The OPSEC working group convened at IETF 74 on 24 March 2009 at 17:20 PDT. Note taker: Joe Abley 1. draft-ietf-opsec-routing-protocols-crypto-issues-00 Vishwas Monral presented a summary of the background of this document, observing that it has been presented in various venues before. Ron Bonica: five bullet points of the issues you have uncovered? Vishwas: Things like "all the routers share the same key". What if one of them is malicious. In a normal mechanism, the same key is not shared amongst all the routers. Vishwas: Another one is replay attacks. Someone could pump in older information and adjacencies could break. Chris Morrow: most routing protocols I've seen don't require the same key everywhere, it can be per-adjacnecy, per neighbour, etc. The use of the same key everywhere is an operational convention. Also note that the passwords *never* change, since it's practically impossible to change them on networks of any size. Having some way to change these keys in a reasonable fashion would be terrific. Vishwas: In ospf we have mechanisms for key rollover. Chris: Draft, no running code Vishwas: Correct. Chris: I do like this, though. The reasons they are the ways things are is because of current operational practices as well as the tools that are available to the operators. ron: I also really like this work. a good way to proceed would be to list security requirements, e.g. protection from replay, a way to change keys, and then do some gap analysis. Vishwas also presented draft-bhatia-manral-igp-crypto-requirements. Joel Jaeggli: Note that this is not a wg document at this moment. Vishwas: Correct. there was some opposition. Not necessarily real issues. Joel: Oh, there were real issues. there is some controversy in general within the ietf, cryptographers vs. protocol engineers. ... Vishwas: Adding a draft for each protocol was inefficient. Decided to create a single draft for all IGPs and made a recommendation in just one draft. Any changes could be made in one place rather than being made in many documents. Did something similar in IPSec. Ron Bonica: MAC algorithm that is secure today won't be secure tomorrow. What concerns me is that we've been dealing with authenticaiton algorithms that support 96 bit macs. If we need a longer MAC in the future, do we need to support it in the routing protocol? Vishwas: The way is-is was, it was written with the thought that there would be only one, MD5 hash authentication. Brian Weiss: Usually we have a 96 bit mask because we truncated the actual hash to 96 bits. Joel: This is important work, in the interests of not being caught by surprise in the manner that (e.g.) some operators were when they had to suddenly do widespread deployment of TCP/MD5 with BGP. Pat Kane: the question before the security people is how do we move to SHA-3. One thing that came up today at liunchtime is that it's a problem to make a statement that MD-2 or MD-5 is not good for anuything. Hashes are used for different things, not just crypto. Joel: ... Pat: Yes, but also worried about the other end; ssh doesn't support md-7 yet, omg, etc. Richard Grey: there's an effort between routing and security areas under name of kmart which addresses most of these problem areas one way or another. There's a mailing list, kmart@ietf.org where there has been discussion. Not a wg, but individual submissions in a mailing list. Joel: Ops is not the place to do the protocol work. 2. Practical Active Attacks on IGPs that Some Folks Might Not Realise Exist (RJ Atkinson) Ran was not available. 3. draft-ietf-opsec-blackhole-urpf-02 Deferred. 4. draft-ietf-opsec-ip-security, draft-gont-tcp-security, draft-ietf-opsec-icmp-filtering, Presented by Joel. Joel: Thought that whether tcpm might be another place to socialise draft-gont-tcp-security Ron: at least, tcpm. 5. Document Status Summary Joel: Document status. Vishwas/Manas have one document that is not on the list. What is here are warren kumari's blackhole URPF draft, revised in the last month, believed to be very close to WGLC as BGP. Major change was to remove the codepoint request for a special community for a blackhole. Joel: ICMP filtering document shold be revised shortly, recently expired. Beyond that document state hasn't changed that much since last meeting. Hope we do WGLC on two documents shortly, one on opsec routing protocols crypto issues, and either accept or encourage the other document to be accepted as a wg draft, or recast as an individual submission. -end-