Re: [Idr] Last Call: <draft-ietf-idr-shutdown-08.txt> (BGP Administrative Shutdown Communication) to Proposed Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Robert,

If you (and others) think that "visual attack" is a better phrasing, I'd be happy to change "visual spoofing" to "visual attacks" in the security section. 

Kind regards,

Job

On Mon, 8 May 2017 at 22:39, Robert Raszuk <robert@xxxxxxxxxx> wrote:

Then this is not "visual spoofing"  ... you are just protecting from forms of "visual attacks"

Best,
R.

On Mon, May 8, 2017 at 10:36 PM, Job Snijders <job@xxxxxxx> wrote:
Hi Robert,

The reference is to a different type of visual spoofing. The idea was to limit the string length to prevent spoofing of additional syslog messages or other fake cli output. 

We already covered the extensibility aspect in the working group. 

Kind regards,

Job

On Mon, 8 May 2017 at 22:28, Robert Raszuk <robert@xxxxxxxxxx> wrote:
Hi Job,

Assuming that by "visual spoofing" you really mean this: http://websec.github.io/unicode-security-guide/visual-spoofing/ how does limiting the length of the field helps to minimize it ? 

It is UTF which is a problem here regardless of the length. 

Ok so we leave 129-255 for further use .. brilliant. Assume someone comes tomorrow and has a great use case for sending one byte of information in the cease. So he defines length 129 right ? And even if operator did not type anything for the "shutdown case" ... first 128 bytes goes empty, then goes one newly defined octet. Is this really how protocol encoding should be done in 2017 ? Is concept of TLV so complex ? 

Cheers,
R.


On Mon, May 8, 2017 at 9:46 PM, Job Snijders <job@xxxxxxx> wrote:

On Mon, 8 May 2017 at 21:36, Enke Chen <enkechen@xxxxxxxxx> wrote:
I understand this is not a good use of time.  But since it is in the
spec, I would like to understand the reasons.  If there are good reasons
for doing things differently, then they should be documented in the spec
so that people do not question again.


In the security section: "This specification minimizes the effects of visual spoofing by limiting the length of the Shutdown Communication."

On 5/8/17 12:13 PM, Jakob Heitz (jheitz) wrote:
> It is deliberately kept short to minimize the potential for abuse.

128 is ok, and 129- 255 would be considered abuse?

Those are an error according to the draft.

Kind regards,

Job


_______________________________________________
Idr mailing list
Idr@xxxxxxxx
https://www.ietf.org/mailman/listinfo/idr



[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]