Re: [Anima] Fwd: I-D Action: draft-carpenter-limited-domains-07.txt
Brian E Carpenter <brian.e.carpenter@gmail.com> Fri, 07 June 2019 05:04 UTC
Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD5231200F6 for <anima@ietfa.amsl.com>; Thu, 6 Jun 2019 22:04:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 90ZbL7S5MJTw for <anima@ietfa.amsl.com>; Thu, 6 Jun 2019 22:04:16 -0700 (PDT)
Received: from mail-pf1-x443.google.com (mail-pf1-x443.google.com [IPv6:2607:f8b0:4864:20::443]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 63D1812000F for <anima@ietf.org>; Thu, 6 Jun 2019 22:04:16 -0700 (PDT)
Received: by mail-pf1-x443.google.com with SMTP id u22so489555pfm.3 for <anima@ietf.org>; Thu, 06 Jun 2019 22:04:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=0GNqEY5ZkROV0dOU4uvo8KepFGGiXSQ01DVQqpjnBgg=; b=vGvI+/4e1xV/qQzx46jJAywhb562WX6hw5JbJxhGZCpCkirWerOLG8AWkfk/RWlHJg zdDU8D2ezat+nDWge4TzQksjcBqqKqxbvYRx1KCdKnVfWIHz5U9Euth2Hkw3FglmpwWP vWfaPm1QZP84tXrbNVz7+dmEI2YAWqK+2Ok9+JvIZ5f3u6eAa8wvV07olOeMHhrFqltR aBo4uylgT9njiSKKiB9h1XVCYQKJHxP7EsyexbIOIqeCiXADW3RvLJETH32TKw1l7jBP r18XpSeGazfCXu/QBSiBAgbyKOHZf0ReReswp5Mcv2lBz3T5msrRjUAY9VBO+EssKdkX RCMg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=0GNqEY5ZkROV0dOU4uvo8KepFGGiXSQ01DVQqpjnBgg=; b=AEYbLBSw2YevUgM3ymFFiE5OPPMJLNTnzC9oWBCKRvEg0vTETEYn8ofGVwr5wxUvNG 7s15ClbE1+xsodEjGiiwUSwxkHB751TgO3doHNSaM1njPdkgCt/GoqTrWrnCX1TuU4/4 JaK3TexGWKffuy0kdq9hYerNPNSPLhbjGi2W7iLajKxUla7kMQYn0RamIrdZrebWvh6s MG85Ieo7xIsw3DGCrvoQnnUfK+PaaYRNb82vEic61b83/MJWm3qKlQRaQPjEgLC3BZtG wrhZACvm7P8HcS9kTpsVbvV/aLpsyBtz01D/EcTnaBSPgkYy9EQMgBbUh/3JeNEjfF9R EHnA==
X-Gm-Message-State: APjAAAWLS+ETQXEk64r5cue7egAIkxjv0wxV6QHOmMyi809JZe6H9oWC uSfy7piKvHe68U/hwUgiFxjSQj+/
X-Google-Smtp-Source: APXvYqxGWPe1IwsC2VK5SI+xaE5hBn8hb89JJg6AM44aRTa0KA+zkcOd1XCDPx2JOmbLJENY/tCqiQ==
X-Received: by 2002:a62:e403:: with SMTP id r3mr26163418pfh.37.1559883855565; Thu, 06 Jun 2019 22:04:15 -0700 (PDT)
Received: from [192.168.178.30] (32.23.255.123.dynamic.snap.net.nz. [123.255.23.32]) by smtp.gmail.com with ESMTPSA id y6sm1119070pfo.38.2019.06.06.22.04.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Jun 2019 22:04:14 -0700 (PDT)
To: mohamed.boucadair@orange.com
Cc: "Liubing (Leo)" <leo.liubing@huawei.com>, Anima WG <anima@ietf.org>
References: <155538136830.10806.5525996910171440427@ietfa.amsl.com> <52c5425c-2e55-f95b-bca2-ccfba7ac03e8@gmail.com> <787AE7BB302AE849A7480A190F8B93302EA657EB@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <65cf7c3a-3fe8-42c3-df74-1f1362a04f48@gmail.com>
Date: Fri, 07 Jun 2019 17:04:11 +1200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.7.0
MIME-Version: 1.0
In-Reply-To: <787AE7BB302AE849A7480A190F8B93302EA657EB@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/viW8OUW0mQXNurUCjpsc4pxOXqc>
Subject: Re: [Anima] Fwd: I-D Action: draft-carpenter-limited-domains-07.txt
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Jun 2019 05:04:19 -0000
Hi Med, Finally some feedback on your excellent comments. I only mention points where I have not accepted your point for the next version. > Controlled networks may not even be connected to the Internet. > I suggest to delete “of the Internet”. That's true, but in a sense it's true of every IETF standard. If people want to use private protocols on a disconnected network, they are of course free to do so. However, I prefer to mention this aspect in the main Introduction, not in the Abstract. > Intent Based Networking... Commentaire [Med6]: Not sure why this > is mentioned. IBN is not specific to a service, and hence cannot be > limited to a single domain. I don't agree, not as I understand the discussion so far on intent. It isn't specific to a service, but it is specific to a human point of control such as a NOC. (Of course, intent could be nested inside a higher level intent, i.e. nested scopes.) > specific tunneling and encapsulation techniques may only be > usable within a given domain... Commentaire [Med7]: inter-AS VPNs > are also widely used. Sure, that's why it's "may". > a limited use requirement potentially adds complexity... > Commentaire [Med9]: This depends on the design of the protocol > targeting a managed network. See for example, > https://tools.ietf.org/html/rfc6947#section-4.2.3 Agreed, that's why it's "potentially". > 6. Functional Requirements of Limited Domains... > Commentaire [Med12]: I would remove this part from the draft. The authors don't agree. This is not a specification, of course, but it's intended as a pointer to possible future work. > A basic assumption is that domains should be created and managed as > automatically as possible, with minimal human configuration required. > We therefore discuss requirements for automating domain creation and > management... > Commentaire [Med13]: This is depoyment-specific. Will reword slightly, but do we really want *new* manual management jobs? > Clearly, the boundary of a limited domain will almost always also act > as a security boundary... > Commentaire [Med15]: If such nodes is allowed by the structure of the limited domain. > Some closed networks may not hosts such nodes. Yes, this is the argument I've had with the BRSKI people about running BRSKI with no access to the Internet. But that's why we say "almost always". Thanks and regards. There will be a new version. Brian Carpenter On 25-Apr-19 21:31, mohamed.boucadair@orange.com wrote: > Hi Brian, > > FWIW, you may find some comments to this I-D at: > > * pdf: https://github.com/boucadair/IETF-Drafts-Reviews/blob/master/draft-carpenter-limited-domains-07-rev%20Med.pdf > * doc: https://github.com/boucadair/IETF-Drafts-Reviews/raw/master/draft-carpenter-limited-domains-07-rev%20Med.doc > > Cheers, > Med > >> -----Message d'origine----- >> De : Anima [mailto:anima-bounces@ietf.org] De la part de Brian E Carpenter >> Envoyé : mardi 16 avril 2019 04:43 >> À : Anima WG >> Cc : Liubing (Leo) >> Objet : [Anima] Fwd: I-D Action: draft-carpenter-limited-domains-07.txt >> >> Hi, >> >> Another update following recent comments. The main changes were >> moving the taxonomy to an appendix, some new examples, and editorial >> improvements. Please send any new comments that you may have to >> int-area@ietf.org >> >> At the moment the authors plan to submit this draft soon to the >> Independent Submissions stream, but we'd be glad to hear any >> alternative suggestions. >> >> Regards >> Brian + Bing >> >> -------- Forwarded Message -------- >> Subject: I-D Action: draft-carpenter-limited-domains-07.txt >> Date: Mon, 15 Apr 2019 19:22:48 -0700 >> From: internet-drafts@ietf.org >> Reply-To: internet-drafts@ietf.org >> To: i-d-announce@ietf.org >> >> >> A New Internet-Draft is available from the on-line Internet-Drafts >> directories. >> >> >> Title : Limited Domains and Internet Protocols >> Authors : Brian Carpenter >> Bing Liu >> Filename : draft-carpenter-limited-domains-07.txt >> Pages : 25 >> Date : 2019-04-15 >> >> Abstract: >> There is a noticeable trend towards network requirements, behaviours >> and semantics that are specific to a limited region of the Internet >> and a particular set of requirements. Policies, default parameters, >> the options supported, the style of network management and security >> requirements may vary. This document reviews examples of such >> limited domains, also known as controlled environments, and emerging >> solutions, and includes a related taxonomy. It then briefly >> discusses the standardization of protocols for limited domains. >> Finally, it shows the needs for a precise definition of limited >> domain membership and for mechanisms to allow nodes to join a domain >> securely and to find other members, including boundary nodes. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-carpenter-limited-domains/ >> >> There are also htmlized versions available at: >> https://tools.ietf.org/html/draft-carpenter-limited-domains-07 >> https://datatracker.ietf.org/doc/html/draft-carpenter-limited-domains-07 >> >> A diff from the previous version is available at: >> https://www.ietf.org/rfcdiff?url2=draft-carpenter-limited-domains-07 >> >> >> Please note that it may take a couple of minutes from the time of submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> _______________________________________________ >> I-D-Announce mailing list >> I-D-Announce@ietf.org >> https://www.ietf.org/mailman/listinfo/i-d-announce >> Internet-Draft directories: http://www.ietf.org/shadow.html >> or ftp://ftp.ietf.org/ietf/1shadow-sites.txt >> >> _______________________________________________ >> Anima mailing list >> Anima@ietf.org >> https://www.ietf.org/mailman/listinfo/anima >
- [Anima] Fwd: I-D Action: draft-carpenter-limited-… Brian E Carpenter
- Re: [Anima] Fwd: I-D Action: draft-carpenter-limi… mohamed.boucadair
- Re: [Anima] Fwd: I-D Action: draft-carpenter-limi… Brian E Carpenter
- Re: [Anima] Fwd: I-D Action: draft-carpenter-limi… mohamed.boucadair