[Gen-art] Gen-ART review of draft-dukhovni-opportunistic-security-01

Martin Thomson <martin.thomson@gmail.com> Fri, 11 July 2014 00:16 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C5F81B2813; Thu, 10 Jul 2014 17:16:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AIhufGLJ-V-I; Thu, 10 Jul 2014 17:16:19 -0700 (PDT)
Received: from mail-we0-x22f.google.com (mail-we0-x22f.google.com [IPv6:2a00:1450:400c:c03::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AC72C1B280B; Thu, 10 Jul 2014 17:16:18 -0700 (PDT)
Received: by mail-we0-f175.google.com with SMTP id k48so301644wev.20 for <multiple recipients>; Thu, 10 Jul 2014 17:16:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=WCfZQNb6YntUD9+700WGnPo1pe01dQhh/DcYmErhUvo=; b=YnokkpdaL7N1ZdEjiIbapg7fXJu06kfVO9ApRlHG9wtkJMUEFQ6+QI9bNT4IGdYQiv vfZlHZoGe8M6i8ciLwr1ujgKjQ+FwDHN1gZLQPVnHAjnSQy+DJxJ0lUh0yCGcYy7Dje7 +pltzKckZc+uWajCDEnRJMEthkebdx5cWrTa4xxN/h4HyvVu1hLOXsWdzqzUg223vE17 QyB+iX8HYgF6YfDMIGBr6vguL+KZ5BTCoxoRSwmgxZkW6WiuFhz1R/rU75BfywHEa/y/ ci+t+3vyGpmPgLHXokTT4E3J/ToTsrRyDE288wqApeebwDOWQOdGiNFbTuBBQdXeSlZ9 iWag==
MIME-Version: 1.0
X-Received: by 10.194.90.7 with SMTP id bs7mr59162230wjb.25.1405037775964; Thu, 10 Jul 2014 17:16:15 -0700 (PDT)
Received: by 10.194.110.6 with HTTP; Thu, 10 Jul 2014 17:16:15 -0700 (PDT)
Date: Thu, 10 Jul 2014 17:16:15 -0700
Message-ID: <CABkgnnV-z1_WKcFF4W3-4MP6o42mi1W5+xa___M2evMwQfmrmw@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: draft-dukhovni-opportunistic-security.all@tools.ietf.org, "gen-art@ietf.org" <gen-art@ietf.org>, saag@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/gen-art/l1BrzrkoiSA9UuNm69lj4bTqlDg
Subject: [Gen-art] Gen-ART review of draft-dukhovni-opportunistic-security-01
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Jul 2014 00:16:25 -0000

I am the assigned Gen-ART reviewer for this draft. For background on
Gen-ART, please see the FAQ at

<http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.

Please resolve these comments along with any other Last Call comments
you may receive.

Document: draft-dukhovni-opportunistic-security-01
Reviewer: Martin Thomson
Review Date: 2014-07-08
IETF LC End Date: 2014-08-05
IESG Telechat date: (if known)

Summary: This reads a little like it was rushed.  This needs some work
before it can be considered ready.

(I've cc'd saag here.  That seemed appropriate, strip as you see fit.)


Major issues:

This misses one of the key principles behind opportunistic security:

  Insistence on failure, as opposed to downgrade or some lesser level
of security - a characteristic of non-opportunistic security - elicits
responses from users to work around the problem (accept the bad
certificate, suppress certificate checking, etc...).  The willingness
of an opportunistic security implementation to accept unvalidated
credentials means that it still benefits from resilience against
passive attack.  This is only really noted through an example of a
"design blunder".

In general, a more careful consideration of the document structure is needed.

The document skirts around it's key goal: defining OS.  Section 2
needs to start with a definition. The paragraph that follows the list
in S2 is a reasonable attempt at that and could be tweaked fairly
perform that function.

The Security Considerations is a response to an unstated argument, but
I think that the document needs to be clearer about what that argument
is, i.e.:

  The willingness of an OS implementation to downgrade can be
trivially exploited by an active attacker to strip an opportunistic
mechanisms.

The point that is made here is one that is most applicable in the
aggregate, something that is implied by "users" (in the plural form),
but should be explicit.


Minor issues:

Section 3 is unnecessary in its entirely:

  1. 2119 language isn't really appropriate for this document.  Many
of the statements that rely on this would be much better without that
language.  Some of the uses are actually completely inappropriate:
"When possible, opportunistic security SHOULD provide stronger
security on a peer-by-peer basis."

  2. I think that the description of "unauthenticated encryption" and
"TOFU" belong in the text proper.  TOFU is covered well enough by the
text in S1; unauthenticated encryption needs to be covered in the
description as a first class section, rather than piecemeal (see
above).  MitM and PFS are defined in RFC4949.


Nits/editorial comments:

References are double-bracketed "([ref])" and the "pervasive
monitoring (PM[RFC7258])" reference doesn't need the "PM".