IETF Logo Mail Archive

RE: Roman Danyliw's Discuss on draft-ietf-6man-spring-srv6-oam-11: (with DISCUSS and COMMENT)

Roman Danyliw <rdd@cert.org> Mon, 10 January 2022 19:49 UTC

Return-Path: <rdd@cert.org>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3B17D3A1010; Mon, 10 Jan 2022 11:49:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=seicmu.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eN-QeOvWaguP; Mon, 10 Jan 2022 11:49:50 -0800 (PST)
Received: from USG02-BN3-obe.outbound.protection.office365.us (mail-bn3usg02on0096.outbound.protection.office365.us [23.103.208.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0EE413A1009; Mon, 10 Jan 2022 11:49:45 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=n/xtKa/Vc2N94orteZz4VYMJUbz+jH115ori1/O3uBTc0hgffRAtuBDf6T+JwQksqzp/L4xnvGcSqNq/VU4jtJjfhkYphZhr3coH+HyicXi+4vWhbGWqsPJHwJEgcnomFB5x0IruWoVwmRFz41SE30hx3TQnGodqNnfCGeCP2jYH9rnee5O7E0rx1Q7bSh99o3egDs0bhb8ezZI0dVpb1G/5X2vWkyrydWmUwbXtHkQwKRBvz81H1+Kj8fenfmN5Fyrgn85rNPK/4OhJT2Jpjzq23yZg/a9HD92JHUCche28jVFERg5UA0/UfyRqv/fLZxTdPT+PumZDl6beAhLB5A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Stfj3n7KAlvha6uAZcHJCCsr1cz/2kK5OyLGA6fYaoc=; b=cOcKHviuE9x5y+q8e4c5ZGZ5KOxbDPTXjkls7jdAgdrpj5Q4u/B8mpQEsuvsA0g+Mp0/1t44lcLtE0DRwdXuMHFpnSh+biJyoFHnz7L2cghZYJGOccQcQxalj9WqdvDsictaLaDX/YFIQIhTWSxgKd+W9gqr6m7xzfL/IvrKA0NkHxkBiOQceWNQiDvwPLuycm++4eNTgdxCyYj1poUzDu4jSoJT2eIQZhEwAdh0sR/1l8X8sGjffGINoKr+ZNG9tJ68QqgVpYeBhMvmttYgC9Qc76IJHwJe9FTf22Z9A65z0vagjEKOqlt0W971jyKaKZivGXZErVcAYqi85ssI1Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seicmu.onmicrosoft.com; s=selector1-seicmu-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Stfj3n7KAlvha6uAZcHJCCsr1cz/2kK5OyLGA6fYaoc=; b=LWtrq5HmpzaVVVhLuNBR6irugCXZ/6n+xoMsXv0FXIVCDvsOjsFird/NJhCOflwAwL89Kbhl1KTME6Q7nT35XlaFlHKyJdFnY9SzNFMmcFeAUR+plGjUjMRkqFBxcjeBI/wKhW6zNfYHG241NIp3Ns6yQEtsKPsjyIakrQ+VB18=
Received: from PH1P110MB1116.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:174::12) by PH1P110MB1698.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:188::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4867.7; Mon, 10 Jan 2022 19:48:32 +0000
Received: from PH1P110MB1116.NAMP110.PROD.OUTLOOK.COM ([fe80::fd76:3c24:815b:6df5]) by PH1P110MB1116.NAMP110.PROD.OUTLOOK.COM ([fe80::fd76:3c24:815b:6df5%7]) with mapi id 15.20.4867.011; Mon, 10 Jan 2022 19:48:32 +0000
From: Roman Danyliw <rdd@cert.org>
To: "Zafar Ali (zali)" <zali@cisco.com>, The IESG <iesg@ietf.org>
CC: "draft-ietf-6man-spring-srv6-oam@ietf.org" <draft-ietf-6man-spring-srv6-oam@ietf.org>, "6man-chairs@ietf.org" <6man-chairs@ietf.org>, "ipv6@ietf.org" <ipv6@ietf.org>, Ole Trøan <ot@cisco.com>
Subject: RE: Roman Danyliw's Discuss on draft-ietf-6man-spring-srv6-oam-11: (with DISCUSS and COMMENT)
Thread-Topic: Roman Danyliw's Discuss on draft-ietf-6man-spring-srv6-oam-11: (with DISCUSS and COMMENT)
Thread-Index: AQHXWBnWIla058SWaUGeTBA0jgUMgKsCi84AgRidM4CAQtyVEA==
Date: Mon, 10 Jan 2022 19:48:31 +0000
Message-ID: <PH1P110MB1116B9E7AC342F8B1A02004EDC509@PH1P110MB1116.NAMP110.PROD.OUTLOOK.COM>
References: <162268458965.17417.7198325134163157667@ietfa.amsl.com> <C13F1532-00A1-4787-8846-32D7EDE6F304@cisco.com> <0F524F6D-5E23-48F6-9D1D-685E67BE97E7@cisco.com>
In-Reply-To: <0F524F6D-5E23-48F6-9D1D-685E67BE97E7@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 43972bf1-a7c3-45d4-3be8-08d9d4722e82
x-ms-traffictypediagnostic: PH1P110MB1698:
x-microsoft-antispam-prvs: <PH1P110MB169805B608C5AC6EA66C1700DC509@PH1P110MB1698.NAMP110.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: k6Yvt87zHBO52vzQVu/9c4zzjn6Pl8NhqUtVPD9Z/pzoTTudz5iP/GPODuzaYaOEgSoxUs3S6rZmIUpwcSSBxP10++bzvT3+KqwP8NNTDWRm1rnRNqi/xeqTWkJ8DJ+b323/9TMR+Oi6yTBYpAAy88JpY0T+pbUeFR5fk2Pjbq75CZiVxX7fJdjLqYXWRF7kL09EcoSAbJ/LqdV2xETHFONrDNaKcYiu6rm/8bjxHH04pBuMLrD+/q8xBTDseXjFkP3HGSiyLwZ6qjt5SVzyiHtZ/1KNHLvk337KDBVZG8Ysy6R1WWumjKi13Clz9X01A3T5dMECJqd1JtRdJ6YI+pT4DDfdSJq+Mu/f4dPNyMx8+ILGXNJPWt4fAtx43E22yR10lc2btXx+muTgKI7raQKl4pVppOwzEjWbeIQcYeJ5JzGWm8A0lJG+gD1ZkXpyN0SGW4lNojXp5pYZZZgyzWXyGR9yNyt8zUSTzYtLWPMZ+0ck1SzOUDZUsMpGvYbRkljm6tOGMzUN+D21ZFbODNSJ07kFQ0Q7P8kZVf5U01ZTdHfyNlwaFYlQu/i28G1ebThzyu4iiH4w2xhMadwLArkv+Sc7cCYPBCcKpoL2uDp14XWfJX8tABnJkOaH7qDWCd69daOdnLhDQirguA4vsi/zDIE2Ne3TrXVewuZmtrGw2qTGWocEu83UfbCZwNdF/qPucTkQlCvI3hMiHdQ9Dw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH1P110MB1116.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(366004)(8936002)(186003)(8676002)(66556008)(26005)(82960400001)(5660300002)(7696005)(2906002)(52536014)(64756008)(66446008)(33656002)(6506007)(53546011)(55016003)(83380400001)(66574015)(9686003)(21615005)(76116006)(38070700005)(71200400001)(166002)(86362001)(66476007)(38100700002)(54906003)(110136005)(122000001)(4326008)(66946007)(966005)(508600001)(316002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: jWWg3p/XQWdz0ajTMlQydwSlXi1sxkSmVIhyslBRlzJTdccVw4PT5KjlHUCmaLrcu2xzkoHOSPW/hpMNAqKeOEHPAME+be1K+bln59g9jC/agRaIfKTFSbTqsIcmWrcOq7nBDQ8zQnd5nNoyPugBhA==
Content-Type: multipart/alternative; boundary="_000_PH1P110MB1116B9E7AC342F8B1A02004EDC509PH1P110MB1116NAMP_"
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH1P110MB1116.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 43972bf1-a7c3-45d4-3be8-08d9d4722e82
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Jan 2022 19:48:31.9968 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH1P110MB1698
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/gAW4j4Ib6eT73zCCr8waQ_wqCn8>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Jan 2022 19:49:55 -0000

Hi Zafar!

Thanks for the revisions in -12.  They address my DISCUSS and COMMENTs feedback.  I’ve cleared my ballot.

Roman

From: Zafar Ali (zali) <zali@cisco.com>
Sent: Monday, November 29, 2021 1:45 AM
To: Roman Danyliw <rdd@cert.org>; The IESG <iesg@ietf.org>
Cc: draft-ietf-6man-spring-srv6-oam@ietf.org; 6man-chairs@ietf.org; ipv6@ietf.org; Ole Trøan <ot@cisco.com>; Zafar Ali (zali) <zali@cisco.com>
Subject: Re: Roman Danyliw's Discuss on draft-ietf-6man-spring-srv6-oam-11: (with DISCUSS and COMMENT)

Hi Roman,

Many thanks for your detailed review and the suggested text; highly appreciated!
I am sorry for the late follow-up on these comments (due to some personal reasons)

We have addressed your comments in the revision 12 (https://datatracker.ietf.org/doc/html/draft-ietf-6man-spring-srv6-oam-12)
Summary of how your comments are addressed is as follows:


  *   A section on “Privacy Considerations” has been added with the text suggested by you; Thanks!
  *   We have updated the security section with the text suggested by you

Please also see details in-lined with [ZA]

Thanks

Regards … Zafar


From: Roman Danyliw via Datatracker <noreply@ietf.org<mailto:noreply@ietf.org>>
Reply-To: Roman Danyliw <rdd@cert.org<mailto:rdd@cert.org>>
Date: Wednesday, June 2, 2021 at 9:43 PM
To: The IESG <iesg@ietf.org<mailto:iesg@ietf.org>>
Cc: "draft-ietf-6man-spring-srv6-oam@ietf.org<mailto:draft-ietf-6man-spring-srv6-oam@ietf.org>" <draft-ietf-6man-spring-srv6-oam@ietf.org<mailto:draft-ietf-6man-spring-srv6-oam@ietf.org>>, "6man-chairs@ietf.org<mailto:6man-chairs@ietf.org>" <6man-chairs@ietf.org<mailto:6man-chairs@ietf.org>>, "ipv6@ietf.org<mailto:ipv6@ietf.org>" <ipv6@ietf.org<mailto:ipv6@ietf.org>>, "ot@cisco.com<mailto:ot@cisco.com>" <ot@cisco.com<mailto:ot@cisco.com>>, "ot@cisco.com<mailto:ot@cisco.com>" <ot@cisco.com<mailto:ot@cisco.com>>
Subject: Roman Danyliw's Discuss on draft-ietf-6man-spring-srv6-oam-11: (with DISCUSS and COMMENT)
Resent-From: <alias-bounces@ietf.org<mailto:alias-bounces@ietf.org>>
Resent-To: <satoru.matsushima@g.softbank.co.jp<mailto:satoru.matsushima@g.softbank.co.jp>>, <zali@cisco.com<mailto:zali@cisco.com>>, <cfilsfil@cisco.com<mailto:cfilsfil@cisco.com>>, <daniel.voyer@bell.ca<mailto:daniel.voyer@bell.ca>>, <mach.chen@huawei.com<mailto:mach.chen@huawei.com>>
Resent-Date: Wednesday, June 2, 2021 at 9:43 PM

Roman Danyliw has entered the following ballot position for
draft-ietf-6man-spring-srv6-oam-11: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-6man-spring-srv6-oam/



----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------

The privacy implications of the O-flag needs to be more clearly articulated.
It provides a dual use capability -- there is tangible benefit for OAM use
cases, but also reduces the friction for surveillance uses cases.

The SECDIR review
(https://mailarchive.ietf.org/arch/msg/secdir/FeTu7x7-okw7w7-T6dZRFhJHpAo/)
pointed this out in -09.  The changes made to the Security Considerations in
-10 were helpful, but primarily focused on reiterating the security assumptions
of the SR domain boundary and the degree of protection of the SRH.

My recommendation would be for an explicit Privacy Considerations section with
the following (approximate) text:

NEW
7.  Privacy Considerations

The per-packet marking capabilities of the O-flag provides a granular mechanism
to collect telemetry.  When this collection is deployed by an operator with
knowledge and consent of the users, it will enable a variety of diagnostics and
monitoring to support the OAM and security operations use cases needed for
resilient network operations.  However, this collection mechanism will also
provide an explicit protocol mechanism to operators for surveillance and
pervasive monitoring use cases done contrary to the users’ consent.

[ZA] We have added section on privacy consideration with the above mentioned text suggested by you. Thanks!

----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

Thank you to Dan Harkins for the SECDIR review.

** Section 5.  Even with the trust assumptions of the SR domain, it would be
worth mentioning that:

The security properties of the channel used to send exported packets marked by
the O-flag will depend on the specific OAM processes used.  An on-path attacker
able to observe this OAM channel could conduct traffic analysis, or potentially
eavesdropping (depending on the OAM configuration), of this telemetry for the
entire SR domain from such a vantage point.

[ZA] The security consideration section has been updated with your prosed text. Thanks!


** Section 5.  Per “Additionally, SRH Flags are protected by the HMAC TLV, as
described in Section 2.1.2.1 of [RFC8754]”, I didn’t follow to what this was
referring to.  Also, isn’t this TLV optional?

[ZA] RFC8754 includes SRH.flags field in the HMAC computation. Please see https://datatracker.ietf.org/doc/html/rfc8754#section-2.1.2.1. However, you are right, the use of HMAC in a deployment is optional.

v2.43.4 | Report a Bug | By Email | System Status