RE: Adoption Call for "The IPv6 Compact Routing Header (CRH)"

"Xiejingrong (Jingrong)" <xiejingrong@huawei.com> Sat, 16 May 2020 08:18 UTC

Return-Path: <xiejingrong@huawei.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 75FA73A093C for <ipv6@ietfa.amsl.com>; Sat, 16 May 2020 01:18:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.003
X-Spam-Level:
X-Spam-Status: No, score=0.003 tagged_above=-999 required=5 tests=[HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OwL4WzspTTTF for <ipv6@ietfa.amsl.com>; Sat, 16 May 2020 01:18:38 -0700 (PDT)
Received: from huawei.com (lhrrgout.huawei.com [185.176.76.210]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8908A3A0844 for <ipv6@ietf.org>; Sat, 16 May 2020 01:18:38 -0700 (PDT)
Received: from lhreml728-chm.china.huawei.com (unknown [172.18.7.108]) by Forcepoint Email with ESMTP id 92BAA77C79190316BBAA; Sat, 16 May 2020 09:18:35 +0100 (IST)
Received: from nkgeml708-chm.china.huawei.com (10.98.57.160) by lhreml728-chm.china.huawei.com (10.201.108.79) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1913.5; Sat, 16 May 2020 09:18:34 +0100
Received: from nkgeml705-chm.china.huawei.com (10.98.57.154) by nkgeml708-chm.china.huawei.com (10.98.57.160) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1913.5; Sat, 16 May 2020 16:18:32 +0800
Received: from nkgeml705-chm.china.huawei.com ([10.98.57.154]) by nkgeml705-chm.china.huawei.com ([10.98.57.154]) with mapi id 15.01.1913.007; Sat, 16 May 2020 16:18:32 +0800
From: "Xiejingrong (Jingrong)" <xiejingrong@huawei.com>
To: Mark Smith <markzzzsmith@gmail.com>
CC: Bob Hinden <bob.hinden@gmail.com>, IPv6 List <ipv6@ietf.org>
Subject: RE: Adoption Call for "The IPv6 Compact Routing Header (CRH)"
Thread-Topic: Adoption Call for "The IPv6 Compact Routing Header (CRH)"
Thread-Index: AQHWKwY/0UFCZZD8rUe0wQlW37HacqiqAKIQ//+AqoCAANIfoA==
Date: Sat, 16 May 2020 08:18:32 +0000
Message-ID: <24b140e4f15a41ceb3de9f91cde35e74@huawei.com>
References: <19D30186-B180-4F65-BF00-7AD07CEF3925@gmail.com> <92cff01e5eeb4a1e85357e61c8ca63fd@huawei.com> <CAO42Z2zq4=QS7=NwnYtshf8rOUym+axC-F54ZnJxJs7jM8RP-w@mail.gmail.com>
In-Reply-To: <CAO42Z2zq4=QS7=NwnYtshf8rOUym+axC-F54ZnJxJs7jM8RP-w@mail.gmail.com>
Accept-Language: en-US, zh-CN
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.45.163.108]
Content-Type: multipart/alternative; boundary="_000_24b140e4f15a41ceb3de9f91cde35e74huaweicom_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/ru_jfr8ACdbs50l4ZGzNdrMNrPI>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 16 May 2020 08:18:40 -0000

Hi Mark
Thanks for the introduction of RFC4193.
The RFC8754 boundary security mechanism is still unique IMO.
The IPv6 ULA is just a candidate element of the mechanism, instead of the mechanism itself.

Thanks
Jingrong

From: Mark Smith [mailto:markzzzsmith@gmail.com]
Sent: Saturday, May 16, 2020 11:05 AM
To: Xiejingrong (Jingrong) <xiejingrong@huawei.com>
Cc: Bob Hinden <bob.hinden@gmail.com>om>; IPv6 List <ipv6@ietf.org>
Subject: Re: Adoption Call for "The IPv6 Compact Routing Header (CRH)"


On Sat, 16 May 2020, 12:43 Xiejingrong (Jingrong), <xiejingrong@huawei.com<mailto:xiejingrong@huawei.com>> wrote:
Hi WG,
My main concern is the security aspect.
It has been in discussion in another thread "Questions regarding the security mechanisms".
Hope it could be carefully considered and discussed, especially there is the painful example of RH0 deprecated by RFC5095.
There is of course RFC6554 and RFC8754 which is designed later after the deprecation and which could be carefully learned and referenced.

Ole said and repeated that "In fact I don't see how the CRH draft prevents the RFC5095 attack to happen inside of the CRH limited domain."
https://mailarchive.ietf.org/arch/msg/ipv6/UyXsGeI7IDM9_Z1lipG70gIzTLY/

I was even worried about whether such attack could happen from Internet if there is no mandatory and deployable security mechanism on the wide boundary of a network.

Brian observed the "limited-domain" pattern that is widely used in modern protocol design and put the heavy emphasis on the domain boundary security.
https://tools.ietf.org/html/draft-carpenter-limited-domains-13

The RFC8754 section 5.1 IMO is the only boundary security mechanism operable/controllable/deployable so far I've seen for an IPv6 network that is widely connected to Internet.
Please correct me if you have some other better ones.
https://tools.ietf.org/html/rfc8754

RFC4193, a limited domain and local network only address space.

See also slide 50.

"Getting IPv6 Private Addressing Right"
https://www.ausnog.net/sites/default/files/ausnog-2019/presentations/2.3_Mark_Smith_AusNOG2019.pdf





BTW:
I don't think it deserved to throw away everything that SRv6/SRH have worked out (e.g., the RFC8754 section 5.1) just to claim the independence on them.
I have an I-D of IPv6-EH using many of the design patterns of SRv6/SRH with a reference to RFC8754 but I still insist and show its independent part.

Thanks and Best wishes,
Jingrong

-----Original Message-----
From: ipv6 [mailto:ipv6-bounces@ietf.org<mailto:ipv6-bounces@ietf.org>] On Behalf Of Bob Hinden
Sent: Saturday, May 16, 2020 6:14 AM
To: IPv6 List <ipv6@ietf.org<mailto:ipv6@ietf.org>>
Cc: Bob Hinden <bob.hinden@gmail.com<mailto:bob.hinden@gmail.com>>
Subject: Adoption Call for "The IPv6 Compact Routing Header (CRH)"

This message starts a two-week 6MAN call on adopting:

 Title:          The IPv6 Compact Routing Header (CRH)
 Authors:        R. Bonica, Y. Kamite, T. Niwa, A. Alston, L. Jalil
 File Name:      draft-bonica-6man-comp-rtg-hdr-21
 Document date:  2020-05-14

 https://tools.ietf.org/html/draft-bonica-6man-comp-rtg-hdr

as a working group item. Substantive comments regarding adopting this document should be directed to the mailing list.  Editorial suggestions can be sent to the authors.

Please note that this is an adoption call, it is not a w.g. last call for advancement, adoption means that it will become a w.g. draft.  As the working group document, the w.g. will decide how the document should change going forward.

This adoption call will end on 29 May 2020.

The chairs note there has been a lot of discussions on the list about this draft.   After discussing with our area directors, we think it is appropriate to start a working group adoption call.  The authors have been active in resolving issues raised on the list.

Could those who are willing to work on this document, either as contributors, authors or reviewers please notify the list.   That gives us an indication of the energy level in the working group
to work on this.

Regards,
Bob and Ole


--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org<mailto:ipv6@ietf.org>
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------