Please find my comments on draft-ietf-ipsecme-ddos-protection-02 below. Overall I found the content of the draft to be very good.
Here is a quick summary of my comments: - There are still some placeholder sections in the draft that need to be written (i.e. sections 3.1, 3.2, 11). - I don't recall seeing many comments on the list, if any, on sections 6 through 10. In general I'd like to see more review and comments on these sections in the draft before the draft goes to WGLC. - Also related to sections 6 - 10, there appear to be a number of requirements that are not capitalized according to RFC 2119 in these sections. Anyone willing to volunteer to review the draft and make recommendations for RCF2119 wording changes? - I also found quite a few NITS relating to spelling, grammar, and punctuation. Given the number of nits, it would be good to produce a clean draft for additional review, so we don't duplicate review effort. Yoav and Valery, do you have a sense of when you can turn around an update to this draft with these comments addressed? Regards, Dave Comments/Questions: ---------------------------- General: There seem to be places in the draft where RFC2119 wording should be used (i.e. sections 6 - 10). It would be good to see more review and comments on this section to make sure we are 1) providing appropriate guidance and 2) using the appropriate normative language. For example in section 6: s/DDoS attack, it is suggested that no Cookie or puzzles be used/DDoS attack, it is RECOMMENDED that no Cookie or puzzles be used/ Section 3: Is it possible if "the same value is sent to all Initiators", that the attacker could coordinate solving the puzzle across a number of attack hosts to achieve some efficiency? If so, it might be good to recommend that a new challenge be sent to each host for each SA. Sections 3.1 and 3.2 need to be completed or removed. Some of this looks like it may be included in Section 8. It also looks to be fully described in sections 10.1 and 10.2. Some work is needed to sort this out. Section 5: I am not a fan of using the phrase "but the current thinking", since this may be read many years from now. This paragraph should be reworked to make it more temporally relevant. Perhaps you can tie the thinking directly to the degree of IPv6 NAT usage directly and avoid the temporal qualifier? Section 6: The phrase "the amount of failed IKE_AUTH exchanges to never exceed the threshold of attack detection" doesn't make sense and needs to be reworded. In the phrase "only defensive measure is the monitoring", it is not clear what is being monitored. I am assuming this is about monitoring half-open SAs. This should be clarified. Section 8.2.1: Shouldn't the puzzle used in the IKE_SA_INIT be different than the puzzle used in the IKE_AUTH exchange to prevent the initiator from sending back a cached response or am I misunderstanding something? Same comment for section 8.2.1.2. Section 11: The security consideration section needs to be completed. Perhaps this could be made a summary of the threats and related countermeasures described in the document? Nits: ------ In section 1: s/half-open IKE SA (Security Association)/half-open Internet Key Exchange (IKE) Security Association (SA)/ s/Exchange, but if/Exchange. If/ s/against an Internet Key Exchange (IKE) Responder/against an IKE Responder/ s/such as bot-nets can/such as in the case of a bot-net, can/ s/allowed for one peer address/allowed per peer address/ s/Initiator, by/Initiator by/ s/attacker's CPU to/attacker's CPU, to/ In section 2: s/re-uses a D-H/re-uses a Diffie-Hellman (D-H)/ s/a responder SPI./a responder Security Parameter Index (SPI)./ s/them - it's enough/them; it's enough/ s/So if a half-open/For example, if a half-open/ The example text states that "a half-open SA takes 1 KB". The "takes 1 KB" doesn't look like it is relevant to the example. Consider removing this text as follows: s/a half-open SA takes 1 KB and it's kept for 1 minute/a half-open SA is kept for 1 minute/ s/Make each of those more expensive by introducing a puzzle, and you're/By introducing a puzzle, each half-open SA becomes more expensive, making it more/ s/database in no longer/database is no longer/ s/because each one of them allows/because each one allows/ Section 3: s/BitCoins ([bitcoins])/BitCoins [bitcoins]/ The sentence containing the following text is difficult to parse even with the following change. Consider rewording. s/rate-limiting in Section 5/rate-limiting method described in Section 5/ s/of a PRF algorithm/of a Pseudo-Random Function (PRF) algorithm/ In table 1, it is not clear what the unit of time is. This should be listed in the table header and the descriptive text below. Section 4: s/derive the Diffie-Hellman shared/derive the D-H shared/ (Note: The use of D-H is not used very consistently in the draft. If the intent is to spell it out, this should be done consistently.) s/prefixes from which are considered suspect/prefixes that are considered suspect/ Section 5: While the text "if a certain purveyor of beverages resembling coffee provides" is humorous, it may be better to choose a more mundane example. s/that a sufficiently resourceful (in the sense that they have a lot of resources) adversary/that an adversary with sufficient CPU resources/ The last sentence in this section starting with "Regardless" is difficult to parse. Consider rephrasing. Section 6: s/section 2.16 or RFC 7296/section 2.16 of RFC 7296/ s/Typical figures might/Typical measures might/ Section 8.1: s/optionally contain COOKIE notification/optionally contain a COOKIE notification/ s/in Section 6, IKE responder/in Section 6, the IKE responder/ The following wording is confusing. Consider rephrasing: then it either requests the initiator to return a cookie or, if the volume is so high, that puzzles need to be used for defense, it requests the initiator to solve a puzzle. s/puzzle even being under attack/puzzle while being under attack/ s/to have chances to/to have a chance to/ s/Only those requests, that contain COOKIE notification, must/Only the requests that contain COOKIE notification must/ Section 8.1.1.3: s/to those of them, which were created spending more initiator's/to the requests which were created by spending more of the initiator's/ The following occurs twice in this section: s/initiator spent a little resources/initiator spent little resources/ s/contais fewer bits, than were/contains fewer bits than were/ s/less resources, than expected/less resources than expected/ s/the following considerations./the following considerations:/ Section 8.1.2: s/If initiator receives puzzle/If the initiator receives a puzzle,/ s/will ignore PUZZLE notification as unrecognized/will ignore the PUZZLE notification as an unrecognized/ s/MAY ignore puzzle/MAY ignore the PUZZLE notification/ s/puzzle of requested difficulty/the puzzle of the requested difficulty/ s/message contains PUZZLE notification/message contains a PUZZLE notification/ s/contain cookie, then/contain a cookie, then/ (should cookie be capitalized here?) s/malformed, because it/malformed because it/ (note this paragraph contains multiple "buts". It would be good to rephrase this run-on sentence.) s/wrong and IKE SA cannot/wrong and the IKE SA cannot/ s/If initiator supports puzzles/If the initiator supports puzzles/ s/payload called Puzzle Solution/payload called a Puzzle Solution/ Section 8.1.2.1: s/IKE initiator is to find/the IKE initiator is to find/ Note: There is not a section 8.1.2.2. Perhaps this text should be folded into the parent section? Section 8.1.3: s/least contain COOKIE notification/least contain a COOKIE notification/ s/to those of them, which were created/to requests that were created by/ Multiple matches of the following in this section: s/spent a little resources/spent little resources/ s/that puzzle was given/that the puzzle was given/ s/doesn't contain PS payload/doesn't contain a PS payload/ Section 8.1.4: s/would be its chances ro be served/its chances are to be served/ s/the responder takes decision/the responder makes the decision/ s/request are implementation dependant/request is implementation dependent/ s/number of alailable memory/number of available memory/ s/that number of the/that number of/ Section 8.2: s/to exhaust responder's CPU/to exhaust a responder's CPU/ s/keys after unsuccessful verification of IKE_AUTH/keys after an unsuccessful verification of the IKE_AUTH/ s/responder includes puzzle/responder includes a puzzle/ s/initiator includes puzzle/initiator includes a puzzle/ s/selected so, that the/selected so that the/ s/the puzzle, than the responder/the puzzle than the responder/ s/IKE SA states, that receive/IKE SA states that receive/ s/messages, but cannot decrypt them due to the/messages that cannot be decrypted due to/ Section 8.2.1.1: s/should be chosen so,/should be chosen so/ s/solve the puzzle, than/solve the puzzle than/ s/compute Diffie-Hellman shared secret and the keys,/compute the D-H shared secret and the keys/ Section 8.2.2: "Section 2.5.3 of RFC7383" should include a reference. Section 8.2.2.1: Note: There is not a section 8.2.2.2. Perhaps this text should be folded into the parent section? s/the same, the difference is in constructing of/the same; the difference is in the construction of/ s/| SPIr) has sufficient/| SPIr) has a sufficient/ Section 8.2.3: s/initiator to solve puzzle/initiator to solve a puzzle/ s/message containing solution for the puzzle is received/message containing a solution for the puzzle is received,/ s/operations - computing/operations i.e. computing/ s/due to packets loss and/due to packet loss and/ Section 9: s/usually no much traffic/usually not much traffic/ s/rekey or delete/rekey, or delete/ s/Child SA lifetimes there/Child SA lifetimes, there/ s/must be no more than a few such exchanges/are typically no more than a few such exchanges/ s/can initiate new exchange/can initiate a new exchange/ s/many exchanges, that could/many exchanges that could/ s/becomes more real threat/becomes more of a real threat/ s/that allow it to escape/allowing it to escape/ s/IKE sessions. However/ IKE sessions; however,/ s/exchanges, that would potentially/exchanges that could/ s/that reason if is NOT/that reason it is NOT/ s/increase IKEv2 window size/increase the IKEv2 window size/ s/making possible to process/making it possible to process/ s/should not be too long not to cause IKE SA/SHOULD NOT be too long to avoid causing the IKE SA/ s/delete IKE SA with/delete the IKE SA with/ Section 10.1: s/used by IKE responder/used by the IKE responder/ Section 10.2: s/called Puzzle Solution/called the Puzzle Solution/
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
