IETF Logo Mail Archive

[Spud] Can Malicious users can use PLUS layer to force their traffic through firewalls in the network?

Linda Dunbar <linda.dunbar@huawei.com> Fri, 19 August 2016 22:32 UTC

Return-Path: <linda.dunbar@huawei.com>
X-Original-To: spud@ietfa.amsl.com
Delivered-To: spud@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ADB8212B024 for <spud@ietfa.amsl.com>; Fri, 19 Aug 2016 15:32:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.467
X-Spam-Level:
X-Spam-Status: No, score=-5.467 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.247, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W3PKe1LiQ53G for <spud@ietfa.amsl.com>; Fri, 19 Aug 2016 15:32:29 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 90BF7127071 for <spud@ietf.org>; Fri, 19 Aug 2016 15:32:28 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml704-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id CPT46146; Fri, 19 Aug 2016 22:32:26 +0000 (GMT)
Received: from DFWEML702-CAH.china.huawei.com (10.193.5.176) by lhreml704-cah.china.huawei.com (10.201.5.130) with Microsoft SMTP Server (TLS) id 14.3.235.1; Fri, 19 Aug 2016 23:32:25 +0100
Received: from DFWEML501-MBB.china.huawei.com ([10.193.5.179]) by dfweml702-cah.china.huawei.com ([10.193.5.176]) with mapi id 14.03.0235.001; Fri, 19 Aug 2016 15:32:18 -0700
From: Linda Dunbar <linda.dunbar@huawei.com>
To: "spud@ietf.org" <spud@ietf.org>, "mirja.kuehlewind@tik.ee.ethz.ch" <mirja.kuehlewind@tik.ee.ethz.ch>, Brian Trammell <ietf@trammell.ch>, "ted.ietf@gmail.com" <ted.ietf@gmail.com>
Thread-Topic: Can Malicious users can use PLUS layer to force their traffic through firewalls in the network?
Thread-Index: AdH6aYroTRCdiFrBT+mI/47rWkKsjQ==
Date: Fri, 19 Aug 2016 22:32:18 +0000
Message-ID: <4A95BA014132FF49AE685FAB4B9F17F657F164DA@dfweml501-mbb>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.192.11.154]
Content-Type: multipart/alternative; boundary="_000_4A95BA014132FF49AE685FAB4B9F17F657F164DAdfweml501mbb_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020206.57B788FA.00DE, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: d8a28bf1eeabd6a26239b4e1292bd175
Archived-At: <https://mailarchive.ietf.org/arch/msg/spud/6CsA2YvsDChaIdt-D_Kbp_PYBBk>
Subject: [Spud] Can Malicious users can use PLUS layer to force their traffic through firewalls in the network?
X-BeenThere: spud@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Session Protocol Underneath Datagrams <spud.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spud>, <mailto:spud-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spud/>
List-Post: <mailto:spud@ietf.org>
List-Help: <mailto:spud-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spud>, <mailto:spud-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Aug 2016 22:32:32 -0000

Brian, etc,

I have a couple of questions for PLUS:


*        PLUS allowing end points to expose more information to middle boxes. But how do end points know what kind of middle boxes their traffic will traverse through?


*        Malicious users  can use this PLUS layer to force their traffic through firewalls in the network. How can middle boxes trust the bits encoded in the PLUS layer?

Thanks, Linda Dunbar

v2.23.0 | Report a Bug | By Email