From mailman-bounces@ietf.org Mon Nov 1 09:34:20 2004 Received: from megatron.ietf.org (megatron.ietf.org [132.151.6.71]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA07758 for ; Mon, 1 Nov 2004 09:34:20 -0500 (EST) Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1COZpz-0006Hn-B4 for ippm-archive@lists.ietf.org; Mon, 01 Nov 2004 05:54:59 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: ietf.org mailing list memberships reminder From: mailman-owner@ietf.org To: ippm-archive@ietf.org X-No-Archive: yes Message-ID: Date: Mon, 01 Nov 2004 05:20:57 -0500 Precedence: bulk X-BeenThere: mailman@lists.ietf.org X-Mailman-Version: 2.1.5 List-Id: Mailman site list X-List-Administrivia: yes Sender: mailman-bounces@ietf.org Errors-To: mailman-bounces@ietf.org Content-Transfer-Encoding: 7bit This is a reminder, sent out once a month, about your ietf.org mailing list memberships. It includes your subscription info and how to use it to change it or unsubscribe from a list. You can visit the URLs to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on. In addition to the URL interfaces, you can also use email to make such changes. For more info, send a message to the '-request' address of the list (for example, mailman-request@ietf.org ) containing just the word 'help' in the message body, and an email message will be sent to you with instructions. ********************************************************************** NOTE WELL: Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made within the context of an IETF activity is considered an "IETF Contribution". Such statements include oral statements in IETF sessions, as well as written and electronic communications made at any time or place, which are addressed to: o the IETF plenary session, o any IETF working group or portion thereof, o the IESG, or any member thereof on behalf of the IESG, o the IAB or any member thereof on behalf of the IAB, o any IETF mailing list, including the IETF list itself, any working group or design team list, or any other list functioning under IETF auspices, o the RFC Editor or the Internet-Drafts function All IETF Contributions are subject to the rules of RFC 3667 and RFC 3668. Statements made outside of an IETF session, mailing list or other function, that are clearly not intended to be input to an IETF activity, group or function, are not IETF Contributions in the context of this notice. Please consult RFC 3667 for details. ******************************************************************************* If you have questions, problems, comments, etc, send them to mailman-owner@ietf.org . Thanks! Passwords for ippm-archive@lists.ietf.org: List Password // URL ---- -------- ippm@ietf.org wurudu https://www1.ietf.org/mailman/options/ippm/ippm-archive%40lists.ietf.org From ippm-bounces@ietf.org Tue Nov 2 04:29:07 2004 Received: from megatron.ietf.org (megatron.ietf.org [132.151.6.71]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA01042 for ; Tue, 2 Nov 2004 04:29:06 -0500 (EST) Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1COuqv-0005VM-20; Tue, 02 Nov 2004 04:21:21 -0500 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1COugt-0000e8-1C for ippm@megatron.ietf.org; Tue, 02 Nov 2004 04:10:59 -0500 Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA29984 for ; Tue, 2 Nov 2004 04:10:57 -0500 (EST) Received: from postman.ripe.net ([193.0.0.199]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1COuvy-0004S2-0z for ippm@ietf.org; Tue, 02 Nov 2004 04:26:34 -0500 Received: by postman.ripe.net (Postfix, from userid 8) id D1EC64FE42; Tue, 2 Nov 2004 10:10:27 +0100 (CET) Received: from birch.ripe.net (birch.ripe.net [193.0.1.96]) by postman.ripe.net (Postfix) with ESMTP id 7D9284E1F7 for ; Tue, 2 Nov 2004 10:10:25 +0100 (CET) Received: from x49.ripe.net (x49.ripe.net [193.0.1.49]) by birch.ripe.net (8.12.10/8.11.6) with ESMTP id iA29AP1T026337 for ; Tue, 2 Nov 2004 10:10:25 +0100 Received: from localhost (henk@localhost) by x49.ripe.net (8.12.10/8.12.6) with ESMTP id iA29APHY005109 for ; Tue, 2 Nov 2004 10:10:25 +0100 X-Authentication-Warning: x49.ripe.net: henk owned process doing -bs Date: Tue, 2 Nov 2004 10:10:25 +0100 (CET) From: "Henk Uijterwaal (RIPE NCC)" To: ippm@ietf.org Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-RIPE-Spam-Status: N 0.000000 / -5.9 X-RIPE-Signature: 73bdb670d229408fe502b154427a73a0 X-Spam-Score: 0.0 (/) X-Scan-Signature: 0ddefe323dd869ab027dbfff7eff0465 Subject: [ippm] Draft Agenda IPPM meeting in Washington. X-BeenThere: ippm@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF IP Performance Metrics Working Group List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: ippm-bounces@ietf.org Errors-To: ippm-bounces@ietf.org Comments, additions, let me know. Henk Draft Agenda IPPM WG/IETF 60. ============================= 1. Administrativia (10) - Scribe - Minutes - Blue Sheets - Status of Drafts and Milestones 2. One-Way Active Measurements Protocol (15) - Stanislav Shalunov http://www.ietf.org/internet-drafts/draft-ietf-ippm-owdp-11.txt 3. Reordering drafts (15) - Al Morton http://www.ietf.org/internet-drafts/draft-ietf-ippm-reordering-06.txt 4. Implementation reports for RFC2678-2681. 5. Multiparty Communications Parameters and Metrics. - draft-liang-multiparty-para-00.txt The author has asked us to discuss the draft and see if it should be picked up as a WG item. 6. Status of the Link Bandwidth Draft. Phil Chimento 7. Discussion on an open network performance testing protocol. Roman Krzanowski 8. IPPM Registry. 9. AOB. ------------------------------------------------------------------------------ Henk Uijterwaal Email: henk.uijterwaal(at)ripe.net RIPE Network Coordination Centre http://www.amsterdamned.org/~henk P.O.Box 10096 Singel 258 Phone: +31.20.5354414 1001 EB Amsterdam 1016 AB Amsterdam Fax: +31.20.5354445 The Netherlands The Netherlands Mobile: +31.6.55861746 ------------------------------------------------------------------------------ In a room with a window in the corner, I found truth. (Ian Curtis) _______________________________________________ ippm mailing list ippm@ietf.org https://www1.ietf.org/mailman/listinfo/ippm From ippm-bounces@ietf.org Sun Nov 7 09:00:56 2004 Received: from megatron.ietf.org (megatron.ietf.org [132.151.6.71]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA20584 for ; Sun, 7 Nov 2004 09:00:55 -0500 (EST) Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CQnZU-0003sK-Vy; Sun, 07 Nov 2004 08:59:08 -0500 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CQnYB-0003k0-RX for ippm@megatron.ietf.org; Sun, 07 Nov 2004 08:57:48 -0500 Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id IAA20186 for ; Sun, 7 Nov 2004 08:57:46 -0500 (EST) Received: from ckmso2.att.com ([209.219.209.75] helo=ckmso2.proxy.att.com) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CQnYW-0003eG-8V for ippm@ietf.org; Sun, 07 Nov 2004 08:58:09 -0500 Received: from attrh0i.attrh.att.com ([135.37.94.54]) by ckmso2.proxy.att.com (AT&T IPNS/MSO-5.5) with ESMTP id iA7DuuZH025668 for ; Sun, 7 Nov 2004 08:57:15 -0500 Received: from custsla.mt.att.com (135.21.14.109) by attrh0i.attrh.att.com (7.1.006) id 418D7C320000C211; Sun, 7 Nov 2004 08:57:12 -0500 Received: from acmortonw.att.com ([135.210.105.20]) by custsla.mt.att.com (8.10.2+Sun/8.10.2) with ESMTP id iA7DvAZ25216; Sun, 7 Nov 2004 08:57:10 -0500 (EST) Message-Id: <6.0.3.0.0.20041107085105.028a3980@custsla.mt.att.com> X-Sender: acm@custsla.mt.att.com (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 6.0.3.0 Date: Sun, 07 Nov 2004 08:57:03 -0500 To: ippm@ietf.org From: Al Morton Subject: Re: [ippm] WGLC on draft-ietf-ippm-reordering-07.txt In-Reply-To: <20041030025834.1B8501F4F91@lawyers.icir.org> References: <20041030025834.1B8501F4F91@lawyers.icir.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Spam-Score: 0.0 (/) X-Scan-Signature: 30ac594df0e66ffa5a93eb4c48bcb014 Cc: "Henk Uijterwaal \(RIPE NCC\)" , Matthew J Zekauskas , mallman@icir.org X-BeenThere: ippm@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF IP Performance Metrics Working Group List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: ippm-bounces@ietf.org Errors-To: ippm-bounces@ietf.org Folks, I've adopted almost all of Mark's/Last Call comments in a diffmarked version of 07, posted here: http://home.comcast.net/~acmacm/IDcheck/reordering7LC.html see you in DC, Al _______________________________________________ ippm mailing list ippm@ietf.org https://www1.ietf.org/mailman/listinfo/ippm From ippm-bounces@ietf.org Tue Nov 30 04:34:51 2004 Received: from megatron.ietf.org (megatron.ietf.org [132.151.6.71]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA25896 for ; Tue, 30 Nov 2004 04:34:51 -0500 (EST) Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CZ42J-0002m1-Me; Tue, 30 Nov 2004 04:11:04 -0500 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CYpVz-0005Ho-Tp for ippm@megatron.ietf.org; Mon, 29 Nov 2004 12:40:44 -0500 Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA13206 for ; Mon, 29 Nov 2004 12:40:38 -0500 (EST) Received: from frontend-1.servers.ua.pt ([193.136.173.2] helo=frontend-1.cgpmail.ua.pt) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CYpas-0007B8-MJ for ippm@ietf.org; Mon, 29 Nov 2004 12:45:48 -0500 X-UA-Spam: No X-UA-Spam-Status: hits=-9.9 required=5.0 X-UA-Spam-Report: BAYES_00 USER_IN_WHITELIST Received: from av.it.pt ([193.136.92.53] verified) by frontend-1.cgpmail.ua.pt (CommuniGate Pro SMTP 4.2.6) with ESMTP id 38833467; Mon, 29 Nov 2004 17:39:57 +0000 X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on mail X-Spam-Status: No, hits=-4.9 required=5.0 tests=BAYES_00 autolearn=ham version=2.63 X-TFF-CGPSA-Version: 1.3.2 X-ITAV-Filter: Scanned Received: from [193.136.93.152] (account hveiga@av.it.pt) by av.it.pt (CommuniGate Pro WebUser 4.2.5) with HTTP id 2041207; Mon, 29 Nov 2004 16:42:58 +0000 From: "=?ISO-8859-1?Q?H=E9lder?= Veiga" To: hveiga@av.it.pt, "Jeff W. Boote" X-Mailer: CommuniGate Pro WebUser Interface v.4.2.5 Date: Mon, 29 Nov 2004 16:42:58 +0000 Message-ID: In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-1"; format="flowed" X-Spam-Score: 0.0 (/) X-Scan-Signature: 798b2e660f1819ae38035ac1d8d5e3ab Content-Transfer-Encoding: quoted-printable X-MIME-Autoconverted: from 8bit to quoted-printable by ietf.org id MAA13206 X-Mailman-Approved-At: Tue, 30 Nov 2004 04:11:00 -0500 Cc: =?ISO-8859-1?Q?Ant=F3nio?= Nogueira , Paulo Salvador Ferreira , rv@det.ua.pt, ippm@ietf.org, jlo@det.ua.pt, shalunov@internet2.edu Subject: [ippm] A java implementation of OWAMP X-BeenThere: ippm@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF IP Performance Metrics Working Group List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: ippm-bounces@ietf.org Errors-To: ippm-bounces@ietf.org Content-Transfer-Encoding: quoted-printable Dear all, =20 This is to announce that we have completed the first phase=20 of development of a Java implementation of OWAMP. You can=20 find more information on this platform in=20 http://www.av.it.pt/jowamp. =20 Any comments are welcome. =20 Best regards. H=E9lder Veiga Rui Valadas Jos=E9 Luis Oliveira Paulo Salvador Ant=F3nio Nogueira _______________________________________________ ippm mailing list ippm@ietf.org https://www1.ietf.org/mailman/listinfo/ippm From ippm-bounces@ietf.org Tue Nov 30 16:27:12 2004 Received: from megatron.ietf.org (megatron.ietf.org [132.151.6.71]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA12190 for ; Tue, 30 Nov 2004 16:27:12 -0500 (EST) Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CZEeN-0002CF-C0; Tue, 30 Nov 2004 15:31:03 -0500 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CZEKk-0007X2-AS; Tue, 30 Nov 2004 15:10:47 -0500 Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA28816; Tue, 30 Nov 2004 15:10:44 -0500 (EST) Message-Id: <200411302010.PAA28816@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: i-d-announce@ietf.org From: Internet-Drafts@ietf.org Date: Tue, 30 Nov 2004 15:10:44 -0500 Cc: ippm@ietf.org Subject: [ippm] I-D ACTION:draft-ietf-ippm-metrics-registry-08.txt X-BeenThere: ippm@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF IP Performance Metrics Working Group List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: ippm-bounces@ietf.org Errors-To: ippm-bounces@ietf.org --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the IP Performance Metrics Working Group of the IETF. Title : IP Performance Metrics (IPPM) metrics registry Author(s) : E. Stephan Filename : draft-ietf-ippm-metrics-registry-08.txt Pages : 16 Date : 2004-11-30 This memo defines a registry for IP Performance Metrics (IPPM). It assigns and registers an initial set of OBJECT IDENTITIES to currently defined metrics in the IETF. This memo also defines the rules for adding new IP Performance Metrics that are defined in the future and for encouraging all IP performance metrics to be registered here. IANA has been assigned to administer this new registry. IANA has been assigned to administer this new registry. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-ippm-metrics-registry-08.txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-ippm-metrics-registry-08.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-ippm-metrics-registry-08.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2004-11-30111247.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-ippm-metrics-registry-08.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-ippm-metrics-registry-08.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2004-11-30111247.I-D@ietf.org> --OtherAccess-- --NextPart Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline Content-Transfer-Encoding: 7bit _______________________________________________ ippm mailing list ippm@ietf.org https://www1.ietf.org/mailman/listinfo/ippm --NextPart-- From ippm-bounces@ietf.org Tue Nov 30 17:39:18 2004 Received: from megatron.ietf.org (megatron.ietf.org [132.151.6.71]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA24385 for ; Tue, 30 Nov 2004 17:39:18 -0500 (EST) Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CZGFk-0007pA-Pn; Tue, 30 Nov 2004 17:13:45 -0500 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CZFKN-0003sm-Q5 for ippm@megatron.ietf.org; Tue, 30 Nov 2004 16:14:28 -0500 Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA08414 for ; Tue, 30 Nov 2004 16:14:25 -0500 (EST) Received: from basie.internet2.edu ([207.75.164.22]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CZFPV-0000Pr-SV for ippm@ietf.org; Tue, 30 Nov 2004 16:19:49 -0500 Received: from localhost (unknown [127.0.0.1]) by basie.internet2.edu (Postfix) with ESMTP id E53071CD682; Tue, 30 Nov 2004 16:14:20 -0500 (EST) Received: from basie.internet2.edu ([127.0.0.1]) by localhost (basie.internet2.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 27976-04; Tue, 30 Nov 2004 16:14:20 -0500 (EST) Received: from localhost (unknown [127.0.0.1]) by basie.internet2.edu (Postfix) with ESMTP id A0B741CD515; Tue, 30 Nov 2004 16:14:20 -0500 (EST) To: Samuel Weiler From: stanislav shalunov Date: 30 Nov 2004 16:14:48 -0500 Message-ID: <86mzwzkpiv.fsf@abel.internet2.edu> Lines: 111 User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Virus-Scanned: by mail.internet2.edu virus scanner X-Spam-Score: 0.0 (/) X-Scan-Signature: 7fa173a723009a6ca8ce575a65a5d813 Cc: ippm@ietf.org Subject: [ippm] draft-ietf-ippm-owdp-11.txt security X-BeenThere: ippm@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF IP Performance Metrics Working Group List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: ippm-bounces@ietf.org Errors-To: ippm-bounces@ietf.org Sam, Thank you very much for the in-person security review of the OWAMP specification on Friday at the last IETF meeting in Washington. During the security review, two potential problem areas were identified: user authentication in OWAMP-Control and packet authentication in authenticated mode in OWAMP-Test. Before making any changes to the protocol, I would like to write down my understanding of the potential weaknesses and make sure this understanding is shared. In re user authentication in OWAMP-Control: in the current specification, user authentication consists of (i) session key establishment; (ii) using the session key subsequently to make requests. Let us talk about the two separately. (i) Session key establishment consists of the server issuing a challenge and the client encrypting the challenge with the master key (the shared secret) along with a session key. I believe this to be the technique of protocol 2 (key transport with challenge-response) in section 12.3.1(i) of the Handbook of Applied Cryptography (HAC) by Menezes et al. This protocol is described as follows: A <- B: n_B (1) A -> B: E_K(r_A, n_B, B*) (2) where the star next to B in step 2 denotes an optional parameter. The optional parameter (the addressee of the message) is not used in the specification. The optional field may be used to prevent reflection attack described as attack 2 in section 12.9.1 of the HAC. The reflection attack does not appear to be applicable to the OWAMP specification, as it requires the client to run a server that would authenticate the (original) server using the same master key. In other words, the defence against the reflection attack is, in the terms of HAC, ``using distinct keys K and K' for encryptions from A to B and B to A, respectively.'' (ii) Using the session key to make requests does not appear to be vulnerable, even though no redundancy is inherent in the initial exchange as the necessary redundancy is contained in the protocol messages. It thus appear to me that no change to the user authentication part of OWAMP is warranted. Do you agree? In re packet authentication in authenticated mode of OWAMP-Test: the authentication token of each packet is its sequence number encrypted with redundancy using the same session key as that used in the OWAMP-Control session that spawned the OWAMP-Test session. The threat model is as follows: both the client and the server wish to cooperate to produce trustworthy measurement results. The attacker, who does not know the master key associated with the pair , can observe traffic, modify it, hold it, replay it, initiate sessions (both OWAMP-Control and OWAMP-Test) with the same server using a different user name, and, of course, initiate sessions with different servers (which would have unrelated user name namespace and unrelated secrets). The attacker is to be positively prevented from initiating sessions with the server using the client's credentials. In authenticated mode, the timestamp is in the clear with no protection, so the attacker can modify that at will; he can also delay packets or replay them. The potential problem is related to the fact that the key used to encrypt the sequence number with redundancy is the same for all OWAMP-Test sessions spawned by the same OWAMP-Control session. Thus, an attacker observing packets from different sessions might be able to switch the authenticators and inject extra traffic. Since an attacker is already able to replay packets after observing them (possibly with different timestamps, at attacker's option), even if the packets are lost subsequently to the observation, he can perform the following attack: by observing packets from one OWAMP-Test session (and guessing the sequence numbers, which might be easier if the stream is periodic than if it is, e.g., Poisson) and using the authenticators from these packets in the packets that belong to a different OWAMP-Test session spawned by the same OWAMP-Control session, the attacker can make packets arrive sooner than they otherwise would (loss, for the purposes of this attack, is a special case of very long delay). For example, an attacker might sit very close to, e.g., the client and have the ability to observe and modify traffic; the client and the server might start two periodic sessions, one in each directions; the attacker would then be able to use packets from the session where the client is the sender to completely generate packets from the session where the server is the sender, and have them delivered at any time the attacker chooses with timestamps that the attacker chooses. Note: while during the security review this weakness was mentioned only in the context of authenticated mode, encrypted mode is similarly vulnerable, with the obvious change in attacker's abilities (namely, the attacker can, under the same circumstances as in the case of the authenticated mode, make packets arrive earlier than they otherwise would, but he, differing from the case of authenticated mode, cannot change the original timestamps in the packets from the different session; while this limits the utility of the attack, the attack is still there). With respect to the second problem, I propose the following resolution: replace the use of the OWAMP-Control session key K in OWAMP-Test (both encrypted and authenticate mode) with a key that is unique to the particular OWAMP-Test session, AES_K(SID) (the 16-octet session identifier encrypted with AES in ECB mode using the session key from the OWAMP-Control session spawning the OWAMP-Test session). Do you see any problems with this? Thank you again for the review and your involvement with OWAMP, -- Stanislav Shalunov http://www.internet2.edu/~shalunov/ Sex is the mathematics urge sublimated. -- M. C. Reed. _______________________________________________ ippm mailing list ippm@ietf.org https://www1.ietf.org/mailman/listinfo/ippm