search

ietf-wg-idr / draft-ietf-idr-bgp-car

0 stars 0 forks source link

SEC-DIR Review of -05 #29

Closed suehares closed 4 months ago

suehares commented 4 months ago

SEC-DIR-01

I have mixed feelings about this document. The Security Considerations seems fine. It calls out that new SAFI can provide new avenues for traffic diversion. It says that BGPsec can be extended to mitigate those risks, but that extension is not done in this document. That is fine, especially for an experimental draft.

SEC-DIR-02

But I can't honestly say that I understand the draft. I thought it could be just me not having enough routing clue to figure it out, but even the rtgdir review suggests more explanation of "color" and "color-aware routing" in the introduction.

SEC-DIR-03

A comment accompanying the requested review suggested the following: Security reviews should consider this draft as being deployed in a "walled garden" where the walls are created via configuration by providers. Some questions that might be explored are:

 a) Does the security text provide an adequate description of the formation
 of the "walled garden" via BGP TCP security, address considerations,
 preventing DOS service attacks, and strong BGP security (BGP origin and
 BGPsec).

 b) does the security text provide an adequate description of how to detect
 if traffic goes outside of the "walled garden"?

I'm afraid I don't understand the protocol enough to answer those questions.

suehares commented 4 months ago

SEC-DIR-01

I have mixed feelings about this document. The Security Considerations seems fine. It calls out that new SAFI can provide new avenues for traffic diversion. It says that BGPsec can be extended to mitigate those risks, but that extension is not done in this document. That is fine, especially for an experimental draft.

For Shepherd only Resolution

Indicate in common (CAR/CT) comment that BGPsec only uses the AFI of a new NLRI for the hash. A new SAFI does not really provide additional changes.

Shepherd's report text on this subject:

SEC-DIR review of CAR looks to BGP security solutions (BGPsec and Origin validation) to provide additional security without providing detailed solutions. The SEC-DIR reviewer suggests this is sufficient for the experimental draft.

RFC8374 points out that BGPsec (RFC8205) only included the AFI in the hash to resolve a problem (see sections 2.2.1 and 6.2.1). Section 2.2.1 includes the AFI/SAFI in Figure 8, but may assume only IPv4 (AFI=1) and IPv6 (AFI=2). Due to this unclear text, both BGP intent-based solutions (CAR and CT) merely state that BGPsec could be extended. It is beyond the scope of these individual drafts to raise the BGPsec question for the host of AFI/SAFIs, but falls to the IDR WG.

suehares commented 4 months ago

SEC-DIR-02 - review of -08 and -09 text

Status: Resolved in -06, closed (Verified the Check in -08 and -09)

Issue But I can't honestly say that I understand the draft. I thought it could be just me not having enough routing clue to figure it out, but even the rtgdir review suggests more explanation of "color" and "color-aware routing" in the introduction.

suehares commented 4 months ago

SEC-DIR-03 - review of -8

Status: No action for authors, Shepherd's augmentation of shepherd's report needs updating.

A comment accompanying the requested review suggested the following: Security reviews should consider this draft as being deployed in a "walled garden" where the walls are created via configuration by providers. Some questions that might be explored are:

a) Does the security text provide an adequate description of the formation of the "walled garden" via BGP TCP security, address considerations, preventing DOS service attacks, and strong BGP security (BGP origin and BGPsec).

b) does the security text provide an adequate description of how to detect if traffic goes outside of the "walled garden"? I'm afraid I don't understand the protocol enough to answer those questions.

Shepherd only:

Check the security considerations for this concept. Add comments to Shepherd's report, then close.

Shepherd's resolution

IMHO, the Security considerations cover this topic. I will not add additional comments to the shepherd's report. If the AD or WG LC SEC-DIR suggests this point, we will re-open this issue.

suehares commented 4 months ago

All three SEC-DIR issues have been resolved.