Re: [bess] draft-ietf-bess-security-00.txt
"Henderickx, Wim (Nokia - BE/Antwerp)" <wim.henderickx@nokia.com> Mon, 05 November 2018 08:09 UTC
Return-Path: <wim.henderickx@nokia.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8DFFD129AB8 for <bess@ietfa.amsl.com>; Mon, 5 Nov 2018 00:09:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.37
X-Spam-Level:
X-Spam-Status: No, score=-2.37 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.47, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nokia.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WjVjBN6RxFbK for <bess@ietfa.amsl.com>; Mon, 5 Nov 2018 00:09:49 -0800 (PST)
Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-eopbgr20126.outbound.protection.outlook.com [40.107.2.126]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 927821274D0 for <bess@ietf.org>; Mon, 5 Nov 2018 00:09:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.onmicrosoft.com; s=selector1-nokia-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5p6ZqBN3mtbCizw4bZWG/7j6JkzcSEEm8BOi9YPPLRk=; b=mNz6U4dz1XwIqBY6UaTzWX/I0FX/XRSPavyuAPcb7l1UJnp9HxTfA42REnihLCvIwdFnDgD6aFOxOvRuJQ7yJf2/flceVilMbF4JVE5yXMpuV9FfctDzey+2qXmIp/lRDNza2vy4qybj/UJJdNisueT9f/2DgsvmbgB6s321BwU=
Received: from DB6PR07MB3477.eurprd07.prod.outlook.com (10.175.234.32) by DB6PR07MB3445.eurprd07.prod.outlook.com (10.170.220.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1294.9; Mon, 5 Nov 2018 08:09:46 +0000
Received: from DB6PR07MB3477.eurprd07.prod.outlook.com ([fe80::5d66:3910:60c:6686]) by DB6PR07MB3477.eurprd07.prod.outlook.com ([fe80::5d66:3910:60c:6686%2]) with mapi id 15.20.1294.032; Mon, 5 Nov 2018 08:09:46 +0000
From: "Henderickx, Wim (Nokia - BE/Antwerp)" <wim.henderickx@nokia.com>
To: Susan Hares <shares@ndzh.com>, "bess@ietf.org" <bess@ietf.org>
Thread-Topic: [bess] draft-ietf-bess-security-00.txt
Thread-Index: AdR03kSx3A1a/I6iTECUfthPRb4wBQACQYAA
Date: Mon, 05 Nov 2018 08:09:45 +0000
Message-ID: <FC3F05E8-45F2-424A-A005-5BE336C2FB5B@nokia.com>
References: <010a01d474de$63837bb0$2a8a7310$@ndzh.com>
In-Reply-To: <010a01d474de$63837bb0$2a8a7310$@ndzh.com>
Accept-Language: nl-BE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.12.0.181014
x-originating-ip: [131.228.32.173]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DB6PR07MB3445; 6:HN+QwerhCqfdkS3I+ShIwW1yZ+IkE04EhTGOYHcGDMFh2R0hvTDlmhtIbSUNkKEk/AX3LFWAA+INppPtYJi/rlU3hcSED0dunyAsJkoXBEE1zOR1+lvCQDPj8xwogb/XPDNZPlqkdB/c/FiEx2WaSwfOD8iPvcupcv12tbnHsHSA3U+ghHGU8wQMuQNIinnmI9ZO2Xkbxj4AlI14ydItXD9GZzaA6qU7GpLbhz2SQneCeEYkydNgOqIvo44n98anLlHCvFv31lWdZ9uF/Tw9VcawhP6grSBbI4fXUhISLiSYHukReOfvBK5yWdrfeY8ymi5em4TS4QXjkjzZ2FXIaYleDMNeKNgrHYiJJuGZF/muTX8ZhCrsfffiDWx3TVngKdUTovOpup7ndhMoF7JNfUAGcK1mHRvL+PlLKg0Ff6SZrN+tMzEYaIzqE0vWY0gmWeMCIf/FxXqFp2zyuMZBvg==; 5:6SVJVemAWTQcyyWX44uQ/dv6RTIE2au8g5osaDh96iqDk4uhjHlpNUJ2da5/G4dRskotOtVhdZ11/pMNLv+2y0XjhjKyVXw2h3wW6t1w7LlRxdtukHqqfG1cCuqn5zWYrETSz+SG2odauD22+rxSIBHOs7ugLbrbuKu7FUraY5M=; 7:Zg8CYD/ZGN41j7wLybU20OmhZO5vVSLRGImXiSeXEDh92Nzd1IiQXwcHCWaMFl0cDxt/sIckup2f9NAVvn4lWjsbSktP7pnee8WEOV9+QycNJOOBa+gVkrY3f4Tr97ppw2u6INNJhVE3nOrKFgtcZQ==
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 981f23d8-2f17-4f9a-da35-08d642f60cb1
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(5600074)(711020)(4618075)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:DB6PR07MB3445;
x-ms-traffictypediagnostic: DB6PR07MB3445:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=wim.henderickx@nokia.com;
x-microsoft-antispam-prvs: <DB6PR07MB344538F8389EDEF6FCEC965883CA0@DB6PR07MB3445.eurprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(21748063052155)(28532068793085)(190501279198761)(227612066756510);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(3231382)(11241501184)(806099)(944501410)(52105095)(3002001)(10201501046)(93006095)(93001095)(6055026)(148016)(149066)(150057)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123560045)(20161123564045)(20161123558120)(201708071742011)(7699051)(76991095); SRVR:DB6PR07MB3445; BCL:0; PCL:0; RULEID:; SRVR:DB6PR07MB3445;
x-forefront-prvs: 08476BC6EF
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(136003)(376002)(396003)(346002)(39860400002)(199004)(189003)(76176011)(10710500007)(316002)(36756003)(110136005)(66066001)(8936002)(83716004)(71190400001)(71200400001)(3846002)(6116002)(58126008)(7736002)(2906002)(33656002)(2900100001)(7110500001)(99286004)(81156014)(81166006)(6246003)(5660300001)(256004)(14444005)(229853002)(6436002)(6486002)(68736007)(53936002)(6512007)(54896002)(6306002)(2420400007)(15650500001)(102836004)(53546011)(6506007)(8676002)(2616005)(26005)(478600001)(105586002)(186003)(486006)(14454004)(86362001)(106356001)(11346002)(446003)(2501003)(25786009)(97736004)(82746002)(476003); DIR:OUT; SFP:1102; SCL:1; SRVR:DB6PR07MB3445; H:DB6PR07MB3477.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: nokia.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: 0qW3VEF0bCF4KXsGWqPMu0xDbGjhsAi4Yw8TWX+IfdjNUXqNLK/pbt6NDpEci/pS7u4P79s9vpOMOJb933oPJjibQhCwmktbVXUgmbvUpG1aJzbRp4kLDBlJvxPGc6BJUizESL9/zwWxxdjiqFJYyHMDZEz7iRWrESkjq6i8fIEDJAs4LuX66lPEoOE12NEN6Ii2+QjcEpIpE2ZET4OpQZB/RPgxvTBar4uiWWgIdTu4Kz9MArad9zLS+sUcLblK/TiAkDKTJCBBQqOAFWgN3MlyNW9Nfu9zBy4p5+jrF+Qk3RIqiy3PtGU5hFrYUcQvWV3WllPpDw0h9SP7baQH54DQ7lUbUl3WCOiqXVnFR9w=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_FC3F05E845F2424AA0055BE336C2FB5Bnokiacom_"
MIME-Version: 1.0
X-OriginatorOrg: nokia.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 981f23d8-2f17-4f9a-da35-08d642f60cb1
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Nov 2018 08:09:46.0103 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR07MB3445
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/FMk0rhJEvCesgLljQ33plDvBItk>
Subject: Re: [bess] draft-ietf-bess-security-00.txt
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Nov 2018 08:09:51 -0000
Also how does the solution behave if the edge device is no longer connected to the RR and does not get keys in time to refresh. Common issue in SD-WAN context which is in scope from what I understood on the discussion with Linda. From: BESS <bess-bounces@ietf.org> on behalf of Susan Hares <shares@ndzh.com> Date: Monday, 5 November 2018 at 15:06 To: "bess@ietf.org" <bess@ietf.org> Subject: [bess] draft-ietf-bess-security-00.txt Ali: It would be useful to indicate how you keep the IPSEC information from going outside the AS. For reference, this is Keyur Patel’s question. Cheerily, Susan Hares
- [bess] draft-ietf-bess-security-00.txt Susan Hares
- Re: [bess] draft-ietf-bess-security-00.txt Henderickx, Wim (Nokia - BE/Antwerp)
- Re: [bess] draft-ietf-bess-security-00.txt Susan Hares