Re: [secdir] SECDIR Review draft-ietf-dots-rfc8782-bis-05
mohamed.boucadair@orange.com Thu, 27 May 2021 12:48 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BC5F3A0474; Thu, 27 May 2021 05:48:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=orange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RhwrjRPEzxdZ; Thu, 27 May 2021 05:48:30 -0700 (PDT)
Received: from relais-inet.orange.com (relais-inet.orange.com [80.12.66.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 12AAF3A07A5; Thu, 27 May 2021 05:48:29 -0700 (PDT)
Received: from opfedar05.francetelecom.fr (unknown [xx.xx.xx.7]) by opfedar22.francetelecom.fr (ESMTP service) with ESMTP id 4FrSKl11n2z307V; Thu, 27 May 2021 14:48:27 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orange.com; s=ORANGE001; t=1622119707; bh=FW7fze/Trdxcfrtcw5YYIlvBxUP7mYDA3pL2xoQPNlw=; h=From:To:Subject:Date:Message-ID:Content-Type: Content-Transfer-Encoding:MIME-Version; b=i2aBOR0LF6PKG7Wbim1hcbZWb1Iv2qmoFeKTT/z8qcZxxaVWSD6qPaK9vcbgAyqyT mzAdo1DNuZeeiLfOk8GFEgofBjj70SOYIwMxWQh/6KOVpTPah4qMBdFhSGwOrzz1Sf 2/TR+uobYB8U6ANUnxI6jPe9ytvvbCJtXUQ+SvCNLFDF4Bc1QxjDBr7VO2y2weoToF KYJB3dDQFsa2uLY7lr5xRxc3EGIDG91m2Tan00tUuGAYU/B3EdcU4pOf7nJc/8tUit Z3jIeJmaTtt8TUE+jD6iIkRiYqyTJiKFsWDnu6A0y2GLjr7JZgEl6zERF7bekYOUlr BltItCv8xdGjA==
Received: from Exchangemail-eme6.itn.ftgroup (unknown [xx.xx.13.67]) by opfedar05.francetelecom.fr (ESMTP service) with ESMTP id 4FrSKk6jpjz2xC2; Thu, 27 May 2021 14:48:26 +0200 (CEST)
From: mohamed.boucadair@orange.com
To: Benjamin Kaduk <kaduk@mit.edu>, Donald Eastlake <d3e3e3@gmail.com>
CC: "iesg@ietf.org" <iesg@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "draft-ietf-dots-rfc8782-bis.all@ietf.org" <draft-ietf-dots-rfc8782-bis.all@ietf.org>, secdir <secdir@ietf.org>
Thread-Topic: SECDIR Review draft-ietf-dots-rfc8782-bis-05
Thread-Index: AQHXUrLBvjlmu5Go1ESl3QN76YQQ7Kr3R18A
Date: Thu, 27 May 2021 12:48:26 +0000
Message-ID: <25321_1622119706_60AF951A_25321_425_1_787AE7BB302AE849A7480A190F8B93303538FF1F@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
References: <CAF4+nEEAQDNir0ApDqBu3b2H3c-9KM+b=zuaDkaMSn0x0v5Z-Q@mail.gmail.com> <23514_1616507505_6059F271_23514_186_1_787AE7BB302AE849A7480A190F8B93303535A427@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <CAF4+nEEX1P-15zaGGhKc05tjCH_s5bYTNy9tXDAz7=4iZzyQKA@mail.gmail.com> <20210527044240.GT32395@kduck.mit.edu>
In-Reply-To: <20210527044240.GT32395@kduck.mit.edu>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.114.13.247]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/v1IEm3jEh_zMlcQc8c5L0-ZM4Z0>
Subject: Re: [secdir] SECDIR Review draft-ietf-dots-rfc8782-bis-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 May 2021 12:48:36 -0000
Hi Ben, Donald, I think this is now fixed in: https://www.ietf.org/rfcdiff?url1=draft-ietf-dots-rfc8782-bis-06&url2=draft-ietf-dots-rfc8782-bis-07 Cheers, Med > -----Message d'origine----- > De : Benjamin Kaduk [mailto:kaduk@mit.edu] > Envoyé : jeudi 27 mai 2021 06:43 > À : Donald Eastlake <d3e3e3@gmail.com> > Cc : BOUCADAIR Mohamed TGI/OLN <mohamed.boucadair@orange.com>; > iesg@ietf.org; last-call@ietf.org; draft-ietf-dots-rfc8782- > bis.all@ietf.org; secdir <secdir@ietf.org> > Objet : Re: SECDIR Review draft-ietf-dots-rfc8782-bis-05 > > Hi Donald, > > First off, thanks for the review, and thanks to Med for the updates > in response. Continuing inline... > > On Sat, Mar 27, 2021 at 11:42:56PM -0400, Donald Eastlake wrote: > > Hi, > > > > Thanks for adopting so many of my suggestions. > > > > See below where I have trimmed to points where we disagree that I > > think I have something to add. > > > > On Tue, Mar 23, 2021 at 9:51 AM <mohamed.boucadair@orange.com> > wrote: > > > Hi Donald, > > > > > >... > > > > > > De : Donald Eastlake [mailto:d3e3e3@gmail.com] Envoyé : mardi 23 > > > mars 2021 05:53 À : iesg@ietf.org; last-call@ietf.org Cc : > > > draft-ietf-dots-rfc8782-bis.all@ietf.org; secdir > <secdir@ietf.org> > > > Objet : SECDIR Review draft-ietf-dots-rfc8782-bis-05 > > > > > > ... > > > > > > Minor Issues / Nits: > > > > > >... > > > > > > General/Global: All six occurrences of "as a reminder" should be > > > deleted from the draft. They just add useless words. > > > > > > [Med] Except the one about IPv4/IPv6, those were added to address > comments that we received in the past. I prefer to maintain them. > > > > Perhaps I was not clear. I have no problem with the substantive > > material you have included AFTER the words "as a reminder,". I was > > mearly suggesting that the literal three word sequence "as a > reminder" > > is three superfluous words that should be removed. > > Thanks for reiterating the intent of the suggestion. > I think I am okay leaving them in for now, and seeing if the rest of > the IESG has an opinion. > > > > > > > ... > > > > > > Section 4.4.1: > > > > > > The following draft text uses "the trailing "=" " which implies > that > > > a base 64 encoding ends with exactly one equal sign. But I > believe > > > there can be zero, one, or two equal signs. I suggest the > following: > > > OLD > > > The truncated output is > > > base64url encoded (Section 5 of [RFC4648]) with the > trailing > > > "=" removed from the encoding, and the resulting value > used as > > > the 'cuid'. > > > NEW > > > The truncated output is > > > base64url encoded (Section 5 of [RFC4648]) with any > trailing > > > equal signs ("=") removed from the encoding, and the > > > resulting value used as the 'cuid'. > > > > > > [Med] We meant “any trailing”. Fixed by updating to “two trailing > "="” > > > > That still seems wrong to me. The initial wording ("the trainling > > "="") implied exactly one equal sign. The new wording ("the two > > training "="") implies exactly two equal signs. But there can be > zero, > > one, or two. If you mean "any training "="", which would be good, > why > > don't you say that (or, alternatively, "all trailing")? > > In this case the quantity in question is always a 16-byte binary > quantity that's being base64-encoded, so there always will be two > padding characters to remove. > > > > > > >... > > > > > > Section 7.3: Since the PMTU can change and could be lower that > the > > > values suggested to be assumed in the first paragraph of Section > > > 7.3, it is essentially impossible to conform to the first > sentence > > > as written. I suggest the following change: > > > OLD > > > To avoid DOTS signal message fragmentation and the subsequent > > > decreased probability of message delivery, DOTS agents MUST > ensure > > > that the DTLS record fits within a single datagram. > > > > > > [Med] We are echoing the following from Section 4.1.1 of 6347: > > > > > > “Each DTLS record MUST fit within a single datagram.” > > > > I don't agree that you are "echoing" RFC 6347. If you were, you > would > > say > > > > "To avoid DOTS signal message fragmentation and the subsequent > > decreased probability of message delivery, the DTLS records MUST > fit > > within a single datagram." > > > > If you had said that, I would not have complained. It is a true > > statement of the bad effects DTLS records not fitting in a > datagram. > > I think I see your point. Since RFC 6347 already has a "MUST fit" > requirement, we could just rely on that and avoid using new normative > language (I think your point is that "MUST ensure" is not something > that can reliably be achieved, since the DOTS agent may not know > about MTU changes). Perhaps we can say something like: > > To avoid DOTS signal message fragmentation and the subsequent > decreased probability of message delivery, the DLTS records need to > fit within a single datagram [RFC6347]. > > > > > NEW > > > To avoid DOTS signal message fragmentation and the subsequent > > > decreased probability of message delivery, DOTS agents MUST > NOT > > > send datagrams exceeding the limits discussed in this Section. > > > > > > ... > > > > > > The way this sentence talks about moving around "mitigation > efficacy" > > > reads very strangely to me. I suggest the following re-wording: > > > OLD > > > A compromised DOTS client can collude with a DDoS attacker to > send > > > mitigation request for a target resource, get the mitigation > efficacy > > > from the DOTS server, and convey the mitigation efficacy to > the DDoS > > > attacker to possibly change the DDoS attack strategy. > > > NEW > > > A compromised DOTS client can be commanded by a DDoS attacker > to > > > abuse mitigation requests for a target resource. This could > use the > > > "mitigation" abilities of the DOTS server for the benefit of > the > > > attacker possibly leading to a changed and more effective DDoS > > > attack strategy. > > > > > > [Med] Thanks. I prefer the OLD wording. > > > > I think I understand what you mean by "efficacy" more clearly now > but > > I still think you should fix the grammar by changing "request" in > the > > 2nd line to "requests" (or, if you really mean this to be singular, > > change the wording to "a mitigation request"). > > (I think it's supposed to be singular. Yes, there's a cardinality > mismatch.) > > Thanks again, > > Ben _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
- [secdir] SECDIR Review draft-ietf-dots-rfc8782-bi… Donald Eastlake
- Re: [secdir] SECDIR Review draft-ietf-dots-rfc878… mohamed.boucadair
- Re: [secdir] SECDIR Review draft-ietf-dots-rfc878… Donald Eastlake
- Re: [secdir] SECDIR Review draft-ietf-dots-rfc878… Benjamin Kaduk
- Re: [secdir] SECDIR Review draft-ietf-dots-rfc878… mohamed.boucadair
- Re: [secdir] SECDIR Review draft-ietf-dots-rfc878… Donald Eastlake