[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

security considerations wrt/ draft-ietf-ipdvb-arch-01.txt

To: "ipdvb@erg.abdn.ac.uk" <ipdvb@erg.abdn.ac.uk>
Subject: security considerations wrt/ draft-ietf-ipdvb-arch-01.txt
From: George Gross <gmgross@nac.net>
Date: Wed, 27 Oct 2004 15:14:04 -0400 (EDT)
In-reply-to: <>
Reply-to: ipdvb@erg.abdn.ac.uk
Sender: owner-ipdvb@erg.abdn.ac.uk

Hi,

	I was reviewing the above draft's security considerations section
8, and thinking about possible threat models.

	Suppose a rogue DVB-RCS subscriber cracked the terminal's software
and took control of its behavior. From what I could discern, in the
absence of point to point link layer encryption that adversary could
eavesdrop on any peer subscriber's IP communications, correct? Let's
assume the hapless peer subscriber is Joe Consumer, for whom IPsec and TLS
are random letters in the alphabet. This scenario could be a security
exposure similar to what early 802.11b had, which garnered lots of
negative press and rev'ing to fix that standard.

	As currently written, the section 8.1 leaves it up to the Access
Network Operator to optionally set up a link layer security service. Yet
there is insufficient definition of what that security service is, and how
it would be integrated with the IP layer related services, such as DVB
address resolution. It seems odd to imply that the IPDVB architecture
would depend on those link layer security services, yet not even name them
by reference and mandate one.

	I would have thought the IPDVB architecture would require at least
_one_ of those possible choices _must_ be implemented as part of the IETF
standard. Otherwise, no two IPDVB implementations could inter-operate
unless they happened to understand the same Access Network Operator's link
layer security service.

	I seem to recall that there was an e-mail thread on this list wrt/
security last spring, but its conclusion didn't seem to account for the
above security risks and inter-operability issue...

hth,
	George


On Fri, 15 Oct 2004, Gorry Fairhurst wrote:

>
> This note starts the ipdvb WG Last Call for comments for the WG document
> named below:
>
> draft-ietf-ipdvb-arch-01.txt
>
> The last call will end on 29/10/2002.
>
> Members of the IETF are asked to read the draft and send any issues,
> comments, or corrections to this mailing list. The WGLC procedure is the
> last chance for this working group to modify/correct this z.
>
> Please do forward any comments to the list.
>
> Best wishes,
>
> Gorry Fairhurst
> (ipdvb WG Chair)
>
>

Follow-Ups:
- Re: security considerations wrt/ draft-ietf-ipdvb-arch-01.txt
  - From: "Marie-Jose Montpetit" <mariejose.montpetit@verizon.net>
- CRC Check for DSMCC section
  - From: "Anurag Sharma" <anurags@future.futsoft.com>

References:
- Working Group Last Call (WGLC): draft-ietf-ipdvb-arch-01.txt
  - From: Gorry Fairhurst <gorry@erg.abdn.ac.uk>

Prev by Date: [no subject]
Next by Date: Re: security considerations wrt/ draft-ietf-ipdvb-arch-01.txt
Previous by thread: Working Group Last Call (WGLC): draft-ietf-ipdvb-arch-01.txt
Next by thread: Re: security considerations wrt/ draft-ietf-ipdvb-arch-01.txt
Index(es):
- Date
- Thread