ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Idr] Last Call: <draft-ietf-idr-shutdown-08.txt> (BGP Administrative Shutdown Communication) to Proposed Standard

2017-05-08 15:39:49
from [Robert Raszuk] [Permanent Link] 
Then this is not "visual spoofing"  ... you are just protecting from forms
of "visual attacks"

Best,
R.

On Mon, May 8, 2017 at 10:36 PM, Job Snijders <job(_at_)ntt(_dot_)net> wrote:


Hi Robert,

The reference is to a different type of visual spoofing. The idea was to
limit the string length to prevent spoofing of additional syslog messages
or other fake cli output.

We already covered the extensibility aspect in the working group.

Kind regards,

Job

On Mon, 8 May 2017 at 22:28, Robert Raszuk <robert(_at_)raszuk(_dot_)net> 
wrote:


Hi Job,

Assuming that by "visual spoofing" you really mean this:
http://websec.github.io/unicode-security-guide/visual-spoofing/ how does
limiting the length of the field helps to minimize it ?

It is UTF which is a problem here regardless of the length.

Ok so we leave 129-255 for further use .. brilliant. Assume someone comes
tomorrow and has a great use case for sending one byte of information in
the cease. So he defines length 129 right ? And even if operator did not
type anything for the "shutdown case" ... first 128 bytes goes empty, then
goes one newly defined octet. Is this really how protocol encoding should
be done in 2017 ? Is concept of TLV so complex ?

Cheers,
R.


On Mon, May 8, 2017 at 9:46 PM, Job Snijders <job(_at_)ntt(_dot_)net> wrote:



On Mon, 8 May 2017 at 21:36, Enke Chen <enkechen(_at_)cisco(_dot_)com> 
wrote:


I understand this is not a good use of time.  But since it is in the
spec, I would like to understand the reasons.  If there are good reasons
for doing things differently, then they should be documented in the spec
so that people do not question again.




In the security section: "This specification minimizes the effects of
visual spoofing by limiting the length of the Shutdown Communication."

On 5/8/17 12:13 PM, Jakob Heitz (jheitz) wrote:

It is deliberately kept short to minimize the potential for abuse.


128 is ok, and 129- 255 would be considered abuse?



Those are an error according to the draft.

Kind regards,

Job


_______________________________________________
Idr mailing list
Idr(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/idr
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Idr] Last Call: <draft-ietf-idr-shutdown-08.txt> (BGP Administrative Shutdown Communication) to Proposed Standard, Job Snijders
Next by Date:  Re: [Idr] Last Call: <draft-ietf-idr-shutdown-08.txt> (BGP Administrative Shutdown Communication) to Proposed Standard, Job Snijders
Previous by Thread:  Re: [Idr] Last Call: <draft-ietf-idr-shutdown-08.txt> (BGP Administrative Shutdown Communication) to Proposed Standard, Job Snijders
Next by Thread:  Re: [Idr] Last Call: <draft-ietf-idr-shutdown-08.txt> (BGP Administrative Shutdown Communication) to Proposed Standard, Job Snijders
Indexes:  [Date] [Thread] [Top] [All Lists]