Re: [Detnet] Alissa Cooper's Discuss on draft-ietf-detnet-architecture-11: (with DISCUSS and COMMENT)
János Farkas <janos.farkas@ericsson.com> Fri, 10 May 2019 14:12 UTC
Return-Path: <Janos.Farkas@ericsson.com>
X-Original-To: detnet@ietfa.amsl.com
Delivered-To: detnet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 172DC12025F for <detnet@ietfa.amsl.com>; Fri, 10 May 2019 07:12:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.309
X-Spam-Level:
X-Spam-Status: No, score=-4.309 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xI_EzHBI4Ei4 for <detnet@ietfa.amsl.com>; Fri, 10 May 2019 07:12:19 -0700 (PDT)
Received: from sessmg23.ericsson.net (sessmg23.ericsson.net [193.180.251.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 06AF812022E for <detnet@ietf.org>; Fri, 10 May 2019 07:12:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/relaxed; q=dns/txt; i=@ericsson.com; t=1557497535; x=1560089535; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=DV3p3W/CBxcO7yVODLGewSgYG0SbzxTbBPe+9MKzUZo=; b=HA34dMziJc7NayvkW+MaZiKZOR6fDI43/C4oJXsKnzp9bZHtZ6ksLRrDF0kKNPyo mXEOiUg5g2RdJA8/BL+L/l+gZDqMeWO2UhPFy0MJf6C/BGFRkIS7OqJtbLItWnSx WxvAzNXp5lAptI+kkcVIfL3tWhQP3h88//t6xsSnUOY=;
X-AuditID: c1b4fb2d-195ff70000001a6d-38-5cd586bf6278
Received: from ESESBMB503.ericsson.se (Unknown_Domain [153.88.183.116]) by sessmg23.ericsson.net (Symantec Mail Security) with SMTP id 88.0B.06765.FB685DC5; Fri, 10 May 2019 16:12:15 +0200 (CEST)
Received: from ESESSMR504.ericsson.se (153.88.183.126) by ESESBMB503.ericsson.se (153.88.183.116) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5; Fri, 10 May 2019 16:12:15 +0200
Received: from ESESBMB503.ericsson.se (153.88.183.170) by ESESSMR504.ericsson.se (153.88.183.126) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5; Fri, 10 May 2019 16:12:15 +0200
Received: from [131.160.180.161] (153.88.183.153) by smtp.internal.ericsson.com (153.88.183.186) with Microsoft SMTP Server id 15.1.1713.5 via Frontend Transport; Fri, 10 May 2019 16:12:14 +0200
To: Alissa Cooper <alissa@cooperw.in>
CC: "Black, David" <David.Black@dell.com>, "draft-ietf-detnet-architecture@ietf.org" <draft-ietf-detnet-architecture@ietf.org>, "detnet@ietf.org" <detnet@ietf.org>, Lou Berger <lberger@labn.net>, IESG <iesg@ietf.org>, "detnet-chairs@ietf.org" <detnet-chairs@ietf.org>
References: <155067447797.31337.768983002923056061.idtracker@ietfa.amsl.com> <40b28261-5f04-7fcd-4f4f-ce243f32a808@labn.net> <1AA376D8-DE94-4FAF-B9D2-CC4E155CEC85@cooperw.in> <ec41b988-8f3c-4ae0-fc65-1269bf33f93e@labn.net> <b1c6345f-d3f1-735c-04cd-81c5a405ef11@ericsson.com> <0f7e2d9a-bf74-b5ea-6898-29ad2129a0c0@ericsson.com> <CCCB305C-257F-4436-8C6C-CAEBD2137B9D@cooperw.in> <ddfc0ddb-3ac6-d4dc-da6e-8c9889dd77c4@ericsson.com> <BEAECAD3-DA6B-4858-97C3-6C05264761E0@cooperw.in> <CE03DB3D7B45C245BCA0D2432779493630516479@MX307CL04.corp.emc.com> <fc9b75ee-8768-42aa-b322-b085985e265e@ericsson.com> <3dc108b6-81d7-a6ea-730f-051d959234e3@ericsson.com> <007502C1-D2AF-4C75-9E45-BB44676ECB9E@cooperw.in>
From: János Farkas <janos.farkas@ericsson.com>
Message-ID: <8cb29cd0-86c6-e2ef-a778-192944406207@ericsson.com>
Date: Fri, 10 May 2019 16:12:14 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1
MIME-Version: 1.0
In-Reply-To: <007502C1-D2AF-4C75-9E45-BB44676ECB9E@cooperw.in>
Content-Type: multipart/alternative; boundary="------------8C29FF7A98023446473E9A75"
Content-Language: en-US
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrKIsWRmVeSWpSXmKPExsUyM2J7ie7+tqsxBq2tJhbTz/xltPg4azGL xbX+HywWvz/NZrH48G0mi8WMPxOZLTqa37I4sHt8efKSyWPSzBnMHkuW/GTy+LCpmS2AJYrL JiU1J7MstUjfLoEr4/3BTSwFPcfYKn5uamBuYDzyjKmLkZNDQsBEomf+R8YuRi4OIYGjjBIb nn9lg3C+MUp0nl/BCOccfL2UGcI5xigxZ8YZNpB+YYECif4Ly5lBbBEBVYmrx36AtTMLTGaS +Np4jAWi4xKrREfDHFaQKjYBe4m7lzaAdfAC2Z2vullAbBag7ocTvoDZogKxEp+uLIaqEZQ4 OfMJUJyDg1PATuL/L1uQMLNAmMSynpmMELa4xK0n88EeEhJQk3jfcIdxAqPQLCTds5C0zELS AmFbSMycfx4qLi/RvHU2M4StIdE6Zy47svgCRvZVjKLFqcXFuelGxnqpRZnJxcX5eXp5qSWb GIGRd3DLb90djKtfOx5iFOBgVOLhTS+4GiPEmlhWXJl7iFGCg1lJhLdI50qMEG9KYmVValF+ fFFpTmrxIUZpDhYlcd7o1XtihATSE0tSs1NTC1KLYLJMHJxSDYx98l2Hn/6YkL784lnZvxJ/ sn70y1lH5Fz6oiv2qp/TRsw0Uk7H9WeU3HvGAru1920eKC/nmhBYfc+7YMLyQqfA25enOk1j czwiZbc/6Mfh/vVxhQt2n3GM+/7ptZvTXz5WvvbY+uKuSas2y2pd+SvMuPdi8wO1/Qt0VOVj Nrx84ZfKX1ZzJEqJpTgj0VCLuag4EQAgyU3NuAIAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/detnet/Vo94WDo4E9r4vTBeg2Sizs_lPlA>
Subject: Re: [Detnet] Alissa Cooper's Discuss on draft-ietf-detnet-architecture-11: (with DISCUSS and COMMENT)
X-BeenThere: detnet@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions on Deterministic Networking BoF and Proposed WG <detnet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/detnet>, <mailto:detnet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/detnet/>
List-Post: <mailto:detnet@ietf.org>
List-Help: <mailto:detnet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/detnet>, <mailto:detnet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 May 2019 14:12:30 -0000
Thank you Alissa! Janos On 5/10/2019 4:07 PM, Alissa Cooper wrote: > Thanks, I cleared. > Alissa > >> On May 6, 2019, at 10:19 AM, János Farkas <janos.farkas@ericsson.com >> <mailto:janos.farkas@ericsson.com>> wrote: >> >> Hi Alissa, >> >> Revision 13 of the draft implements the change in Section 6 as you >> suggested:https://tools.ietf.org/html/draft-ietf-detnet-architecture-13#section-6,https://www.ietf.org/rfcdiff?url2=draft-ietf-detnet-architecture-13. >> >> Thank you, >> Janos >> >> >> On 4/24/2019 8:25 PM, János Farkas wrote: >>> Hi Alissa, >>> >>> Thank you for the clarification. >>> I agree with the change you are suggesting. >>> I propose to make the change. >>> >>> At this stage, I suggest to avoid any further change that is not >>> necessary. >>> >>> Thank you! >>> Janos >>> >>> >>> On 4/18/2019 6:52 PM, Black, David wrote: >>>> +1 on Alissa’s near-final comment: >>>> > […] the architecture does not actually forbid the possibility of >>>> adding additional information into DetNet packets that could be >>>> used as vectors for tracking/correlation. >>>> My understanding is that this is allowed by the DetNet architecture >>>> even though none of the data plane designs have done so to date. >>>> In particular, I’ve seen some prior discussion of using DSCPs for >>>> to identify DetNet traffic, even though that approach is not >>>> currently being pursued. >>>> Thanks, --David >>>> *From:*detnet<detnet-bounces@ietf.org>*On Behalf Of*Alissa Cooper >>>> *Sent:*Wednesday, April 17, 2019 9:34 AM >>>> *To:*János Farkas >>>> *Cc:*draft-ietf-detnet-architecture@ietf.org;detnet@ietf.org; Lou >>>> Berger; IESG;detnet-chairs@ietf.org >>>> *Subject:*Re: [Detnet] Alissa Cooper's Discuss on >>>> draft-ietf-detnet-architecture-11: (with DISCUSS and COMMENT) >>>> >>>> [EXTERNAL EMAIL] >>>> >>>> Hi János, >>>> >>>> >>>> On Apr 15, 2019, at 5:08 PM, János Farkas >>>> <janos.farkas@ericsson.com <mailto:janos.farkas@ericsson.com>> >>>> wrote: >>>> >>>> Hi Alissa, >>>> >>>> Please see in-line. >>>> >>>> On 4/12/2019 7:08 PM, Alissa Cooper wrote: >>>> >>>> Hi János, >>>> >>>> >>>> On Mar 25, 2019, at 12:16 PM, János Farkas >>>> <janos.farkas@ericsson.com >>>> <mailto:janos.farkas@ericsson.com>> wrote: >>>> >>>> Hi Alissa, >>>> >>>> We believe that we have addressed your comments in the >>>> most recent >>>> revision:https://tools.ietf.org/html/draft-ietf-detnet-architecture-12. >>>> (https://mailarchive.ietf.org/arch/msg/detnet/utVL9ZVGcOeGtRIASRFx5WT_ErM) >>>> >>>> Please let us know what else you would like to see done >>>> before you clear your DISCUSS. >>>> >>>> I/we would be happy to meet with you this week if there >>>> is anything you would like to discuss. >>>> >>>> Regards, >>>> Janos >>>> >>>> On 2/26/2019 2:20 PM, János Farkas wrote: >>>> >>>> Hi Alissa, >>>> >>>> Thank you for your review! >>>> >>>> We can replace >>>> "DetNet is provides a Quality of Service (QoS), and >>>> as such, does not >>>> directly raise any new privacy considerations." >>>> with >>>> "DetNet provides a Quality of Service (QoS), and as >>>> such, is not expected to >>>> directly raise any new privacy considerations.” >>>> >>>> I don’t understand why this is not expected. From what I >>>> can tell, the architecture allows for the use off domain- >>>> or app-flow-specific IDs. These seem like a new potential >>>> vector for tracking, and one that not every QoS >>>> architecture requires. >>>> >>>> As far as I understood from below, you were happy with the >>>> change to "is not expected”. >>>> >>>> “Combined with the above removals” (about flow IDs and OAM) is what >>>> I said. Either the architecture allows for these things, in which >>>> case one might expect them, or it doesn’t. >>>> >>>> >>>> >>>> Combined that with this discussion on the related text: >>>> https://mailarchive.ietf.org/arch/msg/detnet/-L_wsGPMqNEOtPMgsGYaJ30nFXk >>>> >>>> We came to the current text: >>>> DetNet provides a Quality of Service (QoS), and as such, is not >>>> expected to directly raise any new privacy considerations, the >>>> generic considerations for such mechanisms apply. In particular, >>>> such markings allow for an attacker to correlate flows or to select >>>> particular types of flow for more detailed inspection. >>>> >>>> >>>> Flow ID and associated QoS is not a new concept introduced by >>>> DetNet; therefore, does not expected to raise new concerns. >>>> >>>> What specific further changes do you suggest to this text? >>>> >>>> Given your exchange with Benjamin and the email today from Stewart, >>>> I would suggest: >>>> DetNet provides a Quality of Service (QoS) mechanism, and the generic >>>> considerations for such mechanisms apply. In particular, such >>>> markings >>>> allow for an attacker to correlate flows or to select particular >>>> types >>>> of flow for more detailed inspection. >>>> My point is that the architecture does not actually forbid the >>>> possibility of adding additional information into DetNet packets >>>> that could be used as vectors for tracking/correlation. This change >>>> would also address my concern about the OAM piece, but if you or >>>> the WG want to pursue further edits regarding OAM given Greg’s mail >>>> I’m happy to review. >>>> Best, >>>> Alissa >>>> >>>> >>>> >>>> >>>> This edit also doesn’t seem to cover the potential for >>>> additional privacy exposure implied by the discussion of >>>> OAM in Section 4.1.1: >>>> >>>> Thank you for making clear that this is the text you mean under >>>> "novel flow IDs and OAM tags" below. It was not clear to me >>>> because the architecture document does not contain either new / >>>> novel Flow ID / OAM tag. >>>> >>>> >>>> "OAM can involve specific tagging added in the packets for >>>> tracing implementation or >>>> >>>> network configuration errors; traceability enables to >>>> find whether a >>>> >>>> packet is a replica, which DetNet relay node performed the >>>> >>>> replication, and which segment was intended for the >>>> replica. >>>> >>>> >>>> This text is there >>>> since:https://tools.ietf.org/html/draft-finn-detnet-architecture-05. >>>> >>>> >>>> Active >>>> >>>> and hybrid OAM methods require additional bandwidth to >>>> perform fault >>>> >>>> management and performance monitoring of the DetNet >>>> domain. OAM may, >>>> >>>> for instance, generate special test probes or add OAM >>>> information >>>> >>>> into the data packet.” >>>> >>>> This was added based >>>> onhttps://www.ietf.org/mail-archive/web/detnet/current/msg01577.html. >>>> >>>> This paragraph reads to me as pretty generic text on OAM. >>>> >>>> What specific cahnge would you like to see made to this text? >>>> >>>> Should we, e.g., update the first sentence of the paragraph to: >>>> OAM can support tracing implementation or >>>> network configuration errors. Traceability enables to find >>>> whether a >>>> packet is a replica, which DetNet relay node performed the >>>> replication, and which segment was intended for the replica. >>>> >>>> ? >>>> >>>> Regards, >>>> János >>>> >>>> >>>> >>>> >>>> Thanks, >>>> >>>> Alissa >>>> >>>> >>>> >>>> >>>> I'm not sure what "references to new flow IDs and >>>> OAM tags should be removed"? >>>> >>>> Could you point to the text that should be changed? >>>> >>>> Thank you! >>>> Janos >>>> >>>> On 2/20/2019 4:39 PM, Lou Berger wrote: >>>> >>>> On 2/20/2019 10:25 AM, Alissa Cooper wrote: >>>> >>>> >>>> >>>> On Feb 20, 2019, at 7:17 AM, Lou Berger >>>> <lberger@labn.net >>>> <mailto:lberger@labn.net>> wrote: >>>> Hi Alissa, >>>> >>>> Thanks for the comments - see below. >>>> >>>> On 2/20/2019 9:54 AM, Alissa Cooper wrote: >>>> >>>> Alissa Cooper has entered the >>>> following ballot position for >>>> draft-ietf-detnet-architecture-11: >>>> Discuss >>>> >>>> When responding, please keep the >>>> subject line intact and reply to all >>>> email addresses included in the To >>>> and CC lines. (Feel free to cut this >>>> introductory paragraph, however.) >>>> >>>> >>>> Please refer >>>> tohttps://www.ietf.org/iesg/statement/discuss-criteria.html >>>> for more information about IESG >>>> DISCUSS and COMMENT positions. >>>> >>>> >>>> The document, along with other >>>> ballot positions, can be found here: >>>> https://datatracker.ietf.org/doc/draft-ietf-detnet-architecture/ >>>> >>>> >>>> >>>> ---------------------------------------------------------------------- >>>> DISCUSS: >>>> ---------------------------------------------------------------------- >>>> >>>> = Section 6 = >>>> >>>> "DetNet is provides a Quality of >>>> Service (QoS), and as such, does not >>>> directly raise any new privacy >>>> considerations." >>>> >>>> This seems like a false statement >>>> given the possibility that DetNet >>>> may require >>>> novel flow IDs and OAM tags that >>>> create additional identification and >>>> correlation risk beyond existing >>>> fields used to support QoS today. >>>> >>>> >>>> Based on the other work in the WG, I >>>> think "is not expected" is more >>>> accurate than "does not". This is based >>>> on the WG solutions for the DetNet data >>>> plane using existing IP (v4 or 6) >>>> headers or MPLS labels for flow >>>> identification. >>>> >>>> If that is the case then the references to >>>> new flow IDs and OAM tags should be removed >>>> from the architecture. >>>> >>>> sounds reasonable. Can you point to the >>>> specific offending text? >>>> Thanks, >>>> Lou >>>> >>>> >>>> >>>> >>>> Would changing to "is not expected" >>>> address your concern? >>>> >>>> Combined with the above removals, that >>>> would work for me. >>>> Thanks, >>>> Alissa >>>> >>>> >>>> >>>> Thanks, >>>> >>>> Lou >>>> >>>> >>>> >>>> >>>> _______________________________________________ >>>> >>>> detnet mailing list >>>> >>>> detnet@ietf.org <mailto:detnet@ietf.org> >>>> >>>> https://www.ietf.org/mailman/listinfo/detnet >>>> >>> >> >> >
- [Detnet] Alissa Cooper's Discuss on draft-ietf-de… Alissa Cooper
- Re: [Detnet] Alissa Cooper's Discuss on draft-iet… Lou Berger
- Re: [Detnet] Alissa Cooper's Discuss on draft-iet… Alissa Cooper
- Re: [Detnet] Alissa Cooper's Discuss on draft-iet… Lou Berger
- Re: [Detnet] Alissa Cooper's Discuss on draft-iet… János Farkas
- Re: [Detnet] Alissa Cooper's Discuss on draft-iet… János Farkas
- Re: [Detnet] Alissa Cooper's Discuss on draft-iet… Alissa Cooper
- Re: [Detnet] Alissa Cooper's Discuss on draft-iet… János Farkas
- Re: [Detnet] Alissa Cooper's Discuss on draft-iet… Greg Mirsky
- Re: [Detnet] Alissa Cooper's Discuss on draft-iet… Stewart Bryant
- Re: [Detnet] Alissa Cooper's Discuss on draft-iet… Alissa Cooper
- Re: [Detnet] Alissa Cooper's Discuss on draft-iet… Black, David
- Re: [Detnet] Alissa Cooper's Discuss on draft-iet… János Farkas
- Re: [Detnet] Alissa Cooper's Discuss on draft-iet… János Farkas
- Re: [Detnet] Alissa Cooper's Discuss on draft-iet… Alissa Cooper
- Re: [Detnet] Alissa Cooper's Discuss on draft-iet… János Farkas