Re: [conex] Stephen Farrell's No Objection on draft-ietf-conex-destopt-09: (with COMMENT)
Suresh Krishnan <suresh.krishnan@ericsson.com> Fri, 02 October 2015 04:14 UTC
Return-Path: <suresh.krishnan@ericsson.com>
X-Original-To: conex@ietfa.amsl.com
Delivered-To: conex@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 11D641ACD26; Thu, 1 Oct 2015 21:14:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CDI1e86HqC88; Thu, 1 Oct 2015 21:14:29 -0700 (PDT)
Received: from usevmg21.ericsson.net (usevmg21.ericsson.net [198.24.6.65]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5891B1A1BEC; Thu, 1 Oct 2015 21:14:29 -0700 (PDT)
X-AuditID: c6180641-f792c6d00000686a-bf-560d98ebbb53
Received: from EUSAAHC005.ericsson.se (Unknown_Domain [147.117.188.87]) by usevmg21.ericsson.net (Symantec Mail Security) with SMTP id 5C.8E.26730.BE89D065; Thu, 1 Oct 2015 22:34:51 +0200 (CEST)
Received: from EUSAAMB107.ericsson.se ([147.117.188.124]) by EUSAAHC005.ericsson.se ([147.117.188.87]) with mapi id 14.03.0248.002; Fri, 2 Oct 2015 00:14:27 -0400
From: Suresh Krishnan <suresh.krishnan@ericsson.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, The IESG <iesg@ietf.org>
Thread-Topic: Stephen Farrell's No Objection on draft-ietf-conex-destopt-09: (with COMMENT)
Thread-Index: AQHQ+90XGTaaybntuU+HziqlvMWDDQ==
Date: Fri, 02 Oct 2015 04:14:26 +0000
Message-ID: <E87B771635882B4BA20096B589152EF63A979A41@eusaamb107.ericsson.se>
References: <20151001000655.11590.32411.idtracker@ietfa.amsl.com> <E87B771635882B4BA20096B589152EF63A97724C@eusaamb107.ericsson.se> <560CEF4E.5080409@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [147.117.188.11]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrMLMWRmVeSWpSXmKPExsUyuXRPuO7rGbxhBnu3q1ice3iZyeLQtZ+M Fg8fpVu8P/WF3aJ79S92ixl/JjJbTN97jd2B3WNt91U2jyVLfjJ5zDj2kj2AOYrLJiU1J7Ms tUjfLoEr4/PL3cwFb0Urfq99xdzA2C3UxcjJISFgIvG0p4MdwhaTuHBvPRuILSRwlFGibatP FyMXkL2MUWL24zlgCTaghg07PzOB2CICnhIP+06xgBQxC8xnktjacQ2sSFggRqJpQSsjRFGs xLVjB6Ea9CTmTdwNZrMIqEgcPLQLzOYV8JXofXmLGWLbEkaJk6/6wAYxAp30/dQasCJmAXGJ W0/mM0GcKiCxZM95ZghbVOLl43+sELaSxMff89kh6nUkFuz+xAZha0ssW/iaGWKZoMTJmU9Y JjCKzkIydhaSlllIWmYhaVnAyLKKkaO0OLUsN93IcBMjMJaOSbA57mBc8MnyEKMAB6MSD++C Et4wIdbEsuLK3EOM0hwsSuK882bcDxUSSE8sSc1OTS1ILYovKs1JLT7EyMTBKdXAyH6yoz74 U4aAd6Q2e8ojkR/cCh0yXOH7bu4MUZt1om4l727H4Ds1jj2mu+PzZdedO/luUYpY7L4Dx/0f bJxSbrrHNe6YjEH60uWn9L7az/+5wsXVSlV8+5Ery3vrbG657e3brXLvP4OM2WaelbyFsifd CyPL1hbO4VF5PWFDUIfivoSEo/uPKrEUZyQaajEXFScCAC0s0oqGAgAA
Archived-At: <http://mailarchive.ietf.org/arch/msg/conex/ps8GbsKU2yoJzPMywAzaqN1A6QM>
Cc: "draft-ietf-conex-destopt@ietf.org" <draft-ietf-conex-destopt@ietf.org>, "draft-ietf-conex-destopt.ad@ietf.org" <draft-ietf-conex-destopt.ad@ietf.org>, "conex-chairs@ietf.org" <conex-chairs@ietf.org>, "conex@ietf.org" <conex@ietf.org>
Subject: Re: [conex] Stephen Farrell's No Objection on draft-ietf-conex-destopt-09: (with COMMENT)
X-BeenThere: conex@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Congestion Exposure working group discussion list <conex.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/conex>, <mailto:conex-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/conex/>
List-Post: <mailto:conex@ietf.org>
List-Help: <mailto:conex-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/conex>, <mailto:conex-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Oct 2015 04:14:31 -0000
Hi Stephen, On 10/01/2015 04:31 AM, Stephen Farrell wrote: > > Hiya, > > On 01/10/15 04:52, Suresh Krishnan wrote: >> Hi Stephen, >> Thanks for your comments. Please find responses inline >> >> On 09/30/2015 08:06 PM, Stephen Farrell wrote: >>> Stephen Farrell has entered the following ballot position for >>> draft-ietf-conex-destopt-09: No Objection >>> >>> When responding, please keep the subject line intact and reply to all >>> email addresses included in the To and CC lines. (Feel free to cut this >>> introductory paragraph, however.) >>> >>> >>> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html >>> for more information about IESG DISCUSS and COMMENT positions. >>> >>> >>> The document, along with other ballot positions, can be found here: >>> https://datatracker.ietf.org/doc/draft-ietf-conex-destopt/ >>> >>> >>> >>> ---------------------------------------------------------------------- >>> COMMENT: >>> ---------------------------------------------------------------------- >>> >>> >>> - section 7: "If the transport network cannot be trusted, IPsec >>> Authentication should be used to ensure integrity of the ConEx >>> information." Hmm. Transport networks cannot be trusted so the >>> first condition is always met. That means you are saying IPsec >>> should be used. I don't see how the key management required is >>> going to happen and even if it did, would that affect conex >>> calculations? I'm ok with an experiment on that basis though, >>> but it'd be better if the real relationship between this and IPsec >>> were more fully fleshed out somewhere as part of the experiment. >> >> I am not sure if the form of key management chosen would affect the >> conex calculations at all. > > My point is that the key management implied here is basically not > going to happen. That means IPsec will not be used and hence conex > calculations will need to take into account the potential for routers > to mess with the CDO. > > And I think the text of this would be better if it recognised the > improbability of IPsec being used in the wild, or else spoke to how > one could arrange experiments so that use of IPsec is more likely. Thanks. I think it may unfortunately end up being the former. Once the audit text is finalized, I will come back with alternate text for this. I will keep track of this issue along with Kathleen's DISCUSS as they will probably end up needing the same resolution. Regards Suresh
- [conex] Stephen Farrell's No Objection on draft-i… Stephen Farrell
- Re: [conex] Stephen Farrell's No Objection on dra… Suresh Krishnan
- Re: [conex] Stephen Farrell's No Objection on dra… Stephen Farrell
- Re: [conex] Stephen Farrell's No Objection on dra… Bob Briscoe
- Re: [conex] Stephen Farrell's No Objection on dra… Suresh Krishnan
- Re: [conex] Stephen Farrell's No Objection on dra… Suresh Krishnan
- Re: [conex] Stephen Farrell's No Objection on dra… Bob Briscoe
- Re: [conex] Stephen Farrell's No Objection on dra… Stephen Farrell
- Re: [conex] Stephen Farrell's No Objection on dra… Bob Briscoe
- Re: [conex] Stephen Farrell's No Objection on dra… Stephen Farrell
- Re: [conex] Stephen Farrell's No Objection on dra… Mirja Kühlewind
- Re: [conex] Stephen Farrell's No Objection on dra… Stephen Farrell