Re: [secdir] SecDir Review of draft-ietf-pcp-anycast-06

"Christian Huitema" <huitema@huitema.net> Tue, 09 June 2015 21:33 UTC

Return-Path: <huitema@huitema.net>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD09B1A1B5B for <secdir@ietfa.amsl.com>; Tue, 9 Jun 2015 14:33:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.001
X-Spam-Level:
X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K_GjeYO2M6Ws for <secdir@ietfa.amsl.com>; Tue, 9 Jun 2015 14:33:36 -0700 (PDT)
Received: from xsmtp04.mail2web.com (xsmtp04.mail2web.com [168.144.250.231]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4DA041A1BA3 for <secdir@ietf.org>; Tue, 9 Jun 2015 14:33:35 -0700 (PDT)
Received: from [10.5.2.35] (helo=xmail10.myhosting.com) by xsmtp04.mail2web.com with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from <huitema@huitema.net>) id 1Z2R9J-0002u5-8f for secdir@ietf.org; Tue, 09 Jun 2015 17:33:34 -0400
Received: (qmail 16111 invoked from network); 9 Jun 2015 21:33:32 -0000
Received: from unknown (HELO huitema1) (Authenticated-user:_huitema@huitema.net@[131.107.147.223]) (envelope-sender <huitema@huitema.net>) by xmail10.myhosting.com (qmail-ldap-1.03) with ESMTPA for <draft-ietf-pcp-anycast.all@tools.ietf.org>; 9 Jun 2015 21:33:32 -0000
From: "Christian Huitema" <huitema@huitema.net>
To: "'Yoav Nir'" <ynir.ietf@gmail.com>, "'secdir'" <secdir@ietf.org>, "'The IESG'" <iesg@ietf.org>, <draft-ietf-pcp-anycast.all@tools.ietf.org>
References: <06A85300-7DD9-4AC4-A5F5-EE9FE77F7466@gmail.com>
In-Reply-To: <06A85300-7DD9-4AC4-A5F5-EE9FE77F7466@gmail.com>
Date: Tue, 9 Jun 2015 14:33:30 -0700
Message-ID: <001801d0a2fb$ef31e560$cd95b020$@huitema.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 15.0
Thread-Index: AQM76S7OfzTHZVpZ8EJ9iD3mk4Q05prOIsqw
Content-Language: en-us
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/rq6z8yfpmqMVOkfSVGODOc9XIug>
Subject: Re: [secdir] SecDir Review of draft-ietf-pcp-anycast-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Jun 2015 21:33:38 -0000

> There are two specific concerns about this method (other than the usual
> anycast or pcp concerns). The first is that information about the internal
> network might leak to a PCP service outside the network. 

In fact, it is almost guaranteed to leak outside of the network. In the initial deployments, first hop routers will not be aware of the anycast address...

> ... Whereas a failure of
> a service whose address is given in DHCP will result in black-holed packets,
> failure of a service with an anycast address will cause the packets to be
> forwarded to some random PCP server on the Internet. Section 5.1 discusses
> this and recommends filtering in perimeter gateways and reduced TTL. I
> believe this addresses that threat adequately.

I would find the TTL mitigation would be more convincing if the draft actually specified a recommended TTL value.

-- Christian Huitema