Re: [secdir] secdir review of draft-ietf-dhc-dhcpv6-solmaxrt-update-03
"Ralph Droms (rdroms)" <rdroms@cisco.com> Fri, 13 September 2013 21:32 UTC
Return-Path: <rdroms@cisco.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F56911E80D2; Fri, 13 Sep 2013 14:32:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w1pe4FhmrZx1; Fri, 13 Sep 2013 14:31:55 -0700 (PDT)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) by ietfa.amsl.com (Postfix) with ESMTP id B102511E80AD; Fri, 13 Sep 2013 14:31:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4139; q=dns/txt; s=iport; t=1379107916; x=1380317516; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=tX3Uo6kx8l9a97doGaVeIgs8xjNvsMGLMe6u7R4O8DQ=; b=RSwXMcTTmoK8czuyHyyu4fI+BIBqJR9QuEmk9JHXi9OBSzfVTeEyAqz6 v61Rkm6ozmg7HwnVM4nAwmkJNJpDupBSBkUqhHkpI9bp9a8KA1Q933XoH uSrV1zS7Ze7ls6jZa4Q15jp5asrMAg6QMYXUDvPz2jtmzOTGtOoXv4vbp E=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgIFAPiCM1KtJXG//2dsb2JhbABYA4MHgQrAe4EdFnSCJQEBAQMBOj8FCwIBCCIUEDIlAgQOBQiHaQMJBrAKCIkwjz4CIRAHEYMNgQADqW6DJIIq
X-IronPort-AV: E=Sophos;i="4.90,900,1371081600"; d="scan'208";a="259540113"
Received: from rcdn-core2-4.cisco.com ([173.37.113.191]) by rcdn-iport-5.cisco.com with ESMTP; 13 Sep 2013 21:31:55 +0000
Received: from xhc-aln-x14.cisco.com (xhc-aln-x14.cisco.com [173.36.12.88]) by rcdn-core2-4.cisco.com (8.14.5/8.14.5) with ESMTP id r8DLVtBX004123 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Fri, 13 Sep 2013 21:31:55 GMT
Received: from xmb-aln-x04.cisco.com ([169.254.9.202]) by xhc-aln-x14.cisco.com ([173.36.12.88]) with mapi id 14.02.0318.004; Fri, 13 Sep 2013 16:31:54 -0500
From: "Ralph Droms (rdroms)" <rdroms@cisco.com>
To: ietfdbh <ietfdbh@comcast.net>
Thread-Topic: secdir review of draft-ietf-dhc-dhcpv6-solmaxrt-update-03
Thread-Index: AQHOsMiqOZO8k1rZU0CLwj3Ipo/ffQ==
Date: Fri, 13 Sep 2013 21:31:54 +0000
Message-ID: <4518F39EB578034D8C99A9B7776CDBA301B3CC3B@xmb-aln-x04.cisco.com>
References: <017901cea661$313309b0$93991d10$@comcast.net>
In-Reply-To: <017901cea661$313309b0$93991d10$@comcast.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.86.248.169]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <E1C742B3DC9208438547880D81B9BD63@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "draft-ietf-dhc-dhcpv6-solmaxrt-update@tools.ietf.org" <draft-ietf-dhc-dhcpv6-solmaxrt-update@tools.ietf.org>, "iesg@ietf.org IESG" <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] secdir review of draft-ietf-dhc-dhcpv6-solmaxrt-update-03
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Sep 2013 21:32:03 -0000
Thanks for your review. Comments in line; all edits to appear in -04 rev. On Aug 31, 2013, at 11:46 AM 8/31/13, ietfdbh <ietfdbh@comcast.net> wrote: > I have reviewed this document as part of the security directorate's ongoing > effort to review all IETF documents being processed by the IESG. These > comments were written primarily for the benefit of the security area > directors. Document editors and WG chairs should treat these comments just > like any other last call comments. > > The document describes a change to the values of DHCPv6 Options for Solicit > and Information timeout values (SOL_MAX_RT and INF_MAX_RT). > > I am not very knowledgeable about DHCPv6 options, but I have a few > questions. > 1) section 6 says " the client MUST process an included SOL_MAX_RT option > and/or an included INF_MAX_RT option"; this could be interpreted as OR even > if both are present. Hopefully no implementer would make that choice, but > they could claim compliance if they did. > It would be tighter to say they MUST process SOL-MAX-RT and MUST process > INF_MAX_RT ... Another artifact of adding INF_MAX_RT to the document. Thanks for the suggested text, which I've used > 2) section 7 says " A DHCPv6 client MUST include the SOL_MAX_RT option code > in an Option Request option [RFC3315] in any message it sends." Is this > really required for every message? Hm. This text is actually somewhat redundant as RFC 3315 is authoritative as to when the Option Request option is sent. Changed to: A DHCPv6 client MUST include the SOL_MAX_RT option code in any Option Request option [RFC3315] it sends as required by RFC 3315. > 3) if #2 is true, then section 8 seems to have some unnecessary > conditionals. "the server will send option SOL_MAX_RT and INF_MAX_RT only if > .... the client requested those options ...". Doesn't section 7 say the > client is REQUIRED to request these options? I think the text as it stands is appropriate for clarity regarding interoperation with non-compliant clients. Otherwise, an implementor might interpret the text as requiring that the server send the options even if the client has not requested them. > 4) similar to question #3, in section 8 paragraph 2, the server responds to > " a client that has included the SOL_MAX_RT option code in an Option > Request option"; doesn't section 7 REQUIRE that the client include this? > Ditto for paragraph 3 and INF_MAX_RT? Previous answer applies here, as well. > 5) In security considerations, the potential security **impact** of a > malicious server setting a high value isn't discussed. OK. Added: ...which may cause an undue delay in a client completing its DHCPv6 protocol transaction in the case no other valid response is received. > 6) On a related note to #5, are there operational considerations if a DHCPv6 > server choose to set an arbitrarily high value? Could there be economic > benefit for a server to do this, leading some requesters to use a different > server either for load-balancing or servicing only priority customers? What > impact could such behavior create in a network that an operator should > consider? I can't think of any other impacts. If you feel strongly about the issue, we can poll the dhc WG for their thoughts. > 7) In IANA considerations, you define OPTION_SOL_MAX_RT and > OPTION_INF_MAX_RT, but discussion of sending these options in sections 7 and > 8 don't mention these codes; they refer only to SOL_MAX_RT and SOL_MAX_RT. I > don't know much about registering DHCP options; is this correct? Section 7 uses the phrases "SOL_MAX_RT option code" and "INF_MAX_RT option code, which would be considered equivalent to OPTION_SOL_MAX_RT and OPTON_INF_MAX_RT. Section 8 uses the phrases "SOL_MAX_RT option" and "INF_MAX_RT option" to refer to the options themselves, not just the option codes. I think the text is correct in all cases. - Ralph > > David Harrington > ietfdbh@comcast.net > +1-603-828-1401 > >
- [secdir] secdir review of draft-ietf-dhc-dhcpv6-s… ietfdbh
- Re: [secdir] secdir review of draft-ietf-dhc-dhcp… Ralph Droms (rdroms)