[18:43:48] --- Suresh Krishnan has joined
[18:55:45] <Suresh Krishnan> Meeting starts
[18:55:52] <Suresh Krishnan> Agenda Bashing
[18:56:11] <Suresh Krishnan> No Comments
[18:56:19] <Suresh Krishnan> Moving on to doc status
[18:56:28] --- dthaler has joined
[18:56:42] <Suresh Krishnan> mrdisc has become WG item
[18:56:55] <Suresh Krishnan> will start WGLC after meeting
[18:57:02] <Suresh Krishnan> MLDv2 has been published as RFC
[18:57:25] <Suresh Krishnan> MGMD mib is on the way to IESG
[18:57:45] <Suresh Krishnan> igmp proxy is in RFCE Queue. waiting on ssm
[18:58:03] <Suresh Krishnan> usin impv3 and MLDv2 for SSM is at IESG
[18:58:37] <Suresh Krishnan> IGMPv3/MLVd2 and Multicast Routing proto interaction is in RFCE W
[18:58:53] <Suresh Krishnan> msnip is looking for a volunteer to pick up spec
[18:59:42] <Suresh Krishnan> ---
[18:59:53] <Suresh Krishnan> moving on to MRD draft
[19:00:08] <Suresh Krishnan> few editorial changes IPR/2119 etc.
[19:00:27] <Suresh Krishnan> Query interval encoding changed
[19:00:48] <Suresh Krishnan> clarifired text on discarding Advertisements
[19:01:02] <Suresh Krishnan> solicitation interval removed from the doc
[19:01:27] <Suresh Krishnan> auth mechanisms between routers and hosts are out of scope for the doc
[19:01:39] <Suresh Krishnan> all the comments from IETF-59 and ML addressed
[19:01:45] <Suresh Krishnan> Ready for WGLC
[19:02:00] <Suresh Krishnan> ---
[19:02:05] <Suresh Krishnan> MGMD MIB
[19:02:30] <Suresh Krishnan> most of the changes are nits
[19:02:38] <Suresh Krishnan> no major content changes
[19:03:00] <Suresh Krishnan> new version due out soon with minor changes
[19:03:26] <Suresh Krishnan> -> regarding host tables on router
[19:03:31] <Suresh Krishnan> cachestatus
[19:04:04] <Suresh Krishnan> fix a few places with wrongly typed objects
[19:04:13] <Suresh Krishnan> changes for RFC1902 compliance
[19:04:20] <Suresh Krishnan> fixed a few typos
[19:04:30] <Suresh Krishnan> send any new comments to author
[19:04:58] <Suresh Krishnan> <DKW> Do OIDs conflict with IGMP?
[19:05:04] <Suresh Krishnan> No. They have been fixed
[19:05:26] <Suresh Krishnan> ---
[19:05:27] <Suresh Krishnan> msnip
[19:05:41] <Suresh Krishnan> held up on the ssm range config issue
[19:06:26] <Suresh Krishnan> Chair: SSM ranges look fixed to me (to Hugh). Is that OK
[19:06:36] <Suresh Krishnan> Hugh says OK
[19:07:30] <Suresh Krishnan> Chair:There is no reason to push through the configurable SSM ranges unless someone volunteers
[19:08:10] <Suresh Krishnan> Hugh: This doc can go forward and the configurable ranges can be added in later if necessary
[19:08:51] <Suresh Krishnan> Chairs: We would prefer to drop MSNIP and MRD-SSM unless there is no interest
[19:09:15] <Suresh Krishnan> Hugh: Makes sense to send MSNIP to go thru with fixed SSM ranges
[19:09:29] <Suresh Krishnan> Consensus if to
[19:09:34] <Suresh Krishnan> -> let mrd-ssm go away
[19:09:51] <Suresh Krishnan> -> msnip to use fixed ssm ranges
[19:10:06] <Suresh Krishnan> ---
[19:10:22] <Suresh Krishnan> next draft trust and security in MGM
[19:10:42] <dthaler> <DKW> above is me (Dave Thaler)
[19:10:57] <Suresh Krishnan> earlier work was done by Castellucia and Montenegro @ISCC 2003
[19:11:22] <Suresh Krishnan> this does not try to propose solutions
[19:11:35] <Suresh Krishnan> covers snooping and proxy environments
[19:12:03] <Suresh Krishnan> issues are described in RFC 3810
[19:12:32] <Suresh Krishnan> on link subscriber attacks
[19:12:55] <Suresh Krishnan> in multicast there is some implicit trust which lets us modify the routing infrastructure
[19:13:11] <Suresh Krishnan> unlike unicast
[19:13:46] <Suresh Krishnan> still there is room for significant abuse
[19:14:00] <Suresh Krishnan> as most of multicast traffic is inelastic
[19:14:09] <Suresh Krishnan> room for DoS attack
[19:14:09] <Suresh Krishnan> ----
[19:14:13] <Suresh Krishnan> Summary of vulns
[19:14:26] <Suresh Krishnan> -> Fake router/querier
[19:14:34] <Suresh Krishnan> -> Malicious reporting
[19:14:42] <Suresh Krishnan> False MRAdv
[19:15:07] <Suresh Krishnan> Fake snooping switch which forces all the routers to respond and floods the network
[19:15:09] <Suresh Krishnan> ---
[19:15:17] <Suresh Krishnan> Fake router/querier
[19:15:28] <Suresh Krishnan> -> Effects felt on link
[19:16:31] <Suresh Krishnan> It is easy to become querier by picking loer address
[19:16:55] <Suresh Krishnan> host must respond to queriers within MRC
[19:17:14] <Suresh Krishnan> can increase leave latency with QQIC
[19:17:43] <Suresh Krishnan> Mic: This can be used for a replication attack
[19:18:12] <Suresh Krishnan> George: How serious are you about securing routing?
[19:19:01] <Suresh Krishnan> Dave: The fake router problems can be solved by the SEND wg
[19:19:14] <Suresh Krishnan> George: The MSEC group can solve these problems
[19:19:48] <Suresh Krishnan> Routers can get into a group only by a group controller. There is a Public/Private key pair installed
[19:20:35] <Suresh Krishnan> George: Hosts need to verify routers by asking a multicast group controller for authentication/authorization
[19:20:53] <Suresh Krishnan> If you are serious about securing routing this is the way to go
[19:21:15] <Suresh Krishnan> Greg: I am not considering this right now.
[19:21:24] <Suresh Krishnan> George: Where does this work belong?
[19:21:37] <Suresh Krishnan> Greg: I know more about ND so I think it belongs here
[19:22:25] <Suresh Krishnan> Chair: MLD and RA are very closely related. This was posted both to MSEC and MAGMA.
[19:22:36] <Suresh Krishnan> The future home of this draft is undecided.
[19:23:01] <Suresh Krishnan> George & Greg talking about time issues in the msec meeting
[19:23:23] <Suresh Krishnan> Chair: Magma is consumer laying out reqs
[19:23:29] <Suresh Krishnan> Msec is from the vendors
[19:24:04] <Suresh Krishnan> Mic: What is the point of this draft?
[19:24:22] <Suresh Krishnan> Greg There will be problems with Mcast routing if it gets widely deployed
[19:24:35] <Suresh Krishnan> Mic: There are already things being done like ACLS...
[19:25:14] <Suresh Krishnan> The only place where there is unsolved problems is in Wireless access networks
[19:25:49] <Suresh Krishnan> Greg That is exactly my area of application
[19:26:34] <Suresh Krishnan> Dave: The security issues of IGMP/MLD needs to be in the security considerations and it belongs in this WG
[19:27:02] <Suresh Krishnan> George: How quick will this be fixed?
[19:27:29] <Suresh Krishnan> Greg: I am busy with send right now.
[19:27:43] <Suresh Krishnan> Makes sense to do f/w here ut the detailed work in msec
[19:28:13] <Suresh Krishnan> George: Retrofitting is hard as we have a large installed base.
[19:28:57] <Suresh Krishnan> Greg: WE are not going to redesign MLD. It will be a overlay model
[19:29:42] <Suresh Krishnan> Goerge: Brind this to msec
[19:30:07] <Suresh Krishnan> Hugh: The problem is just authentication
[19:30:20] <Suresh Krishnan> George: We might borrow infrastructure from SEND or msec
[19:31:10] <Suresh Krishnan> what the hell is hijinx?
[19:31:30] <Suresh Krishnan> -> spoofing/replay of received reports is possible
[19:32:06] <Suresh Krishnan> -> route change bombing
[19:32:18] <Suresh Krishnan> -> state change reports can cause amplification attacks
[19:32:49] <Suresh Krishnan> api access to no superusers can cause bandwidth depletion attacks
[19:33:02] <Suresh Krishnan> -> v1 reports can cause ASM fallback
[19:33:16] <Suresh Krishnan> ---
[19:33:17] <Suresh Krishnan> MRD
[19:33:32] <Suresh Krishnan> MRS must be responded to by the routers
[19:33:54] <Suresh Krishnan> Fake MRS can cause MRs to send MRAs
[19:34:14] <Suresh Krishnan> MRAs are unauthenticated and can cause rediretction to inappropriate ports
[19:34:38] <Suresh Krishnan> Dave: Describe the attack
[19:35:15] <Suresh Krishnan> If you send a MRS to a non snooping switch it will replicate it on all the other ports causing MRAs from all the routers
[19:35:27] <Suresh Krishnan> ---
[19:35:32] <Suresh Krishnan> further work
[19:35:47] <Suresh Krishnan> is their any interest froom product developers on this?
[19:36:08] <Suresh Krishnan> dave: how much of this draft is brand new?
[19:36:54] <Suresh Krishnan> greg: parts of the draft are covered in igmpv3/mldv2
[19:37:04] <Suresh Krishnan> this just elaborates the sneakier attacks
[19:37:17] <Suresh Krishnan> dave: that is what I want to know
[19:37:38] <Suresh Krishnan> greg: I will put in references to existing sec cons and put a note about what is new
[19:38:19] <Suresh Krishnan> greg we considered piggybacking credential info on the messages
[19:38:35] <Suresh Krishnan> but mldv1 was out as it did not have any space
[19:38:44] <Suresh Krishnan> chair: did you consider hop by hop options
[19:38:51] <Suresh Krishnan> greg: i do not like them
[19:39:07] <Suresh Krishnan> chair: you could potentially add a new option for credentials
[19:39:12] <Suresh Krishnan> greg: it is possible
[19:39:53] <Suresh Krishnan> we can make it difficult to generate identities
[19:40:32] <Suresh Krishnan> the group can be controlled or not controlled
[19:40:51] <Suresh Krishnan> hugh: we can solve most of these problems using l2 solutions
[19:41:10] <Suresh Krishnan> for wireless (unauthenticated) we are in a hole
[19:41:40] <Suresh Krishnan> greg: it is easy to spoof your identity and send reports without privileges in this kind of evironment
[19:41:59] <Suresh Krishnan> wireless lans have similar problems with ND
[19:42:06] <Suresh Krishnan> greg:
[19:42:27] <Suresh Krishnan> previous work by gab and claude on secured group ids
[19:42:41] <Suresh Krishnan> trust queries from authorized routers
[19:43:46] <Suresh Krishnan> MGM security GSEC draft -> draft-irtf-gsec-sgmv6-01.txt
[19:44:31] <Suresh Krishnan> less than 10% of people have read the document
[19:44:55] <Suresh Krishnan> chair: will not call for adoption yet since
[19:44:59] <Suresh Krishnan> -> low readership
[19:45:06] <Suresh Krishnan> -> need to discuss with IDs
[19:45:18] <Suresh Krishnan> mic: is the idea just to list issues?
[19:45:21] <Suresh Krishnan> Chair:yes
[19:45:32] <Suresh Krishnan> Chair: will talk to margaret regarding this
[19:45:41] <Suresh Krishnan> <END OF MEETING>
[19:46:59] --- Suresh Krishnan has left
[20:03:37] --- dthaler has left: Disconnected