IETF Logo Mail Archive

Re: [Softwires] WGLC for draft-ietf-softwire-map-mib-10

"Yu Fu" <fuyu@cnnic.cn> Mon, 30 October 2017 02:57 UTC

Return-Path: <fuyu@cnnic.cn>
X-Original-To: softwires@ietfa.amsl.com
Delivered-To: softwires@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D05813FD60; Sun, 29 Oct 2017 19:57:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.801
X-Spam-Level:
X-Spam-Status: No, score=0.801 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ePDVlH6Enr7F; Sun, 29 Oct 2017 19:57:13 -0700 (PDT)
Received: from cnnic.cn (smtp13.cnnic.cn [218.241.118.13]) by ietfa.amsl.com (Postfix) with ESMTP id 0CDBF13FD4A; Sun, 29 Oct 2017 19:57:11 -0700 (PDT)
Received: from LIUXD (unknown [218.241.103.162]) by ocmail02.zx.nicx.cn (Coremail) with SMTP id AQAAf0A5QOj9lPZZ+nkYAA--.48550S3; Mon, 30 Oct 2017 10:57:02 +0800 (CST)
From: Yu Fu <fuyu@cnnic.cn>
To: 'Ian Farrer' <ianfarrer@gmx.com>
Cc: softwires@ietf.org, draft-ietf-softwire-map-mib@ietf.org, 'Yong Cui' <cuiyong@tsinghua.edu.cn>
References: <FC7CD004-7CD5-474A-8A3A-CEFC8114B6EF@tsinghua.edu.cn> <D41D22DB-FBB2-4FB5-9FEB-28356B3B7252@gmx.com> <000f01d34d73$b0121830$10364890$@cn> <0A5E6031-5754-4C44-899C-231EC092746F@gmx.com>
In-Reply-To: <0A5E6031-5754-4C44-899C-231EC092746F@gmx.com>
Date: Mon, 30 Oct 2017 10:57:02 +0800
Message-ID: <01c201d3512a$c38cfeb0$4aa6fc10$@cn>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_01C3_01D3516D.D1B03EB0"
X-Mailer: Microsoft Office Outlook 12.0
Content-Language: zh-cn
Thread-Index: AdNOKHVykxtkXnF6Rz6PZbv6Nb+QIwDAG8Uw
X-CM-TRANSID: AQAAf0A5QOj9lPZZ+nkYAA--.48550S3
X-Coremail-Antispam: 1UD129KBjvJXoW7WF15Wr1rJF45JF17KF1rWFg_yoW8Cw47pF ZIva43ArWkJryxGFs7J3yxWryFy39YvF43JFnaqry7C398Gryvvr15Kwn0vFZ7CryxZFy0 vw4Y9r9xZr1DZFJanT9S1TB71UUUUUUqnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2 9KBjDU0xBIdaVrnRJUUUBqb7Iv0xC_Cr1lb4IE77IF4wAFF20E14v26r1j6r4UM7CY07I2 0VC2zVCF04k26cxKx2IYs7xG6rWj6s0DM7CIcVAFz4kK6r1j6r18M28lY4IEw2IIxxk0rw A2F7IY1VAKz4vEj48ve4kI8wA2z4x0Y4vE2Ix0cI8IcVAFwI0_Xr0_Ar1l84ACjcxK6xII jxv20xvEc7CjxVAFwI0_Cr0_Gr1UM28EF7xvwVC2z280aVAFwI0_Gr1j6F4UJwA2z4x0Y4 vEx4A2jsIEc7CjxVAFwI0_Cr1j6rxdM2AIxVAIcxkEcVAq07x20xvEncxIr21l5I8CrVAY j202j2C_Xr0_Wr1l5I8CrVAqjxCE14ACF2xKxwAqx4xG64kEw2xG04xIwI0_Jr0_Gr1l5I 8CrVCF0I0E4I0vr24lYx0E2Ix0cI8IcVAFwI0_Jr0_Jr4lYx0Ex4A2jsIE14v26r1j6r4U McvjeVCFs4IE7xkEbVWUJVW8JwACjcxG0xvY0x0EwIxGrwCY02Avz4vE14v_Gr1l42xK82 IYc2Ij64vIr41l4I8I3I0E4IkC6x0Yz7v_Jr0_Gr1lx2IqxVAqx4xG67AKxVWUGVWUWwC2 0s026x8GjcxK67AKxVWUGVWUWwC2zVAF1VAY17CE14v26r126r1DMIIYrxkI7VAKI48JMI IF0xvE2Ix0cI8IcVAFwI0_Jr0_JF4lIxAIcVC0I7IYx2IY6xkF7I0E14v26r1j6r4UMIIF 0xvE42xK8VAvwI8IcIk0rVWrZr1j6s0DMIIF0xvEx4A2jsIE14v26r1j6r4UMIIF0xvEx4 A2jsIEc7CjxVAFwI0_Jr0_GrUvcSsGvfC2KfnxnUUI43ZEXa7IU8oEEUUUUUU==
X-CM-SenderInfo: pix13q5fqqxugofq/
Archived-At: <https://mailarchive.ietf.org/arch/msg/softwires/ZLj4vdM68-RGii00gEYeRJ5lqfY>
Subject: Re: [Softwires] WGLC for draft-ietf-softwire-map-mib-10
X-BeenThere: softwires@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: softwires wg discussion list <softwires.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/softwires>, <mailto:softwires-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/softwires/>
List-Post: <mailto:softwires@ietf.org>
List-Help: <mailto:softwires-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Oct 2017 02:57:15 -0000

Hi Ian,

 

I will do as you suggested.

 

An updated version will be submitted soon. 

 

Thanks again

 

Yu

 

From: Ian Farrer [mailto:ianfarrer@gmx.com] 
Sent: Thursday, October 26, 2017 2:57 PM
To: Yu Fu
Cc: softwires@ietf.org; draft-ietf-softwire-map-mib@ietf.org; Yong Cui
Subject: Re: WGLC for draft-ietf-softwire-map-mib-10

 

Hi Yu,

 

Please see below. 

 

Thanks,

Ian

 

On 25. Oct 2017, at 11:28, Yu Fu <fuyu@cnnic.cn> wrote:

 

>g3.

>Section 7 - States that there are a list of objects and their sensitivity /

>vulnerability, but the list that follows only names the objects. No vulnerability

>information is included.

 

[Yu]: It has a description as followed :

“Some of the readable objects in this MIB module (i.e., objects with a

   MAX-ACCESS other than not-accessible) may be considered sensitive or

   vulnerable in some network environments. It is thus important to

   control even GET and/or NOTIFY access to these objects and possibly

   to even encrypt the values of these objects when sending them over

   the network via SNMP”

“Objects that reveal rule information of the MAP Domain: Various objects can reveal the

   rule information of the map domain.  A curious outsider could monitor

   these to assess the number of rules and the IPv6 prefix performed in

   this domain.  Further, an intruder could use the information to guess

   the address-sharing ratios of the ISPs.”

 

[Yu]: The objects in the list reveal the rule information and are readable. So they are vulnerable.

 

 

[if - OK. The current text isn’t very clear. Can I propose the following text as a replacement?

 

Some of the MIB model's objects are vulnerable as the information

which they hold may be used for targeting an attack against a MAP node (CE or BR).

E.g., an intruder could use the information to help deduce the customer IPv4 and IPv6

topologies and address-sharing ratios in use by the ISP.

 

The following is a list of the objects that have this vulnerability:

]

v2.23.0 | Report a Bug | By Email