS-Has-Attach:|X-MS-TNEF-Correlator:|acceptlanguage: =20en-US|Content-Type:=20text/plain=3B=20charset=3D"us-as cii"|Content-Transfer-Encoding:=20quoted-printable |MIME-Version:=201.0; bh=8gFHHYNtQzMk+4sllyVXPGPW3PdsEA4Ioec3lWRsLnI=; b=wwJiyyMh+0+PZxyDmsrJkFMrj/VvRngW2kKTsOHz+HsHGGpOA3nbIhrz 7WNtzgSq/uKxeuPc+RNMNmJLUw9aCUrQRvfBbroHO2184UjaJqAlQIIsS buO8GxAdOybZakbZ3+4AJEYDRsPFXsFrZYTYuLr6lsiZFFj2L/r8QjOu6 s=;
X-IronPort-AV: E=McAfee;i="5400,1158,5937"; a="37792519"
Received: from ironmsg01-r.qualcomm.com ([172.30.46.15]) by wolverine01.qualcomm.com with ESMTP; 01 Apr 2010 11:33:28 -0700
X-IronPort-AV: E=Sophos;i="4.51,346,1267430400"; d="scan'208";a="4585229"
Received: from nasanexhub03.na.qualcomm.com ([10.46.93.98]) by ironmsg01-r.qualcomm.com with ESMTP/TLS/RC4-MD5; 01 Apr 2010 11:33:29 -0700
Received: from nalasexhub01.na.qualcomm.com (10.47.130.49) by nasanexhub03.na.qualcomm.com (10.46.93.98) with Microsoft SMTP Server (TLS) id 8.2.234.1; Thu, 1 Apr 2010 11:33:28 -0700
Received: from NALASEXMB04.na.qualcomm.com ([10.47.7.114]) by nalasexhub01.na.qualcomm.com ([10.47.130.49]) with mapi; Thu, 1 Apr 2010 11:33:28 -0700
From: "Laganier, Julien" <julienl@qualcomm.com>
To: "secdir@ietf.org" <secdir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>
Date: Thu, 1 Apr 2010 11:33:26 -0700
Thread-Topic: SecDir review of draft-ietf-dhc-dhcpv6-opt-netboot-08
Thread-Index: AcrRydFxSa5l9ppOQnGpkw22tuQLvQ==
Message-ID: <BF345F63074F8040B58C00A186FCA57F1C6AA56DE3@NALASEXMB04.na.qualcomm.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "dhc-chairs@tools.ietf.org" <dhc-chairs@tools.ietf.org>, "draft-ietf-dhc-dhcpv6-opt-netboot@tools.ietf.org" <draft-ietf-dhc-dhcpv6-opt-netboot@tools.ietf.org>
Subject: [secdir] SecDir review of draft-ietf-dhc-dhcpv6-opt-netboot-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Apr 2010 18:32:59 -0000

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.

Document Abstract:

   The Dynamic Host Configuration Protocol for IPv6 (DHCPv6) provides a
   framework for passing configuration information to nodes on a
   network.  This document describes new options for DHCPv6 which are
   required for booting a node from the network.

Summary:

   This is a simple and straightforward DHCPv6 extensions. The Security considerations section is appropriate. Authors may consider highlighting the fact that downloading the wrong operating system could lead to compromise of data on local storage:

7.  Security considerations

   In untrusted networks, a rogue DHCPv6 server could send the new
   DHCPv6 options described in this document.  The booting clients could
   then be provided with a wrong URL so that the boot either fails, or
   even worse, the client boots the wrong operating system which has
   been provided by a malicious file server.  To prevent this kind of
   attack, clients can use authentication of DHCPv6 messages (see
   chapter 21. in [RFC3315]).

--julien