Re: [Softwires] WGLC for draft-ietf-softwire-map-mib-10
Ian Farrer <ianfarrer@gmx.com> Thu, 26 October 2017 06:57 UTC
Return-Path: <ianfarrer@gmx.com>
X-Original-To: softwires@ietfa.amsl.com
Delivered-To: softwires@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D9B113A2B8; Wed, 25 Oct 2017 23:57:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.398
X-Spam-Level:
X-Spam-Status: No, score=-5.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-2.8, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9YinRW2JxhWu; Wed, 25 Oct 2017 23:57:19 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7116D1394E4; Wed, 25 Oct 2017 23:57:17 -0700 (PDT)
Received: from hargashouseofribs.lan ([80.159.240.8]) by mail.gmx.com (mrgmx001 [212.227.17.184]) with ESMTPSA (Nemesis) id 0MZTw5-1dt6xI27sj-00LDEx; Thu, 26 Oct 2017 08:57:05 +0200
From: Ian Farrer <ianfarrer@gmx.com>
Message-Id: <0A5E6031-5754-4C44-899C-231EC092746F@gmx.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_C3DBB44B-BE3E-4970-88F7-BF6764FD5313"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Thu, 26 Oct 2017 08:57:06 +0200
In-Reply-To: <000f01d34d73$b0121830$10364890$@cn>
Cc: softwires@ietf.org, draft-ietf-softwire-map-mib@ietf.org, Yong Cui <cuiyong@tsinghua.edu.cn>
To: Yu Fu <fuyu@cnnic.cn>
References: <FC7CD004-7CD5-474A-8A3A-CEFC8114B6EF@tsinghua.edu.cn> <D41D22DB-FBB2-4FB5-9FEB-28356B3B7252@gmx.com> <000f01d34d73$b0121830$10364890$@cn>
X-Mailer: Apple Mail (2.3273)
X-Provags-ID: V03:K0:4yRdRBmWAoL5OnBT49Hup2Sis3fvVxDAjuQxRN3YHEq6z6NTKcO BcRStMkCE1QaP+BLCrOK7doKCOoSF2MNo3NEA5aw3FGcLdzKsRruVBuCQqiP1fhqXotXwS8 wqoM8+AwLm9CwPn1LjnKxOjEDmuEDhVAcuWqE0fkCO2AVVY33I0lU/Io7XyymOPg8DJqsoq 357R9WcoJHwLtjE6xLufA==
X-UI-Out-Filterresults: notjunk:1;V01:K0:ovpHc4N1KeQ=:BKOgZOy1jx9xsv87VBCAPZ Hd/4qaVSXtYjBS9rUqDctTWquN8Jaw2mtHnDMcd1iF9lS89qkDyyo/6KkdZjcUrV5hr9YXEt1 KEU3eUnSParuU9PkkXOBNIjiQYlOcucyhfeaLg1ia5E/y6sQZEd9xO15Qf3hdVJxGerUbLVq0 YtSqBiFGjj/pCf1uH95DBn6/v08RRFb36pxgfov11ohKTca+TIXhHm3Xy9eNSpOCddwhS2mVd KyLoZUXje0kir5iJSWax1SfZ3pjexVYzRcTGwdICIvSmSRa+vQ9kPVNCh+e/r5LBO6G0cgXod yZcLAxLK6BBpa1noZtD2GnNb+kJkvFJ/irySwohq01Hfe5BMC+qvI/TWqH5KutNkp2SD2Rg0L eYIM+c3Fq18+zf4NJGptZ1tAjplPQf50WEgSF9YFmUA4BbqStbvR8w3ioCvj1GhpvefAkqrzP 2+imDyxc1U6K0qHoT5X414wN/yDu3iW7CrSGPA7527QUL6B5wdZmcYZOavtsHbki8p+v9NAwf J/b0xinsfFnBZZS/mMOXgQcNd/DZLw+sJkWBbwetR1kHtN+l04nzw6KDi6AMOK8gJd5GAygnN JqAF8Dn3VjlJt+GVlVbUGOJmaPpDI1nGOFtrPub/b2JgjtfZz7LJwTfogQJyN7+ufAV/rmx0l 4+Bi/E2fpHp63SToGMnJklkKvbA/On3MWA4nPlAL2pvNYu6ZHGglfw0lc43KouwqkGXic+kaV wr5Mvd7u3agtRa/qQVEA1atR2BxvjPFns6mBkHO3BqASJi60APUS8BCL2rXtvPO31se3dNZeM WcU/RIUkLtH/vov5fOr366/csWjU02LhmVdK2fXqCYct1sTgyI=
Archived-At: <https://mailarchive.ietf.org/arch/msg/softwires/35Jl0HD3BYXXeAVDidYf4v5UT4E>
Subject: Re: [Softwires] WGLC for draft-ietf-softwire-map-mib-10
X-BeenThere: softwires@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: softwires wg discussion list <softwires.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/softwires>, <mailto:softwires-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/softwires/>
List-Post: <mailto:softwires@ietf.org>
List-Help: <mailto:softwires-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Oct 2017 06:57:21 -0000
Hi Yu, Please see below. Thanks, Ian > On 25. Oct 2017, at 11:28, Yu Fu <fuyu@cnnic.cn> wrote: > > >g3. > >Section 7 - States that there are a list of objects and their sensitivity / > >vulnerability, but the list that follows only names the objects. No vulnerability > >information is included. > > [Yu]: It has a description as followed : > “Some of the readable objects in this MIB module (i.e., objects with a > MAX-ACCESS other than not-accessible) may be considered sensitive or > vulnerable in some network environments. It is thus important to > control even GET and/or NOTIFY access to these objects and possibly > to even encrypt the values of these objects when sending them over > the network via SNMP” > “Objects that reveal rule information of the MAP Domain: Various objects can reveal the > rule information of the map domain. A curious outsider could monitor > these to assess the number of rules and the IPv6 prefix performed in > this domain. Further, an intruder could use the information to guess > the address-sharing ratios of the ISPs.” > > [Yu]: The objects in the list reveal the rule information and are readable. So they are vulnerable. [if - OK. The current text isn’t very clear. Can I propose the following text as a replacement? Some of the MIB model's objects are vulnerable as the information which they hold may be used for targeting an attack against a MAP node (CE or BR). E.g., an intruder could use the information to help deduce the customer IPv4 and IPv6 topologies and address-sharing ratios in use by the ISP. The following is a list of the objects that have this vulnerability: ]
- [Softwires] WGLC for draft-ietf-softwire-map-mib-… Yong Cui
- Re: [Softwires] WGLC for draft-ietf-softwire-map-… Ian Farrer
- Re: [Softwires] WGLC for draft-ietf-softwire-map-… Yu Fu
- Re: [Softwires] WGLC for draft-ietf-softwire-map-… Ian Farrer
- Re: [Softwires] WGLC for draft-ietf-softwire-map-… Yong Cui
- Re: [Softwires] WGLC for draft-ietf-softwire-map-… Yu Fu
- [Softwires] Questions for authors of draft-ietf-s… Yong Cui
- Re: [Softwires] Questions for authors of draft-ie… Yu Fu
- Re: [Softwires] Questions for authors of draft-ie… Liubing (Leo)