IETF Logo Mail Archive

Re: [Tsv-art] [manet] Tsvart early review of draft-ietf-manet-dlep-credit-flow-control-09

"Black, David" <David.Black@dell.com> Thu, 02 December 2021 03:55 UTC

Return-Path: <David.Black@dell.com>
X-Original-To: tsv-art@ietfa.amsl.com
Delivered-To: tsv-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 672D53A0938; Wed, 1 Dec 2021 19:55:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.801
X-Spam-Level:
X-Spam-Status: No, score=-2.801 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.701, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=dell.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Tq8zpRsKxa-1; Wed, 1 Dec 2021 19:55:20 -0800 (PST)
Received: from mx0a-00154904.pphosted.com (mx0a-00154904.pphosted.com [148.163.133.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D1B203A0934; Wed, 1 Dec 2021 19:55:19 -0800 (PST)
Received: from pps.filterd (m0170389.ppops.net [127.0.0.1]) by mx0a-00154904.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 1B23EQgi019115; Wed, 1 Dec 2021 22:55:18 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dell.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=smtpout1; bh=uZ1n2ZRCVsy3yUucmzUdtnxoJ6VNc6O1wiw6hPiXvSM=; b=nIbkyHDxBs3lc1uApvOHIXDm8KOHqOxnAZ3ZNSOGHkxK2wCo2SztE+TUPg7OLrH2uVp4 XiNY22EKbb0AZ5tiupuN1EeW+OG7PnicXef/GNLGDJhHlIWMh/JjIPdyey+FqqSZtaim yCHrEho0FfUW87nnx8T/5iABKpKT5VZcqkR6hidLlnNZb4xVeIG0iMC/rAllozGArwb8 t1fpeSi1kWBBzVXE2tFickj44w8lZQ3Ikq923A8dSFmswAOvN6f0YHW5/ylcFQ0deu40 gw9OeRsQuSex+XGe8l3oQsH/UWcaNk2BlITEPU059A0cUcTFagcn5BEmNop1hxaOX/rP lQ==
Received: from mx0a-00154901.pphosted.com (mx0b-00154901.pphosted.com [67.231.157.37]) by mx0a-00154904.pphosted.com with ESMTP id 3cntnypss4-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 01 Dec 2021 22:55:18 -0500
Received: from pps.filterd (m0089484.ppops.net [127.0.0.1]) by mx0b-00154901.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 1B23spnX010277; Wed, 1 Dec 2021 22:55:17 -0500
Received: from nam12-bn8-obe.outbound.protection.outlook.com (mail-bn8nam12lp2172.outbound.protection.outlook.com [104.47.55.172]) by mx0b-00154901.pphosted.com with ESMTP id 3cpjcj2u7k-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 01 Dec 2021 22:55:16 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Yz2OfmCCKOBRvuLmwD+bbpkrMaRAhmjVp5Zyp9TFJDufjl5tvVIYi1ta1/2ofsTZjAlV7b2GSAjGEG8GnbTVikSYE1XMq5wFbV2fh2aHV3tOgntFdDxHCIPVCpidV1cPesVTqoKfS0urFkSp8tcn8iaxg9wbRH0rMZ833sC5IEMcw4NWUY4CLpMYen2ER/tS6R8mYU6nio/Ao0N2PuNInk++DyWdMHmHcvhUM9eHpVmy9Y7SgIWkfErjIEAwX/PEZ9B7shS+CQxW+52WczRQmhN2I5F5Zo7QC8lHsL9HGJjWZOjbhsNJqrCFoE2YlSLgW5ed+441vjX07T4B03oiZw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=uZ1n2ZRCVsy3yUucmzUdtnxoJ6VNc6O1wiw6hPiXvSM=; b=eKo+DyuaBSppdhbFesuVBc/hxrQGdZ876Ng+TGVpD7DmQhFwQYy2y4l3imIH1L4qqMjp5z13Xw0Adet/SR+1D5+tVf3cqgHGBtRpvFTu1EyG2oc7ltTD2M2mFYFIT4nKv2qI3gvHGn0d/V44Aai0dCaLO6bDrzW9uYmAyTQ7PAotFpx7+I8JD5WgGoV+rx5UURUY80NvKrmo8SEuPebdqDS2pSJeoUZ087QyM4CCMQV9Q5JJPa28TZaYZEFKcDyr1hTfGU4MiJIllvEKowI040LW6uRo/uzwXhEapDY0wvkS9fAkg32iRo5FX3GvKgtGWa2egvJP+8UfrMLDKcbI5A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=dell.com; dmarc=pass action=none header.from=dell.com; dkim=pass header.d=dell.com; arc=none
Received: from MN2PR19MB4045.namprd19.prod.outlook.com (2603:10b6:208:1e4::9) by MN2PR19MB3869.namprd19.prod.outlook.com (2603:10b6:208:1e0::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4755.16; Thu, 2 Dec 2021 03:55:14 +0000
Received: from MN2PR19MB4045.namprd19.prod.outlook.com ([fe80::56c:683f:dc0a:b26a]) by MN2PR19MB4045.namprd19.prod.outlook.com ([fe80::56c:683f:dc0a:b26a%3]) with mapi id 15.20.4734.024; Thu, 2 Dec 2021 03:55:14 +0000
From: "Black, David" <David.Black@dell.com>
To: Henning Rogge <hrogge@gmail.com>
CC: "tsv-art@ietf.org" <tsv-art@ietf.org>, "draft-ietf-manet-dlep-credit-flow-control.all@ietf.org" <draft-ietf-manet-dlep-credit-flow-control.all@ietf.org>, MANET IETF <manet@ietf.org>, "Black, David" <David.Black@dell.com>
Thread-Topic: [manet] Tsvart early review of draft-ietf-manet-dlep-credit-flow-control-09
Thread-Index: AQHX3WctQIFllbH3sUW2uBkffLVO36wT31KAgArCZVA=
Date: Thu, 02 Dec 2021 03:55:14 +0000
Message-ID: <MN2PR19MB4045AB8150BD7F7911DB9C6483699@MN2PR19MB4045.namprd19.prod.outlook.com>
References: <163734132077.29324.1689596626565034298@ietfa.amsl.com> <CAGnRvurUJhLY30kB_TaF6pwb8bkg=EjXQpjqhUC3FoDmWoGqkQ@mail.gmail.com>
In-Reply-To: <CAGnRvurUJhLY30kB_TaF6pwb8bkg=EjXQpjqhUC3FoDmWoGqkQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_34759c52-a6db-4813-b00f-5ea20e29646d_Enabled=true; MSIP_Label_34759c52-a6db-4813-b00f-5ea20e29646d_SetDate=2021-12-02T03:40:01Z; MSIP_Label_34759c52-a6db-4813-b00f-5ea20e29646d_Method=Privileged; MSIP_Label_34759c52-a6db-4813-b00f-5ea20e29646d_Name=Public; MSIP_Label_34759c52-a6db-4813-b00f-5ea20e29646d_SiteId=945c199a-83a2-4e80-9f8c-5a91be5752dd; MSIP_Label_34759c52-a6db-4813-b00f-5ea20e29646d_ActionId=5060b2c2-de57-4c74-9e09-d6ec690c6782; MSIP_Label_34759c52-a6db-4813-b00f-5ea20e29646d_ContentBits=0
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 4c25a2ed-9059-40bc-0665-08d9b5478c18
x-ms-traffictypediagnostic: MN2PR19MB3869:
x-microsoft-antispam-prvs: <MN2PR19MB38696A1C1AB9EF1A0C4B69DD83699@MN2PR19MB3869.namprd19.prod.outlook.com>
x-exotenant: 2khUwGVqB6N9v58KS13ncyUmMJd8q4
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: kYzMbKIJu7u5kyXl9WvjwnuAJ4uNK1uXP99XbOp8ba1p6uE7Q/9FhmcgYH0uGWrTn7vP8d6qbWSPZ7kdXJz93ehesxV3AXLG2nsAP+OacbtXrW9gP7wudVM+N0yR95GpteJr43zYWWeF2k3G7LxURBx7Z46UHC2mktfxwFX73Dt2EOdyMSptSNmsPWhRVA4xt4bTvyV0bWCloWBUSZt2Im425keIcV41kARRmkBoIqyDu/qnMWbjIb0ia2/7yrmjYmfe1mwyzAuuy8c1xLV4PW6jvijcxGbrhHZKi8oT9QQDJuoQZdEoOhAPNIi7jGtULkeEEYQdsGrJHsVTuhFMzmiAvUks4gUCdtRjZiHnnfyvzviV1PD9wAkwKHT9kXrRik7cNyxEcdQPAKKe5tETqbk+oLettE1c803POSTGdq+4NbdmTow9OCi7VIaVt1kRWgZtWyulP1llMkHXYRU2yYHGtwk2Y4FUyp3V1HOLqksDo/S4RFSC/1c0uFv5LVqUlgaMHIjeclEQOPJy30bEnRNfcV0RWtyuvnKwtRCJsrf23BzQULh6sXnQsdgrWWLlPukOUiazCR1E48HAUvNIPu5s/GbPBhHdpCWDabEhnq+ReBZ4OxbZiyFo7A8op/1ccCnM1fEQOZYXmgdlzxKZ9A59PYUO2BRuAYLXTbItPDcVyx21EBHpjlUkVhYrx6wIwvGKSRLkjtle4uOT+2VLSA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR19MB4045.namprd19.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(33656002)(55016003)(66946007)(66446008)(64756008)(66556008)(66476007)(71200400001)(54906003)(76116006)(66574015)(786003)(316002)(83380400001)(82960400001)(5660300002)(53546011)(7696005)(6506007)(26005)(8936002)(122000001)(6916009)(186003)(2906002)(86362001)(8676002)(38100700002)(38070700005)(52536014)(508600001)(107886003)(9686003)(4326008); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: zAHC8yGbgf1GO6xU5BxFEDkbWY0pN828ky1Z3YggN8zHDigClzZpOiKsn9zMr+IgcN/zs82R8ivR8tXuQTFTjjH7IG9qtvioN5jgXEwXcig/rxzFBfMhYf162LutweOOMvsoRWtf0PaTDVVqAk8Y0Md4NNoruQRbudWhxGHbzQZFVH+CLgythQNgTsRGyfiluYlKeAYRoAlHKDi225NvbKc92+P3VyM1wLlUQ9Ah88Z1qgUIrOoXjV/Ln/r3gvHiIno++CElCw476F08TUx+QLE8USrp+8OSD91kxbpJbNjwKu6pfftgorv6lPqkMiAoxP+nb3Umiz1+GlnPgxHNx2Kl8Xqwl9gEugcn8YsbZGkNjeFZ2f5tcvZ0dpZW2f8ICRTpYU8VbD94FLyeJXSdOVZVMO9u4tSMnTomONx1LIj1XXrDWTtFXmdRxZw11n4lU7CUSbVb35xBp+gJVXUNqexYIOpbeU/SIlYYpo9hXVl2tZqeiT/qO1GZT2MFS2ewG5lyKXMwOGHyDJfOUabPyac9Z5hWrqCf3heDSJVslsUv9xFw7PAdmPOskESpXQAdGu5knfjnbcS/+f9gGDFjYhMMzZJphdJfjZkI+OWnZa/RahB2sTM/QFAPNdGj2j6z5Jifv1VUdfRyUujJeXuoeVpwGXZznIpMZW3v551+ue26IwLAzF6cx4Xtu2po5vyARQUTebLcAdtBuivawTkWSmbZfk6j2FdAHo44lm1arWlWhuccnjpUovvWuhHe89FW8SERKfBtw9hiuCoTjUT/kJhVotIuiYBkVY3u7balPUJpMTsb6cJwwJLkpdbqGhls3JInqNjkvCU0hMQBFuc1R+ykadT4HOjVWNBzULLy7i/VCnRno2mJtucNT+UW96FWcCTHXnQm1AHe8h79T2lRX3KzYiwmCYNIss8gHhwnEouPyE19I4FdwpQJP1kk7PYnqdzbixfOu/bZIaLCXj+6bORLzUKAh/Y43LV9lOZ+H6e7lF1a5F/FBCFmZTcoHul02GJGyocxYaYGffZh0/7hS317mUltmo6877iJbDV8WtXZcO4Udh5QjU3ED9QBc36uL4hxY5Fc4VrgYM65gtKkuFI5SHy15riBVwuSgcR0h6KnA+Fo7KMiPDU8kaFPySooKfMkGSpAcSXFTIMxyJpk4ynohqDHTuwcd6c544zBMPs6cPNeBK/Uli+s7hGXnj7nRTfXjT3ZuA9nqzwOuy3odoh/jp6QpOPXVECEJlMR18K7Qejz7worlTR3j1rS4CcKYzOTmAnm2rsigNY1CbC99dTFkoY2VIDRNOoZOci9hBgte+HW+VGi8f498niUvecrVpIr1qHdAktLKMZJnbkgYUbFMz8PfC0vR2DscV/wlZssy7qOn2Y1NI9qUEnIGmZrh1dzgx5YWpnmEp3ipnVgFlmceDVuuQnSdvRByC/3Zo+pUrhI24TIA+luFBazPXexl8vwmGCWGv34KEmx1nK+LwET69RoSkTyTQijVYBgHpXzf8fnXfS9xfKlnS0Q/CPHaIwf1p85yOGlRwqncr0PALSFbrihSCXMU6Ut9D9MIN+i2QtXfRTsNf8My9+Ks2KpKLnC7jtcLTAQMpMb8sO3cg==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: Dell.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR19MB4045.namprd19.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 4c25a2ed-9059-40bc-0665-08d9b5478c18
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Dec 2021 03:55:14.5962 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 945c199a-83a2-4e80-9f8c-5a91be5752dd
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: CpJVMXMFU6cQmcPo18kBKEE8fLhYnIr0gtuZ9EW0jEpCp89dPJZB2661a11+425qwezSoV2UegZh6YMxYvFM9g==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR19MB3869
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.425, 18.0.790 definitions=2021-12-01_01:2021-11-30, 2021-11-30 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 mlxscore=0 suspectscore=0 phishscore=0 bulkscore=0 mlxlogscore=619 priorityscore=1501 impostorscore=0 adultscore=0 clxscore=1011 lowpriorityscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2110150000 definitions=main-2112020021
X-Proofpoint-GUID: xSOjV25ud1YyuFCcH6sTIPW0MphCFsZm
X-Proofpoint-ORIG-GUID: xSOjV25ud1YyuFCcH6sTIPW0MphCFsZm
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 mlxlogscore=745 bulkscore=0 suspectscore=0 phishscore=0 mlxscore=0 malwarescore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2110150000 definitions=main-2112020021
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsv-art/yXMnMaShSslCTNsymZR8e2yh0zk>
Subject: Re: [Tsv-art] [manet] Tsvart early review of draft-ietf-manet-dlep-credit-flow-control-09
X-BeenThere: tsv-art@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Review Team <tsv-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsv-art>, <mailto:tsv-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsv-art/>
List-Post: <mailto:tsv-art@ietf.org>
List-Help: <mailto:tsv-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsv-art>, <mailto:tsv-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Dec 2021 03:55:24 -0000

Henning,

> I disagree with the security concerns...

To be more precise, I think the disagreement is not with the concerns, but is rather with how to address them, as your note suggests countermeasures.

These drafts create a resource (credits) which can be attacked (e.g., via message injection) where successful attacks can cause harm (e.g., reduction or denial of service).  That is a security concern that needs to be addressed.

Your discussion of what to do to prevent these attacks, e.g., " if the physical link between router and radio is not secure (e.g. a single ethernet cable), the DLEP connection should be secured," would be fine Security Considerations text to add in order to address this concern.  In contrast, the current Security Considerations text asserts the non-existence and impossibility of these attacks (even in the absence of countermeasures such as securing the DLEP connection) - that is not correct, so that text needs attention.

Thanks, --David

-----Original Message-----
From: Henning Rogge <hrogge@gmail.com> 
Sent: Thursday, November 25, 2021 2:21 AM
To: Black, David
Cc: tsv-art@ietf.org; draft-ietf-manet-dlep-credit-flow-control.all@ietf.org; MANET IETF
Subject: Re: [manet] Tsvart early review of draft-ietf-manet-dlep-credit-flow-control-09


[EXTERNAL EMAIL] 

On Fri, Nov 19, 2021 at 6:02 PM David Black via Datatracker
<noreply@ietf.org> wrote:
> -- [6] -- Security Considerations
>
> Although this is a Transport review, I found a security issue that would be
> better dealt with now before the security directorate points it out ;-) - the
> security considerations sections in each of the 3 drafts claims that adding
> credit window control and flow functionality to DLEP does not introduce any new
> security considerations (vulnerabilities). That's a nice try, but it's
> incorrect.
>
> These drafts specify a new resource (credits in a credit window) that is
> subject to resource exhaustion attacks that could cause denial-of-service.  For
> example, suppose an attacker injects a Credit Window Initialization data item
> that contains almost no credits and/or specifies a ridiculously tiny Window
> (Max) Size.  I expect that the protocol contains mechanisms to counter this and
> related attacks on credit resources (e.g., if something looks wrong, the modem
> reinitializes the Credit Window), but the current text incorrectly asserts the
> non-existence of such attacks.  These sorts of attacks definitely exist - I am
> aware of a (subsequently fixed) resource exhaustion problem in another
> credit-based flow control mechanism caused by an unanticipated environmental
> "attack" on signal integrity of credit exchange messages, resulting in message
> discard and credit loss.

I disagree with the security concerns... if the physical link between
router and radio is not secure (e.g. a single ethernet cable), the
DLEP connection should be secured... either by securing the link (e.g.
802.1x or MacSec) or by TLS (which would leave the DATA unprotected!).

If the router itself is not secure, exhausting the radio resources
should be a non-issue... you could just block the radio with more
traffic.

Henning Rogge

v2.23.0 | Report a Bug | By Email