Re: [Detnet] Roman Danyliw's No Objection on draft-ietf-detnet-oam-framework-10: (with COMMENT)
Greg Mirsky <gregimirsky@gmail.com> Thu, 18 January 2024 05:26 UTC
Return-Path: <gregimirsky@gmail.com>
X-Original-To: detnet@ietfa.amsl.com
Delivered-To: detnet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 67E08C14F609; Wed, 17 Jan 2024 21:26:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T9O2khWw5vIr; Wed, 17 Jan 2024 21:26:10 -0800 (PST)
Received: from mail-yb1-xb34.google.com (mail-yb1-xb34.google.com [IPv6:2607:f8b0:4864:20::b34]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 04705C14F5FC; Wed, 17 Jan 2024 21:26:09 -0800 (PST)
Received: by mail-yb1-xb34.google.com with SMTP id 3f1490d57ef6-dc253ca54cdso479849276.0; Wed, 17 Jan 2024 21:26:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1705555569; x=1706160369; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=rquzzraFPDcc+osJ02mRGzGkkBV++KemHh1SuhtA3F8=; b=NtsQipiqA231H3ppToC+U21YfPeTeQ3ouKVkz9gPocaWp8shuQRSWl+SU736DeFArj g6MtV2VCxQp01aiRlIpPf4MIQlXInrL159j8m6wySAGA2fBOoFv14hAwPNBUKdHAcB9g uM8FO89DRtNK3RQBg1vrIa7Kg/ucZI++C10D22+rXvHy91QXam0K1LTtmFKBc7uxmeBs SwdNwlV96dTD6jAMzM5UZiwcu3xknxrqurbLOAwZoM0Jtwu7tgn0cHbHG3FRCMDtDTld jzeRK3HbNqezShZIhummVGa4+VYqNLFMb6X/hspK/XGamJvImKCHQtI4i6ehUcdvojYi jF4w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705555569; x=1706160369; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=rquzzraFPDcc+osJ02mRGzGkkBV++KemHh1SuhtA3F8=; b=EXR8FmpM50PrnhFpdYVjPPpzlkjCGTVKnK75EIRYqjzMLjA/dLB+Pa8hJH4adUW8Kd PfeqiDcNZDXkF3WamGnmN3pp4NtnXq3fs/1c4YgjF56GQvnN3K8Vk52buhNFLp0wIge9 GcQGXZd2p6T+U0a4YldLNCRWUhbiNOuEP3XnMwYaAcG7V+efwnN0yRb4JhOHaztKrBRJ sD66M4KReilvYcWTBzfiq/LPLAmYSv74HMLFapALeCLHwBXUz6omkV/pgjd2r/OJhRTT A7XadTNFumPYauBNQoHR+ml9lhsMrFCUCnDuMKLRXBrBrHLzEzKYXmP1dboi29XMTKsk Einw==
X-Gm-Message-State: AOJu0YyggbxdnaQ+LiQ1nEKZqW0y/0niKdP+g3bjKfq3aIVhn7t6xshj nz43wKfsC/osIcLXR7Rh15OmBPG4uWO4/YvFXu+vv5tAJnf51oIaP5SnsjczuQbBRGj8s8k4K1e uB2kxSiaunbzJZD6luaxb3N8yGVE=
X-Google-Smtp-Source: AGHT+IH89ne4QCOEAi0bdcpMt2g6jePSDO/pgvuUs/Ruo8ybhajVaM9Y7vQ4YdyzSJcckbayg6i7NsA6q8YRSfABzmQ=
X-Received: by 2002:a25:b8b:0:b0:dc2:4468:d4b0 with SMTP id 133-20020a250b8b000000b00dc24468d4b0mr149259ybl.126.1705555568887; Wed, 17 Jan 2024 21:26:08 -0800 (PST)
MIME-Version: 1.0
References: <170431586860.37095.4851856862316260464@ietfa.amsl.com> <CA+RyBmXpiZ_3k10TJHq-KJaqLziUfrcUvGhk3k0-nV9LaVVT8g@mail.gmail.com> <BN2P110MB1107480A57047C3D69E30BE2DC6BA@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
In-Reply-To: <BN2P110MB1107480A57047C3D69E30BE2DC6BA@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
From: Greg Mirsky <gregimirsky@gmail.com>
Date: Wed, 17 Jan 2024 21:25:57 -0800
Message-ID: <CA+RyBmX+tNMf3hBBY7cRUo+s=aTuM5E2ODUf--M0V5utg3-oFQ@mail.gmail.com>
To: Roman Danyliw <rdd@cert.org>
Cc: The IESG <iesg@ietf.org>, "draft-ietf-detnet-oam-framework@ietf.org" <draft-ietf-detnet-oam-framework@ietf.org>, "detnet-chairs@ietf.org" <detnet-chairs@ietf.org>, "detnet@ietf.org" <detnet@ietf.org>, "lberger@labn.net" <lberger@labn.net>
Content-Type: multipart/alternative; boundary="000000000000d40e5d060f319928"
Archived-At: <https://mailarchive.ietf.org/arch/msg/detnet/K1d_SfT2uvYMp0GOFXCAlgLJ-98>
Subject: Re: [Detnet] Roman Danyliw's No Objection on draft-ietf-detnet-oam-framework-10: (with COMMENT)
X-BeenThere: detnet@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussions on Deterministic Networking BoF and Proposed WG <detnet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/detnet>, <mailto:detnet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/detnet/>
List-Post: <mailto:detnet@ietf.org>
List-Help: <mailto:detnet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/detnet>, <mailto:detnet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Jan 2024 05:26:12 -0000
Hi Roman, thank you for the discussion that helped improve the document. I've uploaded -15 <https://datatracker.ietf.org/doc/draft-ietf-detnet-mpls-oam/> version that includes all updates that address your DISCUSS and comments. Regards, Greg On Mon, Jan 8, 2024 at 11:54 AM Roman Danyliw <rdd@cert.org> wrote: > Hi Greg! > > > > Thanks for the quick follow-up. This new text looks good to me. > > > > Roman > > > > *From:* Greg Mirsky <gregimirsky@gmail.com> > *Sent:* Wednesday, January 3, 2024 6:40 PM > *To:* Roman Danyliw <rdd@cert.org> > *Cc:* The IESG <iesg@ietf.org>; draft-ietf-detnet-oam-framework@ietf.org; > detnet-chairs@ietf.org; detnet@ietf.org; lberger@labn.net > *Subject:* Re: Roman Danyliw's No Objection on > draft-ietf-detnet-oam-framework-10: (with COMMENT) > > > > *Warning:* External Sender - do not click links or open attachments > unless you recognize the sender and know the content is safe. > > > > Hi Roman, > > thank you for your comments helping to improve the document. Please find > my notes below tagged by GIM>>. > > > > Regards, > > Greg > > > > On Wed, Jan 3, 2024 at 1:04 PM Roman Danyliw via Datatracker < > noreply@ietf.org> wrote: > > Roman Danyliw has entered the following ballot position for > draft-ietf-detnet-oam-framework-10: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to > https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ > for more information about how to handle DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-detnet-oam-framework/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > ** Section 2. > Many legacy OAM tools can be used in DetNet networks, but they are > not able to cover all the aspects of deterministic networking. > > What is a legacy tool? > > GIM>> Yes, it is awkward. I propose the following re-wording of the > paragraph: > > OLD TEXT: > > Many legacy OAM tools can be used in DetNet networks, but they are > > not able to cover all the aspects of deterministic networking. > > Fulfilling strict guarantees is essential for DetNet flows, resulting > > in new DetNet-specific functionalities that must be covered with OAM. > > Filling these gaps is inevitable and needs accurate consideration of > > DetNet specifics. Similar to DetNet flows themselves, their OAM > > needs careful end-to-end engineering as well. > > NEW TEXT: > > Most of the existing OAM tools can be used in DetNet networks, but > > they can only cover some aspects of deterministic networking. > > Fulfilling strict guarantees is essential for DetNet flows, resulting > > in new DetNet-specific functionalities that must be covered with OAM. > > Filling these gaps is inevitable and needs accurate consideration of > > DetNet specifics. Similar to DetNet flows, their OAM also needs > > careful end-to-end engineering. > > > ** Section 2. > > For example, appropriate placing of MEPs along the path of a DetNet > flow is not always a trivial task and may require proper design, > together with the design of the service component of a given DetNet > flow. > > Agreed. However, it seems me to that there is a missing sentence > explicitly > linking OAM to placing these MEPs. > > GIM>> I see the process of placing MEPs, i.e., configuring MEPs on a > particular interfaces of a DetNet node, being a part of the overall process > of OAM configuration that includes the configuration of OAM protocols. Is > that the linking that you suggest to clarify in the text? > > > ** Section 8. This section seems to be missing mentioned that OAM > mechanism > could be tampered with depending on their construction and that some OAM > tools > are dual-use potentially enabling reconnaissance by an attacker. These and > other topics are covered in the Security Considerations of RFC7276. > > GIM>> Thank you the reference, added the following sentence: > > NEW TEXT: > > Furthermore, the analysis of OAM security concerns in > > Section 6 of [RFC7276] also applies to DetNet OAM, including the use > > of OAM for network reconnaissance. > > > ** Section 9. The GENART reviewer (Mallory Knodel) also notes that OAM > mechanism can be used as the further basis of reconnaissance by > fingerprinting > their features. > > GIM>> Would the new sentence in Section 8 be sufficient to cover that > concern? >
- [Detnet] Roman Danyliw's No Objection on draft-ie… Roman Danyliw via Datatracker
- Re: [Detnet] Roman Danyliw's No Objection on draf… Greg Mirsky
- Re: [Detnet] Roman Danyliw's No Objection on draf… Roman Danyliw
- Re: [Detnet] Roman Danyliw's No Objection on draf… Greg Mirsky