IETF Logo Mail Archive

Re: [T2TRG] [core] New Version Notification for draft-mattsson-core-coap-attacks-02.txt

John Mattsson <john.mattsson@ericsson.com> Wed, 02 February 2022 17:03 UTC

Return-Path: <john.mattsson@ericsson.com>
X-Original-To: t2trg@ietfa.amsl.com
Delivered-To: t2trg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A15053A15FF for <t2trg@ietfa.amsl.com>; Wed, 2 Feb 2022 09:03:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.675
X-Spam-Level:
X-Spam-Status: No, score=-2.675 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.576, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id De1f1Kk7LSwC for <t2trg@ietfa.amsl.com>; Wed, 2 Feb 2022 09:03:44 -0800 (PST)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50085.outbound.protection.outlook.com [40.107.5.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 25AF03A1722 for <t2trg@irtf.org>; Wed, 2 Feb 2022 09:03:09 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RcRTiP71+d1sP1k7HE4HRdtbhOah+aJ5s7bZNblhklBU960CJy1rRYW+n9ZHMek/0SP9aP2UFLUUrcc019ALkXndVPRF/qN022CCnqfOFOA8Kg1uKaBHXDZDRnJz0YHljVTeyLmRiUDdY1XCTDrPBVvN1O8a4y6Jf/9D51hWFXaGqnMfJHFth/tqYS3snG2xu12EahlNWMmB2BchYSrf8cWDJ0M1Rw8juqnSMqidf6GeBPPehXTv3h5kamAhE19PUiqLhatJIk5Von2Qe5oHXQlCLTvBFFIGAcEoqB8R20OFSPLsZXUqdiMkyrBAsAY+pND3u9fBR1KLHEjnink+9Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=e8orrbM9+i++fpf63pirtIUjX5V4plXFJ5UwIu4Q8SU=; b=kSTq+0/79CYCdM3V6uF/Zd0kH/SBuR0BcMqjQ+7CS5UI/EwA4444FhDclkuH0wG5aEfhrCwe4SqXWrbnTn20Vhm2lBm8fPdKFzwcqiqRycwsx2T3w1GHEgiE5wpdxZQorujnCbhGOlK25FoBu5/pVtiwQQaY67v7Fcu4fcVQAaf4eRjlIc9C4mqHynKuzsUuJYLvzeOEwnXZaFVJNp+cvEnznjvoGGYkO+ZYhGzd2ZzSNQu34RtMMaOaR1L/zn9RbI4mi+VEuaYragDJKum8VcvRnuI77O24dqB7nJMYW7G5lTiupMrOj7acq9HZRS48jBjef2B9rHRz4CdaxKbW5A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=e8orrbM9+i++fpf63pirtIUjX5V4plXFJ5UwIu4Q8SU=; b=nhLkfwbSRJy32TJnV+6+bkF2xK2WWHVEoPj0c2ri8kxOxFOIv5sTCsPkxRP9tZVrlVf7Oe7UdPHndTed66WQj4QUkfq50C3kv8i+o7fh8lBa/OYqjsGyYg+jdBM4mxeGj0yLEtb7JBB79BifUY6lYKw3FhuJ3/ZbHyV74KM7Lyg=
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com (2603:10a6:3:4b::8) by VI1PR07MB4525.eurprd07.prod.outlook.com (2603:10a6:803:76::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4951.10; Wed, 2 Feb 2022 17:03:07 +0000
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::b462:480e:b937:c62c]) by HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::b462:480e:b937:c62c%7]) with mapi id 15.20.4951.012; Wed, 2 Feb 2022 17:03:06 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: Carsten Bormann <cabo@tzi.org>
CC: "core@ietf.org" <core@ietf.org>, "t2trg@irtf.org" <t2trg@irtf.org>
Thread-Topic: [core] New Version Notification for draft-mattsson-core-coap-attacks-02.txt
Thread-Index: AQHYF0n1JcPl+afQf0+0QyaIhsj8LKx+azISgAHQe4CAABjvRIAABQ6AgAAkrDM=
Date: Wed, 02 Feb 2022 17:03:06 +0000
Message-ID: <HE1PR0701MB3050423B37F408F2C9F8B98689279@HE1PR0701MB3050.eurprd07.prod.outlook.com>
References: <164370592991.14136.4943780498822971831@ietfa.amsl.com> <HE1PR0701MB30500AA57A7DD6F3170BB60F89269@HE1PR0701MB3050.eurprd07.prod.outlook.com> <5AFB6C76-9C15-4050-B478-711832318342@tzi.org> <HE1PR0701MB3050F758474CC029B932112F89279@HE1PR0701MB3050.eurprd07.prod.outlook.com> <9F1343E2-B330-4ED8-8ECB-591A013A51EF@tzi.org>
In-Reply-To: <9F1343E2-B330-4ED8-8ECB-591A013A51EF@tzi.org>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 5fb8437f-d240-4f03-1336-08d9e66de223
x-ms-traffictypediagnostic: VI1PR07MB4525:EE_
x-microsoft-antispam-prvs: <VI1PR07MB45258B5E7BBD8EFE3B5ABBD089279@VI1PR07MB4525.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: VVgLlQ9ec3npvFzt4yoZfr2VQ54KPFNh50i4m1F9/7eSPspbzAZ7VJrxt+fPmHB+rnX69Dr8JAtachkjIs7lx508MByKsFVwd7Nd742cDy1Ma7Yh7ve+WAb3tMSg3wFvKlJFk44l7t9PdSWSy1aCGlfKfBke8fY3FtMkfnjBZmGAPmmTVylAh+6rUzCCxodTS8o6CrvrwQFq0veg2JXrA6RtSS62mpKyBBgRLMk5KcHeZJPY5BkuR84fZgjCmzVBN7WfSR5KFnmjukGipjciVXyK6XqAypRdM+OKIZmeUf8d5Yx1IYV/GlKoku12AkLCAog9MOL0upC3qj2Rt4/+oI3jzEKjetBmptCQt9BnEDyMdBAFsqL8QvOULrK5omj/QyL49Bczzi8PamOQy4dZiqPFpnQcvO0MEbSUTkcBmiJvi2lUgL3796cJKYJ5OIlndte7+iOkQboMVKhoqqVCRivTyqnpg/KJc9A3N+QHD4PKTlaqtt01bwrdJpF3grPW3syraVSOjzfZtAZaqwuDrkU1JB0flD8AtrX4HNmnXC2uwKjrOSAN6Fu+855wP36vlBlfB0pRwlsH8r5h4BOF1V3Ki8N+C4dum96XE0wPJ5TZJwVkrAsA8o7kaOCCWAiMfUkZ6yYoKe3QxMNfNgb/FJX/38wBG7jfc6HyTLQFZwmu/i/eX4vt6NuAWUc2eLsVnSbxfQse1rMR9U+ykD1bQA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0701MB3050.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(38100700002)(44832011)(26005)(52536014)(33656002)(82960400001)(186003)(5660300002)(38070700005)(122000001)(508600001)(8676002)(6506007)(8936002)(66556008)(66946007)(7696005)(66476007)(71200400001)(53546011)(4326008)(9686003)(86362001)(64756008)(66446008)(54906003)(83380400001)(91956017)(316002)(2906002)(55016003)(6916009)(76116006)(15650500001)(66574015); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: e/A1xv1XcQ8LBHWZdfyxTuWfoE+inOrH0Da9w7zZumrPMjsNHZ8w7tuLf0CP9GSmxKE5uStiMCdgACSnWgw9KaxmzKrCYuEgI/b4Wn76v8rjKFxttG+gGIsn5r2dlGJ7DbkBtqZGrRxeIFMmREhpOz5Wml7L+HXgFq8nxga577Lm9MPvDxijT7vCQ760NzM72kmesUhu1aN9CsOB+pXhtGxlSymlIV1DPHVqqkauAV7ZLAhx/bq0vY2L6CF6+kIt1i65q1N5TWMNGisP0MuQvTa6afrv+f8bwd0au6ktuzQnOSrj6LSvKHarWGOpFFjoEzMvkT4Ew36q7+qtJo4Fa+BVSQoFeyYP2LKX3Gk0t/Ar95r5N7ya8zUVFOI1/XLEEeOXsurNQSNDIE7ZsZX7he/1V/schOc25DvvNQmgsn7GCKmRWFy6SpJfQ2QA9C8HUXPsPQNjpvBGAHtzO+nJssKB0QEyQpGbv07jj/w5ICeEYKuarva4OEI4Qwbaps2mbs346rqE/1L3qW2Csp/KvkDZSjgsCOlOMD99wf0yU8WdCL/tg+mAyKILti4XHL/LfDDqChsqKiM23nGij3iA/0nNSqNKnhMhY6bZjqB/ynejpECA/m7cfDMin1AW31+wPXoippsvDCH9w22ef+UOA4gSnuqY91UrnWJNRcAWgmE/+Wmx4RwcPx0PRvSaXId3eCB5co7bjtNqM1unCzv/Yeapq2GgXiwQ1NnZmFAwvrLms+k6y3lP3wupc3k/OAw6r8Gf6ws7fW/ZyvrG3+vrHhuElvGOIzNUCJ6u59ZwX8HHdm0Zd/CHF30nYDUBDboFrJIooQk3U6iNxULIvukaYCqtX8SdZw8Dxf23AW3XRm7mUx7Hlx0pFcBOAoANnfkqWuNbzBkFLFAJDBj8gh2IXuwnsM/XC4uUW5S2pV3wqQ27foUpkqNpF7aQFWIo8DRmw/8P108Shplmil91UEbVrTWfJlGL51qFH7N+M5dmfB3/ecFAdOmsrXWSJWqTUBpBVhHYz8LfYZbKErVpcC9iEo4KPHZOPQ32KBSZ7ORLUcjs2Ew9q/xjcw2QAb/F3gRKvP8im0xXiFJW8ualv2mb/Fwn54hDLKF/neEnjRR6qRtnci/hfQe/wdTDRSUs7VWK/uzeZ0nXm+xzgLEIsAIfWfeKPEH/Jei/Je8Fhb1jaF90hZoyx7ZzB1zFxLCIbFad7IgGI/Nq6H+Mbt8j8BPlo456mA1xV2BLMEzfnf2QwDuNxiXK2bLjzDxWpq7oZJp4vNghnXTJfexDvn3dFPBawHAYeaFdItrcGV1ercg6pIy9ViyfUN/W66hDZerR6PFTCIlp3Pv1RhwC/c35gJfhI9e796dzV04QawfWv0/9R3BjISr6xYoYHeAJVLoT4UcgC1Tu/Z+KXPAInvw90oeccUpb3vHISEHYx/LqPk4h2KAScTn4GdeD7VWBHn2WFnRVSQaHJ/HlHUJI+8QGBOQKdtUqSMgJuVuIMXepU8BBCwzrKPsz4PhX8TqJUrnETzw7GBTycP0JqUHeT6CY97sIY9VPmXNNl3qFP7TnsELgATWOiCnlkRGQY8+yrGuBKXxd+IGejf2GYvzryumfwg5eWPOpEfdVoxYcVgsdJdV1W5I+vU/c2aDrD7drb0fvyL4BLh5TkPWodGfiAPMAf99nDDXqtWquO4iOuKtclcO+7G8=
Content-Type: multipart/alternative; boundary="_000_HE1PR0701MB3050423B37F408F2C9F8B98689279HE1PR0701MB3050_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0701MB3050.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 5fb8437f-d240-4f03-1336-08d9e66de223
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Feb 2022 17:03:06.8471 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: JdARIHlDH1lcsn8c66YVPYaW9hhTGaFdKObUG5rKkrLAPd9M8mRpHCyApq1S5/mAK0OAsls2Q4NjGCAAf4VXPqkOyS1X8vPxTPp4D9uiy5Y=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB4525
Archived-At: <https://mailarchive.ietf.org/arch/msg/t2trg/Wt8OTKukCRRrTePdFNvKUS4h9sE>
Subject: Re: [T2TRG] [core] New Version Notification for draft-mattsson-core-coap-attacks-02.txt
X-BeenThere: t2trg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IRTF Thing-to-Thing Research Group <t2trg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/t2trg>, <mailto:t2trg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/t2trg/>
List-Post: <mailto:t2trg@irtf.org>
List-Help: <mailto:t2trg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/t2trg>, <mailto:t2trg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Feb 2022 17:03:50 -0000

Conclusion (at least my understanding) from todays interim:

   Split the current document in two different documents:
   1. Attacks on CoAP
    2. Attacks using CoAP (aplification attacks)

    CORE will have an adoption call on the first document.
    We will discuss where to work on the second part.

Carsten suggested to work on amplification attacks purely in T2TRG. I think I would be ok with that approach as long as we have a plan for what to do in the mean time. I think all future IETF document (not only IoT and not only CoAP) need to have much stricter requirements on denial-of-service mitigation. If IETF does not have a good DoS hygiene, likely nobody else will.

As a security person, I would like to start with hard requirements like QUIC and then soften the requirements when we have more knowledge, but I agree that this is problematic for constrained IoT and not optimal at all. But DoS mitigation do cost, and devices need to take that cost. The alternative is that somebody else (services and infrastructure) has to take the cost, which is unacceptable.


From: Carsten Bormann <cabo@tzi.org>
Date: Wednesday, 2 February 2022 at 15:49
To: John Mattsson <john.mattsson@ericsson.com>
Cc: core@ietf.org <core@ietf.org>, t2trg@irtf.org <t2trg@irtf.org>
Subject: Re: [core] New Version Notification for draft-mattsson-core-coap-attacks-02.txt
On 2022-02-02, at 15:43, John Mattsson <john.mattsson@ericsson.com> wrote:
>
> Publish

I think we need to discuss what this means.

In order of effort/time needed:

1 Publishing as a BCP >
2 Publishing as a (WG consensus) informational RFC >
3 Publishing as an (RG consensus) informational RFC >
4 Publishing as an (RG-sponsored) informational RFC >
5 Publishing as an Internet-Draft

We already have (5); this could be improved by separating the DoS part (attacking using CoAP) from the attacking CoAP part.
Further improved by adopting (in RG or WG, depending on next step).

Obviously, we also want to move forward on the attacking CoAP part.
Similar considerations apply, but I think these should be run separately.

Grüße, Carsten

v2.23.0 | Report a Bug | By Email