Hi Michael. I think the security section looks good, but I have some comments, to clarify some passages My comments:
In Section 9: "... transit, inject and replay packets "on the wire". In an insider attack, the attacker has access to an autonomic node, or can insert packets directly into the ACP." - I understand the difference between "on the wire" and "directly into the ACP", but I think this should be better explained. In Section 9.1: "...as well as mechanisms specific to an autonomic network (such as a secured MASA server)." - I believe "secured MASA server" can be replaced by "MASA service". "AN specific protocols and methods must also follow traditional security methods, in that all packets that can be sniffed or injected by an outside attacker are: o protected against modification. o authenticated. o protected against replay attacks. o encrypted." - I'd rather be consistent using "protection on Confidentiality, Integrity, Availability, and Non-repudiation". "Most AN messages run inside the cryptographically protected ACP. The not protected AN messages outside the ACP are limited to a simple discovery method, defined in Section 2.5.2 of [I-D.ietf-anima-grasp]: The "Discovery Unsolicited Link-Local (DULL)" message, with detailed rules on its usage." - Since it is a important exception, I think the usage rules should be replicated here instead of just using a reference to the GRASP I-D. Cheers. Jéferson Em qui, 12 de out de 2017 às 06:23, Michael H. Behringer < [email protected]> escreveu: > As mentioned before, the Security Considerations section needed work. I > have now restructured and to a large extent re-written that section. > > The main focus is on the fact that while AN is auto-protecting, in the > case of a vulnerability, protocol design error, operational error, the > attack surface is huge. > > All, especially co-authors: Please read the new section and comment! > > Right now only on github: > > https://github.com/mbehring/ANIMA-Reference-Model/blob/master/draft-ietf-anima-reference-model.txt > > Other than that: > - on sections 7.6 and 7.7 I'm waiting for feedback from John. > - otherwise, to my knowledge, all other input received has been taken > into account. > > Once 7.6, 7.7 and the security considerations are stable, I'll push a > new version. Co-authors: Comment now! :-) > > Michael > > _______________________________________________ > Anima mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/anima >
_______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
