AB, while the IETF LC has already ended, I will reply to your comments below: On Thu, Jun 6, 2013 at 1:33 PM, Abdussalam Baryun <abdussalambaryun@xxxxxxxxx> wrote: > Reply to your request dated 24/05/2013 > I-D: draft-ietf-manet-nhdp-sec-threats-03 > Draft Reviewed By: Abdussalam Baryun (AB) Dated:06/06/2013 > Reviewer Comment A3: Use Cases not considered and the Information Bases Threats. > +++++++++++++++++++++++++++++++++++++++ > *Use-cases threats* > > Reading the RFC6130 applicability section 3, the I-D does not consider > all the use-cases included in the that section 3. > > AB> Does the use-case of NHDP [RFC6130] add any value to the threats, > or the I-D assumes only one use case which is OLSRv2 network. I don't understand the question. The use case is a MANET running NHDP. Section 5 in addition outlines consequences of security threats to NHDP for protocols using the information from NHDP. > The NHDP uses RFC5444 packets and RFC5444 messages, so what are the > threats to NHDP use for each? not mentioned in I-D. I don't understand the question. There is no danger from a message or packet itself; they may contain information that has either been legitimately tampered with or that is "wrong" because of misconfiguration. And these are the cases we have described. > RFC6130> NHDP Can use relevant link-layer information if it is available. > AB> is there any threat from that use-case? not mentioned in the I-D. After discussion on the MANET mailing list, this was already added in section 4.8 (even though the link quality itself is not a normative part of RFC6130, the authors agreed to add that section). > *Information bases threats* > > RFC6130> Appendix F> This appendix illustrates various examples of > physical topologies, as well as how these are logically recorded by > NHDP from the point of > view of the router A. This representation is a composite of > information that would be contained within A’s various Information > Bases after NHDP has been running for sufficiently long time for the > state to converge. > > AB> Why the logically recording of the NHDP for all the examples not > mentioned in the I-D and were not threat analysed? If there is similar > level of threats related to all exampels in RFC6130, then please > mention that. I don't understand the question. The example in RFC6130 simply illustrates how NHDP would perceive and store several sample topologies. How would that represent a "level of threat"? The I-D describes several security threats and explains in which situations these could occur (and what effect it would have). That could happen in an infinite amount of different topologies, so it is impossible (and useless) to list all topologies where such attacks could occur. Best regards Ulrich