search

mglt / draft-mglt-nvo3-geneve-security-requirements

0 stars 1 forks source link

partial encryption #17

Open mglt opened 6 years ago

mglt commented 6 years ago
  1. Section 5.1 – SEC-OP2: This requirement of “…likely to carry sensitive information..” is high level. We already say that it is possible to configure whether the network virtualization layer should also encrypt in addition to the TS level encryption, that should address such a risk. Hence this requirement is not necessary.
mglt commented 6 years ago

I suspect the concern is how the specific deployment can fulfill SEC-OP-2. As NVE-NVE communications are encrypted, metadata are not transmitted in clear text and as such SEC-OP-2 is met by the current deployment.

I propose the following text to address the concern of too high level description. I believe this address the concern.

""" SEC-OP-2: A secure deployment of a Geneve overlay MUST evaluate the information associated to the leakage of the Geneve Outer Header, Geneve Header and Geneve Option. When a risk analysis concludes that the risk of leaking sensitive information is too high, such MUST NOT be transmit in clear text. """

mglt commented 6 years ago

I suspect the concern is how the specific deployment can fulfill SEC-OP-2. As NVE-NVE communications are encrypted, metadata are not transmitted in clear text and as such SEC-OP-2 is met by the current deployment.

I propose the following text to address the concern of too high level description. I believe this address the concern.

""" SEC-OP-2: A secure deployment of a Geneve overlay MUST evaluate the information associated to the leakage of the Geneve Outer Header, Geneve Header and Geneve Option. When a risk analysis concludes that the risk of leaking sensitive information is too high, such MUST NOT be transmit in clear text. """