Re: [Isis-wg] [karp] FW: I-D Action: draft-chunduri-karp-is-is-gap-analysis-02.txt

[Uma Chunduri <uma.chunduri@ericsson.com>]

Les,

Your point is valid and it is relevant to mention the what ever current recovery mechanism we have in the face of the attack. 
This is precisely one of the  goals of the document and we will take this comment.

-- 
Uma C. 

PS: The link you mentioned below is regarding the partial deployment issue you pointed out (with ESN TLV draft) and you know 
we are working with you on that as we speak.



-----Original Message-----
From: karp-bounces@ietf.org [mailto:karp-bounces@ietf.org] On Behalf Of Les Ginsberg (ginsberg)
Sent: Sunday, October 07, 2012 1:46 PM
To: isis-wg@ietf.org; karp@ietf.org
Subject: Re: [karp] [Isis-wg] FW: I-D Action: draft-chunduri-karp-is-is-gap-analysis-02.txt

The draft fails to mention (Section 2.3.1(2)) that the mechanisms defined in the IS-IS base specification (ISO 10589) provide for efficient recovery from all LSP replay attacks - including inter-session replay. 
This is particularly disappointing in that this point has been discussed at some length in the context of  draft-chunduri-isis-extended-sequence-no-tlv. Please see:

http://www.ietf.org/mail-archive/web/isis-wg/current/msg03023.html


   Les


> -----Original Message-----
> From: isis-wg-bounces@ietf.org [mailto:isis-wg-bounces@ietf.org] On 
> Behalf Of Adrian Farrel
> Sent: Saturday, October 06, 2012 3:02 AM
> To: isis-wg@ietf.org
> Subject: [Isis-wg] FW: I-D Action: 
> draft-chunduri-karp-is-is-gap-analysis-
> 02.txt
> 
> Heads up
> 
> > -----Original Message-----
> > From: i-d-announce-bounces@ietf.org 
> > [mailto:i-d-announce-bounces@ietf.org]
> > On Behalf Of internet-drafts@ietf.org
> > Sent: 05 October 2012 19:02
> > To: i-d-announce@ietf.org
> > Subject: I-D Action: draft-chunduri-karp-is-is-gap-analysis-02.txt
> >
> >
> > A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
> >
> >
> > 	Title           : KARP IS-IS security gap analysis
> > 	Author(s)       : Uma Chunduri
> >                           Albert Tian
> >                           Wenhu Lu
> > 	Filename        : draft-chunduri-karp-is-is-gap-analysis-02.txt
> > 	Pages           : 12
> > 	Date            : 2012-10-05
> >
> > Abstract:
> >    This document analyzes the threats applicable for Intermediate system
> >    to Intermediate system (IS-IS) routing protocol and security gaps
> >    according to the KARP Design Guide.  This document also provides
> >    specific requirements to address the gaps with both manual and auto
> >    key management protocols.
> >
> >
> > The IETF datatracker status page for this draft is:
> > https://datatracker.ietf.org/doc/draft-chunduri-karp-is-is-gap-analy
> > sis
> >
> > There's also a htmlized version available at:
> > http://tools.ietf.org/html/draft-chunduri-karp-is-is-gap-analysis-02
> >
> > A diff from the previous version is available at:
> > http://www.ietf.org/rfcdiff?url2=draft-chunduri-karp-is-is-gap-analy
> > sis-02
> >
> >
> > Internet-Drafts are also available by anonymous FTP at:
> > ftp://ftp.ietf.org/internet-drafts/
> >
> > _______________________________________________
> > I-D-Announce mailing list
> > I-D-Announce@ietf.org
> > https://www.ietf.org/mailman/listinfo/i-d-announce
> > Internet-Draft directories: http://www.ietf.org/shadow.html or 
> > ftp://ftp.ietf.org/ietf/1shadow-sites.txt
> 
> _______________________________________________
> Isis-wg mailing list
> Isis-wg@ietf.org
> https://www.ietf.org/mailman/listinfo/isis-wg
_______________________________________________
karp mailing list
karp@ietf.org
https://www.ietf.org/mailman/listinfo/karp