IETF Logo Mail Archive

Re: Re: [ssm] what to say about scoping for v6 [was ...last call...]

Pekka Savola <pekkas@netcore.fi> Wed, 12 March 2003 19:44 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA18024 for <ssm-archive@odin.ietf.org>; Wed, 12 Mar 2003 14:44:08 -0500 (EST)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h2CJwDk08227 for ssm-archive@odin.ietf.org; Wed, 12 Mar 2003 14:58:13 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h2CJwDO08224 for <ssm-web-archive@optimus.ietf.org>; Wed, 12 Mar 2003 14:58:13 -0500
Received: from www1.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA17995 for <ssm-web-archive@ietf.org>; Wed, 12 Mar 2003 14:43:37 -0500 (EST)
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h2CJvMO08155; Wed, 12 Mar 2003 14:57:22 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h2CJtDO08064 for <ssm@optimus.ietf.org>; Wed, 12 Mar 2003 14:55:13 -0500
Received: from netcore.fi (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA17905 for <ssm@ietf.org>; Wed, 12 Mar 2003 14:40:35 -0500 (EST)
Received: from localhost (pekkas@localhost) by netcore.fi (8.11.6/8.11.6) with ESMTP id h2CJfRK15899; Wed, 12 Mar 2003 21:41:27 +0200
Date: Wed, 12 Mar 2003 21:41:27 +0200
From: Pekka Savola <pekkas@netcore.fi>
To: Hugh Holbrook <holbrook@cisco.com>
cc: Brian Haberman <bkhabs@nc.rr.com>, ssm@ietf.org
Subject: Re: Re: [ssm] what to say about scoping for v6 [was ...last call...]
In-Reply-To: <20030312180804.1788F10B7A7@holbrook-laptop.cisco.com>
Message-ID: <Pine.LNX.4.44.0303122128130.15347-100000@netcore.fi>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Sender: ssm-admin@ietf.org
Errors-To: ssm-admin@ietf.org
X-BeenThere: ssm@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ssm>, <mailto:ssm-request@ietf.org?subject=unsubscribe>
List-Id: Source-Specific Multicast <ssm.ietf.org>
List-Post: <mailto:ssm@ietf.org>
List-Help: <mailto:ssm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ssm>, <mailto:ssm-request@ietf.org?subject=subscribe>

On Wed, 12 Mar 2003, Hugh Holbrook wrote:
> > One should note that the use of IPv6 scoped addresses either in S or G may
> > cause significant complexities, for example regarding mismatching scopes
> > between S and G or regarding forwarding decisions for a scoped (S,G).  
> > The implications of scoped addresses are described in other documents
> > [REF:SCOPED-ARCH]
> 
> Isn't the scoping behavior simply that the most restrictive (smallest)
> scope applies.  A packet is forwarded neither across a source-scope
> boundary nor across a destination-scope boundary.  Unless I'm missing
> something, this actually sounds rather uncomplicated to me.  Is there
> something that makes this tricky?

At the moment, in practise (=implementation), everything related to
scoping is *undefined*, it seems to me.

How your SSM-enabled router will/would react now, or in 1-2 years is a 
complete question mark.
 
> Is there something about this that makes it a Security Considerations
> issue?

Yes, but only slightly: if people use e.g. site-local addresses as a
security measure, and use SSM with like (<site-local>, global-scope-SSM)  
-- for whatever reason, e.g. the use of the same application (and
subsequent G) both site-locally and globally, the forwarding of such
multicasts might *NOT* be limited to your site-local S scope.  This is an
uncertainty as the implementation is unclear.

On the hindsight, the text I proposed above seems better fit to some other 
section, and something different might be more applicable to security 
considerations, like:

  Note that when forwarding or processing SSM, the scope of both S and G 
  may have to be considered [SCOPED-ARCH]; in particular, if the unicast 
  scope of S is smaller than respective multicast scope of G, the packets 
  might end up forwarded outside of the scope of S.  Therefore, limited 
  scopes should be avoided and must not be used as a security mechanism.

.. I wonder if that's any better ..

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings



_______________________________________________
ssm mailing list
ssm@ietf.org
https://www1.ietf.org/mailman/listinfo/ssm

v2.23.0 | Report a Bug | By Email