Re: [CCAMP] Stephen Farrell's No Objection on draft-ietf-ccamp-flexi-grid-fwk-05: (with COMMENT)
"Adrian Farrel" <adrian@olddog.co.uk> Sun, 09 August 2015 15:04 UTC
Return-Path: <adrian@olddog.co.uk>
X-Original-To: ccamp@ietfa.amsl.com
Delivered-To: ccamp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 058BC1A8864; Sun, 9 Aug 2015 08:04:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.9
X-Spam-Level:
X-Spam-Status: No, score=-99.9 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_LOW=-0.7, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DDBJU-rgrfyA; Sun, 9 Aug 2015 08:04:33 -0700 (PDT)
Received: from asmtp3.iomartmail.com (asmtp3.iomartmail.com [62.128.201.159]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 823A91A885A; Sun, 9 Aug 2015 08:04:27 -0700 (PDT)
Received: from asmtp3.iomartmail.com (localhost.localdomain [127.0.0.1]) by asmtp3.iomartmail.com (8.13.8/8.13.8) with ESMTP id t79F4OlU001166; Sun, 9 Aug 2015 16:04:24 +0100
Received: from 950129200 (79.135.99.37.dsl.gradwelldsl.co.uk [79.135.99.37] (may be forged)) (authenticated bits=0) by asmtp3.iomartmail.com (8.13.8/8.13.8) with ESMTP id t79F4NHA001155 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NO); Sun, 9 Aug 2015 16:04:23 +0100
From: Adrian Farrel <adrian@olddog.co.uk>
To: 'Stephen Farrell' <stephen.farrell@cs.tcd.ie>, 'The IESG' <iesg@ietf.org>
References: <20150805220817.431.69640.idtracker@ietfa.amsl.com>
In-Reply-To: <20150805220817.431.69640.idtracker@ietfa.amsl.com>
Date: Sun, 09 Aug 2015 16:04:25 +0100
Message-ID: <022401d0d2b4$aebe55c0$0c3b0140$@olddog.co.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQF158ubpJs4JdlEHTzct3iLVgKXKJ65kuww
Content-Language: en-gb
X-TM-AS-MML: disable
X-TM-AS-Product-Ver: IMSS-7.1.0.1576-8.0.0.1202-21736.000
X-TM-AS-Result: No--15.062-10.0-31-10
X-imss-scan-details: No--15.062-10.0-31-10
X-TMASE-MatchedRID: qsaWi0FWcYunykMun0J1wvHkpkyUphL9E7JInT4wddpaW2Ktn+I8/rmh Vmie+sctHBRvaqlaYxJU1Kh/P1Egnpcqz3g0A4fySrrFmZ1Ea4bvJY9pBzgg1OjCW3sOvH3b678 QLKEvGo7V5DSJBPUWJffN0pINbw59Rhn1GE1zgqbr/EBmiNuXt8C5Zx1NKJANyPQR7DhM3jaVFi JDSdp+O05lMrwcgrvrlH6G2cHL0BPz7QpRLPbE+uvaKCqNtxLsjFKI+8i4XgwM74Nf6tTB9jVY1 aulriEUHdmDP96dXiVe3wBPD9GW1YZWobh5g8NWqeBupNgLgYffhzT0GN4Tqyzt4/lw8JZDIi9R uxFWOU4ZWcBq8PK8rdLhGiq/v2IWqApcv3Cmni8tMfCdg6KRDeJc6hKWj0C1NOnYXKcDRxC7NPU bGCnihLBGM5mjdT9R0FQcyJ03bigeP8uAVlDOHPt3QgyOPXbLh94LIShIFRAVhrI1wflQjAiQn7 b9W794uloKsxl1w7QzO548X1ZYiUKX0MSwedJtcFEiuPxHjsVIykqLaQYYFSD8g3n+3IBxHtbBW B6gIuYBSkL2s55MyJ3FbXQSOthewwdiuGueWKgwYApm54/SZpVl8bxyvq1e7pq0KxK+z9ejxYyR Ba/qJX3mXSdV7KK4OubYLCVnBVG8QIu4z6HhEH7cGd19dSFd
Archived-At: <http://mailarchive.ietf.org/arch/msg/ccamp/EoUA-sco2yGO52A2W137Y4r7pks>
Cc: draft-ietf-ccamp-flexi-grid-fwk.ad@ietf.org, ccamp-chairs@ietf.org, ccamp@ietf.org, draft-ietf-ccamp-flexi-grid-fwk.shepherd@ietf.org, draft-ietf-ccamp-flexi-grid-fwk@ietf.org
Subject: Re: [CCAMP] Stephen Farrell's No Objection on draft-ietf-ccamp-flexi-grid-fwk-05: (with COMMENT)
X-BeenThere: ccamp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: adrian@olddog.co.uk
List-Id: Discussion list for the CCAMP working group <ccamp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ccamp>, <mailto:ccamp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ccamp/>
List-Post: <mailto:ccamp@ietf.org>
List-Help: <mailto:ccamp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ccamp>, <mailto:ccamp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Aug 2015 15:04:36 -0000
Stephen, Thanks for not placing a Discuss. > - (Nearly a discuss) Section 7 refers back to RFC5920 > (from 5 years ago) and RFC6163 (presumably the 3 paragraph > section 7) and also claims that there is "no substantial > reason to to expect the security considerations to be any > different." That's pretty unimpressive to be honest. Don't > you think it'd be reasonable to expect that a new > architecture, framework and set of protocols for high > speed networks should today include a thorough security > and privacy analysis done afresh and not simply referring > back to previous work? For example, is it not likely that > in some cases new IGP security primitives might be needed, > or that virtualisation and data centre trends would mean > that some additional isolation between different folks' > data was desirable or that some kind of automated key > management be finally required to be included from the > start of the design of any new control plane? (This isn't > a discuss as it's probably better to hold that kind of > discussion for a next stage when some architecture or > protocols are defined.) I find your kite-flying tiresome in the extreme! If you have specific issues or concerns that you can see need to be addressed then please do raise them. If you know of people who are control plane experts who believe that the security of the GMPLS control plane has degraded or that new vulnerabilities exist please do get them to engage on the TEAS working group mailing list because those concerns will likely apply across all uses of GMPLS. If you are aware of vulnerabilities in this new data plane you should make sure that ITU-T SG15 is informed so that they can fix them and, at the same time, we can look at how the control plane might be used to circumvent these issues. But "is it not likely that in some cases new IGP security primitives might be needed?" is a meaningless question without details. What cases have you in mind? Why is a flexi-grid more in need of such security primitives than another network? Why would the addition of such security primitives not be a generic addition to GMPLS or even to the native IGP? In short, if you believe that new IGP security primitives are needed you need to hurry to the OSPF and ISIS working groups and ensure that those primitives are made available since their applicability is surely wider than one particular data plane technology. And you ask "or that virtualisation and data centre trends would mean that some additional isolation between different folks' data was desirable?" Is isolation a data plane feature? Are you concerned that there might be leakage between one lambda slot and another? You do realise that the V in VPN means "virtual" and that the packets all get jumbled up in one great big friendly Internet? Or do you believe that the "additional isolation" should apply to the control plane as well? And lastly, while optical data center connections are growing in popularity, we may be a short distance yet from a flexi-grid data center with a GMPLS back plane. And lastly you ask "or that some kind of automated key management be finally required to be included from the start of the design of any new control plane?" And who could argue with this except to note that no "new control plane" is being designed (which is why all the references to GMPLS etc. are made). The fact is that a flexi-grid network is not substantially different from a lambda network dating back 15 years. There are some minor differences in how the optical spectrum is chopped up and this makes for very interesting economic benefits achieved through flexibility and through maximal use of resources. But the control plane modifications to turn a GMPLS control plane for an old-style lambda network into a GMPLS control plane for flexi-grid network are small. This is not a new control plane. So, when you say "Don't you think it'd be reasonable to expect that a new architecture, framework and set of protocols for high speed networks should today include a thorough security and privacy analysis done afresh and not simply referring back to previous work?" I am bound to respond, yes, but I do think it reasonable for an AD to read and understand a document before commenting. This is not the new architecture or set of protocols that you claim it to be, and the network is not of higher speed (necessarily) than what has gone before. Don't get me wrong. I think it is great that a Security AD worries about the security present in our toolbox of routing and signaling protocols. But I think you are aiming your worries entirely wrongly. The result of your poor aim is that: - you simply build resentment to any discussion of security - you do not find the people who should be doing this work - your concerns are lost because they are not heard Can I suggest that you hold a BoF in Yokohama entitled "Security of the Routing and Signaling Infrastructure". You can invite to this meeting the relevant routing experts, and you can arrange for presentations from the security experts who can show what the problems are. There now. I have now spent much longer responding to your Comment than you spent typing it. I am also much less inclined to listen the next time you have a security concern about any of my documents. In short: a poor job done badly. Thanks, Adrian
- [CCAMP] Stephen Farrell's No Objection on draft-i… Stephen Farrell
- Re: [CCAMP] Stephen Farrell's No Objection on dra… Adrian Farrel
- Re: [CCAMP] Stephen Farrell's No Objection on dra… Adrian Farrel
- Re: [CCAMP] Stephen Farrell's No Objection on dra… Stephen Farrell
- Re: [CCAMP] Stephen Farrell's No Objection on dra… Stephen Farrell
- Re: [CCAMP] Stephen Farrell's No Objection on dra… Kathleen Moriarty
- Re: [CCAMP] Stephen Farrell's No Objection on dra… Kathleen Moriarty
- Re: [CCAMP] Stephen Farrell's No Objection on dra… Ramon Casellas