[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [DNA] QUESTION: Remove Link Down information indraft-ietf-dna-link-information-03
Jim,
I think we shall pinpoint where the "fundamental problem" is.
I don't think the fundamental problem is with the "link down" when it comes
to spoofing. When such threat is possible, the fundamental problem is with
the specific L2 design that does not allow signing (authenticating) L2
management signaling that leads to link down. And that applies to any other
L2 management signal that is not signed - link *.
If someone wants to write a document "not signing L2 management signaling
for wireless networks is considered harmful", that's fine. But than, that's
very obvious.
Alper
> -----Original Message-----
> From: James Kempf [mailto:kempf@docomolabs-usa.com]
> Sent: Wednesday, July 19, 2006 12:43 PM
> To: Alper Yegin; 'Bernard Aboba'
> Cc: suresh.krishnan@ericsson.com; 'Dna'; 'greg Daley'; 'Jari Arkko
> (JO/LMF)'
> Subject: Re: [DNA] QUESTION: Remove Link Down information in draft-ietf-
> dna-link-information-03
>
> Alper,
>
> "Is harmful" is typically a title for an RFC that discusses concerns about
> some topic. As Bernard says, the problem is that, at the IP level, it is
> possible to spoof "Link Down" traffic As you say, it is possible that some
> L2 protocol could provide a secure way to indicate "Link Down". My point
> was
> that the topic of IP level "Link Down" has been discussed now in one WG
> (DNA) and one BOF (TRIGTRAN) and also I think in another BOF over the last
> few years., and the conclusions have been the same I believe that one
> could
> reasonably conclude the problem can't be solved, barring some fundamental
> change in network to host signaling security. Am I missing something here?
>
> jak
>
> ----- Original Message -----
> From: "Alper Yegin" <alper.yegin@yegin.org>
> To: "'Bernard Aboba'" <aboba@internaut.com>
> Cc: "'James Kempf'" <kempf@docomolabs-usa.com>;
> <suresh.krishnan@ericsson.com>; "'Dna'" <dna@eng.monash.edu.au>; "'greg
> Daley'" <gregd@research.panasonic.com>; "'Jari Arkko (JO/LMF)'"
> <jari.arkko@ericsson.com>
> Sent: Tuesday, July 18, 2006 11:18 PM
> Subject: RE: [DNA] QUESTION: Remove Link Down information in
> draft-ietf-dna-link-information-03
>
>
> >> > are L2 technologies and architectures that can secure link up but not
> >> link
> >> > down? Otherwise link up would be as harmful as link down is.
> >>
> >> Perhaps this is referring to the ability to spoof management traffic
> that
> >> can result in a "Link Down" indication? For example, in 802.11 the 4-
> way
> >> handshake is secured, but management traffic such as Disassociate,
> >> Deauthnticate, etc. are not (this is fixed in 802.11w). So "Link Up"
> is
> >> not spoofable (at least in 802.11i) but "Link Down" is.
> >>
> >> On the other hand, a microwave oven, or large scissors will also do the
> >> trick for many links ;)
> >
> > Yes, this is a good example. But are there enough many other examples to
> > say
> > "nobody has ever figured out a way to allow it (link down) to be done
> > securely."?
> >
> > Btw, this does not say "link down is harmful" to me. It says there are
> > technologies whose link can be brought down by attackers. Whether a link
> > is
> > brought down legitimately or maliciously, it is down as far as the L2
> and
> > L3
> > are concerned.
> >
> >
> > Alper
> >
> >
> >
>