Secure Proxy ND Support for SEcure Neighbor Discovery (SEND)
draft-ietf-csi-proxy-send-05

[Ballot comment]
The last sentence in section 5.2.2 looks out of sync when compared to the text in item 1 of the same section.

I am also agreeing with Sean's DISCUSS.

[Ballot discuss]
The SECDIR review pointed out a number of changes that are needed.  The author agreed.  I'll remove this DISCUSS once a new version (or an RFC editors note) is posted to incorporate the agreed changes.

The SECDIR review also pointed out issues with this document and with draft-ietf-csi-send-cert.  That discussion has not completed.

[Ballot discuss]
This is a minor point and I would like to have a quick discussion on whether I am right or wrong here:

Does Section 5.2.2 item 1 contradict text in Section 5.2.1?

[Ballot comment]
This is a very well written specification and it was nice to read it.
I did not spot any major or minor issues.

However, we have in the past discussed the question of compatibility
with non-SEND, SEND, and proxy SEND nodes. I think the current
specification is now reasonable in that respect. However, I think that
the decision to employ two levels of security in proxied messages (ND
or SPND) has lead to the rules that are not optimal in all circumstances.
In particular, the document says:

  As a rule of thumb, if the proxied nodes can return to the link in
  which the proxy operates, the Secure ND Proxy MUST only generate PS
  options on behalf of nodes with SEND capabilities (i.e. that they
  could use SEND to defend their messages if being in the same link
  than the proxy, either RFC3971 nodes or SPND nodes).  This is
  relevant to allow nodes preferring secured information over unsecured
  one ...

What this essentially says is that unless there is knowledge about the
network structure and movement patterns, secure proxy cannot proxy
plain old ND messages with security at all. I happen to believe that
this situation is the typical situation.

If you had provided one additional bit of information in the secure
proxy messages about the SEND/non-SEND status of the original message,
there would not be this limitation. You could have amended the
backwards compatibility rules of SEND to prefer native SEND messages
over proxied SEND messages over unsecured ND messages.

I would like to ask the authors to consider this before final approval
of the document as an RFC.

IANA comments:

ACTION 1:

Upon approval of this document, IANA will make the following assignment
in the "Internet Control Message Protocol version 6 (ICMPv6) Parameters"
registry located at
http://www.iana.org/assignments/icmpv6-parameters
sub-registry "IPv6 Neighbor Discovery Option Formats"

Type Description Reference
------ -------------------------------------- ---------
TBD Proxy Signature [RFC-csi-proxy-send-04]


ACTION 2:

Upon approval of this document, IANA will make the following assignment
in the "Cryptographically Generated Addresses (CGA) Message Type Name
Space" registry located at
http://www.iana.org/assignments/cga-message-types/cga-message-types.xhtml
sub-registry "CGA Extension Type Tags"

CGA Type Tag Reference
09F5 2BE5 3B62 4C76 CB96 4E7F CDC9 2804 [RFC-csi-proxy-send-04]

Document Shepherd Write-up for draft-ietf-csi-proxy-send-04

  (1.a)  Who is the Document Shepherd for this document?  Has the
          Document Shepherd personally reviewed this version of the
          document and, in particular, does he or she believe this
          version is ready for forwarding to the IESG for publication?

          The document shepherd is Marcelo Bagnulo who has reviewed
          this version of the document and believes that us ready for
          forwarding to the IESG for publication.

  (1.b)  Has the document had adequate review both from key WG members
          and from key non-WG members?  Does the Document Shepherd have
          any concerns about the depth or breadth of the reviews that
          have been performed?

  The document has received adequate level of review. We had 2
          WGLC during which several issues were raised and the current
          version deals with all of them.

  (1.c)  Does the Document Shepherd have concerns that the document
          needs more review from a particular or broader perspective,
          e.g., security, operational complexity, someone familiar with
          AAA, internationalization, or XML?

          No.

  (1.d)  Does the Document Shepherd have any specific concerns or
          issues with this document that the Responsible Area Director
          and/or the IESG should be aware of?  For example, perhaps he
          or she is uncomfortable with certain parts of the document, or
          has concerns whether there really is a need for it.  In any
          event, if the WG has discussed those issues and has indicated
          that it still wishes to advance the document, detail those
          concerns here.  Has an IPR disclosure related to this document
          been filed?  If so, please include a reference to the
          disclosure and summarize the WG discussion and conclusion on
          this issue.

          No special concerns or issues.

  (1.e)  How solid is the WG consensus behind this document?  Does it
          represent the strong concurrence of a few individuals, with
          others being silent, or does the WG as a whole understand and
          agree with it?

          The consensus behind the document is solid.

  (1.f)  Has anyone threatened an appeal or otherwise indicated extreme
          discontent?  If so, please summarize the areas of conflict in
          separate email messages to the Responsible Area Director.  (It
          should be in a separate email because this questionnaire is
          entered into the ID Tracker.)

          No conflicts.

  (1.g)  Has the Document Shepherd personally verified that the
          document satisfies all ID nits?  (See
          http://www.ietf.org/ID-Checklist.html and
          http://tools.ietf.org/tools/idnits/.)  Boilerplate checks are
          not enough; this check needs to be thorough.  Has the document
          met all formal review criteria it needs to, such as the MIB
          Doctor, media type, and URI type reviews?  If the document
          does not already indicate its intended status at the top of
          the first page, please indicate the intended status here.

          I have verified the ID nits.

          No MIB Doctor, media type nor UR type reviews are needed for
          this document.

          The document intended status is Experimental.

  (1.h)  Has the document split its references into normative and
          informative?  Are there normative references to documents that
          are not ready for advancement or are otherwise in an unclear
          state?  If such normative references exist, what is the
          strategy for their completion?  Are there normative references
          that are downward references, as described in [RFC3967]?  If
          so, list these downward references to support the Area
          Director in the Last Call procedure for them [RFC3967].

          The references are split into normative and informative.
          There is one normative references that are in draft status.
          draft-ietf-csi-send-cert-03 is under IESG review.

  (1.i)  Has the Document Shepherd verified that the document's IANA
          Considerations section exists and is consistent with the body
          of the document?  If the document specifies protocol
          extensions, are reservations requested in appropriate IANA
          registries?  Are the IANA registries clearly identified?  If
          the document creates a new registry, does it define the
          proposed initial contents of the registry and an allocation
          procedure for future registrations?  Does it suggest a
          reasonable name for the new registry?  See [RFC2434].  If the
          document describes an Expert Review process, has the Document
          Shepherd conferred with the Responsible Area Director so that
          the IESG can appoint the needed Expert during IESG Evaluation?

  The IANA section is the draft exists and it is coherent with
          the body of the document. No new registry is created,
          A couple of values for existing registries are assigned.

  (1.j)  Has the Document Shepherd verified that sections of the
          document that are written in a formal language, such as XML
          code, BNF rules, MIB definitions, etc., validate correctly in
          an automated checker?

          The document does no contain any section written in a formal
          language.
 
  (1.k)  The IESG approval announcement includes a Document
          Announcement Write-Up.  Please provide such a Document
          Announcement Write-Up.  Recent examples can be found in the
          "Action" announcements for approved documents.  The approval
          announcement contains the following sections:

          Technical Summary
            Relevant content can frequently be found in the abstract
            and/or introduction of the document.  If not, this may be
            an indication that there are deficiencies in the abstract
            or introduction.

  Secure Neighbor Discovery (SEND) specifies a method for securing
  Neighbor Discovery (ND) signaling against specific threats.  As
  defined today, SEND assumes that the node sending a ND message is the
  owner of the address from which the message is sent, so that it is in
  possession of the private key used to generate the digital signature
  on the message.  This means that the Proxy ND signaling performed by
  nodes that do not possess knowledge of the address owner's private
  key cannot be secured using SEND.  This document extends the current
  SEND specification in order to secure Proxy ND operation.


          Working Group Summary
            Was there anything in the WG process that is worth noting?
            For example, was there controversy about particular points
            or were there decisions where the consensus was
            particularly rough?

          Nothing special that worth noting. Not a controversial document.

          Document Quality
            Are there existing implementations of the protocol?  Have a
            significant number of vendors indicated their plan to
            implement the specification?  Are there any reviewers that
            merit special mention as having done a thorough review,
            e.g., one that resulted in important changes or a
            conclusion that the document had no substantive issues?  If
            there was a MIB Doctor, Media Type, or other Expert Review,
            what was its course (briefly)?  In the case of a Media Type
            Review, on what date was the request posted?

          The document has benefits from a number of reviewers, who are
          detailed in the ACK section of the draft.

          Personnel
            Who is the Document Shepherd for this document?  Who is the
            Responsible Area Director?  If the document requires IANA
            experts(s), insert 'The IANA Expert(s) for the registries
            in this document are .'

        Document shepherd: Marcelo Bagnulo
        Area Director: Ralf Droms