ietf
[Top] [All Lists]

Re: [manet] Last Call: <draft-ietf-manet-nhdp-sec-threats-03.txt> (Security Threats for NHDP) to Informational RFC

2013-06-06 15:55:27
AB,

while the IETF LC has already ended, I will reply to your comments below:

On Thu, Jun 6, 2013 at 1:33 PM, Abdussalam Baryun
<abdussalambaryun(_at_)gmail(_dot_)com> wrote:
Reply to your request dated 24/05/2013
I-D: draft-ietf-manet-nhdp-sec-threats-03
Draft Reviewed By: Abdussalam Baryun (AB)    Dated:06/06/2013
Reviewer Comment A3: Use Cases not considered and the Information Bases 
Threats.
+++++++++++++++++++++++++++++++++++++++
*Use-cases threats*

Reading the RFC6130 applicability section 3, the I-D does not consider
all the use-cases included in the that section 3.

AB> Does the use-case of NHDP [RFC6130] add any value to the threats,
or the I-D assumes only one use case which is OLSRv2 network.

I don't understand the question. The use case is a MANET running NHDP.
Section 5 in addition outlines consequences of security threats to
NHDP for protocols using the information from NHDP.


The NHDP uses RFC5444 packets and RFC5444 messages, so what are the
threats to NHDP use for each? not mentioned in I-D.

I don't understand the question. There is no danger from a message or
packet itself;  they may contain information that has either been
legitimately tampered with or that is "wrong" because of
misconfiguration. And these are the cases we have described.


RFC6130> NHDP Can use relevant link-layer information if it is available.
AB> is there any threat from that use-case? not mentioned in the I-D.

After discussion on the MANET mailing list, this was already added in
section 4.8 (even though the link quality itself is not a normative
part of RFC6130, the authors agreed to add that section).


*Information bases threats*

RFC6130> Appendix F> This appendix illustrates various examples of
physical topologies, as well as how these are logically recorded by
NHDP from the point of
view of the router A. This representation is a composite of
information that would be contained within A’s various Information
Bases after NHDP has been running for sufficiently long time for the
state to converge.

AB> Why the logically recording of the NHDP for all the examples not
mentioned in the I-D and were not threat analysed? If there is similar
level of threats related to all exampels in RFC6130, then please
mention that.


I don't understand the question. The example in RFC6130 simply
illustrates how NHDP would perceive and store several sample
topologies. How would that represent a "level of threat"? The I-D
describes several security threats and explains in which situations
these could occur (and what effect it would have). That could happen
in an infinite amount of different topologies, so it is impossible
(and useless) to list all topologies where such attacks could occur.

Best regards
Ulrich

<Prev in Thread] Current Thread [Next in Thread>