RE: TOS copying considered harmful

[Black_David@emc.com]

h> IPsec is a security protocol, thus it is appropriate for it to 
> include explicit controls when security-relevant mapping takes place 
> relevant to a tunnel. By the way, it's not traffic analysis per se 
> that is the major concern. The concern is that a Trojan Horse 
> "behind" the IPsec implementation uses the TOS field to exfiltrate 
> data.

And if the network beyond the tunnel egress is using that field to
determine which packets get what QoS-based services, there
are also possible denial of service attacks based on modifying
the field in the outer header of tunneled traffic.

For the record, I like Steve's proposal for modifications to RFC 2401's
rules for tunnel header processing, and there's text in a number of
diffserv RFCs that was written in anticipation/hope of such changes
(e.g., see p.30 of RFC 2475).  I would expect that specification of
these changes would be accompanied by guidance on their proper
use and warning about security risks that may make them
inappropriate to configure/use in some situations, right?

--David

---------------------------------------------------
David L. Black, Senior Technologist
EMC Corporation, 42 South St., Hopkinton, MA  01748
+1 (508) 435-1000 x75140     FAX: +1 (508) 497-8500
black_david@emc.com       Mobile: +1 (978) 394-7754
---------------------------------------------------

---

Follow-Ups:

• RE: TOS copying considered harmful
• From: Stephen Kent <kent@bbn.com>
• Re: TOS copying considered harmful
• From: Joe Touch <touch@ISI.EDU>

---

• Prev by Date: RE: TOS copying considered harmful
• Next by Date: draft-huttunen-ipsec-esp-in-udp-00.txt
• Prev by thread: RE: TOS copying considered harmful
• Next by thread: RE: TOS copying considered harmful
• Index(es):
  • Main
  • Thread