[secdir] Secdir last call review of draft-ietf-capport-rfc7710bis-04

Rifaat Shekh-Yusef via Datatracker <noreply@ietf.org> Fri, 01 May 2020 12:10 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id EFBE43A1125; Fri, 1 May 2020 05:10:19 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Rifaat Shekh-Yusef via Datatracker <noreply@ietf.org>
To: <secdir@ietf.org>
Cc: captive-portals@ietf.org, draft-ietf-capport-rfc7710bis.all@ietf.org, last-call@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.128.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <158833501993.21190.4904257765699741589@ietfa.amsl.com>
Reply-To: Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>
Date: Fri, 01 May 2020 05:10:19 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/kHOP21ffwd-HSKZ2tb-brTthReA>
Subject: [secdir] Secdir last call review of draft-ietf-capport-rfc7710bis-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 May 2020 12:10:20 -0000

Reviewer: Rifaat Shekh-Yusef
Review result: Has Issues

Since the use of IP address literal is not forbidden by this document, what if 
an attacker with the ability to inject DHCP messages or RAs uses this option 
to force the user to contact an IP address of his choosing? In this case, the use 
of TLS and presenting the identity in the certificate might not be of much help.

I think this case should be discussed in the security consideration section.