[secdir] draft-ietf-ippm-more-twamp-02.txt
Donald Eastlake <d3e3e3@gmail.com> Tue, 02 June 2009 19:04 UTC
Return-Path: <d3e3e3@gmail.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9927E3A6F0A; Tue, 2 Jun 2009 12:04:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fhM9ojNVF90x; Tue, 2 Jun 2009 12:04:35 -0700 (PDT)
Received: from mail-ew0-f224.google.com (mail-ew0-f224.google.com [209.85.219.224]) by core3.amsl.com (Postfix) with ESMTP id D29183A6E56; Tue, 2 Jun 2009 12:04:28 -0700 (PDT)
Received: by ewy24 with SMTP id 24so8987489ewy.37 for <multiple recipients>; Tue, 02 Jun 2009 12:04:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type:content-transfer-encoding; bh=j3pg4SZfGXs3UiTopGtKaTr9amwN3TqUTk8O7AL4XdQ=; b=u6u37DIdEQWbgXr0FFJ63fKGPkWElW646b/VVisWDAqq0VuZMjLgcvX8669btB+xXi TFgzi4syFzooTeKEeIu71ob/LIGilbXV/6u+cr0du1xgtODsQyMv3bar6XElEipRJ63R xtFWrsYKMqvoLb+P1EiKD/KG4B0wwfNqOYyr8=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; b=TnH/Dy4Mp85peiH5K2z7jPqlEtOYbxsGQoHoyeq19x1xClqZvkQfYUKNAEWSTS5bEg TRNHizpwVfh7WndjkvOSkxH6zZvfc+M/uJVVBcGz/A3NGMslnxoyix/dNdAdxHdekzz0 R+1Mupl1yUDuxD8S5zz5OidwYpSlJOTI1hroQ=
MIME-Version: 1.0
Received: by 10.216.18.212 with SMTP id l62mr26050wel.76.1243969465836; Tue, 02 Jun 2009 12:04:25 -0700 (PDT)
Date: Tue, 02 Jun 2009 15:04:25 -0400
Message-ID: <1028365c0906021204i5819935dx35477354b4b3aa36@mail.gmail.com>
From: Donald Eastlake <d3e3e3@gmail.com>
To: ietf@ietf.org, secdir@ietf.org, Matthew Zekauskas <matt@internet2.edu>, Henk Uijterwaal <henk@ripe.net>, acmorton@att.com, kaynam.hedayat@exfo.com
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: [secdir] draft-ietf-ippm-more-twamp-02.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jun 2009 19:04:36 -0000
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. Document editors and WG chairs should treat these comments just
like any other last call comments.
This draft does two things in connection with the Two-Way Active
Measurement Protocol (TWAMP) a protocol which builds on the One-Way
Active Measurement Protocol (OWAMP):
(1) Add an extension whereby the TWAMP-Test protocol can be done
in an unauthenticated mode while TWAMP-Control is authenticated and
encrypted, where previously they had been required to have the same
security mode. TWAMP-Control is used to initiate, start, and stop,
etc. test sessions, while TWAMP-Test is used to exchange test packets.
(2) The draft establishes an IANA registration called TWAMP-Modes
for adding features. Establishing the IANA registry as such is not
security relevant.
This draft has a brief Security Considerations section. It
incorporates by reference the lengthy Security Considerations in RFC
4656, which specified OWAMP, and from RFC 5357, which specifies TWAMP
and adds considerations for one DoS attack which overlooked in RFC
4656. Generally, this incorporation by reference is adequate.
However, the draft Security Considerations sections has one additional
sentence which includes the words "thus making it possible to increase
overall security when compared to the previous options". That would
only be true if the additional burden, under previous options where
both control and test had the same security mode, of securing both
TWAMP-Control and TWAMP-Test was prohibitive, forcing less security
for TWAMP-Control and where having TWAMP-Test unauthenticated is not a
problem with respect to the security threats in the particular
instance. I believe the Security Considerations section should be
re-worded to either drop the claim of "increase overall security" or
at least make it clear that the claim only applies under resource
constraints that would, under previous modes, have forced less
security for TWAMP-Control and where unauthenticated TWAMP-Test is not
a significant security concern.
Thanks,
Donald
=============================
Donald E. Eastlake 3rd +1-508-634-2066 (home)
155 Beaver Street
Milford, MA 01757 USA
d3e3e3@gmail.com
- [secdir] draft-ietf-ippm-more-twamp-02.txt Donald Eastlake
- Re: [secdir] draft-ietf-ippm-more-twamp-02.txt Donald Eastlake
- Re: [secdir] draft-ietf-ippm-more-twamp-02.txt Al Morton