Hi John, Thanks for the review! Regarding your question, something that comes to mind is a network where access inside the RLOC network is restricted, so even if an attacker was successfully able to attach to the edge of the RLOC network and mount attacks from its edge RLOC, it would still not be able to mount MITM attacks inside the RLOC network.
I’m not a security expert and might be missing something here, so please let us know if you would like us to update the text. Thanks! Alberto From: John Scudder via Datatracker <[email protected]> Date: Friday, February 10, 2023 at 8:20 PM To: The IESG <[email protected]> Cc: [email protected] <[email protected]>, [email protected] <[email protected]>, [email protected] <[email protected]>, [email protected] <[email protected]>, [email protected] <[email protected]> Subject: John Scudder's No Objection on draft-ietf-lisp-pubsub-11: (with COMMENT) John Scudder has entered the following ballot position for draft-ietf-lisp-pubsub-11: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-lisp-pubsub/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thanks for this well-crafted (albeit dense) document. I have one question. While I don't think it needs to be a blocking issue, I'd still appreciate discussion. In Section 7.1, you write, If PubSub is being used in an environment where replay attacks might occur, then the Map-Server MUST verify that the OTK has not been used before. I strained to think of a realistic deployment where the threat model was one where security was required, but replay protection was NOT required. Can you provide an example of one?
_______________________________________________ lisp mailing list [email protected] https://www.ietf.org/mailman/listinfo/lisp
