|
On 07/01/2019 16:11, Phillip
Hallam-Baker wrote:
Reviewer: Phillip Hallam-Baker Review result: Has Issues The document describes the problem and solution pretty clearly. Unfortunately, there is no discussion of the security considerations which is not appropriate for a document addressing an availability which is a security issue. While microloops can form by chance, some consideration should be given to the possibility that an attacker could induce a loop to perform a DoS attack. In section 1 the text says: [RFC8405] defines a solution that satisfies this problem statement and this document captures the reasoning of the provided solution. It is safe to assume that the reader of this text would have read
normative reference RFC8405 and thus would be fully aware of the
security issues related to the solution being analysed. An attacker that had access to a network such that they could induce microloops would have the ability to do many worse things to the network. If they were able to attack in-band they could poison the routing system to take it down in far more interesting ways. Operators use security at the physical and network layer to prevent this. If they were operating at the physical layer then they could take
circuits down at will and cause microloops in the base protocol,
traffic overloads and application malfunction. Thus if the attacker could deploy either of those attacks in a network to induce micro-loops, then any security considerations in this draft would count for nothing. The draft is an analysis, and thus I think that it correctly
states that it introduces no additional matters for security
consideration. - Stewart |
