Re: [sfc] Secdir early review of draft-ietf-sfc-nsh-integrity-01
"Joel M. Halpern" <jmh@joelhalpern.com> Thu, 24 December 2020 19:51 UTC
Return-Path: <jmh@joelhalpern.com>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1FBDB3A07A9; Thu, 24 Dec 2020 11:51:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=joelhalpern.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UlcWCz0WyzeM; Thu, 24 Dec 2020 11:51:56 -0800 (PST)
Received: from mailb2.tigertech.net (mailb2.tigertech.net [208.80.4.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B162F3A06E7; Thu, 24 Dec 2020 11:51:53 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mailb2.tigertech.net (Postfix) with ESMTP id 4D211P3zHZz1pFRk; Thu, 24 Dec 2020 11:51:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=joelhalpern.com; s=2.tigertech; t=1608839513; bh=23D+mZb/lpvVHMRyreF7ptO/M6i3VQqeMzhikWZ+3ak=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=gntb0rbfr+G8PG9X5+xdL/gDbLlLVHeCZcKjcC56NhlpKRYOXIWCmYYPu5WXNtuKq AeED3JQ+qPckVCkDK5M8bIa22Sp6FFypq3FW+RXWn7zhi7OaodrHNFwyaPN4zUZ0eS YBPajCF1pUHDmZurwTy7OGKh3IMQHrcsoqlj4Vro=
X-Quarantine-ID: <OevelvUrvB9k>
X-Virus-Scanned: Debian amavisd-new at b2.tigertech.net
Received: from [192.168.128.43] (unknown [50.225.209.66]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mailb2.tigertech.net (Postfix) with ESMTPSA id 4D211N67tTz1pFPh; Thu, 24 Dec 2020 11:51:52 -0800 (PST)
To: Steve Hanna <steve@hannas.com>, secdir@ietf.org
Cc: draft-ietf-sfc-nsh-integrity.all@ietf.org, sfc@ietf.org
References: <160883409674.11984.2680388131154961282@ietfa.amsl.com>
From: "Joel M. Halpern" <jmh@joelhalpern.com>
Message-ID: <4b216e75-5a5f-13b8-0b66-3c28227e22fa@joelhalpern.com>
Date: Thu, 24 Dec 2020 14:51:51 -0500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.6.0
MIME-Version: 1.0
In-Reply-To: <160883409674.11984.2680388131154961282@ietfa.amsl.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/84ndr7xexSca7fEnF_tc2-nDfvg>
Subject: Re: [sfc] Secdir early review of draft-ietf-sfc-nsh-integrity-01
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Dec 2020 19:51:58 -0000
Thank you Steve. I expect the authors will get back to you after the holidays (although they have impressed me with the rapidity of their responses in the past.) Yours, Joel On 12/24/2020 1:21 PM, Steve Hanna via Datatracker wrote: > Reviewer: Steve Hanna > Review result: Has Issues > > I have reviewed this document as part of the security directorate's ongoing > effort to review all IETF documents being processed by the IESG. These > comments were written primarily for the benefit of the security area directors. > Document editors and WG chairs should treat these comments just like any other > last call comments. > > This document describes adds integrity and optional encryption of sensitive > metadata directly to the Network Service Header (NSH) protocol defined in RFC > 8300, thus reducing or eliminating several attack vectors against Service > Function Chaining (SFC). The document is well written and seems adequate for > the goals articulated here and elsewhere in the SFC document suite. However, I > have some issues, questions, and nits. > > Note that I have not previously worked with SFC. In the last few days, I have > read the documents on this document so I am fairly confident that I understand > the relevant security aspects. > > ISSUES and QUESTIONS: > Why include a MUST in section 9.2? Isn't that already covered earlier (in the > last sentence of section 7.5)? > > The Timestamp field is supposed to handle replay attacks. However, this permits > unlimited replays within the Delta interval. Is that acceptable? > > What is the ? operator in section 7.4 supposed to connote? Subtraction seems > like a better choice. > > Is the Timestamp field only set by the first imposer in the SFP or should it be > updated whenever an imposer changes the MAC? This should be documented > somewhere, maybe in section 7.4. > > The threat model described in draft-arkko-farrell-arch-model-t-04 includes > compromised nodes. The security considerations section of this document should > describe how and to what extent compromised nodes are handled by the > protections provided by this document and what residual risks remain. > > The Security Considerations section should explicitly acknowledge that > authentication is not provided by this method. > > What does this statement mean? > • If HMAC algorithm is used, IV length is set to zero. > Don't all the current algorithms use HMAC? > > What is the expected behavior if these Context Headers are missing? The last > paragraph at the bottom of page 18 seems to be ambiguous on this topic, with > the first sentence saying that this "SHOULD be logged locally" while the last > sentence says that this "MUST cause that packet to be discarded". Probably this > is clear to the writer but not to this reader! > > NITS: > At the top of page 6, "unecrypted" should be "unencrypted". > > In the last line of page 18, "depend" should be "depending". > > Just below Figure 9 on page 20, a comma is needed after "doing so". > > In the second paragraph of section 7.5, "successfuly" should be spelled > "successfully". > > At the end of the first paragraph of section 9, change the sentence from: > • Also, that section indicates that metadata considerations that > operators can take into account when using NSH are discussed in > [RFC8165]. > to > • Also, that section indicates that [RFC8165] discusses metadata > considerations that operators can take into account when using NSH. > > The last sentence of the third paragraph of section 9 recommends that "the next > key identifier" be distributed long before the key is changed. This should say > "the next key identifier and associated keying material". > > In the second paragraph of section 9.1, "domain be able" should be "domain > should be able". > > >
- [sfc] Secdir early review of draft-ietf-sfc-nsh-i… Steve Hanna via Datatracker
- Re: [sfc] Secdir early review of draft-ietf-sfc-n… Joel M. Halpern
- Re: [sfc] Secdir early review of draft-ietf-sfc-n… mohamed.boucadair
- Re: [sfc] Secdir early review of draft-ietf-sfc-n… mohamed.boucadair
- Re: [sfc] Secdir early review of draft-ietf-sfc-n… mohamed.boucadair