[secdir] FWD from Hilarie Orman: Security review of PIM Message Type Space Extension and Reserved Bits draft-ietf-pim-rfc8736bis-03
Tero Kivinen <kivinen@iki.fi> Wed, 24 May 2023 12:53 UTC
Return-Path: <kivinen@iki.fi>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED11EC151546 for <secdir@ietfa.amsl.com>; Wed, 24 May 2023 05:53:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.099
X-Spam-Level:
X-Spam-Status: No, score=-7.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=iki.fi
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iAlcxngdnlWo for <secdir@ietfa.amsl.com>; Wed, 24 May 2023 05:53:59 -0700 (PDT)
Received: from meesny.iki.fi (meesny.iki.fi [IPv6:2001:67c:2b0:1c1::201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A162EC15152D for <secdir@ietf.org>; Wed, 24 May 2023 05:53:57 -0700 (PDT)
Received: from fireball.acr.fi (fireball.kivinen.iki.fi [IPv6:2001:1bc8:100d::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: kivinen@iki.fi) by meesny.iki.fi (Postfix) with ESMTPSA id 4QRB2T41MczyPY for <secdir@ietf.org>; Wed, 24 May 2023 15:53:52 +0300 (EEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iki.fi; s=meesny; t=1684932833; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=gI96k1VZ+JECRAXkHgFLPExOSn6k87pvl5IAdNA4l9I=; b=X9rxZFfp2cd3Z0/jfWBJU27tpxDAt0672BGWVC2gRIv+t/FfuwQporTSVwi4J2qykkceE8 Hvt+sLcapW11hnU5JSaYCS18wYDTiz25dFi4KcmarlYJMMAZ0fIAKwXlqWN8QZUYwppsVD Ef9Jf1dO5T3OoMKG+PFWp+rKWQo0B4U=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=iki.fi; s=meesny; t=1684932833; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=gI96k1VZ+JECRAXkHgFLPExOSn6k87pvl5IAdNA4l9I=; b=jsVOeO3E68tymAn8JO1urGLvi5m3oBbsGbmWD1b5fL8k1vN++8eTeYBpb6kYCVGCG/YzOK fIhejO+DOZ84UjcySWQWQOn66Oe3HENSW2Osy/l0lsfCvE9vbR97UAX5AanyloCdvvOALb aKbJL+tPDWda2u+v5TXbU2OKob24Fr0=
ARC-Authentication-Results: i=1; ORIGINATING; auth=pass smtp.auth=kivinen@iki.fi smtp.mailfrom=kivinen@iki.fi
ARC-Seal: i=1; s=meesny; d=iki.fi; t=1684932833; a=rsa-sha256; cv=none; b=bbb879F561i35yfhO64sl/Ts0qamGHHExTo9xT5j5Lq51H3NOjj4VwC2nkFVeeAWJiPvHD HUOeInNu0/kcwhpBeK2eRQLoWoIpEnVuSEiDtq0G82qTzg8w1r14vqq7HihdL1l/fFWsu3 LiNFkbeLOQmi5z+UjK2pYct/Sq5D95Q=
Received: by fireball.acr.fi (Postfix, from userid 15204) id 60F9025C1304; Wed, 24 May 2023 15:53:52 +0300 (EEST)
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="ZNDhR9jMBu"
Content-Transfer-Encoding: 7bit
Message-ID: <25710.2272.273149.393739@fireball.acr.fi>
Date: Wed, 24 May 2023 15:53:52 +0300
From: Tero Kivinen <kivinen@iki.fi>
To: secdir@ietf.org
X-Mailer: VM 8.2.0b under 26.3 (x86_64--netbsd)
X-Edit-Time: 1 min
X-Total-Time: 0 min
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/r62Jhzn45Fq0VfPi1GxjUfdBoqA>
Subject: [secdir] FWD from Hilarie Orman: Security review of PIM Message Type Space Extension and Reserved Bits draft-ietf-pim-rfc8736bis-03
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 May 2023 12:54:00 -0000
--- Begin Message ---Security review of PIM Message Type Space Extension and Reserved Bits draft-ietf-pim-rfc8736bis-01 Do not be alarmed. I generated this review of this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written with the intent of improving security requirements and considerations in IETF drafts. Comments not addressed in last call may be included in AD reviews during the IESG review. Document editors and WG chairs should treat these comments just like any other last call comments. "The PIM version 2 messages share a common message header format. The common header definition contains eight reserved bits. This document specifies how these bits may be used by individual message types and extends the PIM type space." Other than slightly complicating the parsing of message types, this change seems to have no security implications. Hilarie--- End Message ---
-- kivinen@iki.fi
- [secdir] FWD from Hilarie Orman: Security review … Tero Kivinen