Re: Secdir last call review of draft-ietf-lisp-rfc6830bis-15

Kyle Rose <krose@krose.org> Tue, 11 September 2018 17:30 UTC

Return-Path: <krose@krose.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2467B130E4F for <ietf@ietfa.amsl.com>; Tue, 11 Sep 2018 10:30:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=krose.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YI2XyMHXeSqf for <ietf@ietfa.amsl.com>; Tue, 11 Sep 2018 10:30:44 -0700 (PDT)
Received: from mail-qt0-x234.google.com (mail-qt0-x234.google.com [IPv6:2607:f8b0:400d:c0d::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 587C2130EDB for <ietf@ietf.org>; Tue, 11 Sep 2018 10:30:42 -0700 (PDT)
Received: by mail-qt0-x234.google.com with SMTP id r37-v6so29120378qtc.0 for <ietf@ietf.org>; Tue, 11 Sep 2018 10:30:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=krose.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=0Ykstjgvjv+xWHoVjK9RkGrKiHMyLapiP8v8g/vu6ec=; b=Cja/sRXzP1h9yIC3h5a64K2zqkqeSHIbPP7zlmsL/CH6StWQE39JpGQsibru6lTs2c lIFUreGZvSjQFMi6HwplKvvavpMrkW+J2J/crMKWcdUPf/MHJwzPmBxqGqhmJZLLihZg aMWpe63Sc0+5NWm8U4opWtrPF65SpBqgnO5Qw=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=0Ykstjgvjv+xWHoVjK9RkGrKiHMyLapiP8v8g/vu6ec=; b=COMyfffnJWbqkZrxOVUIJJiEDEHu0Aw0Zd7N8RA74ZMD6bfT7EYPAX/6P/hj5kzZdE LskfG1DYT6Nd7qe3/9C/GjKiI/S9zgVwf8XoMFdsOMGZ78C/RPkRVR8i9mGwkzfknQT5 dDV7m7O1i/Q+sW9b1OWyy1y4iJDyE1B2EQTNZsyjiDG4k8KGqfAZEi3pynARzWz6OMTz HNh+vrAEXmBGRmQ4jXIB55UHKT7VTc+yglyp1hBJsfzoE9l6S3oBmixJwSHKfu+5j3Ma vVliTUVQTlNGtmpC6xMK+LNGwls0tYdFVwescu4C+FtR6/AQ8YQyrJ5+PgRunWoP72ia gJSA==
X-Gm-Message-State: APzg51DKogZZIajRpOZYBzSjHv+kfH/i8bCylpajKPqa24W8v8RF5P1q C9sZC+fXUKTKw65O72M6M6zccSZeoEY0MiXg4iAvkg==
X-Google-Smtp-Source: ANB0VdZkRVHMw+sQKPsENXMwAV66RfzDbVWKAAEWnJKt6GSpKtgjWsiL0nztcWAawlbwRPBmvbxCR6+o8jmlirj0qnM=
X-Received: by 2002:a0c:d5d3:: with SMTP id h19-v6mr19625084qvi.218.1536687041167; Tue, 11 Sep 2018 10:30:41 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a0c:86ea:0:0:0:0:0 with HTTP; Tue, 11 Sep 2018 10:30:40 -0700 (PDT)
X-Originating-IP: [2001:4878:a000:3000:7163:4dac:f91f:e5b5]
In-Reply-To: <6546936B-3AFD-47C4-8A27-8298DDDBBA09@gmail.com>
References: <153513922907.22939.10542350679349996082@ietfa.amsl.com> <FDA69FDF-696B-4959-AADB-0999630C723D@gmail.com> <CAJU8_nWwHAQYeo4oCVq=dVquRK1VhO-TdUKw5JmvbX1idWa=VA@mail.gmail.com> <A037BDB7-C780-4D44-A031-49F39AA3F11F@gmail.com> <CAJU8_nUJ7BLJhgjw6Sa-xeY0=OpK4N2ffKLjZ-3m6+Uiws5wTw@mail.gmail.com> <77109099-A756-4563-968C-5AC17FF38291@gigix.net> <CAJU8_nX9mNZ=DvQoCmqzptWfK10G+HpmOx2L+LAH-srNJRuXuA@mail.gmail.com> <6546936B-3AFD-47C4-8A27-8298DDDBBA09@gmail.com>
From: Kyle Rose <krose@krose.org>
Date: Tue, 11 Sep 2018 13:30:40 -0400
Message-ID: <CAJU8_nXBw9fOA829WhxUZ=7nmP-HbMtF0W7mOjW-o1H8g6f1_w@mail.gmail.com>
Subject: Re: Secdir last call review of draft-ietf-lisp-rfc6830bis-15
To: Dino Farinacci <farinacci@gmail.com>
Cc: Luigi Iannone <ggx@gigix.net>, IETF SecDir <secdir@ietf.org>, draft-ietf-lisp-rfc6830bis.all@ietf.org, IETF Discussion Mailing List <ietf@ietf.org>, "lisp@ietf.org list" <lisp@ietf.org>, Benjamin Kaduk <kaduk@mit.edu>
Content-Type: multipart/alternative; boundary="00000000000038574e05759bd51d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/mf976wb_uNRfKl217VJkb5V1h6Y>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Sep 2018 17:30:45 -0000

On Tue, Sep 11, 2018 at 1:11 PM, Dino Farinacci <farinacci@gmail.com> wrote:

> > but this doesn't specifically address the fact that a pull-based control
> plane will fail in a different way, and one that is potentially harder to
> diagnose, from a push-based one. One area in which it differs is that a
> loss of a BGP session followed by a network partition is obvious to all
> users trying to move traffic between those two networks, while choking off
> control plane traffic in LISP may only affect some endpoints in a
> mysterious way.
>
> IMO, a feature and not a bug. And arguably harder to diagnose makes it
> more secure.
>

Possibly. But being better or worse isn't my point, so much that it's
*different* in a material way from a security perspective. Those deltas are
where something proposing to supplant the prevailing mechanism for DFZ
routing needs to be clear to operators.

Kyle