Re: Fwd: Sec-dir review of draft-ietf-tsvwg-source-quench-04
Joe Touch <touch@isi.edu> Mon, 30 January 2012 21:09 UTC
Return-Path: <touch@isi.edu>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C61D021F865C for <tsvwg@ietfa.amsl.com>; Mon, 30 Jan 2012 13:09:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.347
X-Spam-Level:
X-Spam-Status: No, score=-103.347 tagged_above=-999 required=5 tests=[AWL=-0.748, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mlIL449EJTgx for <tsvwg@ietfa.amsl.com>; Mon, 30 Jan 2012 13:09:06 -0800 (PST)
Received: from vapor.isi.edu (vapor.isi.edu [128.9.64.64]) by ietfa.amsl.com (Postfix) with ESMTP id 3B5D621F865A for <tsvwg@ietf.org>; Mon, 30 Jan 2012 13:09:06 -0800 (PST)
Received: from [128.9.160.166] (abc.isi.edu [128.9.160.166]) (authenticated bits=0) by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id q0UL8VTd005383 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 30 Jan 2012 13:08:32 -0800 (PST)
Message-ID: <4F2706CF.2020504@isi.edu>
Date: Mon, 30 Jan 2012 13:08:31 -0800
From: Joe Touch <touch@isi.edu>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:9.0) Gecko/20111222 Thunderbird/9.0.1
MIME-Version: 1.0
To: gorry@erg.abdn.ac.uk
Subject: Re: Fwd: Sec-dir review of draft-ietf-tsvwg-source-quench-04
References: <AE31510960917D478171C79369B660FA0E2BFCC535@MX06A.corp.emc.com> <4F23C16D.8050009@erg.abdn.ac.uk>
In-Reply-To: <4F23C16D.8050009@erg.abdn.ac.uk>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Cc: kathleen.moriarty@emc.com, tsvwg@ietf.org, fernando@gont.com.ar
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tsvwg>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Jan 2012 21:09:07 -0000
Hi, all,
On 1/28/2012 1:35 AM, Gorry Fairhurst wrote:
>
> A SecDir review of this draft (below) has raised one issue that the
> group should be aware of and may wish to comment upon.
>
> We'd value advice on the suggestion:
>
> "Receipt of an ICMP Source Quench message should not be interpreted as
> an attempt to attack the receiver."
...
> - The current draft says *must* not be interpreted as an attempt to
> attack the receiver, is that right, or do we wish to consider the
> proposal to make this *should* not?
MUST NOT seems required by MUST silently ignore (section 3). That's what
"silent" and "ignore" means.
Using "SHOULD NOT" leaves open this misinterpretation, and thus *opens*
a vulnerability at the receiver to spoofed messages - i.e., it's
inconsistent with the security implications of this doc, notably:
---
Receipt of an ICMP Source Quench
message must not be interpreted as an attempt to attack the receiver.
---
In that section, to be clear, we should change:
---
Receivers should not treat reception as an
exception, error or logged event.
---
to
---
Receivers must not treat reception as an
exception, error or logged event.
---
Joe
- Fwd: Sec-dir review of draft-ietf-tsvwg-source-qu… Gorry Fairhurst
- Re: Fwd: Sec-dir review of draft-ietf-tsvwg-sourc… Chris Benson
- Re: Fwd: Sec-dir review of draft-ietf-tsvwg-sourc… Joe Touch