Re: [Last-Call] Last Call: <draft-gont-numeric-ids-sec-considerations-06.txt> (Security Considerations for Transient Numeric Identifiers Employed in Network Protocols) to Best Current Practice

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello

On 12/17/20 9:51 PM, Joe Touch wrote:
> 
> 
>> On Dec 17, 2020, at 4:21 PM, Ted Lemon <mellon@xxxxxxxxx> wrote:
>>
>> On Dec 17, 2020, at 6:47 PM, Joseph Touch <touch@xxxxxxxxxxxxxx
>> <mailto:touch@xxxxxxxxxxxxxx>> wrote:
>>> What you add as a requirement ends up excluding as a platform. That’s
>>> the antithesis of Internet design.
>>>
>>> The point is that these are tradeoffs of *implementation*, and should
>>> not be described as protocol deficiencies.
>>
>> It sounds like what you’re saying is that it’s a SHOULD, not a MUST?
> 
> At the *protocol* level, it’s nothing. Only as an implementation
> suggestion. 

As noted before, RFC 6528, a proposed standard, already mandates with
SHOULD and algorithm to generate TCP ISNs
(https://tools.ietf.org/html/rfc6528#page-4)


Also, RFC 3550 "Real Time Protocol" (RTP), an Internet Standard, has
very specific guidance for how to generate certain identifiers:
(https://tools.ietf.org/html/rfc3550#page-59)

 It is also not sufficient to obtain an SSRC identifier simply by
   calling random() without carefully initializing the state.  An
   example of how to generate a random identifier is presented in
   Appendix A.6.

In sum, there are already many protocol specifications where very
specific algorithms are mandated or suggested with little or no analysis
of security and privacy impact, sometimes those algorithms even
introduce weaknesses.

Our draft does not mandate any algorithm, it mandates that protocol
authors do an analysis of impact of the transient identifiers they put
in their protocols, document that analysis, and recommend appropriate
algorithms. It does not say that any said algorithm must be a MUST.

Perhaps we could add text saying that protocol authors should not forbid
that implemeters not comply with the recommended algorithms.

That would address your concern and  clarify that the analysis and a
recommendation is required but specific algorithm recommendations cannot
be a MUST.

/ivan

-- 
Iván Arce
CTO - Security Analysis
Quarkslab

-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux