IETF Logo Mail Archive

Re: [secdir] review of draft-ietf-dhc-secure-dhcpv6-04.txt

Sheng Jiang <jiangsheng@huawei.com> Tue, 28 February 2012 11:18 UTC

Return-Path: <jiangsheng@huawei.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 11C1921F861F for <secdir@ietfa.amsl.com>; Tue, 28 Feb 2012 03:18:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=5 tests=[]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PGjLQhWTwtZo for <secdir@ietfa.amsl.com>; Tue, 28 Feb 2012 03:18:31 -0800 (PST)
Received: from szxga01-in.huawei.com (szxga01-in.huawei.com [119.145.14.64]) by ietfa.amsl.com (Postfix) with ESMTP id 5966521F85F7 for <secdir@ietf.org>; Tue, 28 Feb 2012 03:18:29 -0800 (PST)
Received: from huawei.com (szxga05-in [172.24.2.49]) by szxga05-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0M03006F1OQQJF@szxga05-in.huawei.com> for secdir@ietf.org; Tue, 28 Feb 2012 19:18:26 +0800 (CST)
Received: from szxrg02-dlp.huawei.com ([172.24.2.119]) by szxga05-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0M0300ALBOQ8V2@szxga05-in.huawei.com> for secdir@ietf.org; Tue, 28 Feb 2012 19:18:26 +0800 (CST)
Received: from szxeml210-edg.china.huawei.com ([172.24.2.119]) by szxrg02-dlp.huawei.com (MOS 4.1.9-GA) with ESMTP id AHL85764; Tue, 28 Feb 2012 19:17:52 +0800
Received: from SZXEML420-HUB.china.huawei.com (10.82.67.159) by szxeml210-edg.china.huawei.com (172.24.2.183) with Microsoft SMTP Server (TLS) id 14.1.323.3; Tue, 28 Feb 2012 19:17:30 +0800
Received: from SZXEML506-MBS.china.huawei.com ([169.254.3.20]) by szxeml420-hub.china.huawei.com ([10.82.67.159]) with mapi id 14.01.0323.003; Tue, 28 Feb 2012 19:17:42 +0800
Date: Tue, 28 Feb 2012 11:17:40 +0000
From: Sheng Jiang <jiangsheng@huawei.com>
X-Originating-IP: [10.108.4.88]
To: Sheng Jiang <jiangsheng@huawei.com>, Stephen Kent <kent@bbn.com>
Message-id: <5D36713D8A4E7348A7E10DF7437A4B92188B2659@SZXEML506-MBS.china.huawei.com>
MIME-version: 1.0
Content-type: multipart/mixed; boundary="Boundary_(ID_7PoVbMYukNNVeFUW0G0ZhA)"
Content-language: zh-CN
Accept-Language: en-GB, zh-CN, en-US
Thread-topic: review of draft-ietf-dhc-secure-dhcpv6-04.txt
Thread-index: AQHM1wVGR+IsEftM3kywUBVOpvWIcZYUcUbwgDPx0pCAAP6SAIAAhvYAgAanwQCAAb3/sA==
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
X-CFilter-Loop: Reflected
References: <p0624080ccb3e5b4801c7@[128.89.89.66]> <5D36713D8A4E7348A7E10DF7437A4B92188B034F@SZXEML506-MBS.china.huawei.com> <p06240802cb6b41feba2f@[172.20.8.192]>
Cc: "rdroms.ietf@gmail.com" <rdroms.ietf@gmail.com>, "john_brzozowski@cable.comcast.com" <john_brzozowski@cable.comcast.com>, "ted.lemon@nominum.com" <ted.lemon@nominum.com>, "shenshuo@cnnic.cn" <shenshuo@cnnic.cn>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] review of draft-ietf-dhc-secure-dhcpv6-04.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Feb 2012 11:18:32 -0000

Hi, Stephen,

We have modified our draft according to your comments. It improves our draft a lot. Could you please review the latest version? The attachment are txt version and the diff

Many thanks and best regards,

Sheng

From: Sheng Jiang
Sent: Monday, February 27, 2012 4:17 PM
To: Sheng Jiang; 'Stephen Kent'
Cc: 'secdir@ietf.org'; 'shenshuo@cnnic.cn'; 'ted.lemon@nominum.com'; 'john_brzozowski@cable.comcast.com'; 'rdroms.ietf@gmail.com'
Subject: RE: review of draft-ietf-dhc-secure-dhcpv6-04.txt

Hi, Stephen,

We are still working on your comments. You wrote "it appears that algorithm agility support for Secure DHCPv6 is based (in large part) on carrying the hash and signature algorithm IDs in the Signature Option. That is different from the RFC 4270 analysis of how to enable algorithm agility for the CGA itself."

Could you give further suggestion: if you don't like the way of agility support? What is better mechanism to support algorithm agility in our approach?

Many thanks and best regards,

Sheng

From: Sheng Jiang
Sent: Thursday, February 23, 2012 9:39 AM
To: 'Stephen Kent'
Cc: secdir@ietf.org; shenshuo@cnnic.cn; ted.lemon@nominum.com; john_brzozowski@cable.comcast.com; rdroms.ietf@gmail.com
Subject: RE: review of draft-ietf-dhc-secure-dhcpv6-04.txt

Hi, Stephen,

Thanks for point out the incorrect text. It was there from early stage design. I have corrected it in the new version.

Many thanks,

Sheng

From: Stephen Kent [mailto:kent@bbn.com]
Sent: Thursday, February 23, 2012 9:32 AM
To: Sheng Jiang
Cc: Sheng Jiang; secdir@ietf.org; shenshuo@cnnic.cn; ted.lemon@nominum.com; john_brzozowski@cable.comcast.com; rdroms.ietf@gmail.com; Stephen Kent
Subject: RE: review of draft-ietf-dhc-secure-dhcpv6-04.txt

At 2:33 AM +0000 2/22/12, Sheng Jiang wrote:
Hi, Stephen,

Thanks for your review. I have integrated them in a new version or make some correspondent improvements. However, I do not agree the below comment and would like to discuss it further.

<Stephen> The fact that the signature option can be placed anywhere in the DHCPv6 message strikes me as dangerous. It imposes a requirement on a receiver to treat the protected and unprotected portions of the message differently, for any possible placement of the signature option. This adds complexity to implementations, since the security checking would have to indicate to the rest of message processing which parts of a message were checked and which were not verified. Unless there are DHCHv6 options that may be modified (or added) legitimately when a message traverses a relay, it is not clear why there needs to be a provision to exclude any portions of a DHCPv6 message from  the integrity/authentication check.

<Sheng> The charge is not right here. Although the signature option can be placed anywhere, it actually protects ALL DHCPv6 options and payload (except for itself and auth option), see Section 5.2 for how to perform signature. Therefore, there is no unprotected  portion at all. The place of signature option does not mean the portion after it is unprotected.

The text in 5.2 states, when it describes the Sig option:

"It protects all the DHCPv6 header and options before it. Any options after the Signature option can be processed, but it should be noticed that they are not protected by this Signature option."

This text contradicts what you said above. The text later in 5.2, in the discussion of how to compute the sig value, says what you meant (sort of), but that contradicts the text cited above.  Also, the text describing how to compute the sig is incorrect, since it says:

" The signature constructed by using the sender's private key over the following sequence of octets:..."

The private key is used to sign the hash value computed over the sequence of octets described in this part of 5.2. Also, allowing the sig option  to appear anywhere in the message is, as I indicated earlier, a bad idea. Even if the text is corrected to make clear that the whole message is protected, it is "cleaner" to put the sig option at the end, so that the sender and receiver does not have to skip over it in computing the hash value that is to be signed.

Steve

v2.23.0 | Report a Bug | By Email