Re: [ippm] Fw: New Version Notification for draft-elkins-ippm-encrypted-pdmv2-00.txt
Paolo Volpato <paolo.volpato@huawei.com> Fri, 02 July 2021 14:26 UTC
Return-Path: <paolo.volpato@huawei.com>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C0F5C3A2073; Fri, 2 Jul 2021 07:26:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i5e5wRPJ87F0; Fri, 2 Jul 2021 07:25:56 -0700 (PDT)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 94FFB3A2079; Fri, 2 Jul 2021 07:25:56 -0700 (PDT)
Received: from fraeml742-chm.china.huawei.com (unknown [172.18.147.207]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4GGccL464Mz6H6ss; Fri, 2 Jul 2021 22:17:54 +0800 (CST)
Received: from fraeml740-chm.china.huawei.com (10.206.15.221) by fraeml742-chm.china.huawei.com (10.206.15.223) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2176.2; Fri, 2 Jul 2021 16:25:46 +0200
Received: from fraeml740-chm.china.huawei.com ([10.206.15.221]) by fraeml740-chm.china.huawei.com ([10.206.15.221]) with mapi id 15.01.2176.012; Fri, 2 Jul 2021 16:25:46 +0200
From: Paolo Volpato <paolo.volpato@huawei.com>
To: "nalini.elkins@insidethestack.com" <nalini.elkins@insidethestack.com>
CC: "draft-elkins-ippm-encrypted-pdmv2@ietf.org" <draft-elkins-ippm-encrypted-pdmv2@ietf.org>, IETF IPPM WG <ippm@ietf.org>
Thread-Topic: [ippm] Fw: New Version Notification for draft-elkins-ippm-encrypted-pdmv2-00.txt
Thread-Index: AQHXbqDDgeZ+As5kPE6juqCwiVG9GasvtphQ
Date: Fri, 02 Jul 2021 14:25:46 +0000
Message-ID: <eeaf7db6b5af4ef79bb51a543ab728df@huawei.com>
References: <162256330634.19677.3885804345914692467@ietfa.amsl.com> <28584824.2341925.1622563579715@mail.yahoo.com> <721002155.671981.1625161479360@mail.yahoo.com>
In-Reply-To: <721002155.671981.1625161479360@mail.yahoo.com>
Accept-Language: it-IT, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.47.25.223]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/z4L20tvu0KMoh4gMpu2ZZ0JrgTY>
Subject: Re: [ippm] Fw: New Version Notification for draft-elkins-ippm-encrypted-pdmv2-00.txt
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Jul 2021 14:26:02 -0000
Hi Nalini, Thanks for advising. I have a couple of general questions. At a first glance, it seems to me that PDMv2 is expected to be used mainly in the enterprise domain. Is it so? Do you have any thoughts on what may happen if e.g. a multinational company runs the protocol over multiple external backbones where the IPv6 extension headers (in general, not necessarily just the destination options header) may not be handled? Does this represent a serious issue? Also, I assume that PDMv2 is mainly used by end stations (e.g. hosts instead of routers). If this is the case, then I don’t expect that the performance degradation due to encryption is a serious issue. Do you see other different cases where instead degradation may be a concern? Regards Paolo -----Original Message----- From: ippm [mailto:ippm-bounces@ietf.org] On Behalf Of nalini.elkins@insidethestack.com Sent: Thursday, July 1, 2021 7:45 PM To: IETF IPPM WG <ippm@ietf.org> Cc: draft-elkins-ippm-encrypted-pdmv2@ietf.org Subject: Re: [ippm] Fw: New Version Notification for draft-elkins-ippm-encrypted-pdmv2-00.txt IPPM, Please do take a look at this draft. I think that iOAM will need encryption as well. We have spent quite a bit of time thinking over these issues. We even have 2 cryptographers from Italy involved as co-authors. I want to do a side meeting where we can have quite a bit more time to discuss this but would love to have comments from the group on the list. I am very reluctant to push PDM out to the wider world without encryption. I feel that we will become the attacker's best friend. We have modified the Linux kernel to include PDM but as I say, without encryption, we do not wish to release. Thanks, Nalini Elkins CEO and Founder Inside Products, Inc. www.insidethestack.com (831) 659-8360 On Tuesday, June 1, 2021, 09:06:39 AM PDT, nalini.elkins@insidethestack.com <nalini.elkins@insidethestack.com> wrote: Hello IPPMers! We have just posted a new draft to encrypt PDM data. We feel that this is an important feature to add before promoting widespread adoption of PDM. We would appreciate any thoughts or comments from the group. Thanks, Nalini Elkins CEO and Founder Inside Products, Inc. www.insidethestack.com (831) 659-8360 ----- Forwarded Message ----- From: "internet-drafts@ietf.org" <internet-drafts@ietf.org> To: mackermann@bcbsm.com <mackermann@bcbsm.com>; Adnan Rashid <adnan.rashid@unifi.it>; Ameya Deshpande <ameyanrd@gmail.com>; Michael Ackermann <mackermann@bcbsm.com>; Nalini Elkins <nalini.elkins@insidethestack.com>; Tommaso Pecorella <tommaso.pecorella@unifi.it> Sent: Tuesday, June 1, 2021, 12:01:47 PM EDT Subject: New Version Notification for draft-elkins-ippm-encrypted-pdmv2-00.txt A new version of I-D, draft-elkins-ippm-encrypted-pdmv2-00.txt has been successfully submitted by Nalini Elkins and posted to the IETF repository. Name: draft-elkins-ippm-encrypted-pdmv2 Revision: 00 Title: Encrypted IPv6 Performance and Diagnostic Metrics Version 2 (EPDMv2) Destination Option Document date: 2021-06-01 Group: Individual Submission Pages: 16 URL: https://www.ietf.org/archive/id/draft-elkins-ippm-encrypted-pdmv2-00.txt Status: https://datatracker.ietf.org/doc/draft-elkins-ippm-encrypted-pdmv2/ Htmlized: https://datatracker.ietf.org/doc/html/draft-elkins-ippm-encrypted-pdmv2 Abstract: RFC8250 describes an optional Destination Option (DO) header embedded in each packet to provide sequence numbers and timing information as a basis for measurements. As this data is sent in clear- text, this may create an opportunity for malicious actors to get information for subsequent attacks. This document defines PDMv2 which has a lightweight handshake (registration procedure) and encryption to secure this data. Additional performance metrics which may be of use are also defined. The IETF Secretariat _______________________________________________ ippm mailing list ippm@ietf.org https://www.ietf.org/mailman/listinfo/ippm _______________________________________________ ippm mailing list ippm@ietf.org https://www.ietf.org/mailman/listinfo/ippm
- [ippm] Fw: New Version Notification for draft-elk… nalini.elkins@insidethestack.com
- Re: [ippm] Fw: New Version Notification for draft… nalini.elkins@insidethestack.com
- Re: [ippm] Fw: New Version Notification for draft… Hamilton, Robert
- Re: [ippm] Fw: New Version Notification for draft… Tommy Pauly
- Re: [ippm] Fw: New Version Notification for draft… nalini.elkins@insidethestack.com
- Re: [ippm] Fw: New Version Notification for draft… Paolo Volpato
- Re: [ippm] Fw: New Version Notification for draft… nalini.elkins@insidethestack.com
- Re: [ippm] Fw: New Version Notification for draft… Hamilton, Robert
- Re: [ippm] Fw: New Version Notification for draft… nalini.elkins@insidethestack.com
- Re: [ippm] Fw: New Version Notification for draft… Ackermann, Michael
- Re: [ippm] Fw: New Version Notification for draft… Mohit P. Tahiliani
- Re: [ippm] Fw: New Version Notification for draft… Ameya Deshpande
- Re: [ippm] Fw: New Version Notification for draft… nalini.elkins@insidethestack.com
- Re: [ippm] Fw: New Version Notification for draft… Ameya Deshpande
- Re: [ippm] Fw: New Version Notification for draft… Ameya Deshpande
- [ippm] Side meeting for PDMv2 and HPKE Tommy Pauly
- Re: [ippm] New Version Notification for draft-elk… Tommaso Pecorella
- Re: [ippm] Side meeting for PDMv2 and HPKE Ameya Deshpande