Re: [spring] WGLC - draft-ietf-spring-srv6-network-programming

Brian E Carpenter <brian.e.carpenter@gmail.com> Tue, 10 December 2019 01:11 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 801B712002F; Mon, 9 Dec 2019 17:11:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WIQHSLygtJ_v; Mon, 9 Dec 2019 17:11:08 -0800 (PST)
Received: from mail-pg1-x52a.google.com (mail-pg1-x52a.google.com [IPv6:2607:f8b0:4864:20::52a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2E071120020; Mon, 9 Dec 2019 17:11:08 -0800 (PST)
Received: by mail-pg1-x52a.google.com with SMTP id k25so8004749pgt.7; Mon, 09 Dec 2019 17:11:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=PWiM4NjjOKYHVbPu+aHXhOURqGpUtTjIstdcBFQ+B0o=; b=IC49ruwoiNlsV7O25ZNz5xCHYFsnLjxX9RkahfsmMV3tvTIKBAZJNTE5smxknKNVMv wMHQltZ3lwXVd49C1hVktJEbHG6TF/Uac/CZ/Hxn37UQaTZyiGgjR8ZR5v8uy9Irl//N wMuSaSoi1qrsVSm85uYKnfKFAX0R2e3KBbVRLHifKho1mJVYh52Z78CeEh/KB8YWdgoo xKTbY8MjqF/kA66L/exMghoCXzzKWw0cZKfv4ktmad6t4Q2ocWopziOJfHshDYDYvyCl oxqOAmXgYAg2EaTPKVq1hSpnlb+oK9CLuTGxU0hWl0eHRmayNalhehQUi5E3qFOV0S7Q PYrg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=PWiM4NjjOKYHVbPu+aHXhOURqGpUtTjIstdcBFQ+B0o=; b=YSeLmoFuvQqk0ta00F7Vvfbw8uETjfMpiX6tGaWeTeXHEvk7JF+fJziXbGSM5edL1T QgD5QJBHmWQy14WN7lZO8ObUe+LHK1tc9pJ6cLgKnYhSSjl5s6/8hQutVO/0vqWTpMo0 tc/PLEkgTEIAAMjln0cvQaRvchCn7lyad3REfBw2Hq8w+3fRrXOliooj6VWtNH5TtWPF aYQ/9TApBtpKuFtcNsWKWp71FiwrcdI+O6GbqWvze/6bkVyImngv58lD3b+14adQ+/vz NKDits2ofEq2+s3b2FI3vjqZSmEWI/cKcuQgmHcyuvjKifiWBbHgoetiWH0D0PCfFfkw 2CDQ==
X-Gm-Message-State: APjAAAXVRoQPjLWydqw1++C70qYWl1MsLxwmFocyllY3fhQaoqZi/u5P tvim3B3hiSF9Amgphlf9hglwPDzX
X-Google-Smtp-Source: APXvYqxzw5PkpS5v9SMeKGPO9y0xknaGtqPcD6MbuWA8z3GFypJHGlmJH5qSoRHMrw7m2pDRO75FWA==
X-Received: by 2002:a65:66da:: with SMTP id c26mr21758713pgw.354.1575940266826; Mon, 09 Dec 2019 17:11:06 -0800 (PST)
Received: from [192.168.178.30] (228.147.69.111.dynamic.snap.net.nz. [111.69.147.228]) by smtp.gmail.com with ESMTPSA id 203sm656322pfy.185.2019.12.09.17.11.04 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 09 Dec 2019 17:11:06 -0800 (PST)
To: Warren Kumari <warren@kumari.net>, Bruno Decraene <bruno.decraene@orange.com>
Cc: SPRING WG List <spring@ietf.org>, draft-ietf-spring-srv6-network-programming <draft-ietf-spring-srv6-network-programming@ietf.org>
References: <17421_1575566127_5DE93B2F_17421_93_1_53C29892C857584299CBF5D05346208A48D1A3DA@OPEXCAUBM43.corporate.adroot.infra.ftgroup> <CAHw9_iJuDgDpbS9CAN2ve1dK1trGgLs6MLZAjSetvUOKvHL4og@mail.gmail.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <97420d88-ee52-17dc-eeaa-ce7653fca48e@gmail.com>
Date: Tue, 10 Dec 2019 14:11:03 +1300
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <CAHw9_iJuDgDpbS9CAN2ve1dK1trGgLs6MLZAjSetvUOKvHL4og@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/GrxgVH3KEuCMzoXy8WJWcQTzCjI>
Subject: Re: [spring] WGLC - draft-ietf-spring-srv6-network-programming
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Dec 2019 01:11:10 -0000

> I went to look in the Security Considerations section, but, well, the
> document doesn't seem to have one?...

So why on earth is this document in WGLC? It cannot possibly be sent to the IESG without that section. (And "7.  Basic security ..." seems very unlikely to pass muster even if renamed.)

Regards
   Brian

On 10-Dec-19 11:55, Warren Kumari wrote:
> <no hats>
> 
> On Thu, Dec 5, 2019 at 12:15 PM <bruno.decraene@orange.com> wrote:
>>
>> Hello SPRING,
>>
>>
>>
>> This email starts a two weeks Working Group Last Call on draft-ietf-spring-srv6-network-programming [1].
>>
>>
>>
>> Please read this document if you haven't read the most recent version, and send your comments to the SPRING WG list, no later than December 20.
>>
>>
> 
> I will happily admit that I haven't been following the discussions, so
> apologies in advance - I'm guessing I'm missing something really
> obvious, so please point me at other documents / email threads where
> this has already been answered...
> 
> RFC5095 deprecated IPv6 RH0 due to some serious security issues - it
> was possible for an attacker to send traffic containing "instructions"
> to make a packet ping-pong between two interfaces, steer it down
> specific links, etc.
> 
> It feels to me like this re-introduces similar (and potentially more
> scary) issues -- what's to stop an attacker spoofing traffic
> containing a bunch of SIDs which decapsulate, push a packet into
> another FIB, End.DT2M, etc?
> 
> I went to look in the Security Considerations section, but, well, the
> document doesn't seem to have one?...
> The word Security appears 3 times in the document - one in the section
> title ("7. Basic security for intra-domain deployment"), once in the
> Index, and once simply punting the reader to Section 5.1 of the SRH
> document ("Future documents will detail inter-domain security
> mechanisms for
>  SRv6 ").
> 
> Expecting *everyone* who deploys this to perfectly apply filters which
> blocks ingress traffic everywhere where a packet could enter a domain
> feels like an accident just waiting to happen
> Again, I'm guessing that I'm missing something obvious, and that the
> entire security isn't premised on that - please point me to where this
> is addressed.
> 
> "With great power comes great responsibility"
>     -- sudo, via Peter Parker.
> 
> W
> 
>>
>> You may copy the 6MAN WG for IPv6 related comment, but consider not duplicating emails on the 6MAN mailing list for the comments which are only spring specifics.
>>
>>
>>
>> If you are raising a point which you expect will be specifically debated on the mailing list, consider using a specific email/thread for this point.
>>
>> This may help avoiding that the thread become specific to this point and that other points get forgotten (or that the thread get converted into parallel independent discussions)
>>
>>
>>
>> Thank you,
>>
>> Bruno
>>
>>
>>
>> [1] https://tools.ietf.org/html/draft-ietf-spring-srv6-network-programming-05
>>
>>
>>
>>
>>
>> _________________________________________________________________________________________________________________________
>>
>> Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
>> pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
>> a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
>> Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
>>
>> This message and its attachments may contain confidential or privileged information that may be protected by law;
>> they should not be distributed, used or copied without authorisation.
>> If you have received this email in error, please notify the sender and delete this message and its attachments.
>> As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
>> Thank you.
>>
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------
> 
> 
>