Re: [ippm] Fw: New Version Notification for draft-elkins-ippm-encrypted-pdmv2-00.txt

"Mohit P. Tahiliani" <tahiliani.nitk@gmail.com> Sun, 04 July 2021 04:03 UTC

Return-Path: <tahiliani.nitk@gmail.com>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 48E113A31E3; Sat, 3 Jul 2021 21:03:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O_nL2iG3vmXw; Sat, 3 Jul 2021 21:03:39 -0700 (PDT)
Received: from mail-pl1-x62c.google.com (mail-pl1-x62c.google.com [IPv6:2607:f8b0:4864:20::62c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 31C673A31E1; Sat, 3 Jul 2021 21:03:38 -0700 (PDT)
Received: by mail-pl1-x62c.google.com with SMTP id b1so8251156pls.5; Sat, 03 Jul 2021 21:03:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=tSgYEGefK8nTR8/B+GTovOmqzL0yIMXUcZptuUE9C1k=; b=eH2AzbYxDwTK6HLx10GsE4VzIpgIqC69+bnLRVR/EZ/31fk+LvE1baLlBPKWeen/M/ w+j+DraVxW5bOchVIc5IIclueVVj0VsiSQZ91gLE0mxuZ74UgCWAXwd4Rh/YwauQazU0 MDEobEG2z+frOkr5/Io1wkOvejLoKNzCCATgaZTyoBzXQWF0es2Fi+LqrxpIih0Mamii 0kXH5rdoKlOJk2MVPXK6MtmSEVD/QzBAhgskcJS/U42DRkYnyt+nSmQIjfA5rUjEsdVo 01/MLeA3lo5K9C+cPjamH99PiAt/xtvT0g8TfFE7f6xOtiQUQiwbNBKxU1S1VBl007mo Xiyg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=tSgYEGefK8nTR8/B+GTovOmqzL0yIMXUcZptuUE9C1k=; b=VToMN/Gla7HD47ogsk+g3hzh8QSR8hv/Wvnuh0+kn+Y19G6us+gJ3pP4LF1rYvPz/E fICIQLjXZiLFLqslECJdW8L+k4KSeqQzoAB3BnsEuXuuEsAhkcOw6RrI6VJVaRfIL+dG 1OZ/UGI3B9bZ4X/egxnq1DOZJIzzCVvKeEj8tMPog8coxqCujtuk8zG7Wzv+8hPwL/IE j2vMoDsJS2wxUMSEJQ4mjPHWoY0/C8Fyla9klnT9cb7LfaYsxKtXrfmQavnsk1+K8LTR GM55HWvWaTYy793bslUECWG8VqpnCqUQc7ociV1bg87ieMdoPWv/JQ7JoItwfdF8/ur/ KRkA==
X-Gm-Message-State: AOAM530pf/iQ9u01WaQLe7eFevAokV0BKGbwvCsMG6SBmjxBh8kutzpp PhU5P12vO1fJLFgOfRuaoUNf2Ilv/fdxrFWbYXzHMyrLeeHsZA==
X-Google-Smtp-Source: ABdhPJzEOG3+H55Zn7LeB875q5EoxyNZ0s1FMfa8DS+yJfHito/cg3Tl1Wvt7jAOpykvi72lZlsltBx1mMqyGbnIMSQ=
X-Received: by 2002:a17:902:6bc6:b029:122:68ea:32f3 with SMTP id m6-20020a1709026bc6b029012268ea32f3mr6604863plt.43.1625371416612; Sat, 03 Jul 2021 21:03:36 -0700 (PDT)
MIME-Version: 1.0
References: <162256330634.19677.3885804345914692467@ietfa.amsl.com> <28584824.2341925.1622563579715@mail.yahoo.com> <721002155.671981.1625161479360@mail.yahoo.com>
In-Reply-To: <721002155.671981.1625161479360@mail.yahoo.com>
From: "Mohit P. Tahiliani" <tahiliani.nitk@gmail.com>
Date: Sun, 4 Jul 2021 09:33:25 +0530
Message-ID: <CA+4Fxsg4VnWQkyEZTm6h9LmCviq7GUOd=CY0O9P4FvRyW9wGZw@mail.gmail.com>
To: "nalini.elkins@insidethestack.com" <nalini.elkins@insidethestack.com>
Cc: IETF IPPM WG <ippm@ietf.org>, "draft-elkins-ippm-encrypted-pdmv2@ietf.org" <draft-elkins-ippm-encrypted-pdmv2@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000ea523205c6444557"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/V7CzECzHARcpQ3z0tc16hZB2RwY>
Subject: Re: [ippm] Fw: New Version Notification for draft-elkins-ippm-encrypted-pdmv2-00.txt
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 04 Jul 2021 04:03:44 -0000

Greetings!

I am new to the IPPM list but I have been following the conversation on
IOAM integrity: https://github.com/inband-oam/ietf/pull/222

I am wondering why you have chosen to do confidentiality (encryption of the
data) as well as integrity.

Thanks,
Mohit P. Tahiliani

On Thu, Jul 1, 2021 at 11:15 PM nalini.elkins@insidethestack.com <
nalini.elkins@insidethestack.com> wrote:

> IPPM,
>
> Please do take a look at this draft.
>
> I think that iOAM will need encryption as well.   We have spent quite a
> bit of time thinking over these issues.  We even have 2 cryptographers from
> Italy involved as co-authors.   I want to do a side meeting where we can
> have quite a bit more time to discuss this but would love to have comments
> from the group on the list.
>
> I am very reluctant to push PDM out to the wider world without
> encryption.  I feel that we will become the attacker's best friend.
> We have modified the Linux kernel to include PDM but as I say, without
> encryption, we do not wish to release.
>
>
> Thanks,
>
> Nalini Elkins
> CEO and Founder
> Inside Products, Inc.
> www.insidethestack.com
> (831) 659-8360
>
>
>
>
>
>
> On Tuesday, June 1, 2021, 09:06:39 AM PDT,
> nalini.elkins@insidethestack.com <nalini.elkins@insidethestack.com>
> wrote:
>
>
>
>
>
> Hello IPPMers!
>
> We have just posted a new draft to encrypt PDM data.   We feel that this
> is an important feature to add before promoting widespread adoption of PDM.
>
> We would appreciate any thoughts or comments from the group.
>
> Thanks,
>
> Nalini Elkins
> CEO and Founder
> Inside Products, Inc.
> www.insidethestack.com
> (831) 659-8360
>
>
>
>
>
>
> ----- Forwarded Message -----
>
> From: "internet-drafts@ietf.org" <internet-drafts@ietf.org>
> To: mackermann@bcbsm.com <mackermann@bcbsm.com>om>; Adnan Rashid <
> adnan.rashid@unifi.it>gt;; Ameya Deshpande <ameyanrd@gmail.com>om>; Michael
> Ackermann <mackermann@bcbsm.com>om>; Nalini Elkins <
> nalini.elkins@insidethestack.com>gt;; Tommaso Pecorella <
> tommaso.pecorella@unifi.it>
> Sent: Tuesday, June 1, 2021, 12:01:47 PM EDT
> Subject: New Version Notification for
> draft-elkins-ippm-encrypted-pdmv2-00.txt
>
>
>
> A new version of I-D, draft-elkins-ippm-encrypted-pdmv2-00.txt
> has been successfully submitted by Nalini Elkins and posted to the
> IETF repository.
>
> Name:        draft-elkins-ippm-encrypted-pdmv2
> Revision:    00
> Title:        Encrypted IPv6 Performance and Diagnostic Metrics Version 2
> (EPDMv2) Destination Option
> Document date:    2021-06-01
> Group:        Individual Submission
> Pages:        16
> URL:
> https://www.ietf.org/archive/id/draft-elkins-ippm-encrypted-pdmv2-00.txt
> Status:
> https://datatracker.ietf.org/doc/draft-elkins-ippm-encrypted-pdmv2/
> Htmlized:
> https://datatracker.ietf.org/doc/html/draft-elkins-ippm-encrypted-pdmv2
>
>
> Abstract:
>   RFC8250 describes an optional Destination Option (DO) header embedded
>   in each packet to provide sequence numbers and timing information as
>   a basis for measurements.  As this data is sent in clear- text, this
>   may create an opportunity for malicious actors to get information for
>   subsequent attacks.  This document defines PDMv2 which has a
>   lightweight handshake (registration procedure) and encryption to
>   secure this data.  Additional performance metrics which may be of use
>   are also defined.
>
>
>
>
>
> The IETF Secretariat
>
>
>
>
> _______________________________________________
> ippm mailing list
> ippm@ietf.org
> https://www.ietf.org/mailman/listinfo/ippm
>
> _______________________________________________
> ippm mailing list
> ippm@ietf.org
> https://www.ietf.org/mailman/listinfo/ippm
>