Re: [Idr] [secdir] Secdir early review of draft-ietf-idr-te-pm-bgp-13
Robert Raszuk <robert@raszuk.net> Fri, 19 October 2018 22:27 UTC
Return-Path: <robert@raszuk.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A624131053 for <idr@ietfa.amsl.com>; Fri, 19 Oct 2018 15:27:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=raszuk.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S29gzxZ9UVpl for <idr@ietfa.amsl.com>; Fri, 19 Oct 2018 15:27:51 -0700 (PDT)
Received: from mail-qk1-x72e.google.com (mail-qk1-x72e.google.com [IPv6:2607:f8b0:4864:20::72e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0276113102B for <idr@ietf.org>; Fri, 19 Oct 2018 15:27:51 -0700 (PDT)
Received: by mail-qk1-x72e.google.com with SMTP id m8-v6so21976353qka.12 for <idr@ietf.org>; Fri, 19 Oct 2018 15:27:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raszuk.net; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=2jYczE4HcbxNaJgUzTi4Fc0cWIl2qaMzvSLz/Cvqyt4=; b=TbwGCqtG0e2Hy3+PaT7Joof8Xe7UU4Pll85g3VhKKQxVE3nkNBzAXS/8kUq9UOu2Qs hZpim27VvX1744aowUePOJnLcRkfldfw+CejK0lQn7rQbt7RQPpovdU56TtcriwrtEGO Cw+nIIZ6RurLE7FS++kU7t/ZUgUfv3mRwF0k8+j5qF+0sj0tgpoWdbeAx8AUuffn22Li VR7Fdp1EljZyueen5BQK2RBZes1iYty0SDzZ6tqN/kdZOjSYhtlGtvtmbX8LWYvkcQU0 7xpjzTToFYhgx2aPH38HN5EV+yRzVZjBzHESYocdlq8R7Iw01/rj4oiBY0NHEuGldwDW PdZQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=2jYczE4HcbxNaJgUzTi4Fc0cWIl2qaMzvSLz/Cvqyt4=; b=Z45Wt294Ojtgkb1icHQZuv6axaiUdfyICbZGkJB1dT5er8+UeWgfqBcPGHO+552Ery qElncdtOAmBqNlq3wwUWd40W8WB8eV6U6QTWO8XYazlmy0BrVjmkksK0LlDNmNGPfEqS Sv3atSDha4hkHHs+WBbP23rBTCrcicXZdUXsOWfB8hmZR0HiZnbNUsooOWINZ2Do7QGm VafPJQjL8TjjboHBr3XtpL/FmHVHrRMR4izLRejpcICcDPSbys8NvfrHcdljOMkuY1jO +PpqjnW62D37D0tRumzwatiaNvbokMsUbLk6V0bpiMSL7BfQczf355U8AyANXJn7CD0F s/HA==
X-Gm-Message-State: ABuFfog9lLUoQLYdz1zomtMHPBihUJz42aoM0yOnBLZsrHC+z5NbADJG Y55ESrnkXa7NLhX+hvbWsXMCKyFcLFioH4NZ1x4NRg==
X-Google-Smtp-Source: ACcGV61cnZ4/uAkcP6QbFsoJXFvzSNir21iClbkqbE22H0S9CMqmJEGcG1FeTraGqk3NsDnIJ1F5VP8CqtXtVNbfK98=
X-Received: by 2002:a37:694:: with SMTP id 142-v6mr32868680qkg.189.1539988070098; Fri, 19 Oct 2018 15:27:50 -0700 (PDT)
MIME-Version: 1.0
References: <153972468642.9298.14442375581871750001@ietfa.amsl.com> <ec43e712e8024930831a206f8e843cbb@XCH-ALN-001.cisco.com> <7655493D-9EF0-42FF-B2D3-B9CE4E78178D@gmail.com> <feec42a72bd64f31afbcb3b340dad52b@XCH-ALN-001.cisco.com> <1FFA9449-D03C-4EB6-9D08-BA4A1AA93FE3@gmail.com> <92af26fef2da470d853f292c84f026a0@XCH-ALN-001.cisco.com> <20181019002642.GX19309@kduck.kaduk.org> <CAOj+MMH1=SBV=ikiNE6UHEe1mzf5xKLPOZXnnqPEvyFHTC=83A@mail.gmail.com> <00a601d467af$3c4b90f0$b4e2b2d0$@ndzh.com> <b718ffb671c446adb1666ad9f73f4f82@XCH-ALN-001.cisco.com> <028b01d467ce$402b2400$c0816c00$@ndzh.com> <f20b00331cbf42f49dcc5ab61c8d2d8f@XCH-ALN-001.cisco.com> <03e101d467f3$2bff9130$83feb390$@ndzh.com>
In-Reply-To: <03e101d467f3$2bff9130$83feb390$@ndzh.com>
From: Robert Raszuk <robert@raszuk.net>
Date: Sat, 20 Oct 2018 00:27:41 +0200
Message-ID: <CAOj+MMH79aD2jzeVEWzv=WQS0y6N4VZyoeRmncPna1BtKmCeaA@mail.gmail.com>
To: shares@ndzh.com
Cc: "Les Ginsberg (ginsberg)" <ginsberg@cisco.com>, kaduk@mit.edu, idr@ietf.org, draft-ietf-idr-te-pm-bgp.all@ietf.org, ietf@ietf.org, Yoav Nir <ynir.ietf@gmail.com>, secdir@ietf.org
Content-Type: multipart/alternative; boundary="000000000000e09fbd05789c6904"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/iIlDYX0MU18xfswWiogdWokL89Q>
Subject: Re: [Idr] [secdir] Secdir early review of draft-ietf-idr-te-pm-bgp-13
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Oct 2018 22:27:53 -0000
Hello Sue, However, I would like your feedback on whether you believe RFC7752 has > security that is equivalent to, less than, or greater than a trusted > domain? > > > > The spring routing architecture (RFC8402) indicates that be default SR > operates within a trusted domain. > > > > “Traffic MUST be filtered at the domain boundaries. The use of best > practices to reduce the risk of tampering within the trusted domain is > important. Such practices are discussed in [RFC4381 > <https://tools.ietf.org/html/rfc4381>] and are applicable to both SR-MPLS > and SRv6.” > Reading your comments I am also similarly to Les's feelings quite not sure what the point here is. SR Architecture while completely irrelevant to this thread talks about trusted domain in the context of data plane. Bringing in L3VPNs out of the sudden only because some SR document referred to it's security analysis is also quite a bizarre maneuver. With control plane and especially with BGP the notion of trusted vs untrusted domain is not something anyone can just pick or state on what his or her believe is. The short answer is that BGP operates on a per AFI/SAFI basis and level of trust is directly related to the actual configuration applied including level of policy inserted when using such apparatus to distribute various forms of information. Same SAFI can be configured by one operator quite strictly limiting it to one AS and someone else will like to share his information with entire world publishing it to a looking glass. Are we here to restrict this ? What means of control is there to enforce such restrictions other then perhaps stating simple recommendation in an advisory fashion that one should be a bit careful when publishing content of his LSDB or TED beyond devices he trusts ? ** ** Note that even if TE infrastructure addresses or other information are accidentally leaked - there should be no great immediate harm - since well managed network prevents on ingress to the domain any flows which would aim at internal infrastructure address space. Thx, R.
- [Idr] Secdir early review of draft-ietf-idr-te-pm… Yoav Nir
- Re: [Idr] Secdir early review of draft-ietf-idr-t… Les Ginsberg (ginsberg)
- Re: [Idr] Secdir early review of draft-ietf-idr-t… Yoav Nir
- Re: [Idr] Secdir early review of draft-ietf-idr-t… Les Ginsberg (ginsberg)
- Re: [Idr] Secdir early review of draft-ietf-idr-t… Yoav Nir
- Re: [Idr] Secdir early review of draft-ietf-idr-t… Les Ginsberg (ginsberg)
- Re: [Idr] [secdir] Secdir early review of draft-i… Benjamin Kaduk
- Re: [Idr] [secdir] Secdir early review of draft-i… Les Ginsberg (ginsberg)
- Re: [Idr] [secdir] Secdir early review of draft-i… Benjamin Kaduk
- Re: [Idr] [secdir] Secdir early review of draft-i… Susan Hares
- Re: [Idr] [secdir] Secdir early review of draft-i… Robert Raszuk
- Re: [Idr] [secdir] Secdir early review of draft-i… Susan Hares
- Re: [Idr] [secdir] Secdir early review of draft-i… Les Ginsberg (ginsberg)
- Re: [Idr] [secdir] Secdir early review of draft-i… Les Ginsberg (ginsberg)
- Re: [Idr] [secdir] Secdir early review of draft-i… Susan Hares
- Re: [Idr] [secdir] Secdir early review of draft-i… Les Ginsberg (ginsberg)
- Re: [Idr] [secdir] Secdir early review of draft-i… Robert Raszuk
- Re: [Idr] [secdir] Secdir early review of draft-i… John E Drake
- Re: [Idr] [secdir] Secdir early review of draft-i… Susan Hares
- Re: [Idr] [secdir] Secdir early review of draft-i… Susan Hares
- Re: [Idr] [secdir] Secdir early review of draft-i… John E Drake
- Re: [Idr] [secdir] Secdir early review of draft-i… Susan Hares
- Re: [Idr] [secdir] Secdir early review of draft-i… Susan Hares
- Re: [Idr] [secdir] Secdir early review of draft-i… Les Ginsberg (ginsberg)
- Re: [Idr] [secdir] Secdir early review of draft-i… Robert Raszuk
- Re: [Idr] [secdir] Secdir early review of draft-i… John E Drake
- Re: [Idr] [secdir] Secdir early review of draft-i… Susan Hares
- Re: [Idr] [secdir] Secdir early review of draft-i… Les Ginsberg (ginsberg)
- Re: [Idr] [secdir] Secdir early review of draft-i… Robert Raszuk
- Re: [Idr] [secdir] Secdir early review of draft-i… Susan Hares
- Re: [Idr] [secdir] Secdir early review of draft-i… John E Drake
- Re: [Idr] [secdir] Secdir early review of draft-i… Susan Hares
- Re: [Idr] [secdir] Secdir early review of draft-i… Susan Hares
- Re: [Idr] [secdir] Secdir early review of draft-i… Susan Hares
- Re: [Idr] [secdir] Secdir early review of draft-i… Yoav Nir
- Re: [Idr] [secdir] Secdir early review of draft-i… Les Ginsberg (ginsberg)
- Re: [Idr] [secdir] Secdir early review of draft-i… Susan Hares
- Re: [Idr] [secdir] Secdir early review of draft-i… Qin Wu