> On 2 Jul 2020, at 23:30, Tero Kivinen via Datatracker <noreply@xxxxxxxx> wrote: > > > > It does claim in the security considerations section that there is no new > security issues associated with the MPLS dataplane. I think that is not true. > If there is any kind of different processing depending which synonym > is used that can be used to bypass that processing by using the another > synonym instead of the intended one. > For example if attacker knows > that specific synonym causes deep packet inspection (one of the examples > given), and he might want to use the synonym which bypasses this s/he/they/ > inspection, in case he is sending things he does not want to be > inspected. This could be some kind of malicious code somehow > loaded to the sending device or something. The sending device is always an LSR owned by the provider, there is no way for a random device to do this. Equally the P routers are owned and managed by the provider. > > On the other hand my understanding that trust model of MPLS > is mostly we blindly trust everything other end says, so someone > able to use different synonyms are most likely also able to do > other even worse things, but I think there are new things caused > by this addition than what is already present in the MPLS now. If you can articulations them, we will look at the level of threat and how we might mitigate them. However we are not aware of any such new threats. As you say, if you compromised the ingress PE in a MPLS network you are pretty much dead in the water anyway. These environments are well managed and tend to be secure. Thus, I do not propose to add any text unless there is a well articulated and specific threat that is not already considered within the existing MPLS design. Many thanks for the review. Stewart -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
