Re: [secdir] Secdir last call review of draft-ietf-alto-cost-calendar-17
"Y. Richard Yang" <yry@cs.yale.edu> Wed, 26 February 2020 00:13 UTC
Return-Path: <yang.r.yang@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C61E83A0940; Tue, 25 Feb 2020 16:13:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.398
X-Spam-Level:
X-Spam-Status: No, score=-1.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KV0P82GabEKC; Tue, 25 Feb 2020 16:13:42 -0800 (PST)
Received: from mail-vs1-f52.google.com (mail-vs1-f52.google.com [209.85.217.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D81273A093D; Tue, 25 Feb 2020 16:13:41 -0800 (PST)
Received: by mail-vs1-f52.google.com with SMTP id x18so687209vsq.4; Tue, 25 Feb 2020 16:13:41 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=LFogasuhqWj0IbuyTGlLUQQRhfZ0D4pju2pz7HvMAzw=; b=R+3WWTp7XJvDCbZP+2gCoN1rjoIDMW+MyVVZZ+5TOyg6+zOLpVYJdNMCyLxgzzwYIx KfRt1QKd6PU8Aqrz6ENnsSS1QrwW8PE9NUVQXdaZkyw0NUDzJbw3oI9c/7aFRDX4f5Zb XlpyWCpfs65DycSTV52ZAiQL6h0vt7KceEFFJyIP+5k3xdhF7t7OYAWvUK4vfiBsxOfi 5fPOgy7dJwjVyjafa+Ij41mhazguoWnjv7gAoJ8f2GjhtTNxvF55dipBPm/nxhpa9ekN tSO6fwYadRVSkWDTsbo82+ePqAVcjnt2F1g8tvN7WUs6+s1jMFdeOg47CocEDIbXnv79 Jvbw==
X-Gm-Message-State: APjAAAVj19QAqHlKq1YffAFou5xr5Cvx5b20wQu7vYoOKTUTuj2pnmsT fNoPk1g+w1LPNjvTrkvez6AzhFkzpbkqqkBStyo=
X-Google-Smtp-Source: APXvYqwc9P0ldu739gMb7axu9HA4xsm87ut/1rOmBrQrZzjUl33cf5sAuTqte8xjJmEwGumLPBMbeVwGLAt7y0yzN+I=
X-Received: by 2002:a67:ef03:: with SMTP id j3mr1713786vsr.102.1582676020850; Tue, 25 Feb 2020 16:13:40 -0800 (PST)
MIME-Version: 1.0
References: <CANUuoLp8shxPbW7TYAWPZML5tZ3nhEfsyzfq-81eX+YGufReTQ@mail.gmail.com> <F68EE24C-E8FC-4477-B584-AF5832AEBB7B@gmail.com>
In-Reply-To: <F68EE24C-E8FC-4477-B584-AF5832AEBB7B@gmail.com>
From: "Y. Richard Yang" <yry@cs.yale.edu>
Date: Tue, 25 Feb 2020 19:13:29 -0500
Message-ID: <CANUuoLqAN5CytCdQHsUbTh1WTbU60LLeCLpKRd9EdbBpzWCEGQ@mail.gmail.com>
To: Brian Weis <bew.stds@gmail.com>
Cc: secdir@ietf.org, IETF ALTO <alto@ietf.org>, draft-ietf-alto-cost-calendar.all@ietf.org, last-call@ietf.org
Content-Type: multipart/alternative; boundary="00000000000004730e059f6f7a61"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/dAu18K9i6z0lIRmYL8BxssgzFpA>
Subject: Re: [secdir] Secdir last call review of draft-ietf-alto-cost-calendar-17
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Feb 2020 00:13:44 -0000
Dear Brian, This is great. We will include the paragraph when we upload the new version soon. Thank you so much! Richard On Tue, Feb 25, 2020 at 7:00 PM Brian Weis <bew.stds@gmail.com> wrote: > Hi Richard, > > The new text looks great to me. > > Thanks, > Brian > > On Feb 25, 2020, at 3:23 PM, Y. Richard Yang <yry@cs.yale.edu> wrote: > > > Dear Brian, > > Thank you so much for the review. Please see inline below. > > On Tue, Feb 25, 2020 at 12:56 AM Brian Weis via Datatracker < > noreply@ietf.org> wrote: > >> Reviewer: Brian Weis >> Review result: Ready >> >> I have reviewed this document as part of the security directorate's >> ongoing effort to review all IETF documents being processed by the IESG. >> These comments were written primarily for the benefit of the security >> area directors. Document editors and WG chairs should treat these >> comments just like any other last call comments. >> >> This document defines the ALTO Cost Calendar, an extension to the base >> Application-Layer Traffic Optimization (ALTO) protocol. Currently, the >> ALTO cost information service provides applications with guidance about >> current costs of a desired resource, but not for resources with a cost >> that >> changes dramatically over time. The ALTO Cost Calendar allows for >> specifying costs for varying time periods in the future. >> >> The extensions in this document are to the existing network flows, with >> policy defined in JSON. As such, additional security considerations are >> few. The well-written Security Considerations document does define a few >> considerations that come from announcing events that are expected to >> happen in the future. >> >> I have only one suggestion for additional text. The second >> paragraph on page 27 (draft -17) describes risks of a client using the >> calendaring information for their own selfish purposes. The suggested >> mitigation in the next paragraph is to limit the information “being >> leaked to malicious clients or third parties“ by authenticating clients >> with TLS. This strategy may thwart “third parties”, but it will not help >> in the case of “malicious clients” possessing valid credentials to >> authenticate. The threat here might be legitimate clients that have >> become subverted by an attacker and are now ‘bots’ being asked to >> participate in a DDoS attack. The calendar information would be valuable >> information for when to persecute a DDoS attack, and this should be >> noted here. >> > > This is an excellent point. The > compromised-but-still-appear-to-be-legitimate > is a quite reasonable setting. We have added the following paragraph, by > borrowing your excellent text above, right after the paragraph > "[RFC8446] specifies TLS 1.3 and writes in its section 1: ..." > > New paragraph: > > The operator should be should be cognizant that the preceding mechanisms > do not address all security risks. In particular, they will not help in > the case of “malicious clients” possessing valid credentials to > authenticate. The threat here can be that legitimate clients have > become subverted by an attacker and are now ‘bots’ being asked to > participate in a DDoS attack. The Calendar information would be valuable > information for when to persecute a DDoS attack. A mechanism such as > a monitoring system that detects abnormal behaviors may still be > needed." > > How does it look? > > Thanks a lot, > Richard > > > > > -- -- ===================================== | Y. Richard Yang <yry@cs.yale.edu> | | Professor of Computer Science | | http://www.cs.yale.edu/~yry/ | =====================================
- [secdir] Secdir last call review of draft-ietf-al… Brian Weis via Datatracker
- Re: [secdir] Secdir last call review of draft-iet… Y. Richard Yang
- Re: [secdir] Secdir last call review of draft-iet… Brian Weis
- Re: [secdir] Secdir last call review of draft-iet… Y. Richard Yang