Re: [secdir] SecDir review of draft-ietf-manet-dlep
"Ratliff, Stanley" <sratliff@idirect.net> Mon, 05 December 2016 00:50 UTC
Return-Path: <sratliff@idirect.net>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1EAE4129677; Sun, 4 Dec 2016 16:50:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=idirect.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YyCXOOYKhx60; Sun, 4 Dec 2016 16:50:44 -0800 (PST)
Received: from mx0b-00229401.pphosted.com (mx0a-00229401.pphosted.com [148.163.157.249]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 14261129667; Sun, 4 Dec 2016 16:50:44 -0800 (PST)
Received: from pps.filterd (m0097894.ppops.net [127.0.0.1]) by mx0b-00229401.pphosted.com (8.16.0.17/8.16.0.17) with SMTP id uB50lDOD012606; Sun, 4 Dec 2016 19:50:34 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=idirect.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=dk1; bh=/7EZasPMIMGsLMh53k/BpXMfkH09cyPktJJMncb6t0U=; b=iAIDFWqvzmIRsftQX7+BkfZu/cYbcy0sDx0vU2qr+E78gjju1q/qvkKvbybo9DCSyEhB cqLXtYyLzfmEPyU3yA5pU8WBQAQ7j/FJsSm1zC7NfIvwUrFHOJLqXlFR7HNQUBWI4sCW uV9K1FOUVzpCxuTq6+jvn/rtIJcja/4lKxvr7eepcOrB6vjZJIG0MSD8obatDueJJTNK dCE7wfYQXGMLgdHdyAmp19WDNtYqYdYMaF1uDAp8ToRkUaR8leguuYNomakvcJ48LgGK p09ijH3YZ1WvO1g1BY2Cevk4zPhOIQXRJLYyaKrzGge4d2A4HQJ5qhySlePvq3tiMoUn cg==
Received: from webmail.idirect.net ([198.180.159.2]) by mx0b-00229401.pphosted.com with ESMTP id 273tq80vru-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Sun, 04 Dec 2016 19:50:34 -0500
Received: from VAUSDITCHM2.idirect.net (10.250.250.202) by VAUSDITCHM3.idirect.net (10.250.250.203) with Microsoft SMTP Server (TLS) id 15.0.1236.3; Sun, 4 Dec 2016 19:50:32 -0500
Received: from VAUSDITCHM2.idirect.net ([fe80::b5b6:9e50:3403:e75d]) by VAUSDITCHM2.idirect.net ([fe80::b5b6:9e50:3403:e75d%15]) with mapi id 15.00.1236.000; Sun, 4 Dec 2016 19:50:32 -0500
From: "Ratliff, Stanley" <sratliff@idirect.net>
To: Christian Huitema <huitema@huitema.net>, "'Taylor, Rick (External)'" <rick.taylor.external@airbus.com>, 'Paul Hoffman' <paul.hoffman@vpnc.org>
Thread-Topic: [secdir] SecDir review of draft-ietf-manet-dlep
Thread-Index: AQHSP9dxooq1deGLb0CN9D0fTSXK8AJp8YIyAbfck2mf1Pcy0ID54YMAgAEuYACAB4ou0A==
Date: Mon, 05 Dec 2016 00:50:31 +0000
Message-ID: <c600c5155ba24ac4be636bc138e34f9c@VAUSDITCHM2.idirect.net>
References: <30706_1479279750_582C0485_30706_8297_7_C7F1D029-C067-4AF6-9F40-436F7BA54311@vpnc.org> <B177F831FB91F242972D0C35F6A0733163AD92C3@SUCNPTEXM01.com.ad.uk.ds.corp> <0AE7C2DE-B316-4675-B7BE-EB9AC50ED955@vpnc.org> <4035_1480388659_583CF032_4035_1030_1_003b01d249ed$3f003260$bd009720$@huitema.net> <B177F831FB91F242972D0C35F6A0733163AE0516@SUCNPTEXM01.com.ad.uk.ds.corp> <033801d24aa0$b34f09d0$19ed1d70$@huitema.net>
In-Reply-To: <033801d24aa0$b34f09d0$19ed1d70$@huitema.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.250.250.20]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2016-12-04_14:, , signatures=0
X-Proofpoint-Spam-Details: rule=outboundspam_notspam policy=outboundspam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1609300000 definitions=main-1612050011
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/wx4a_2ozWHZ1dTiQKJbkSWDAuPI>
Cc: "draft-ietf-manet-dlep.all@ietf.org" <draft-ietf-manet-dlep.all@ietf.org>, 'secdir' <secdir@ietf.org>
Subject: Re: [secdir] SecDir review of draft-ietf-manet-dlep
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Dec 2016 00:50:46 -0000
Christian/Paul, Thanks for your time and effort to review DLEP. I have a question inline. > -----Original Message----- > From: Christian Huitema [mailto:huitema@huitema.net] > Sent: Tuesday, November 29, 2016 7:29 PM > To: 'Taylor, Rick (External)' <rick.taylor.external@airbus.com>; 'Paul Hoffman' > <paul.hoffman@vpnc.org> > Cc: 'secdir' <secdir@ietf.org>; draft-ietf-manet-dlep.all@ietf.org > Subject: RE: [secdir] SecDir review of draft-ietf-manet-dlep > > On Tuesday, November 29, 2016 2:09 AM, Rick Taylor wrote: > > >> This layer 2 security model is effectively an implementation of > "perimeter > >> security", and has all the known issues with perimeter security. Two > classic > >> attacks are "finding a way to send packets through the perimeter" and > >> "subvert a node already installed inside the perimeter". The draft > attempts > >> to mitigate the first class of attacks by using the mechanism of RFC > 5082, > >> although it does not actually use it correctly. There is no > >> mitigation > for the > >> "subverted node" attack. > > > > There has been extensive discussion within the WG on this topic, and > > we do fully understand the concerns. The security of DLEP has always > > been a > major > > worry for the authors/WG as we are being pulled in two directions: > > The > sticking > > point is the situation where an implementer has the modem and router > > as > two > > separate modules in a single chassis (or secured perimeter), and wants > > to > avoid > > the perceived complexity/annoyance of implementing TLS. The authors > have > > > received off-the-record comment from major radio vendors stating that > > they > will > > not adopt DLEP if it requires TLS. However, I agree that both your > comments are > > absolutely valid. The question is how to reconcile the difference? > > There may be different deployment scenarios. As is, I would not recommend > deploying DLEP if the Lan provides access to anything else than the router > and the modem. For the other scenarios, you really want to use something > like TLS with appropriate credentials. > > > We are searching for some mechanism that would allow the protocol to: > > > > a) Specify how to secure the session correctly. > > b) Secure the session by default. > > c) Allow either peer to waive the requirement for security in a way > > that > cannot be maliciously > > downgraded. > > > > Is a STARTTLS style approach acceptable? Or is an http/https style two > port approach > > preferred? I'm not asking for the solution, but trying to avoid > > wasting > your and our time. > > Of course, I have no idea of the operational constraints, but at a high level > you seem to have the same problem as various small appliances and devices. > My gut feeling is that the same solutions apply, e.g., a one time "pairing" to > establish trust between router and modem, and then using TLS and verifying > the appropriate credentials, e.g., some shared secret. You could make that > optional when the perimeter is really tightly controlled. > Yes, this is a reasonable scenario. Can you point me to a document that describes this one-time "paring", and then uses TLS? That seems like a solution we could leverage. The main issue, as Rick mentions, is that we (the authors) have received significant push-back from some radio vendors about implementing TLS in existing gear. DLEP has applicability in both the commercial and government-use spaces. Specifically in the government-use case, there is concern about requiring TLS functionality when both the radio(s) and the router are placed into a "physically secure environment" - for instance, into an armored vehicle, that already contains a high-grade Information Assurance device (like a HAIPE encryptor). In that type of environment, the requirement to use TLS is somewhat redundant. However, the protocol is useful in the commercial environment as well, and in those cases (as Rick has already said), we completely agree that proper security mechanisms should be implemented. We heard earlier in the discussion of the protocol that SecDir would essentially give us "MUST implement/MAY use" direction with regard to TLS - would it be acceptable to state the requirement as "SHOULD implement/MAY use", provided that use of TLS is strongly recommended, unless the deployment environment is physically secure? Regards, Stan > >> >> One area we have worked hard on addressing is mandating use of > >> >> RFC5082 (Generalized TTL Security) on the link between router and > >> >> modem (See Section 3.1). > >> > >> Not quite. RFC5082 suggests setting the TTL to 255 and checking the > >> value > on > >> the received message. Your draft suggests setting the TTL value to 1, > >> and checking the received value in the message. You need to fix that. > > > > TTL 1 is required for the discovery mechanism (UDP mcast) in an > > attempt to > restrict > > packets to a single hop (particularly for IPv4), but the TCP > > connection > for the session > > must use TTL 255 as per RFC5082 (The paragraph above). We might > > consider > re-ordering > > the paragraphs if you think it is unclear. > > TTL 255 prevents nodes from receiving packets from outside the LAN, TTL 1 > prevents nodes from leaking packets outside the LAN. An attacker can > format an UDP packet with a TTL just right, so that it arrives on the LAN with > TTL=1. At a minimum, this allows the attacker to trigger multicast UDP replies, > i.e., a form of DOS attack. Lucky attackers might be able to send a complex > packet and trigger a code fault. That's why "prevent packets from the outside > in" is generally better than "prevent packets from the inside out" -- multicast > routing normally stops transmission outside the LAN anyhow. > > If you decide to stick to TTL=1 for UDP, then you should definitely make the > text explicit, explain the difference of treatment between TCP and UDP. > > -- Christian Huitema > > > ============================================================================================================================================ This electronic message and any files transmitted with it contains information from iDirect, which may be privileged, proprietary and/or confidential. It is intended solely for the use of the individual or entity to whom they are addressed. If you are not the original recipient or the person responsible for delivering the email to the intended recipient, be advised that you have received this email in error, and that any use, dissemination, forwarding, printing, or copying of this email is strictly prohibited. If you received this email in error, please delete it and immediately notify the sender.
- [secdir] SecDir review of draft-ietf-manet-dlep Paul Hoffman
- Re: [secdir] SecDir review of draft-ietf-manet-dl… Taylor, Rick (External)
- Re: [secdir] SecDir review of draft-ietf-manet-dl… Paul Hoffman
- Re: [secdir] SecDir review of draft-ietf-manet-dl… Christian Huitema
- Re: [secdir] SecDir review of draft-ietf-manet-dl… Taylor, Rick (External)
- Re: [secdir] SecDir review of draft-ietf-manet-dl… Christian Huitema
- Re: [secdir] SecDir review of draft-ietf-manet-dl… Ratliff, Stanley