Re: [secdir] draft-ietf-ippm-more-twamp-02.txt
Al Morton <acmorton@att.com> Tue, 02 June 2009 19:35 UTC
Return-Path: <acmorton@att.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E7B6B3A6D90; Tue, 2 Jun 2009 12:35:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -105.796
X-Spam-Level:
X-Spam-Status: No, score=-105.796 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MSGID_FROM_MTA_HEADER=0.803, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1d4AAefkWgOV; Tue, 2 Jun 2009 12:35:54 -0700 (PDT)
Received: from mail146.messagelabs.com (mail146.messagelabs.com [216.82.241.147]) by core3.amsl.com (Postfix) with ESMTP id C01CD3A6BA9; Tue, 2 Jun 2009 12:35:53 -0700 (PDT)
X-VirusChecked: Checked
X-Env-Sender: acmorton@att.com
X-Msg-Ref: server-2.tower-146.messagelabs.com!1243971354!14228288!1
X-StarScan-Version: 6.0.0; banners=-,-,-
X-Originating-IP: [144.160.128.141]
Received: (qmail 18858 invoked from network); 2 Jun 2009 19:35:55 -0000
Received: from sbcsmtp9.sbc.com (HELO flph161.enaf.ffdc.sbc.com) (144.160.128.141) by server-2.tower-146.messagelabs.com with DHE-RSA-AES256-SHA encrypted SMTP; 2 Jun 2009 19:35:55 -0000
Received: from enaf.ffdc.sbc.com (localhost.localdomain [127.0.0.1]) by flph161.enaf.ffdc.sbc.com (8.14.3/8.14.3) with ESMTP id n52JZpBN029129; Tue, 2 Jun 2009 12:35:52 -0700
Received: from klph001.kcdc.att.com (klph001.kcdc.att.com [135.188.3.11]) by flph161.enaf.ffdc.sbc.com (8.14.3/8.14.3) with ESMTP id n52JZn8Z029116; Tue, 2 Jun 2009 12:35:49 -0700
Received: from kcdc.att.com (localhost.localdomain [127.0.0.1]) by klph001.kcdc.att.com (8.14.0/8.14.0) with ESMTP id n52JZmJI020174; Tue, 2 Jun 2009 14:35:48 -0500
Received: from maillennium.att.com (mailgw1.maillennium.att.com [135.25.114.99]) by klph001.kcdc.att.com (8.14.0/8.14.0) with ESMTP id n52JZj36020123; Tue, 2 Jun 2009 14:35:45 -0500
Message-Id: <200906021935.n52JZj36020123@klph001.kcdc.att.com>
Received: from acmt.att.com (martym.mt.att.com[135.16.251.71](misconfigured sender)) by maillennium.att.com (mailgw1) with SMTP id <20090602193544gw1000u6rre>; Tue, 2 Jun 2009 19:35:44 +0000
X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9
Date: Tue, 02 Jun 2009 15:35:44 -0400
To: Donald Eastlake <d3e3e3@gmail.com>, iesg@ietf.org, secdir@ietf.org, Matthew Zekauskas <matt@internet2.edu>, Henk Uijterwaal <henk@ripe.net>, kaynam.hedayat@exfo.com
From: Al Morton <acmorton@att.com>
In-Reply-To: <1028365c0906021204i5819935dx35477354b4b3aa36@mail.gmail.co m>
References: <1028365c0906021204i5819935dx35477354b4b3aa36@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Mailman-Approved-At: Tue, 02 Jun 2009 13:01:37 -0700
Subject: Re: [secdir] draft-ietf-ippm-more-twamp-02.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jun 2009 19:35:55 -0000
Thanks for your comments, Donald, well-sorted through.
I think the following will do it,
Al
5. Security Considerations
OLD
The extended mixed-mode of operation permits stronger security/
integrity protection on the TWAMP-Control protocol while
simultaneously emphasizing accuracy or efficiency on the TWAMP-Test
protocol, thus making it possible to increase overall security when
compared to the previous options.
NEW
The extended mixed-mode of operation permits stronger security/
integrity protection on the TWAMP-Control protocol while
simultaneously emphasizing accuracy or efficiency on the TWAMP-Test
protocol, thus making it possible to increase overall security when
compared to the previous options (when resource constraints would
have forced less security for TWAMP-Control and where unauthenticated
TWAMP-Test is not a significant concern).
At 03:04 PM 6/2/2009, Donald Eastlake wrote:
>I have reviewed this document as part of the security directorate's
>ongoing effort to review all IETF documents being processed by the
>IESG. Document editors and WG chairs should treat these comments just
>like any other last call comments.
>
>This draft does two things in connection with the Two-Way Active
>Measurement Protocol (TWAMP) a protocol which builds on the One-Way
>Active Measurement Protocol (OWAMP):
> (1) Add an extension whereby the TWAMP-Test protocol can be done
>in an unauthenticated mode while TWAMP-Control is authenticated and
>encrypted, where previously they had been required to have the same
>security mode. TWAMP-Control is used to initiate, start, and stop,
>etc. test sessions, while TWAMP-Test is used to exchange test packets.
> (2) The draft establishes an IANA registration called TWAMP-Modes
>for adding features. Establishing the IANA registry as such is not
>security relevant.
>
>This draft has a brief Security Considerations section. It
>incorporates by reference the lengthy Security Considerations in RFC
>4656, which specified OWAMP, and from RFC 5357, which specifies TWAMP
>and adds considerations for one DoS attack which overlooked in RFC
>4656. Generally, this incorporation by reference is adequate.
>
>However, the draft Security Considerations sections has one additional
>sentence which includes the words "thus making it possible to increase
>overall security when compared to the previous options". That would
>only be true if the additional burden, under previous options where
>both control and test had the same security mode, of securing both
>TWAMP-Control and TWAMP-Test was prohibitive, forcing less security
>for TWAMP-Control and where having TWAMP-Test unauthenticated is not a
>problem with respect to the security threats in the particular
>instance. I believe the Security Considerations section should be
>re-worded to either drop the claim of "increase overall security" or
>at least make it clear that the claim only applies under resource
>constraints that would, under previous modes, have forced less
>security for TWAMP-Control and where unauthenticated TWAMP-Test is not
>a significant security concern.
>
>Thanks,
>Donald
>=============================
> Donald E. Eastlake 3rd +1-508-634-2066 (home)
> 155 Beaver Street
> Milford, MA 01757 USA
> d3e3e3@gmail.com
- [secdir] draft-ietf-ippm-more-twamp-02.txt Donald Eastlake
- Re: [secdir] draft-ietf-ippm-more-twamp-02.txt Donald Eastlake
- Re: [secdir] draft-ietf-ippm-more-twamp-02.txt Al Morton