[secdir] Security directorate review of draft-ietf-tcpm-yang-tcp-06
Hilarie Orman <hilarie@purplestreak.com> Wed, 02 March 2022 18:57 UTC
Return-Path: <hilarie@purplestreak.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7335A3A092F; Wed, 2 Mar 2022 10:57:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.908
X-Spam-Level:
X-Spam-Status: No, score=-1.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JUE8UxQTsW3e; Wed, 2 Mar 2022 10:57:53 -0800 (PST)
Received: from out02.mta.xmission.com (out02.mta.xmission.com [166.70.13.232]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 460423A08E3; Wed, 2 Mar 2022 10:57:52 -0800 (PST)
Received: from in02.mta.xmission.com ([166.70.13.52]:41592) by out02.mta.xmission.com with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from <hilarie@purplestreak.com>) id 1nPUAZ-00H0Wt-03; Wed, 02 Mar 2022 11:57:51 -0700
Received: from [166.70.232.207] (port=46456 helo=rumpleteazer.rhmr.com) by in02.mta.xmission.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from <hilarie@purplestreak.com>) id 1nPUAY-00D4GL-3C; Wed, 02 Mar 2022 11:57:50 -0700
Received: from rumpleteazer.rhmr.com (localhost [127.0.0.1]) by rumpleteazer.rhmr.com (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id 222IukUr026217; Wed, 2 Mar 2022 11:56:46 -0700
Received: (from hilarie@localhost) by rumpleteazer.rhmr.com (8.14.4/8.14.4/Submit) id 222Iukla026216; Wed, 2 Mar 2022 11:56:46 -0700
Date: Wed, 02 Mar 2022 11:56:46 -0700
Message-Id: <202203021856.222Iukla026216@rumpleteazer.rhmr.com>
From: Hilarie Orman <hilarie@purplestreak.com>
Reply-To: Hilarie Orman <hilarie@purplestreak.com>
To: iesg@ietf.org, secdir@ietf.org
Cc: draft-ietf-tcpm-yang-tcp.all@ietf.org
X-XM-SPF: eid=1nPUAY-00D4GL-3C; ; ; mid=<202203021856.222Iukla026216@rumpleteazer.rhmr.com>; ; ; hst=in02.mta.xmission.com; ; ; ip=166.70.232.207; ; ; frm=hilarie@purplestreak.com; ; ; spf=pass
X-XM-AID: U2FsdGVkX1933tlRXygDLQTVfC+MspC2
X-SA-Exim-Connect-IP: 166.70.232.207
X-SA-Exim-Mail-From: hilarie@purplestreak.com
X-Spam-Virus: No
X-Spam-DCC: XMission; sa02 1397; Body=1 Fuz1=1 Fuz2=1
X-Spam-Combo: ***;iesg@ietf.org, secdir@ietf.org
X-Spam-Relay-Country:
X-Spam-Timing: total 410 ms - load_scoreonly_sql: 0.03 (0.0%), signal_user_changed: 4.8 (1.2%), b_tie_ro: 3.4 (0.8%), parse: 0.97 (0.2%), extract_message_metadata: 5 (1.2%), get_uri_detail_list: 1.75 (0.4%), tests_pri_-1000: 2.3 (0.6%), tests_pri_-950: 1.28 (0.3%), tests_pri_-900: 0.96 (0.2%), tests_pri_-90: 96 (23.5%), check_bayes: 95 (23.1%), b_tokenize: 5 (1.3%), b_tok_get_all: 7 (1.6%), b_comp_prob: 1.96 (0.5%), b_tok_touch_all: 78 (18.9%), b_finish: 0.84 (0.2%), tests_pri_0: 287 (69.9%), check_dkim_signature: 0.58 (0.1%), check_dkim_adsp: 21 (5.2%), poll_dns_idle: 14 (3.5%), tests_pri_10: 2.6 (0.6%), tests_pri_500: 7 (1.7%), rewrite_mail: 0.00 (0.0%)
X-SA-Exim-Version: 4.2.1 (built Sat, 08 Feb 2020 21:53:50 +0000)
X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/rPgf6d_1Uv1BuUJ7JlB07qBdLV8>
Subject: [secdir] Security directorate review of draft-ietf-tcpm-yang-tcp-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Mar 2022 18:57:56 -0000
Security review of A YANG Model for Transmission Control Protocol (TCP) Configuration draft-ietf-tcpm-yang-tcp-06 Do not be alarmed. I generated this review of this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written with the intent of improving security requirements and considerations in IETF drafts. Comments not addressed in last call may be included in AD reviews during the IESG review. Document editors and WG chairs should treat these comments just like any other last call comments. The abstract: This document specifies a minimal YANG model for TCP on devices that are configured by network management protocols. The YANG model defines a container for all TCP connections and groupings of authentication parameters that can be imported and used in TCP implementations or by other models that need to configure TCP parameters. The model also includes basic TCP statistics. This is a well-written document that brings up a troubling issue, the outdated use of a keyed hash for authentication in TCP. The fact that there is such an option seems to be an expediency introduced long ago. Originally, the hash algorithm was MD5, which made sense at the time. Apparently that has become deeply embedded in network infrastructure. Although the Authentication Option was later updated to include a better hash algorithm, the unfortunate choice was SHA-1. Both MD5 and SHA-1 are considered "broken". The keyed hash with MD5 or SHA-1 might be justified as "better than nothing" or "good enough for our use cases", but it has the effect of forcing two bad hash algorithms to reside permanently in the code base for network management. There are security efforts to move to post-quantum cryptography and a quantum Internet, yet the oldest and most unsuitable cryptographic algorithms seem set in stone. It is as though one looked into an ALU with a microscope and found a tiny abacus etched into the silicon for backwards compatibility. >From a security standpoint, it would be best if the YANG TCP document were to recommend strongly against using TCP authentication no matter what the hash algorithm is. The recommended security solution is to use IPSec or TLS to secure connections. In the event that TCP authentication remains in YANG, I note that there are no statistics kept for authentication failures. If a shared key falls out of synch, the statistics might help detect that. Hilarie
- [secdir] Security directorate review of draft-iet… Hilarie Orman
- Re: [secdir] Security directorate review of draft… Scharf, Michael