> From: Smith, Donald [mailto:[email protected]] > > > if (initial_ttl!=255) then (rfc5082_compliant==0) > [email protected] > > > ________________________________________ > > From: Job Snijders [[email protected]] > > Sent: Thursday, December 14, 2017 12:38 PM > > To: [email protected] > > Cc: Smith, Donald; [email protected]; Ben Campbell; > > [email protected]; > [email protected]; The IESG > > Subject: Re: [GROW] Ben Campbell's Yes on > > draft-ietf-grow-bgp-gshut-12: (with > COMMENT) > > > > On Thu, Dec 14, 2017 at 06:03:42PM +0000, [email protected] > > wrote: > > > > From: Smith, Donald [mailto:[email protected]] > > > > Sent: Thursday, December 14, 2017 6:13 PM > > > > > > > > I don't see anything around MD5/TCPAO authentication. > > > > > > This is correct, but this is really not specific to this document > > and > > > the comment would apply to any information sent over BGP session, > > and > > > probably to most of IDR document extending the protocol with > > > additional field or usage. If there is a need to discuss this all > > > IETF document related to BGP, we can indeed add some text. Would > > the > > > following text be ok with you? > > > > > > "This document does not change any underlying security issues > > > associated with any other BGP Communities mechanism. Unless a > > > transport that provides integrity is used for the BGP session, the > > > GRACEFUL_SHUTDOWN community may be added or removed by a man in the > > > middle. However, the harm would be lower than adding or removing an > > > NLRI, or adding a NO_EXPORT or NO_ADVERTISE community. Hence this > > does > > > not constitute a new attack vector. Protection of the TCP session > > used > > > by BGP is discussed in section 5.1 of RFC 7454, security section > > of > > > [RFC4271] and [RFC4272]." > > > > I think the above is mostly good, but can be trimmed a little bit. > > The > > following is on point and covers aspects relevant to > > GRACEFUL_SHUTDOWN. > > > > "This document does not change any underlying security issues > > associated with any other BGP Communities mechanism. Unless a > > transport that provides integrity is used for the BGP session, > > the > > GRACEFUL_SHUTDOWN community may be added or removed by a man in > > the > > middle."
OK. Personally, I feel that the precision that this does not constitute a new attack vector was useful, but I can live without; at least while waiting for the security review. > > Kind regards, > > > > Job > > Since in theory you could do this blindly (tcp slipping in the window), I > would remove the MITM > and say by "unauthorized 3rd parties" or something like that. Ok. > Otherwise this is better than putting all the other security recommendations > from other rfcs [4271, > 4272] so I support referencing them instead. Sorry, I'm not sure to follow. Are you fine with the text proposed by Job or would you prefer adding references to the RFCs (i.e. section 5.1 of RFC 7454, security section of [RFC4271] and [RFC4272].) As draft -12 has just been IETF Last Called (again), in order to not create a mess, I'll wait for the end of the last call before uploading a -13. Thanks --Bruno > > This communication is the property of CenturyLink and may contain > confidential or privileged > information. Unauthorized use of this communication is strictly prohibited > and may be unlawful. > If you have received this communication in error, please immediately notify > the sender by reply e- > mail and destroy all copies of the communication and any attachments. > _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you. _______________________________________________ GROW mailing list [email protected] https://www.ietf.org/mailman/listinfo/grow
