[Detnet] DetNet Security Draft - IP Data Plane Specific section

"Grossman, Ethan A." <eagros@dolby.com> Tue, 02 July 2019 06:02 UTC

Return-Path: <eagros@dolby.com>
X-Original-To: detnet@ietfa.amsl.com
Delivered-To: detnet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E123120114 for <detnet@ietfa.amsl.com>; Mon, 1 Jul 2019 23:02:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=dolby.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wSQJLsDWDkpq for <detnet@ietfa.amsl.com>; Mon, 1 Jul 2019 23:02:21 -0700 (PDT)
Received: from NAM03-CO1-obe.outbound.protection.outlook.com (mail-eopbgr790095.outbound.protection.outlook.com [40.107.79.95]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4C28D1200B7 for <detnet@ietf.org>; Mon, 1 Jul 2019 23:02:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dolby.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RhiDwCT9w2MFdkJ7l8A5zyVsgoJtig1RV6Rpf9Afdws=; b=hh2eVAE5mvBTN4ATASHY+mwIEbI71zuvW5YbdnhEDYRSXM+5FQPKvS7ge51cwK8FzTEUXmFS9V6DvalkIkPllxUZu6Rw1av7XlcAqGdltB4aL3AejwzzsBq1M/xDC79WM0kyx/IUVBY39wITMYQ1VCyN+HTR6jfl6rdUYVRNNoI=
Received: from BYAPR06MB4325.namprd06.prod.outlook.com (52.135.240.140) by BYAPR06MB6263.namprd06.prod.outlook.com (20.178.234.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2032.20; Tue, 2 Jul 2019 06:02:19 +0000
Received: from BYAPR06MB4325.namprd06.prod.outlook.com ([fe80::9566:ed8c:4256:a44d]) by BYAPR06MB4325.namprd06.prod.outlook.com ([fe80::9566:ed8c:4256:a44d%7]) with mapi id 15.20.2032.019; Tue, 2 Jul 2019 06:02:19 +0000
From: "Grossman, Ethan A." <eagros@dolby.com>
To: detnet WG <detnet@ietf.org>
Thread-Topic: DetNet Security Draft - IP Data Plane Specific section
Thread-Index: AdUwmU0S7XaJegIrRpy2N0U5/gB39g==
Date: Tue, 02 Jul 2019 06:02:18 +0000
Message-ID: <BYAPR06MB432520A4456F5D35E0B34128C4F80@BYAPR06MB4325.namprd06.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=eagros@dolby.com;
x-originating-ip: [73.162.193.175]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 421fcb1d-d9fb-4438-05a6-08d6feb2d773
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:BYAPR06MB6263;
x-ms-traffictypediagnostic: BYAPR06MB6263:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <BYAPR06MB6263405C5EC1C94EDBF6193DC4F80@BYAPR06MB6263.namprd06.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 008663486A
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(366004)(376002)(396003)(346002)(39860400002)(53754006)(199004)(189003)(102836004)(186003)(6506007)(86362001)(81166006)(6916009)(71200400001)(8936002)(476003)(7696005)(26005)(6436002)(256004)(74316002)(81156014)(99286004)(66556008)(64756008)(33656002)(76116006)(66446008)(66066001)(66946007)(14444005)(71190400001)(73956011)(8676002)(52536014)(5660300002)(316002)(66476007)(7736002)(68736007)(25786009)(486006)(15650500001)(14454004)(53936002)(7110500001)(3846002)(55016002)(2906002)(9326002)(6116002)(54896002)(478600001)(6306002)(2420400007)(9686003)(790700001); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR06MB6263; H:BYAPR06MB4325.namprd06.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: dolby.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: CusbM7zU6LGN8fRywJxH2QnthfGiBzfncj90mN8r8WnoQqWDqsx/nN0JozwBwKE1/2ganU4dfpzxpDH7nfq50B10Zz2SR6HWAB6JbMILq5Gkvf1yyzSccQNFSuPDPletX8E3bRvn4mR3i02kBb/WJsewZ6s/5UOAx2uwZHei+G5d3ibdqz7lx5r6OHfGfwX6t1VmS0dfnZ1N7cSHPEtEWzaW1w+wAhy5hGlht2nzmoKBtKAyVnvilta0cgGTHqH3GEU8cT0k/vqbQeOOqcZd7u3L8hsp358WqoggA0a6jg6Xzh1UotW+Dbq5oatQHCdeu442b6N4DiXRASsiDqFV6RfhNMexSesHYiZqwR+ysKSDb2YRfU+bVW2OoFkS3aCxohjGHoikA4OHpmptuDX1bTBp1xBYQmr9nNX9ubKl4hE=
Content-Type: multipart/alternative; boundary="_000_BYAPR06MB432520A4456F5D35E0B34128C4F80BYAPR06MB4325namp_"
MIME-Version: 1.0
X-OriginatorOrg: dolby.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 421fcb1d-d9fb-4438-05a6-08d6feb2d773
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Jul 2019 06:02:19.0018 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 05408d25-cd0d-40c8-8962-5462de64a318
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: eagros@dolby.net
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR06MB6263
Archived-At: <https://mailarchive.ietf.org/arch/msg/detnet/o8fowzpuPiiOU7k1u4rRw3DWHDc>
Subject: [Detnet] DetNet Security Draft - IP Data Plane Specific section
X-BeenThere: detnet@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions on Deterministic Networking BoF and Proposed WG <detnet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/detnet>, <mailto:detnet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/detnet/>
List-Post: <mailto:detnet@ietf.org>
List-Help: <mailto:detnet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/detnet>, <mailto:detnet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jul 2019 06:02:24 -0000

Hi All,
I am having difficulty getting a contribution for our proposed "last remaining" section of the DetNet Security draft, which is the "IP Data Plane Specific" section.  Could it be that there is nothing to say? What if I said the following - who would we need to have review this statement to poke some holes in it? I mean, that is essentially the text I'm looking for, should it actually exist.

Proposed text for "IP Data Plane Considerations for DetNet" section:

"The IP protocol has a long history of security considerations and mitigations, and its use as a DetNet Data Plane introduces no new security issues that were not there before (apart from those already described in the data-plane-independent section of this document).

Thus the security considerations for a DetNet based on an IP data plane are purely inherited from the rich IP Security literature and code/application base, and the data-plane-independent section of this document".

Is that good? Should we ask for a review from the SECDIR for this statement?

Ethan (as Editor, DetNet Security draft).