| draft-ietf-i2rs-protocol-security-requirements-13.txt | draft-ietf-i2rs-protocol-security-requirements-14.txt | |||
|---|---|---|---|---|
| I2RS working group S. Hares | I2RS working group S. Hares | |||
| Internet-Draft Huawei | Internet-Draft Huawei | |||
| Intended status: Informational D. Migault | Intended status: Informational D. Migault | |||
| Expires: March 30, 2017 J. Halpern | Expires: March 31, 2017 J. Halpern | |||
| Ericsson | Ericsson | |||
| September 26, 2016 | September 27, 2016 | |||
| I2RS Security Related Requirements | I2RS Security Related Requirements | |||
| draft-ietf-i2rs-protocol-security-requirements-13 | draft-ietf-i2rs-protocol-security-requirements-14 | |||
| Abstract | Abstract | |||
| This presents security-related requirements for the I2RS protocol | This presents security-related requirements for the I2RS protocol | |||
| which provides a new interface to the routing system described in the | which provides a new interface to the routing system described in the | |||
| I2RS architecture document (RFC7921). The I2RS protocol is a re-use | I2RS architecture document (RFC7921). The I2RS protocol is a re-use | |||
| protocol implemented by re-using portions of existing IETF protocols | protocol implemented by re-using portions of existing IETF protocols | |||
| and adding new features to these protocols. The I2RS protocol re- | and adding new features to these protocols. The I2RS protocol re- | |||
| uses security features of a secure transport (E.g. TLS, SSH, DTLS) | uses security features of a secure transport (E.g. TLS, SSH, DTLS) | |||
| such as encryption, message integrity, mutual peer authentication, | such as encryption, message integrity, mutual peer authentication, | |||
| skipping to change at page 1, line 44 ¶ | skipping to change at page 1, line 44 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on March 30, 2017. | This Internet-Draft will expire on March 31, 2017. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2016 IETF Trust and the persons identified as the | Copyright (c) 2016 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 46 ¶ | skipping to change at page 2, line 46 ¶ | |||
| 4.4. Multi-Channel Transport: Secure Transport and Insecure | 4.4. Multi-Channel Transport: Secure Transport and Insecure | |||
| Transport . . . . . . . . . . . . . . . . . . . . . . . . 13 | Transport . . . . . . . . . . . . . . . . . . . . . . . . 13 | |||
| 4.5. Management Protocol Security . . . . . . . . . . . . . . 15 | 4.5. Management Protocol Security . . . . . . . . . . . . . . 15 | |||
| 4.6. Role-Based Data Model Security . . . . . . . . . . . . . 16 | 4.6. Role-Based Data Model Security . . . . . . . . . . . . . 16 | |||
| 4.7. Security of the environment . . . . . . . . . . . . . . . 17 | 4.7. Security of the environment . . . . . . . . . . . . . . . 17 | |||
| 5. Security Considerations . . . . . . . . . . . . . . . . . . . 17 | 5. Security Considerations . . . . . . . . . . . . . . . . . . . 17 | |||
| 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 17 | 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 17 | |||
| 7. Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . 17 | 7. Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . 17 | |||
| 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 18 | 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 18 | |||
| 8.1. Normative References . . . . . . . . . . . . . . . . . . 18 | 8.1. Normative References . . . . . . . . . . . . . . . . . . 18 | |||
| 8.2. Informative References . . . . . . . . . . . . . . . . . 18 | 8.2. Informative References . . . . . . . . . . . . . . . . . 19 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 20 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 20 | |||
| 1. Introduction | 1. Introduction | |||
| The Interface to the Routing System (I2RS) provides read and write | The Interface to the Routing System (I2RS) provides read and write | |||
| access to information and state within the routing system. An I2RS | access to information and state within the routing system. An I2RS | |||
| client interacts with one or more I2RS agents to collect information | client interacts with one or more I2RS agents to collect information | |||
| from network routing systems. [RFC7921] describes the architecture | from network routing systems. [RFC7921] describes the architecture | |||
| of this interface, and this documents assumes the reader is familiar | of this interface, and this documents assumes the reader is familiar | |||
| with this architecture and its definitions. Section 2 highlights | with this architecture and its definitions. Section 2 highlights | |||
| skipping to change at page 12, line 5 ¶ | skipping to change at page 11, line 50 ¶ | |||
| Each I2RS client has a scope based on its identity and the security | Each I2RS client has a scope based on its identity and the security | |||
| roles (read, write, or events) associated with that identity, and | roles (read, write, or events) associated with that identity, and | |||
| that scope must be considered in processing an I2RS messages sent on | that scope must be considered in processing an I2RS messages sent on | |||
| a communication channel. An I2RS communication channel may utilize | a communication channel. An I2RS communication channel may utilize | |||
| multiple transport sessions, or establish a transport session and | multiple transport sessions, or establish a transport session and | |||
| then close the transport session. Therefore, it is important that | then close the transport session. Therefore, it is important that | |||
| the I2RS peers are operating utilizing valid peer identities when a | the I2RS peers are operating utilizing valid peer identities when a | |||
| message is processed rather than checking if a transport session | message is processed rather than checking if a transport session | |||
| exists. | exists. | |||
| During the time period when a secure transport session is active, the | ||||
| I2RS agent SHOULD assume that the I2RS client's identity remains | ||||
| valid. Similarly, while a secure connection exists that included | ||||
| validating the I2RS agent's identity and a message is received via | ||||
| that connection, the I2RS client SHOULD assume that the I2RS agent's | ||||
| identity remains valid. | ||||
| 4.3. Peer Identity, Priority, and Client Redundancy | 4.3. Peer Identity, Priority, and Client Redundancy | |||
| Requirements: | Requirements: | |||
| SEC-REQ-07: Each I2RS Identifier MUST be associated with just one | SEC-REQ-07: Each I2RS Identifier MUST be associated with just one | |||
| priority. | priority. | |||
| SEC-REQ-08: Each Identifier is associated with one secondary | SEC-REQ-08: Each Identifier is associated with one secondary | |||
| identifier during a particular I2RS transaction (e.g. read/write | identifier during a particular I2RS transaction (e.g. read/write | |||
| sequence), but the secondary identifier may vary during the time a | sequence), but the secondary identifier may vary during the time a | |||
| End of changes. 6 change blocks. | ||||
| 5 lines changed or deleted | 12 lines changed or added | |||
This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||