Fwd: Sec-dir review of draft-ietf-tsvwg-source-quench-04
Gorry Fairhurst <gorry@erg.abdn.ac.uk> Sat, 28 January 2012 09:35 UTC
Return-Path: <gorry@erg.abdn.ac.uk>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB41B21F8537 for <tsvwg@ietfa.amsl.com>; Sat, 28 Jan 2012 01:35:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.491
X-Spam-Level:
X-Spam-Status: No, score=-102.491 tagged_above=-999 required=5 tests=[AWL=0.108, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jNz3NzemfpAK for <tsvwg@ietfa.amsl.com>; Sat, 28 Jan 2012 01:35:59 -0800 (PST)
Received: from erg.abdn.ac.uk (dee.erg.abdn.ac.uk [IPv6:2001:630:241:204:203:baff:fe9a:8c9b]) by ietfa.amsl.com (Postfix) with ESMTP id E177821F8531 for <tsvwg@ietf.org>; Sat, 28 Jan 2012 01:35:58 -0800 (PST)
Received: from ra-gorry.erg.abdn.ac.uk (ra-gorry.erg.abdn.ac.uk [139.133.204.42]) (authenticated bits=0) by erg.abdn.ac.uk (8.13.4/8.13.4) with ESMTP id q0S9Zfpu021614 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Sat, 28 Jan 2012 09:35:42 GMT
Message-ID: <4F23C16D.8050009@erg.abdn.ac.uk>
Date: Sat, 28 Jan 2012 09:35:41 +0000
From: Gorry Fairhurst <gorry@erg.abdn.ac.uk>
Organization: The University of Aberdeen is a charity registered in Scotland, No SC013683.
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:8.0) Gecko/20111105 Thunderbird/8.0
MIME-Version: 1.0
To: tsvwg@ietf.org, fernando@gont.com.ar, kathleen.moriarty@emc.com, gorry Fairhurst <gorry@erg.abdn.ac.uk>
Subject: Fwd: Sec-dir review of draft-ietf-tsvwg-source-quench-04
References: <AE31510960917D478171C79369B660FA0E2BFCC535@MX06A.corp.emc.com>
In-Reply-To: <AE31510960917D478171C79369B660FA0E2BFCC535@MX06A.corp.emc.com>
X-Forwarded-Message-Id: <AE31510960917D478171C79369B660FA0E2BFCC535@MX06A.corp.emc.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-ERG-MailScanner: Found to be clean
X-ERG-MailScanner-From: gorry@erg.abdn.ac.uk
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: gorry@erg.abdn.ac.uk
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tsvwg>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 28 Jan 2012 09:36:00 -0000
A SecDir review of this draft (below) has raised one issue that the group should be aware of and may wish to comment upon. We'd value advice on the suggestion: "Receipt of an ICMP Source Quench message should not be interpreted as an attempt to attack the receiver." - Let's try to quickly resolve this issue. Some things to consider are: * Silently ignoring ICMP Source Quench messages eliminates the attack vector. * Firewalls/routers/etc can log anything they wish, we don't control that. * Receipt of an ICMP SQ is unlikely to impact a host system's transport anymore, and certainly not one that is updated by this RFC. * Some legacy equipment (perhaps even vintage) may/do generate SQ messages, reacting to the message (by invoking some procedure other than log/discard) may break an otherwise working path through this device. - The current draft says *must* not be interpreted as an attempt to attack the receiver, is that right, or do we wish to consider the proposal to make this *should* not? - If you have advice, or wish to offer better text please respond during the document last call! Best wishes, Gorry (TSCWG Chair) -------- Original Message -------- Subject: Sec-dir review of draft-ietf-tsvwg-source-quench-04 Date: Mon, 23 Jan 2012 10:34:41 -0500 From: <kathleen.moriarty@emc.com> To: <draft-ietf-tsvwg-source-quench.all@tools.ietf.org>, Hello, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The document is straightforward and well written. I just have a couple of nits, but think the document is ready otherwise. Suggest replacing 'must' with 'should' since the discussion is on interpretation. Change from: Receipt of an ICMP Source Quench message must not be interpreted as an attempt to attack the receiver. To: Receipt of an ICMP Source Quench message should not be interpreted as an attempt to attack the receiver. It is already clear from the rest of the draft and this section, that there is no risk by ignoring ICMP source quench messages, which is done by 'virtually all current implementations of TCP'. Should this say, virtually all current implementations of 'IP' or 'TCP' and 'ICMP'? The discussion covers source quench being deprecated (RFC1812) by router implementations 20 years ago and now formally deprecates this within TCP. Thank you, Kathleen
- Fwd: Sec-dir review of draft-ietf-tsvwg-source-qu… Gorry Fairhurst
- Re: Fwd: Sec-dir review of draft-ietf-tsvwg-sourc… Chris Benson
- Re: Fwd: Sec-dir review of draft-ietf-tsvwg-sourc… Joe Touch