Re: [OPSAWG] MD Type attack (Was: Question regarding Proof of Transit draft)

2016-07-20 Thread Blumenthal, Uri - 0553 - MITLL
I suggest that while MITM is not the most common threat (there are more attackers that are without on-path access) - it is still common and dangerous *enough* to justify mitigating it, if at all possible. At the very worst, clearly specify why you do not address this threat (but again, I’d rather

Re: [OPSAWG] MD Type attack (Was: Question regarding Proof of Transit draft)

2016-07-20 Thread Sashank Dara (sadara)
On 20/07/16, 3:39 PM, "Tal Mizrahi" wrote: >Hi Carlos, > >It all goes back to the threat model; which threats you want to address, >and which ones you don't. > >The way I see it, roughly speaking there are 3 classes of threats (there >ae probably other threats, but these are

Re: [OPSAWG] MD Type attack (Was: Question regarding Proof of Transit draft)

2016-07-20 Thread Carlos Pignataro (cpignata)
Hi Tal, > On Jul 20, 2016, at 12:09 PM, Tal Mizrahi wrote: > > Hi Carlos, > > It all goes back to the threat model; which threats you want to address, and > which ones you don't. > > The way I see it, roughly speaking there are 3 classes of threats (there ae > probably

Re: [OPSAWG] MD Type attack (Was: Question regarding Proof of Transit draft)

2016-07-20 Thread Tal Mizrahi
Hi Carlos, It all goes back to the threat model; which threats you want to address, and which ones you don't. The way I see it, roughly speaking there are 3 classes of threats (there ae probably other threats, but these are the basic ones): - Misroute / misconfiguration (not a security

Re: [OPSAWG] MD Type attack (Was: Question regarding Proof of Transit draft)

2016-07-20 Thread Carlos Pignataro (cpignata)
Hi, Tal, > On Jul 20, 2016, at 11:42 AM, Tal Mizrahi wrote: > > Hi Carlos, > > >> Let’s step back a little — the “vulnerability” you are describing comes with >> the >> assumption that a MIIT attacker can intercept a packet, extract a TLV from >> the MD Type 2, drop the

Re: [OPSAWG] MD Type attack (Was: Question regarding Proof of Transit draft)

2016-07-20 Thread Tal Mizrahi
Hi Carlos, >Let’s step back a little — the “vulnerability” you are describing comes with >the >assumption that a MIIT attacker can intercept a packet, extract a TLV from >the MD Type 2, drop the packet; then intercept another packet (with the >knowledge that it took a different path, so maybe

[OPSAWG] MD Type attack (Was: Question regarding Proof of Transit draft)

2016-07-20 Thread Carlos Pignataro (cpignata)
Tal, > On Jul 20, 2016, at 6:30 AM, Tal Mizrahi wrote: > > Hi Sashank, > >> [SD] The attack is valid only if the attacker can get away bypassing a >> service function/node. >> For example, if the attacker bypasses a node and if POT determines it did >> not bypass is a