Early Review of draft-ietf-tictoc-security-requirements-05

Request Review of draft-ietf-tictoc-security-requirements
Requested rev. no specific revision (document currently at 12)
Type Early Review
Team Security Area Directorate (secdir)
Deadline 2014-08-19
Requested 2013-10-03
Draft last updated 2013-10-31
Completed reviews Genart Last Call review of -10 by Dan Romascanu (diff)
Genart Telechat review of -11 by Dan Romascanu (diff)
Secdir Early review of -05 by Shawn Emery (diff)
Secdir Last Call review of -10 by Shawn Emery (diff)
Assignment Reviewer Shawn Emery
State Completed
Review review-ietf-tictoc-security-requirements-05-secdir-early-emery-2013-10-31
Reviewed rev. 05 (document currently at 12)
Review result Has Issues
Review completed: 2013-10-31


I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors. Document editors and WG chairs should treat these
comments just like any other last call comments.

This internet-draft describes the threat analysis for time protocols, such as
Precision Time Protocol (PTP) and the Network Time Protocol (NTP).

The draft itself discusses security considerations.  I believe the draft adequately
covers the various threats and how to mitigate such attacks.  I just have a few
comments below:

In regards to this paragraph in section 5.1.3:
   Authentication of slaves prevents unauthorized clocks from receiving
   time services. Preventing the master from serving unauthorized clocks
   can help in mitigating DoS attacks against the master. Note that the
   authentication of slaves might put a higher load on the master than
   serving the unauthorized clock, and hence this requirement is a

I think that this requirement of whether to allow for unauthorized clocks
should be a MAY (as does the prior text in this section) and should state
that the decision to do this should be based on the environment in which
the master and slaves are deployed.

In regards to this paragraph in section 5.2.1:
   The requirement level of the first requirement is 'SHOULD' since in
   the presence of recursive authentication (Section 5.1.2.) this
   requirement may be redundant.

This should state that this is the "second requirement", not the "first requirement".

In section 5.5.1 what's the difference between a replay and playback attack?  If there
is such a difference then playback needs to be defined.

In section 5.8, interception attacks is never explicitly described.

I don't understand this sentence:

The erroneous time may expose cryptographic
   algorithms that rely on time to prevent replay attacks.

Does this mean to say "security protocols" instead of "cryptographic algorithms"?

General comments:


Editorial comments:

s/if a slave is/if a slave/

s/(Section 3.2.4.
   )/(Section 3.2.4.)/

s/Additional measure/Additional measures/

Looks like this sentence was truncated:

   The requirements in this subsection address MITM attacks such as the

s/necessarily possible/possible/

s/5.1. ,/Section 5.1.,/

s/in the literature/in literature/

s/in [1588IPsec] and [Tunnel]/[1588IPsec] and [Tunnel]/