[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 2401bis Issue # 75 -- TOS (now ECN) copying in tunnel mode



> Description:
> ============
> The issue was raised that a Trojan Horse "behind" the IPsec 
> implementation could use the TOS field to exfiltrate data.

If the concern is data exfiltration, it seems that there should also be
a way to allow an administrator to restrict the DSCP values that may be
used (by an application) in transport mode (as well as tunnel mode) SAs.
As IPsec moves into hosts (or their NICs), there may not be any SG in
the path that would implement the DSCP mapping policy.

Should those concerned about exfiltration just be advised to require a SG?
(A topic for the Security Considerations section.)

Should data exfiltration in general be a new issue?