IETF Logo Mail Archive

Re: [secdir] Secdir Review of draft-ietf-pcp-third-party-id-option-04

Tina TSOU <Tina.Tsou.Zouting@huawei.com> Thu, 19 November 2015 13:22 UTC

Return-Path: <Tina.Tsou.Zouting@huawei.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 03FD31AD244; Thu, 19 Nov 2015 05:22:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.186
X-Spam-Level:
X-Spam-Status: No, score=-4.186 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, J_CHICKENPOX_64=0.6, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.585, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UCCteKg6998M; Thu, 19 Nov 2015 05:22:17 -0800 (PST)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BA8A11AD21C; Thu, 19 Nov 2015 05:22:16 -0800 (PST)
Received: from 172.18.7.190 (EHLO lhreml406-hub.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id CEI43890; Thu, 19 Nov 2015 13:22:12 +0000 (GMT)
Received: from SZXEML427-HUB.china.huawei.com (10.82.67.182) by lhreml406-hub.china.huawei.com (10.201.5.243) with Microsoft SMTP Server (TLS) id 14.3.235.1; Thu, 19 Nov 2015 13:22:10 +0000
Received: from szxeml557-mbs.china.huawei.com ([169.254.6.252]) by szxeml427-hub.china.huawei.com ([10.82.67.182]) with mapi id 14.03.0235.001; Thu, 19 Nov 2015 21:21:29 +0800
From: Tina TSOU <Tina.Tsou.Zouting@huawei.com>
To: Juergen Quittek <Quittek@neclab.eu>, The IESG <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>, "draft-ietf-pcp-third-party-id-option.all@ietf.org" <draft-ietf-pcp-third-party-id-option.all@ietf.org>
Thread-Topic: Secdir Review of draft-ietf-pcp-third-party-id-option-04
Thread-Index: AdEcN2Zzfw6PDcwVTluSTfgPI5/0vwE65edQAGp8EgA=
Date: Thu, 19 Nov 2015 13:21:28 +0000
Message-ID: <C0E0A32284495243BDE0AC8A066631A818F74FCF@szxeml557-mbs.china.huawei.com>
References: <C0E0A32284495243BDE0AC8A066631A818F2C586@szxeml557-mbs.china.huawei.com> <9AB93E4127C26F4BA7829DEFDCE5A6E8A99F2C31@PALLENE.office.hd>
In-Reply-To: <9AB93E4127C26F4BA7829DEFDCE5A6E8A99F2C31@PALLENE.office.hd>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.46.115.253]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020206.564DCD05.0094, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.6.252, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: d462b528a57a4e4f0484aca4fc575467
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/czArkX5q-vXjs_Pxd4tZYajgvYY>
Subject: Re: [secdir] Secdir Review of draft-ietf-pcp-third-party-id-option-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Nov 2015 13:22:23 -0000

Dear Juergen,

Yes, that seems to address it.


Thank you,
Tina

-----Original Message-----
From: Juergen Quittek [mailto:Quittek@neclab.eu] 
Sent: Tuesday, November 17, 2015 6:58 PM
To: Tina TSOU; The IESG; secdir@ietf.org; draft-ietf-pcp-third-party-id-option.all@ietf.org
Subject: RE: Secdir Review of draft-ietf-pcp-third-party-id-option-04

Dear Tina,
Thank you very much for your thorough review.
Please find replies inline.

> -----Original Message-----
> From: Tina TSOU [mailto:Tina.Tsou.Zouting@huawei.com]
> Sent: Mittwoch, 11. November 2015 05:14
> To: The IESG; secdir@ietf.org; 
> draft-ietf-pcp-third-party-id-option.all@ietf.org
> Subject: Secdir Review of draft-ietf-pcp-third-party-id-option-04
> 
> Dear all,
> 
> I have reviewed this document as part of the security directorate's 
> ongoing effort to review all IETF documents being processed by the IESG.
> 
> These comments were written primarily for the benefit of the security 
> area directors. Document editors and WG chairs should treat these 
> comments just like any other last call comments.
> 
> ** Technical **
> 
> * Section 7, page 11:
> 
> I think you should make comments regarding the (privacy) implications 
> of employing identifiers such as MAC addresses when essentially any 
> other value -
> - e.g. a long-enough random number would do.
> 
> Besides, you should comment on how the ID can be somehow validated, 
> and what could happen if a client were able to predict the ID employed 
> by other clients.

Here is a proposal for improving this section:
OLD
   As this option is related to the use of the THIRD_PARTY option the
   corresponding security considerations in Section 18.1.1 of RFC 6887
   [RFC6887] apply.  Especially, the network on which the PCP messages
   are sent must be fully trusted.  The THIRD_PARTY_ID option might
   carry privacy information like location or profile information.
   Means to protect unauthorized access to this information should be
   put in place.
NEW
   As this option is related to the use of the THIRD_PARTY option the
   corresponding security considerations in Section 18.1.1 of RFC 6887
   [RFC6887] apply.  Especially, the network on which the PCP messages
   are sent must be fully trusted.  The THIRD_PARTY_ID option might
   carry privacy sensitive information like location or profile information. 
   Where possible, randomly assigned numbers should be preferred to 
   privacy sensitive information to be carried as values by the 
   THIRD_PARTY_ID option. Random numbers should be assigned such 
   That an attacker cannot guess which number is assigned to which 
   third party. Anyway, means to protect unauthorized access to 
   values carried by the THIRD_PARTY_ID option should be put in place.
END
Would this address your concerns?

> 
> ** Editorial **
> 
> * Section 1, page 2:
> >    The IETF has specified the Port Control Protocol (PCP) [RFC6887] to
> >    control how packets are translated and forwarded by a PCP-controlled
> >    device such as a network address translator (NAT) or firewall.
> 
> Please replace "and" with "and/or", since a firewall will not translate packets.

In the past, the RFC Editor used to remove occurrences of "and/or" in RFCs. 
What about the following alternative, which is semantically equivalent to and/or: 
"such as a network address translator (NAT), a firewall, or a combination of both"?

> 
> * Section 1, page 2:
> >    This document focuses on the scenarios where the PCP client sends
> >    requests that concern internal addresses other than the address of
> >    the PCP client itself.
> 
> s/the scenarios/scenarios/

Agreed.

> 
> (since at least at this point in the text you have not yet mentioned 
> what those scenarios are about)
> 
> * Section 1, page 2:
> >    There is already an option defined for this purpose in the RFC 6887
> >    [RFC6887] called the THIRD_PARTY option.
> 
> Please rephrase as:
> 
> "There is already an option defined for this purpose in [RFC6887], 
> called the THIRD_PARTY option."

Agreed.

> 
> * Section 1, page 3:
> > CGN deployments
> 
> Please expand the acronym on first usage.

Agreed.

> 
> * Section 1, page 3:
> >    This applies to some of the PCP deployment scenarios that are listed
> >    in Section 2.1 of RFC 6887 [RFC6887],
> 
> Just remove "RFC 6887" (the rfc number is already included by the ref).

Agreed.

> 
> * Section 1, page 3:
> >    in particular to a Layer-2
> >    aware NAT which is described in more detail in Section 3, or GI-DS-
> >    Lite [RFC6674] and ds-extra-lite [RFC6619].
> 
> You refer to RFC6619 as "ds-extra-lite", but such RFC does not even 
> include that term. Thoughts?

Here is a proposal that addresses your issue:
OLD
   This applies to some of the PCP deployment scenarios that are listed 
   in Section 2.1 of RFC 6887 [RFC6887], in particular to a Layer-2 
   aware NAT which is described in more detail in Section 3, or GI-DS- 
   Lite [RFC6674] and ds-extra-lite [RFC6619]. 
NEW
   This applies to some of the PCP deployment scenarios that are listed
   in Section 2.1 of [RFC6887], in particular to a Layer-2 aware NAT
   which is described in more detail in Section 3, as well as in other
   scenarios where overlapping address spaces occur like in [RFC6674] or
   [RFC6619].
END
Would this solve your issue?

> 
> * Section 3, page 4:
> >   The scenarios serve as examples.  This document does not restrict the
> >    applicability of the THIRD_PARTY_ID to certain scenarios.
> 
> Please replace "THIRD_PARTY_ID" with "THIRD_PARTY_ID option" (here, 
> and in other places)

Agreed.

> 
> * Section 3, page 4:
> > The THIRD_PARTY_ID
> >    can also be used for the firewall control
> 
> Please remove the "the".

Agreed.

> 
> * Section 3.2, page 7:
> > tunnel ID of tunnel(BRAS, CGN)
> 
> (two instances of this). Please rephrase as "ID of the tunnel (BRAS, CGN)".

Agreed.

> 
> * Section 4, page 9:
> Why use "TBD" and "TBD-1" if there's a single value to be assigned?

There was no space for "-1" in the figure. All other TBDs are numbered as "TBD-X". We will make sure that the RFC Editor gets the right message.

> 
> * Section 4, page 9:
> > are to be set As
> 
> s/As/as/

Agreed.

Thanks and best regards,
    Juergen


> 
> Thank you,
> 
> Tina
> 
>

v2.23.0 | Report a Bug | By Email