IETF Logo Mail Archive

Re: (another) WGLC started for "RSVP Security Groupkeying" ID

Bob Briscoe <rbriscoe@jungle.bt.co.uk> Fri, 24 September 2010 19:51 UTC

Return-Path: <rbriscoe@jungle.bt.co.uk>
X-Original-To: tsvwg@core3.amsl.com
Delivered-To: tsvwg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9869B3A69E3 for <tsvwg@core3.amsl.com>; Fri, 24 Sep 2010 12:51:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.415
X-Spam-Level:
X-Spam-Status: No, score=-1.415 tagged_above=-999 required=5 tests=[AWL=0.702, BAYES_00=-2.599, DNS_FROM_RFC_BOGUSMX=1.482, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YKbRv5NkGDYE for <tsvwg@core3.amsl.com>; Fri, 24 Sep 2010 12:50:59 -0700 (PDT)
Received: from smtp4.smtp.bt.com (smtp4.smtp.bt.com [217.32.164.151]) by core3.amsl.com (Postfix) with ESMTP id 049373A694D for <tsvwg@ietf.org>; Fri, 24 Sep 2010 12:50:58 -0700 (PDT)
Received: from i2kc06-ukbr.domain1.systemhost.net ([193.113.197.70]) by smtp4.smtp.bt.com with Microsoft SMTPSVC(6.0.3790.3959); Fri, 24 Sep 2010 20:51:30 +0100
Received: from cbibipnt05.iuser.iroot.adidom.com ([147.149.196.177]) by i2kc06-ukbr.domain1.systemhost.net with Microsoft SMTPSVC(6.0.3790.4675); Fri, 24 Sep 2010 20:51:30 +0100
Received: From bagheera.jungle.bt.co.uk ([132.146.168.158]) by cbibipnt05.iuser.iroot.adidom.com (WebShield SMTP v4.5 MR1a P0803.399); id 1285357888555; Fri, 24 Sep 2010 20:51:28 +0100
Received: from MUT.jungle.bt.co.uk ([10.215.131.97]) by bagheera.jungle.bt.co.uk (8.13.5/8.12.8) with ESMTP id o8OJpSXb004564; Fri, 24 Sep 2010 20:51:28 +0100
Message-Id: <201009241951.o8OJpSXb004564@bagheera.jungle.bt.co.uk>
X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9
Date: Fri, 24 Sep 2010 20:51:30 +0100
To: "Michael H. Behringer" <mbehring@cisco.com>
From: Bob Briscoe <rbriscoe@jungle.bt.co.uk>
Subject: Re: (another) WGLC started for "RSVP Security Groupkeying" ID
In-Reply-To: <7.1.0.9.2.20100924202731.05523250@jungle.bt.co.uk>
References: <201007271642.o6RGgX3U004751@bagheera.jungle.bt.co.uk> <C8C0E5AE.228BE%mbehring@cisco.com> <7.1.0.9.2.20100924202731.05523250@jungle.bt.co.uk>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Scanned-By: MIMEDefang 2.56 on 132.146.168.158
X-OriginalArrivalTime: 24 Sep 2010 19:51:30.0092 (UTC) FILETIME=[E1B9D6C0:01CB5C21]
Cc: "James Polk (jmpolk)" <jmpolk@cisco.com>, tsvwg IETF list <tsvwg@ietf.org>, ccamp@ietf.org
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tsvwg>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Sep 2010 19:51:06 -0000

Michael,

Looked at diffs, and I'm happy with the new text that reinstates the 
route diversion attack and points to RFC5374 address preservation as 
a protection against it.

Nits are all cleared too.

Cheers


Bob

At 20:43 24/09/2010, Bob Briscoe wrote:
>To: "Michael H. Behringer" <mbehring@cisco.com>
>From: Bob Briscoe <rbriscoe@jungle.bt.co.uk>
>Subject: Re: (another) WGLC started for "RSVP Security Groupkeying" ID
>Cc: "James Polk (jmpolk)" <jmpolk@cisco.com>, Francois Le Faucheur 
><flefauch@cisco.com>, tsvwg IETF list <tsvwg@ietf.org>, <ccamp@ietf.org>
>In-Reply-To: <C8C0E5AE.228BE%mbehring@cisco.com>
>References: <201007271642.o6RGgX3U004751@bagheera.jungle.bt.co.uk> 
><C8C0E5AE.228BE%mbehring@cisco.com>
>
>Michael,
>
>
>At 10:08 23/09/2010, Michael H. Behringer wrote:
>>WGs,
>>
>>Thanks to the reviewers for their feedback on this draft.
>>
>>The only suggestions we got from the WGLC came from Bob, and below you can
>>see how we addressed them in the just submitted version 7.
>>
>>We believe to have now addressed all comments following the WGLC, and would
>>like the chairs to move this document forward.
>>
>>Thanks,
>>Michael, Francois, Brian
>>
>>
>>On 27/07/2010 18:42, "Bob Briscoe" <rbriscoe@jungle.bt.co.uk> wrote:
>>
>> > James, Michael, Francois,
>> >
>> > Here's my review,
>> >

[snip]

>> > S.6.1
>> > "A router implementing GDOI and the AH and/or ESP protocols is
>> > therefore able to implement this policy."
>> >
>> > The 'and/or' implies the ESP protocol alone could be enough. This
>> > needs to refer forward to the limitations of ESP discussed in
>> > Security Considerations. (except they aren't there any more - 
>> see next point)
>> >
>> > S.6.3.
>> > "In the case of ESP the new, outer IP header however is not
>> > cryptographically secured in this process.  This has consequences
>> > when group keying is used; see the Security Considerations section
>> > for details."
>> >
>> > There is nothing about ESP in the Security Considerations section.
>> > And the re-routing attack previously described in Section "6.2. Using
>> > IPsec ESP" that I think this refers to has been deleted. Has this
>> > attack been proven to not exist, or was losing this text a mistake?
>>
>>We provided new text to clarify this.
>
>I'll look at the diffs shortly, but must dash now.
>
>Cheers
>
>
>
>Bob
>
>
>> > S.6.5.
>> > "  Tunnel mode with address preservation, in conjunction with group
>> >     keying, allows the use of AH or ESP for protection of RSVP even in
>> >     cases where non-RSVP nodes have to be traversed.  This is because it
>> >     allows routing of the IPsec protected packet through the non-RSVP
>> >     nodes in the same way as if it was not IPsec protected.
>> > "
>> > If we still intend to talk about the reservation re-routing attack
>> > (see previous point), we also need to refer to it here (once we have
>> > reinstated the text that talks about it). Because a reservation can
>> > be redirected by a non-RSVP hop in the address-preserving case as in
>> > other cases using ESP.
>>
>>We provided new text to clarify this.
>>
>> > S.10.1
>> > Another "Subverted Nodes" attack occurs to me that uses the weakness
>> > of ESP vs AH. Using a group key, a subverted node could turn round a
>> > PATH message back to the previous node that the subverted node
>> > received it from, thus pretending the PATH had traversed the rest of
>> > the path when in fact the subverted node has just been holding on to
>> > it for a while. Thus the sending half of the nodes think the
>> > reservation has been set-up, while the receiving half never saw it.
>> >
>> >
>> > The point of mentioning these attacks is that, with group keying, a
>> > subverted node can change which direction it sends messages
>> > (sideways, backwards), not just subvert the messages it forwards.
>>
>>Also addressed in the new text.
>>
>> > Nits
>> > ====
>> > S.2
>> > "If a group key is used, the authentication granularity becomes group
>> > membership, not (individual) peer authentication."
>> > You might want to make it clear that you are talking about a group of
>> > nodes not humans ('group membership' is ambiguous). But I'm not
>> > insisting - it's unlikely to be misunderstood.
>>
>>Changed the sentence to "... the authentication granularity becomes group
>>membership of devices, not (individual) peer authentication between
>>devices."
>>
>> > s/...whether authentication or encryption (or both) are used.
>> >   /...whether authentication or encryption (or both) is used./
>> > Change it back to the correct English: the verb shouldn't match the
>> > phrase in the parenthesis.
>>
>>Changed.
>>
>> > S.2. Penultimate para:
>> > s/We note that if this handshake is taking place,
>> >   /We note that if this handshake has taken place,/
>>
>>Not changed. (I believe the present tense is more readable here)
>>
>> > S.3.1
>> > s/INTEGITY
>> >   /INTEGRITY/
>>
>>Changed.
>>
>> > S.6.3.
>> > "This has consequences when group keying is used; see the Security
>> > Considerations section for details."
>> >
>> > s/consequences/negative consequences/
>>
>>Changed.
>>
>> > S.6.5.
>> > "it is not possible to use tunnel-endpoint destination address"
>> > s/tunnel-endpoint
>> >   /a tunnel-endpoint/
>>
>>Changed.
>>
>> > Bob
>> >
>> >
>> > At 10:27 25/07/2010, Bob Briscoe wrote:
>> >> James,
>> >>
>> >> I can try to have a look by the deadline.
>> >>
>> >>
>> >> Bob
>> >>
>> >> At 17:48 14/07/2010, James M. Polk wrote:
>> >>> TSVWG
>> >>>
>> >>> This is to let everyone know we've initiated a new WGLC for the
>> >>> "RSVP Security Groupkeying" ID here.
>> >>>
>> >>> 
>> http://tools.ietf.org/wg/tsvwg/draft-ietf-tsvwg-rsvp-security-groupkeying/
>> >>>
>> >>> This ID has had some significant modifications based on the SecDir
>> >>> review by Stephen Kent.  Please reread this ID to verify these
>> >>> changes are appropriate, and do not introduce new issues or concerns.
>> >>>
>> >>> Once you have reviewed this version, please send a note to the list
>> >>> with an indication whether or not this doc should proceed to the
>> >>> IESG for RFC consideration. We chairs need to gauge WG interest
>> >>> before this (or any) document progresses towards publication.
>> >>>
>> >>> Because of the IETF meeting so close, this is an extended WGLC,
>> >>> lasting 4 weeks - ending August 11th, 2010.
>> >>>
>> >>> Please do review this document and let us/the list know what you think.
>> >>>
>> >>> James & Gorry
>> >>> TSVWG chairs
>> >>
>> >> ________________________________________________________________
>> >> Bob Briscoe,                                BT Innovate & Design
>> >
>> > ________________________________________________________________
>> > Bob Briscoe,                                BT Innovate & Design
>> >
>
>________________________________________________________________
>Bob Briscoe,                                BT Innovate & Design

________________________________________________________________
Bob Briscoe,                                BT Innovate & Design

v2.23.0 | Report a Bug | By Email