Re: [secdir] Secdir last call review of draft-ietf-capport-rfc7710bis-04

Martin Thomson <mt@lowentropy.net> Mon, 18 May 2020 01:26 UTC

Return-Path: <mt@lowentropy.net>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B664D3A0437; Sun, 17 May 2020 18:26:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.198
X-Spam-Level:
X-Spam-Status: No, score=-0.198 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=o26GLmiM; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=i2fnnR4G
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CaG3ApcTwN88; Sun, 17 May 2020 18:26:49 -0700 (PDT)
Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EBCA53A0442; Sun, 17 May 2020 18:26:48 -0700 (PDT)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id 7085C5C0042; Sun, 17 May 2020 21:26:47 -0400 (EDT)
Received: from imap2 ([10.202.2.52]) by compute2.internal (MEProxy); Sun, 17 May 2020 21:26:47 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :cc:subject:content-type; s=fm2; bh=jcPdFnvYWfIVB0/WvFKgu8lHQ0Bp jiBqm2FxX0ZMBSw=; b=o26GLmiMLsDgXmjEcbXJ9Zc5RSuNqA6NEFkATjD6p7Iv xMWotiO+/T6nirUDswtXj0CBUtWRcYJRF0YJbmjKYuOi8yBIt1iCwUOGhUPD8Ge7 RXsiLdK8ookuFuAbRph+Rs97QQRKAXwiD3PHLpWwgh0VFrxayY0yWHtvwjVS1pR0 ZLvslOEjmrm+3fGWbgDkri2IeFljGVhdbGeI5ZxyKeErGQYa3QGOJtJQ112HQDdo x1hw4cpF3KrvcsyTIcvwxP4CSzXQJIWKVAxBXZZX469PAsI+XYgsqCNbBmbt98dB /IyQ9gQtQY1I4Ifuy5Oa8CY4tvQEaPy3Gaf4pn62/A==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=jcPdFn vYWfIVB0/WvFKgu8lHQ0BpjiBqm2FxX0ZMBSw=; b=i2fnnR4GMbVpUBLx5ewwu/ vCQCEZzI3cfC7q3a3RSpNbKv5XTX79fh1E+FleN/KupnYEbDasLKHBMg1iM9hD48 SC/sjcOU/r8OoRMfu0uTihmP8pChIvVa0XUKUOC4+U1DtJftmXnWtoCwYulQ2ylt QdnijwXHtzr9wEcagMqHZ2wq1nUiWLcDmYQwitXyMsonyGdwRVPYrWXhHr22wt9d i06a/12aiKBIfr9iSRDGgmHNAVSejtasyvHkZnP84OF2tJGI4vIJ814gX/gXV9Wo Q48ls7Sy9/OuwbFMZIPM8LjKKVLfbwcQMqnGWTgRV0WC2ENV/wmCyQSsQCnrt8vw ==
X-ME-Sender: <xms:V-TBXkN6cgnP2W_q65YYmG5ED6U26tsGfjJwzdeJQlKkIQ_AVAEYAg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduhedruddtgedggeegucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvufgtsehttd ertderredtnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhho figvnhhtrhhophihrdhnvghtqeenucggtffrrghtthgvrhhnpedtfeekvdfhtddvleegtd fffffgudfgudeftdfhueejuedtleefueevgfeluddtheenucffohhmrghinhepvgigrghm phhlvgdrtghomhenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfh hrohhmpehmtheslhhofigvnhhtrhhophihrdhnvght
X-ME-Proxy: <xmx:V-TBXq9cUPePiggxhk1ew9cxgKgtQrQ4Kb3UF269ShhNK5qpQQwfng> <xmx:V-TBXrQIMauwkGb_KSBSBFmQMsgpCCu-K8sGU5spQFC0nM5_GfGDMw> <xmx:V-TBXsvYhVQs7ylK7t5i11vx9HSdjo_bowjLg6aKsd127xBzkQMTxg> <xmx:V-TBXmrW-1BLTWPayGCVzlRFKR8ZyODv4s7VdSeNRVU86gxBY1wd3Q>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 17814E00B3; Sun, 17 May 2020 21:26:47 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.3.0-dev0-413-g750b809-fmstable-20200507v1
Mime-Version: 1.0
Message-Id: <cf39782e-3d76-4104-9430-164f8b1a9846@www.fastmail.com>
In-Reply-To: <CADNypP9hk+gpGuch0mxnePTVRMnn+GmCbpFpKYkVRV4C_FRUgA@mail.gmail.com>
References: <CADNypP8o+d4ivAacHQiXUk96F0gDqFe2Qa6rPQsCBgDr_=wHrQ@mail.gmail.com> <CADNypP9hk+gpGuch0mxnePTVRMnn+GmCbpFpKYkVRV4C_FRUgA@mail.gmail.com>
Date: Mon, 18 May 2020 11:26:29 +1000
From: "Martin Thomson" <mt@lowentropy.net>
To: "Rifaat Shekh-Yusef" <rifaat.s.ietf@gmail.com>, secdir@ietf.org
Cc: captive-portals@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/z-TrmQAAo8Q69QhxImN1uwogQT8>
Subject: Re: [secdir] Secdir last call review of draft-ietf-capport-rfc7710bis-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 May 2020 01:26:51 -0000

Adding more lists.

On Sun, May 17, 2020, at 02:50, Rifaat Shekh-Yusef wrote:
> > Here is a quote form the API document:
> > "The hostname of the API SHOULD be displayed to the user in order to indicate the entity which is providing the API service."
> > 
> > This seems to suggest that the user is expected to inspect the displayed name and make sure it is make sense in the context of whoever is providing that service. 

I don't think that is the case.  If this were a security mechanism, then it would use "MUST".  This is likely for the purpose of enabling some sort of accountability.  In other words, this is to offer maximal information about what is going on.

> > Since this would be an easier attack compared to the interception attack, and IP address is still permitted, then an attacker might force the use of IP address to make it harder for the user to make sense of the displayed name.

I don't think that is materially different than getting a name with confusable characters (or using the prefix hack, example.com.<some-guid>.example, in an attempt to confuse).