if (initial_ttl!=255) then (rfc5082_compliant==0) donald.sm...@centurylink.com
> ________________________________________ > From: Job Snijders [j...@ntt.net] > Sent: Thursday, December 14, 2017 12:38 PM > To: bruno.decra...@orange.com > Cc: Smith, Donald; grow-cha...@ietf.org; Ben Campbell; > draft-ietf-grow-bgp-gs...@ietf.org; grow@ietf.org; The IESG > Subject: Re: [GROW] Ben Campbell's Yes on draft-ietf-grow-bgp-gshut-12: > (with COMMENT) > > On Thu, Dec 14, 2017 at 06:03:42PM +0000, bruno.decra...@orange.com > wrote: > > > From: Smith, Donald [mailto:donald.sm...@centurylink.com] > > > Sent: Thursday, December 14, 2017 6:13 PM > > > > > > I don't see anything around MD5/TCPAO authentication. > > > > This is correct, but this is really not specific to this document and > > the comment would apply to any information sent over BGP session, and > > probably to most of IDR document extending the protocol with > > additional field or usage. If there is a need to discuss this all > > IETF document related to BGP, we can indeed add some text. Would the > > following text be ok with you? > > > > "This document does not change any underlying security issues > > associated with any other BGP Communities mechanism. Unless a > > transport that provides integrity is used for the BGP session, the > > GRACEFUL_SHUTDOWN community may be added or removed by a man in the > > middle. However, the harm would be lower than adding or removing an > > NLRI, or adding a NO_EXPORT or NO_ADVERTISE community. Hence this does > > not constitute a new attack vector. Protection of the TCP session used > > by BGP is discussed in section 5.1 of RFC 7454, security section of > > [RFC4271] and [RFC4272]." > > I think the above is mostly good, but can be trimmed a little bit. The > following is on point and covers aspects relevant to GRACEFUL_SHUTDOWN. > > "This document does not change any underlying security issues > associated with any other BGP Communities mechanism. Unless a > transport that provides integrity is used for the BGP session, the > GRACEFUL_SHUTDOWN community may be added or removed by a man in the > middle." > > Kind regards, > > Job Since in theory you could do this blindly (tcp slipping in the window), I would remove the MITM and say by "unauthorized 3rd parties" or something like that. Otherwise this is better than putting all the other security recommendations from other rfcs [4271, 4272] so I support referencing them instead. This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments. _______________________________________________ GROW mailing list GROW@ietf.org https://www.ietf.org/mailman/listinfo/grow
