[secdir] R: secdir review of draft-ietf-ipfix-flow-selection-tech

"Salvatore D'Antonio" <salvatore.dantonio@uniparthenope.it> Sat, 23 February 2013 14:26 UTC

Return-Path: <salvatore.dantonio@uniparthenope.it>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3355521F8EFE; Sat, 23 Feb 2013 06:26:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.73
X-Spam-Level:
X-Spam-Status: No, score=0.73 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245, MSGID_MULTIPLE_AT=1.449]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eWywR6mZehvc; Sat, 23 Feb 2013 06:26:03 -0800 (PST)
Received: from mail.uniparthenope.it (mail.uniparthenope.it [192.167.9.244]) by ietfa.amsl.com (Postfix) with ESMTP id B148821F8EFD; Sat, 23 Feb 2013 06:26:02 -0800 (PST)
Received: from mail2.uniparthenope.it (unknown [10.1.2.108]) by mail.uniparthenope.it (Postfix) with SMTP id 44C6E31534; Sat, 23 Feb 2013 14:26:00 +0000 (UTC)
Received: from (unknown [192.168.241.108]) by mail2.uniparthenope.it with smtp id 1d8b_f1e36490_7dc4_11e2_9101_001372515a5c; Sat, 23 Feb 2013 15:25:59 +0100
Received: from spamk.uniparthenope.it (localhost [127.0.0.1]) by spamk.uniparthenope.it (Postfix) with ESMTP id DC43FC4300; Sat, 23 Feb 2013 15:25:59 +0100 (CET)
Received: by spamk.uniparthenope.it (Postfix, from userid 500) id D92BFC4305; Sat, 23 Feb 2013 15:25:59 +0100 (CET)
Received: from mail.uniparthenope.it (unknown [192.168.241.109]) by spamk.uniparthenope.it (Postfix) with ESMTP id 30802C4300; Sat, 23 Feb 2013 15:25:59 +0100 (CET)
Received: from saldantoPC (unknown [109.112.162.204]) (Authenticated sender: salvatore.dantonio@uniparthenope.it) by mail.uniparthenope.it (Postfix) with ESMTPA id B2A8D31534; Sat, 23 Feb 2013 15:25:55 +0100 (CET)
From: "Salvatore D'Antonio" <salvatore.dantonio@uniparthenope.it>
To: "'Nevil Brownlee'" <n.brownlee@auckland.ac.nz>
References: <8b9118710c0f73581afe12789d16ae07.squirrel@www.trepanning.net> <50A1290E.6080200@cisco.com> <003d01cdc244$38cfce80$aa6f6b80$@dantonio@uniparthenope.it> <50AA5B41.20705@cisco.com> <00e801cdc673$6d62c2a0$482847e0$@dantonio@uniparthenope.it> <5119AB20.7000704@auckland.ac.nz> <000601ce08f4$6a80ee40$3f82cac0$@dantonio@uniparthenope.it> <51255CDF.7040008@auckland.ac.nz>
In-Reply-To: <51255CDF.7040008@auckland.ac.nz>
Date: Sat, 23 Feb 2013 15:25:59 +0100
MIME-Version: 1.0
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: Ac4PwoA+a6Oso2RLQsyvhp6TwN0SQQCDnb/g
Content-Language: it
Message-ID: <001b01ce11d1$b6848be0$238da3a0$@dantonio@uniparthenope.it>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Anti-Virus: Kaspersky Anti-Virus for Linux Mail Server 5.6.42/RELEASE, bases: 20130223 #9529837, check: 20130223 clean
Cc: draft-ietf-ipfix-flow-selection-tech@tools.ietf.org, secdir@ietf.org, ipfix-chairs@tools.ietf.org, iesg@ietf.org, 'Benoit Claise' <bclaise@cisco.com>
Subject: [secdir] R: secdir review of draft-ietf-ipfix-flow-selection-tech
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Feb 2013 14:26:04 -0000

Dear all,

A new version of the Internet Draft has been submitted that addresses
comments from Benoit and Dan Harkins.

Kind regards,


Salvatore

-----Messaggio originale-----
Da: Nevil Brownlee [mailto:n.brownlee@auckland.ac.nz] 
Inviato: giovedì 21 febbraio 2013 00:32
A: Salvatore D'Antonio
Cc: 'Benoit Claise'; draft-ietf-ipfix-flow-selection-tech@tools.ietf.org;
ipfix-chairs@tools.ietf.org
Oggetto: Re: secdir review of draft-ietf-ipfix-flow-selection-tech


Hi Salvatore:

Draft submission deadline for IETF 86 is next Monday, 25 February.
Any chance of getting the revised draft done before that, please?

Cheers, Nevil



On 12/02/13 8:41 PM, Salvatore D'Antonio wrote:
> Dear Nevil,
>
> Thanks for your e-mail. Regrettably I could not work to the Draft in the
> last two months because I was fully involved in the preparation of the
final
> reports of the research projects of my University.
> I just restarted to work to the document in order to implement the changes
> requested by Benoit and I plan to submit a new version early next week.
>
> Kind regards,
>
> Salvatore
>
>
> -----Messaggio originale-----
> Da: Nevil Brownlee [mailto:n.brownlee@auckland.ac.nz]
> Inviato: martedì 12 febbraio 2013 03:38
> A: Salvatore D'Antonio
> Cc: 'Benoit Claise'; draft-ietf-ipfix-flow-selection-tech@tools.ietf.org;
> ipfix-chairs@tools.ietf.org
> Oggetto: Re: R: R: secdir review of draft-ietf-ipfix-flow-selection-tech
>
>
> Hi Salvatore:
>
> I'm getting set for IETF 86 in Orlando; I see that the flow-selection
> draft has been sitting waiting for a revised draft for 130 days!
>
> Please can you get that published real soon now, it would be really
> good to see this draft finally published!
>
> Cheers, Nevil
>
>
> On 20/11/12 5:32 AM, Salvatore D'Antonio wrote:
>> Dear Benoit,
>>
>>
>>
>> Ok, I will do.
>>
>>
>>
>> Thanks.
>>
>>
>>
>> Best regards,
>>
>>
>>
>>
>>
>> Salvatore
>>
>>
>>
>>
>>
>>
>>
>> Da: Benoit Claise [mailto:bclaise@cisco.com]
>> Inviato: lunedì 19 novembre 2012 17:16
>> A: Salvatore D'Antonio
>> Cc: draft-ietf-ipfix-flow-selection-tech.all@tools.ietf.org
>> Oggetto: Re: R: secdir review of draft-ietf-ipfix-flow-selection-tech
>>
>>
>>
>> Salvatore,
>>
>> Please answer Dan's comment via email before posting the draft, unless
>> you're sure that your resolution will resolve his issue.
>>
>> Regards, Benoit
>>
>> Dear all,
>>
>>
>>
>> I missed Dan's e-mail. I apologise for that.
>>
>>
>>
>> I will address Dan's comments  in the new version of the Draft.
>>
>>
>>
>> Best regards,
>>
>>
>>
>> Salvatore
>>
>>
>>
>>
>>
>>
>>
>> Da: Benoit Claise [mailto:bclaise@cisco.com]
>> Inviato: lunedì 12 novembre 2012 17:51
>> A: draft-ietf-ipfix-flow-selection-tech.all@tools.ietf.org
>> Cc: ipfix@ietf.org
>> Oggetto: Fwd: secdir review of draft-ietf-ipfix-flow-selection-tech
>>
>>
>>
>> Dear authors,
>>
>> Reading my old emails, I'm not sure that you took into account Dan's
>> feedback.
>> At the very minimum, you should give a reply
>>
>> Regards, Benoit
>>
>>
>>
>> -------- Original Message --------
>>
>>
>> Subject:
>>
>> secdir review of draft-ietf-ipfix-flow-selection-tech
>>
>>
>> Date:
>>
>> Tue, 10 Apr 2012 16:59:43 -0700 (PDT)
>>
>>
>> From:
>>
>> Dan Harkins  <mailto:dharkins@lounge.org> <dharkins@lounge.org>
>>
>>
>> To:
>>
>> iesg@ietf.org, secdir@ietf.org,
>> draft-ietf-ipfix-flow-selection-tech.all@tools.ietf.org
>>
>>
>>
>>     Hello,
>>
>>     I have reviewed this document as part of the security directorate's
>> ongoing effort to review all IETF documents being processed by the
>> IESG.  These comments were written primarily for the benefit of the
>> security area directors.  Document editors and WG chairs should treat
>> these comments just like any other last call comments.
>>
>>     This draft describes techniques to select flows which are sets of
>> packets with some common characteristics. The authors have accurately
>> identified what constitutes an attack-- an adversary having the ability
>> to influence flow selection-- and the Security Considerations give
>> a couple examples of this. They seem fine.
>>
>>     There is reference to a paper "[GoRe07]" which does not appear in the
>> References and seems to give advice that I think is wrong: use a strong
>> cryptographically strong random number generator to thwart an attack in
>> which parameters of time-based sampling are discovered to predict the
>> selection decision. This attack can be thwarted by using a value that
>> the adversary cannot predict (sort of like an IV for CBC mode) instead
>> of a cryptographically strong random number. That leaves the random
>> number pool to applications that really need it (like a key exchange
>> that does a Diffie-Hellman). I suggest removing the reference to the
>> un-referenced paper and mention a weaker requirement to thwart that
>> attack.
>>
>>     regards,
>>
>>     Dan.
>>
>>
>>
>>
>>
>>
>>
>>
>>     _____
>>
>> Nessun virus nel messaggio.
>> Controllato da AVG - www.avg.com
>> Versione: 2012.0.2221 / Database dei virus: 2441/5390 - Data di rilascio:
>> 12/11/2012
>>
>>
>>
>>     _____
>>
>> Nessun virus nel messaggio.
>> Controllato da AVG - www.avg.com
>> Versione: 2012.0.2221 / Database dei virus: 2629/5404 - Data di rilascio:
>> 18/11/2012
>>
>>
>
>


-- 
---------------------------------------------------------------------
  Nevil Brownlee                          Computer Science Department
  Phone: +64 9 373 7599 x88941             The University of Auckland
  FAX: +64 9 373 7453   Private Bag 92019, Auckland 1142, New Zealand
-----
Nessun virus nel messaggio.
Controllato da AVG - www.avg.com
Versione: 2013.0.2899 / Database dei virus: 2639/6120 -  Data di rilascio:
20/02/2013