[secdir] Secdir review of draft-ietf-ippm-stamp-option-tlv-06
Charlie Kaufman <charliekaufman@outlook.com> Sat, 27 June 2020 05:34 UTC
Return-Path: <charliekaufman@outlook.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 80EE53A0D45; Fri, 26 Jun 2020 22:34:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=outlook.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t_cMDthSY7Li; Fri, 26 Jun 2020 22:34:36 -0700 (PDT)
Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12olkn2062.outbound.protection.outlook.com [40.92.23.62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0BFF63A0D44; Fri, 26 Jun 2020 22:34:35 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=A8yJbFpn5OmYHtilAdPKusjCFuGp1bwwIy3cvJBPimcVnWz9AOjQkMhCR11MUGI5aFZp9VC7cmBWGTd1ICh8WDzeY8KdfQl1+wdNtvDzb20We/j7WMbRmAhBXNrPU6NJiYFcFRMRJk/ZyCwlUvaRdt/1SbD0GN8egMQ7HzHiUdiOD09SMbXYb6bUzYb4UzgInWBSu3t//Bm6Vm2RXkn1UlMfDRSBakFudMWTVC6pjF802SyRAQStykWqF/Xp/BHUeVDYw7PiR3cL0oMK4bBxZLDx37dG5LFC7SIaGd+D8bTfpVJYdjj05CyTo4ewiCdN4oXJDd+/88E9ML+0MwnQUA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ANGlOXNffPejA5JHU/RTg6gk3XF+XGmSLS1DLhyFepk=; b=hQ+fGMLw5Fh5pM0qFZ9ry6TjUOjFwJg6/pTNyj8GdwJp5Cm/D5f0NJP28K0kCGxhloSrmAhoeoGLbK3JoRcrZ1j+bRRrJgWqhuWQJEmyIBaWr4XXiKTV+TfVdJQ5dJEpidDR6dxDfBRWhOOO8e7Ur3NzkfSmysosCbC6vJXAh7HQlDlOOvs4Hjue/vyjwmWttPfF16rA8bQDibusOdwNA7vwEfcpBelfMnWBbEjh58RaqjJg78rEqwsu529r6UrfRCGZmrf1MfrnIS1mlKulofwgA8Oxq7EgGyUrbOg9DlI8ifxPHrvSu+yfYRz2MMyclQguSubUHT0NVSnpPxf3LA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ANGlOXNffPejA5JHU/RTg6gk3XF+XGmSLS1DLhyFepk=; b=a6D7YcqYGuPceul6Mm4TWOAA5L0dI0hEv+qyeW2C6ztGXRuHdHTAihG8p7491Et9dqXp7UGrmNJNTmUtqskMjw4r9U6vj9Q6cy2RyTNp803QZkJ3UHylYeVJRi2Wu2kMOO3rSEMACcBCzKF6R62WhxKLL322UWv5dWY+cjRiCLiSVXD9M+AybnWzQwM4+m1+UH4/t229CszhTl11mk2kw5Q1XmjslVKXOIjVow9DBob6j9rvPECm+jnAuT6NK054PbBaHQ56dvYcQy6LFYFJa/h1ohAPIBIpG6s4sRBNFyvFQJLsbB/QdzMtsO+sLNKJr48/+xDb0vM+GQN/QSPdVw==
Received: from DM6NAM12FT032.eop-nam12.prod.protection.outlook.com (2a01:111:e400:fc64::43) by DM6NAM12HT010.eop-nam12.prod.protection.outlook.com (2a01:111:e400:fc64::134) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3131.13; Sat, 27 Jun 2020 05:34:34 +0000
Received: from CY4PR0701MB3650.namprd07.prod.outlook.com (2a01:111:e400:fc64::4d) by DM6NAM12FT032.mail.protection.outlook.com (2a01:111:e400:fc64::209) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3153.10 via Frontend Transport; Sat, 27 Jun 2020 05:34:34 +0000
Received: from CY4PR0701MB3650.namprd07.prod.outlook.com ([fe80::7970:4441:aada:b3cd]) by CY4PR0701MB3650.namprd07.prod.outlook.com ([fe80::7970:4441:aada:b3cd%3]) with mapi id 15.20.3131.024; Sat, 27 Jun 2020 05:34:34 +0000
From: Charlie Kaufman <charliekaufman@outlook.com>
To: "secdir@ietf.org" <secdir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "draft-ietf-ippm-stamp-option-tlv.all@ietf.org" <draft-ietf-ippm-stamp-option-tlv.all@ietf.org>
Thread-Topic: Secdir review of draft-ietf-ippm-stamp-option-tlv-06
Thread-Index: AQHWTEQcoR2wUnx5tkW1hwUY5lI/+w==
Date: Sat, 27 Jun 2020 05:34:34 +0000
Message-ID: <CY4PR0701MB36501A472EF93F5FCAE71413DF900@CY4PR0701MB3650.namprd07.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-incomingtopheadermarker: OriginalChecksum:3CF6D8FFD798C51F6BF1149E131786EB73BADC503670709F7A733F4581CC4887; UpperCasedChecksum:C8CADC8B271D0A195AF2040F23084E6EF362ABFDE038777DC55160AFBB67B297; SizeAsReceived:6851; Count:41
x-tmn: [Y4XFGW0nUh/9jKiAL2PvSiwOreBc4Bgo]
x-ms-publictraffictype: Email
x-incomingheadercount: 41
x-eopattributedmessage: 0
x-ms-office365-filtering-correlation-id: 6e8ee43d-7269-42f9-0f81-08d81a5bc699
x-ms-traffictypediagnostic: DM6NAM12HT010:
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: z71OfeMSN9lTFOIJAYzm7iNF1PszTvfNOsfdf/HJ/nt7b/p1E7YBoJmsFmwCEKuDR5s2TTgvv3T3iUtQemhBP/JgrLREOK0d26tbHi9a1s/7fDf6ROxV7q4WTZXv71DCUeaaNSfUFBKwq9shit6d89ARZmHaAXTyy8GGIjpB21l09ez7xcpE+DPSDeNgZ0Np/sQkioJDlVlcaFKcwWmXxw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:0; SRV:; IPV:NLI; SFV:NSPM; H:CY4PR0701MB3650.namprd07.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:; DIR:OUT; SFP:1901;
x-ms-exchange-antispam-messagedata: 80uf8+Sp/BCvtbNJ1KbNoAxt+rgLdyzMwnGcDUo6nOtw9p4zWFJBM6/s3f2Jp758D8QLYLQUShrxthK9iRhte8BGfNOCKgosRKBL7vHuK9v7zigc6vEWxQCztajVo+TTRTe/TwV/0fTMnadbaBGhmQ==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_CY4PR0701MB36501A472EF93F5FCAE71413DF900CY4PR0701MB3650_"
MIME-Version: 1.0
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-AuthSource: DM6NAM12FT032.eop-nam12.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-Network-Message-Id: 6e8ee43d-7269-42f9-0f81-08d81a5bc699
X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Jun 2020 05:34:34.8561 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6NAM12HT010
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/8lgxVg75W2lwGOeJpTezC3_2ieU>
Subject: [secdir] Secdir review of draft-ietf-ippm-stamp-option-tlv-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 27 Jun 2020 05:34:38 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This I-D specifies extensions to the STAMP protocol defined in RFC 8762. The STAMP protocol runs over UDP and is similar to an "echo" protocol intended to be used to test network speed and bandwidth. This I-D specifies a series of TLV encoded extensions that can be appended to the end of the UDP packets of the STAMP protocol (as well as defining the TLV mechanism itself). I could not find anything objectionable from a security standpoint in this extension mechanism. It is a bit odd that when extensions are added to an HMAC protected packet, instead of adding the extensions before the HMAC and having the HMAC protect the entire contents, they keep the existing HMAC that protects the base packet and add a second HMAC at the end of the extensions that protects only the extensions. This would potentially allow an attacker to "mix and match" the extensions from one packet with the base content of a different packet, but it's not clear what an attacker might be able to gain by doing that. One of the pieces of information an extension can request is the 6 byte MAC address of the incoming packet as seen by the peer (which will normally by the MAC address of the last router on the path). That information is not normally available to someone on a distant network, but it's not obvious what harm could come from their knowing it. The protocol can also request the source and destination IP addresses as seen by the peer (presumably to detect NAT gateways), but the protocol assumes the originator will know whether the peer will see IPv4 or IPv6 addresses, so dealing with 6-to-4 gateways could be tricky. On page 19 table 2, this document asks IANA to assign extension type codes. In all other documents of this sort that I have seen, the document assigns the codes and asks IANA to track subsequent additions. On some kinds of errors, the protocol specifies that the error is reported via and ICMP message. For others, it specifies that a field be returned containing all zeros. It's probably better to report errors "in band" because so many routers swallow ICMP messages. The spec does not - and should - specify what to do if the length of the TLV coded extensions does not match the length of the UDP packet containing them (or at least I couldn't find where it was specified). --Charlie
- [secdir] Secdir review of draft-ietf-ippm-stamp-o… Charlie Kaufman
- Re: [secdir] Secdir review of draft-ietf-ippm-sta… Greg Mirsky
- Re: [secdir] Secdir review of draft-ietf-ippm-sta… Greg Mirsky
- Re: [secdir] Secdir review of draft-ietf-ippm-sta… Greg Mirsky
- Re: [secdir] Secdir review of draft-ietf-ippm-sta… Roman Danyliw
- Re: [secdir] Secdir review of draft-ietf-ippm-sta… Benjamin Kaduk