IETF Logo Mail Archive

Re: [secdir] Secdir last call review of draft-ietf-lsr-pce-discovery-security-support-05

Yaron Sheffer <yaronf.ietf@gmail.com> Mon, 09 August 2021 13:44 UTC

Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A5D1B3A1295; Mon, 9 Aug 2021 06:44:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ic_B3oQTNdx1; Mon, 9 Aug 2021 06:44:24 -0700 (PDT)
Received: from mail-io1-xd31.google.com (mail-io1-xd31.google.com [IPv6:2607:f8b0:4864:20::d31]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6FAF53A12B9; Mon, 9 Aug 2021 06:44:21 -0700 (PDT)
Received: by mail-io1-xd31.google.com with SMTP id e186so25572786iof.12; Mon, 09 Aug 2021 06:44:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=user-agent:date:subject:from:to:cc:message-id:thread-topic :references:in-reply-to:mime-version:content-transfer-encoding; bh=uA7F4t96xgdFA4SNwDobglo150WrjBOUQJslmYokUQE=; b=aQTuF2yTwpxOqoyCvWW2YHycMllA8GrFGQvqeopluCWIa/B4Gt6lXBdK/mzWL4OmDR nsT0NLoMxEIg2gk3Mus4ltiWPA8grFPy0SyjQuT01U878cfmtpte+nXVxLiRscbF1D3L exC2mE4gUNdxD4LVlHz4ajyBHTYRD2f1jDoCln3pmY7SH3oubgtHt+mYyPpmOMFfhysy 0pQTQAKIDgbsADxSXEeY1axu2OWcDSx8i0aA+GC6OzsOdp4rmSEiVDCVQc0nQ6QYVevv obFE+B9YHHGPmW38/sMIPDO11AlyqtTmEhyZja38zsZGFH0MGvPIO8fVV+ydJTsLgMxy Aw7w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:cc:message-id :thread-topic:references:in-reply-to:mime-version :content-transfer-encoding; bh=uA7F4t96xgdFA4SNwDobglo150WrjBOUQJslmYokUQE=; b=LsRPtNeupf9IRrikNo6TlPz19r2crNOUluIMhqFHyNw0WaNODn/tOXQf4liNG8IT9Z 7964HIstl8UyRlBLtNs5meXzSQ3QuWh2h8JNQ4ZJbWlVgahxP2MSO0SZNfzy1Kk6DTvw Ski0aVWkDBM1Ep6+KNBPwnc9DIenhlbiGDAlcKDvsRAplfcPlcn9dZ9lYvp7VFp0UiUg X8VL+2zHgfSkLR64zUPHBb4XDk9hJLCgl957xk/S2VqHlolcZlEeH1CtYsNWgEkAqaLY rop1xjC88rvI79A40x1jcGfHBhu3wkmkEzppoRnOjSAtHCWXWHT9G4Mr7iCF/VzlYpuG N/lw==
X-Gm-Message-State: AOAM533rDQurxtufo82mLUteeZj1OpqqpLf6kN4w2ZvozgJOLGxUR/Rt qerrnil3rK2glbRO2KvxnHg=
X-Google-Smtp-Source: ABdhPJzVBSGFIBpOkZFdt5HzZ4i7Py9RiLytxGKwIMw5Ll/rBsP2JACKumfkrduTCNuZ25A162sISw==
X-Received: by 2002:a05:6638:1004:: with SMTP id r4mr22826333jab.105.1628516660052; Mon, 09 Aug 2021 06:44:20 -0700 (PDT)
Received: from [192.168.68.110] (bzq-79-181-28-50.red.bezeqint.net. [79.181.28.50]) by smtp.gmail.com with ESMTPSA id f9sm3841351ilk.56.2021.08.09.06.44.17 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 09 Aug 2021 06:44:19 -0700 (PDT)
User-Agent: Microsoft-MacOutlook/16.51.21071101
Date: Mon, 09 Aug 2021 16:44:15 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
To: Qin Wu <bill.wu@huawei.com>, "secdir@ietf.org" <secdir@ietf.org>
CC: "draft-ietf-lsr-pce-discovery-security-support.all@ietf.org" <draft-ietf-lsr-pce-discovery-security-support.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "lsr@ietf.org" <lsr@ietf.org>
Message-ID: <0D7D6324-9F23-4E67-B66B-D0A7DD640035@gmail.com>
Thread-Topic: Secdir last call review of draft-ietf-lsr-pce-discovery-security-support-05
References: <a54b52bd71be4f8380f5288197c683bb@huawei.com>
In-Reply-To: <a54b52bd71be4f8380f5288197c683bb@huawei.com>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/zgxB_ffIT9i4X62dZBLro90L2kQ>
Subject: Re: [secdir] Secdir last call review of draft-ietf-lsr-pce-discovery-security-support-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Aug 2021 13:44:29 -0000

Hi Qin,

Thank you for your response.

* RFC 3567 (for IS-IS) is obsoleted by RFC 5304. Unfortunately RFC 5304 still uses HMAC-MD5, which would be considered insecure nowadays.
* RFC 2154 is very old and Experimental (and only supports RSA-MD5 signatures). I'm not an OSPF expert by any means, but I'm willing to bet that there are no production implementations of this RFC. (I'm willing to be proven wrong). Is there another RFC that defines a protection mechanism for OSPF?

All in all, there appear to be no good options for the IGP.

To your last point, when I mentioned decoupling the mechanisms, I was suggesting to use the extension you define even if the IGP *cannot* be secured. If you think this is reasonable, please add such text to the Security Considerations.

Thanks,
	Yaron

On 8/9/21, 16:09, "Qin Wu" <bill.wu@huawei.com> wrote:

    Thanks Yaron for valuable comments, please see my reply inline below.
    -----邮件原件-----
    >发件人: Yaron Sheffer via Datatracker [mailto:noreply@ietf.org] 
    >发送时间: 2021年8月6日 3:25
    >收件人: secdir@ietf.org
    >抄送: draft-ietf-lsr-pce-discovery-security-support.all@ietf.org; last-call@ietf.org; lsr@ietf.org
    >主题: Secdir last call review of draft-ietf-lsr-pce-discovery-security-support-05

    >Reviewer: Yaron Sheffer
    >Review result: Not Ready

    >This document defines a mechanism (a TLV) to advertise the PCE Protocol security required (use of TCP-AO and its key ID, or alternatively use of TLS) within the routing protocol being used.

    >* Sec. 3.1: I don't understand why "SHOULD advertise" and not MUST. Especially given the strict client behavior defined later.
    [Qin]: I believe "SHOULD advertise" is consistent with client behavior defined later, i.e., we apply SHOULD NOT language to the client behavior.
    I am not sure we should change it into strong language with MUST. Since if IGP advertisement doesn't include TCP-AO
     support flag bit or TLS support flag bit, NMS may fall back to configure both PCC and PCE server to support TCP-AO or TLS. That's one of reason I think why we choose to use SHOULD language.

    >* Sec. 3.1: should we also say something about the case where both methods are advertised, and whether we recommend for the client to use one of them over the other?

    [Qin]: It is up to local policy, which has bee clarified in the end of section 3.1. Hope this clarify.

    >* Sec. 4: typo (appears twice) - "to be carried in the PCED TLV of the for use".

    [Qin]:Thanks, have fixed them in the local copy.

    >* Sec. 7: this phrase appears to be essential to security of this mechanism: "it MUST be insured that the IGP is protected for authentication and integrity of the PCED TLV". I would expect more guidance: how can this property be ensured in the relevant IGPs?
    [Qin]:I think mechanism defined in [RFC3567] and [RFC2154] can be used to ensure authenticity and integrity of OSPF LSAs or ISIS LSPs and their TLVs. Here is the proposed changes:
    OLD TEXT:
    "
       Thus before advertisement of
       the PCE security parameters, it MUST be insured that the IGP is
       protected for authentication and integrity of the PCED TLV if the
       mechanism described in this document is used.
    "
    NEW TEXT:
    "
       Thus before advertisement of
       the PCE security parameters, it MUST be insured that the IGP is
       protected for authentication and integrity of the PCED TLV with mechanisms defined in [RFC3567][RFC2154] if the
       mechanism described in this document is used.
    "
    >* Also, a possibly unintended consequence of this requirement is that if the IGP cannot be protected in a particular deployment/product, this mechanism would not be used. Please consider if this is likely to happen and whether we want to forego PCEP transport >security in such cases. My gut feel (not based on experience in such networks) is that the threat models are different enough that we should decouple the security of IGP from that of PCEP.

    [Qin] I agree IGP security should be separated from PCEP security. IGP extension defined in this document is used by the PCC to select PCE server with appropriate security mechanism. On the other hand, Operator can either use IGP advertisement for PCEP security capability or rely on local policy to select PCE. If operator feels IGP advertisement is not secure, he can fall back to local policy or rely on manual configuration. Hope this clarifies.

v2.23.0 | Report a Bug | By Email