Early Review of draft-ietf-rtgwg-srv6-egress-protection-16
review-ietf-rtgwg-srv6-egress-protection-16-secdir-early-hallam-baker-2024-11-02-00
Request | Review of | draft-ietf-rtgwg-srv6-egress-protection-09 |
---|---|---|
Requested revision | 09 (document currently at 17) | |
Type | Early Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2023-08-05 | |
Requested | 2023-07-11 | |
Requested by | Yingzhen Qu | |
Authors | Tao He , Zhibo Hu, Huaimo Chen , Mehmet Toy , Chang Cao | |
I-D last updated | 2024-11-02 | |
Completed reviews |
Rtgdir Early review of -11
by Tal Mizrahi
(diff)
Intdir Early review of -10 by Bob Halley (diff) Secdir Early review of -16 by Phillip Hallam-Baker (diff) Opsdir Early review of -09 by Susan Hares (diff) |
|
Comments |
Kindly request early reviews of this document, specifically focusing on its consistency and effectiveness in relation to existing mechanisms. |
|
Assignment | Reviewer | Phillip Hallam-Baker |
State | Completed | |
Request | Early review on draft-ietf-rtgwg-srv6-egress-protection by Security Area Directorate Assigned | |
Posted at | https://mailarchive.ietf.org/arch/msg/secdir/OsW1v_jPg4W2_T6njjR-LabF6F4 | |
Reviewed revision | 16 (document currently at 17) | |
Result | Has issues | |
Completed | 2024-11-02 |
review-ietf-rtgwg-srv6-egress-protection-16-secdir-early-hallam-baker-2024-11-02-00
I have reviewed this document and in general, it seems ready. While it does raise serious security concerns, it is not clear that these are new to this proposal or that this proposal gives more leverage to an attacker. Specifically, the draft stipulates that 'the area is in a single administrative domain' the security considerations describes one set of attacks arising from customers served by the domain. However, this set of attacks may be broader than described. Consider for instance the case where there are two domains A and B that provide transit for ISP C. An attacker that wants to ensure C is serviced exclusively by B might perform a denial of service attack on A so as to increase the cost of that route so as to achieve that goal. A real world attack that has been seen in the past is country X preparing for an invasion of country Y, performing BGP level attacks to effectively reroute Internet traffic within Y so that the government Web sites were serviced by fake sites set up by X. These sites containing messages of the form 'don't worry about the military exercises'.