Re: [ippm] Fw: New Version Notification for draft-elkins-ippm-encrypted-pdmv2-00.txt

Greetings!

I am new to the IPPM list but I have been following the conversation on
IOAM integrity: https://github.com/inband-oam/ietf/pull/222

I am wondering why you have chosen to do confidentiality (encryption of the
data) as well as integrity.

Thanks,
Mohit P. Tahiliani

On Thu, Jul 1, 2021 at 11:15 PM nalini.elkins@insidethestack.com <
nalini.elkins@insidethestack.com> wrote:

> IPPM,
>
> Please do take a look at this draft.
>
> I think that iOAM will need encryption as well.   We have spent quite a
> bit of time thinking over these issues.  We even have 2 cryptographers from
> Italy involved as co-authors.   I want to do a side meeting where we can
> have quite a bit more time to discuss this but would love to have comments
> from the group on the list.
>
> I am very reluctant to push PDM out to the wider world without
> encryption.  I feel that we will become the attacker's best friend.
> We have modified the Linux kernel to include PDM but as I say, without
> encryption, we do not wish to release.
>
>
> Thanks,
>
> Nalini Elkins
> CEO and Founder
> Inside Products, Inc.
> www.insidethestack.com
> (831) 659-8360
>
>
>
>
>
>
> On Tuesday, June 1, 2021, 09:06:39 AM PDT,
> nalini.elkins@insidethestack.com <nalini.elkins@insidethestack.com>
> wrote:
>
>
>
>
>
> Hello IPPMers!
>
> We have just posted a new draft to encrypt PDM data.   We feel that this
> is an important feature to add before promoting widespread adoption of PDM.
>
> We would appreciate any thoughts or comments from the group.
>
> Thanks,
>
> Nalini Elkins
> CEO and Founder
> Inside Products, Inc.
> www.insidethestack.com
> (831) 659-8360
>
>
>
>
>
>
> ----- Forwarded Message -----
>
> From: "internet-drafts@ietf.org" <internet-drafts@ietf.org>
> To: mackermann@bcbsm.com <mackermann@bcbsm.com>; Adnan Rashid <
> adnan.rashid@unifi.it>; Ameya Deshpande <ameyanrd@gmail.com>; Michael
> Ackermann <mackermann@bcbsm.com>; Nalini Elkins <
> nalini.elkins@insidethestack.com>; Tommaso Pecorella <
> tommaso.pecorella@unifi.it>
> Sent: Tuesday, June 1, 2021, 12:01:47 PM EDT
> Subject: New Version Notification for
> draft-elkins-ippm-encrypted-pdmv2-00.txt
>
>
>
> A new version of I-D, draft-elkins-ippm-encrypted-pdmv2-00.txt
> has been successfully submitted by Nalini Elkins and posted to the
> IETF repository.
>
> Name:        draft-elkins-ippm-encrypted-pdmv2
> Revision:    00
> Title:        Encrypted IPv6 Performance and Diagnostic Metrics Version 2
> (EPDMv2) Destination Option
> Document date:    2021-06-01
> Group:        Individual Submission
> Pages:        16
> URL:
> https://www.ietf.org/archive/id/draft-elkins-ippm-encrypted-pdmv2-00.txt
> Status:
> https://datatracker.ietf.org/doc/draft-elkins-ippm-encrypted-pdmv2/
> Htmlized:
> https://datatracker.ietf.org/doc/html/draft-elkins-ippm-encrypted-pdmv2
>
>
> Abstract:
>   RFC8250 describes an optional Destination Option (DO) header embedded
>   in each packet to provide sequence numbers and timing information as
>   a basis for measurements.  As this data is sent in clear- text, this
>   may create an opportunity for malicious actors to get information for
>   subsequent attacks.  This document defines PDMv2 which has a
>   lightweight handshake (registration procedure) and encryption to
>   secure this data.  Additional performance metrics which may be of use
>   are also defined.
>
>
>
>
>
> The IETF Secretariat
>
>
>
>
> _______________________________________________
> ippm mailing list
> ippm@ietf.org
> https://www.ietf.org/mailman/listinfo/ippm
>
> _______________________________________________
> ippm mailing list
> ippm@ietf.org
> https://www.ietf.org/mailman/listinfo/ippm
>