[secdir] Fwd: SECDIR review of draft-hoffman-dns-in-json
Watson Ladd <watsonbladd@gmail.com> Fri, 20 April 2018 00:28 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C96BF126DED for <secdir@ietfa.amsl.com>; Thu, 19 Apr 2018 17:28:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sfx2S2jEpIMH for <secdir@ietfa.amsl.com>; Thu, 19 Apr 2018 17:28:11 -0700 (PDT)
Received: from mail-lf0-x230.google.com (mail-lf0-x230.google.com [IPv6:2a00:1450:4010:c07::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9355C126CB6 for <secdir@ietf.org>; Thu, 19 Apr 2018 17:28:10 -0700 (PDT)
Received: by mail-lf0-x230.google.com with SMTP id d79-v6so2706595lfd.0 for <secdir@ietf.org>; Thu, 19 Apr 2018 17:28:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=wu2Fh/+jDVbROOvhmOYzm02aeD8nLXibG3SsZpjjR0g=; b=WGauVwaR64tBkHM2YkK5BafPv3eNr9TIwds2QyCRiH8qsOfhbHBe3y+fIp2CSUOUhJ wgcEkkdNZRkKYmbDI+861+mvEZ6Avf+aWwQX3PEz6wL7it+3gopm1M6ne0txU+kVBDBv jZGUJFffGr3h4fN/dkc41goqsrMdYXcFUpk98+h2IUdnhANp+IuPa0wQpKRek21CKMv6 KUofpAHn6fjvC0CWO7svB6qC30NMpFFrmei0T4qVUJxqH1JK2KwoB7AzfvoioXiYSYgz 4yMIs5lsyrKCMArjeE9c/ayLXlT82xjpKXY+u36sZNsrpz040QJElhujLVbCX6n6a6Sr wPsQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=wu2Fh/+jDVbROOvhmOYzm02aeD8nLXibG3SsZpjjR0g=; b=KBdep+Kvslfypnf9S9zI6OkE/P81ojrB4b2jjT+wTn8EgwnjyAYNCIpmjRyquZMeGg O7KZasWGV84qmr7v6DHXL9ikous9XgmkC5JsLT8jxi1Ar7X0F25kcm7M4ODShypVGaf7 7cpaW3Vh+R39dUOIRSVSGB+rP7NG3KNjp5cWge9uoGWSHfUjjUL3UFC0mmeqnPyym9cC wt2ItcQ8f7rcU8iJM/T8Xd0tFOnPX9ChnxC61ymJv0fV2ZDHgang5b1/qvzkHG17SDca eAdJpX2ldrIKAqVkdPtAlMYaO0kXnAIptCrbg7YaCZVSWK5IGSCh0NT058pPYWkajTxd XOhw==
X-Gm-Message-State: ALQs6tDU+0QPWYC/SBLz5PiYavCkf6aUubOcIFOAiLsMT6X1ubCNyVI8 foPkyN1xtSYg429urNU8AgCkzUY6r2P/AGzukxrL+g==
X-Google-Smtp-Source: AIpwx4+vBPBSbxNkjhtVqgmb5siX8R9KDZqWpXL7b4fsBgkIcZYAJyWQNySKm7ybfnqgZ1aryKMdStyhNRSIFL5Ppeg=
X-Received: by 10.46.85.196 with SMTP id g65mr5345832lje.10.1524184088423; Thu, 19 Apr 2018 17:28:08 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a19:cbd2:0:0:0:0:0 with HTTP; Thu, 19 Apr 2018 17:28:07 -0700 (PDT)
In-Reply-To: <CACsn0cmy=svmvAoTXqH1uE+DOMA+aWaLhyNRtwf_zSegxZpHcg@mail.gmail.com>
References: <CACsn0cmy=svmvAoTXqH1uE+DOMA+aWaLhyNRtwf_zSegxZpHcg@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
Date: Thu, 19 Apr 2018 17:28:07 -0700
Message-ID: <CACsn0ck2Bsvs6jBqvz0Nt7gRNoniyqzBaTE-pqMD3r6DyH6ZCg@mail.gmail.com>
To: secdir@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/jvwETE0h73qZ12XNdAzAUmKiVEs>
Subject: [secdir] Fwd: SECDIR review of draft-hoffman-dns-in-json
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Apr 2018 00:28:35 -0000
---------- Forwarded message ---------- From: Watson Ladd <watsonbladd@gmail.com> Date: Thu, Mar 29, 2018 at 1:27 PM Subject: SECDIR review of draft-hoffman-dns-in-json To: "<iesg@ietf.org>" <iesg@ietf.org>, saag@ietf.org, draft-hoffman-dns-in-json.all@tools.ietf.org Dear all, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is ready with issues. I have some very strong reservations about defining a data format without some strong round-tripping guarantees and with as much flexibility as this one. The JSON format for DNS packets is intended to permit representation of malformed packets, and has a high degree of flexibility, with an intent that applications define profiles of it for themselves. There are considerable security implications to doing this not addressed in the Security Implications section, in addition to obvious interoperability issues. For example, if we have a filter for JSON representations of DNS packets, this filter must share the same semantics for the output JSON as the consumer, even in the face of such bizzarities as HEX and regular fields with different contents, malformed length fields, etc. etc. I expect that this can and will cause serious issues. I would suggest we not represent invalid packets and ensure all valid packets have a unique representation. Failing that the security consideration should at minimum be amended to include a discussion of these issues. A schema that can be used to validate DNS packets represented in JSON could also help address these problems. Sincerely, Watson Ladd -- "Man is born free, but everywhere he is in chains". --Rousseau.