Re: [Isis-wg] Mirja Kühlewind's No Objection on draft-ietf-isis-remaining-lifetime-03: (with COMMENT)
"Les Ginsberg (ginsberg)" <ginsberg@cisco.com> Mon, 15 August 2016 19:35 UTC
Return-Path: <ginsberg@cisco.com>
X-Original-To: isis-wg@ietfa.amsl.com
Delivered-To: isis-wg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F32212D5A4; Mon, 15 Aug 2016 12:35:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.768
X-Spam-Level:
X-Spam-Status: No, score=-15.768 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.247, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q8oaoNOpf85m; Mon, 15 Aug 2016 12:35:35 -0700 (PDT)
Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E9D4412D096; Mon, 15 Aug 2016 12:35:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3860; q=dns/txt; s=iport; t=1471289735; x=1472499335; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=M++5IHU/dLveobCuAn+ofJ2eRCtBlEz7Bm0f7OmjMTk=; b=WdKRUuhSOxIMFkUh9oBMkwC4ZuW30RPvSYu48pmtimINRYzxG7Xb7CPQ IbrgTid6EcLshkPtlYdfb6hLEbDbgLNhtVlMBnyqFQtW8luIwB+G7qfkQ DEDLRDQI/xNB4UXiKYujmTTEasD0iqPh18Ahnz23ATIg+syRNgrP08JIm Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CzBAAWGbJX/4wNJK1eg0VWfAe0foIwgg+BfSSFeQIcgTU4FAIBAQEBAQEBXieEXgEBBAEjBA1FBQcEAgEIDgMEAQEDAiMDAgICMBQBBQMIAgQBDQUIiCEIDq1TkC8BAQEBAQEBAQEBAQEBAQEBAQEBAQEXBYEBhSmETYQSEQEzgmqCWgWIKJEWAYYdiHGBcoRbiH2GZIVTg3cBHjaCRYE1bgGFbTd/AQEB
X-IronPort-AV: E=Sophos;i="5.28,526,1464652800"; d="scan'208";a="137901186"
Received: from alln-core-7.cisco.com ([173.36.13.140]) by rcdn-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 15 Aug 2016 19:35:33 +0000
Received: from XCH-ALN-001.cisco.com (xch-aln-001.cisco.com [173.36.7.11]) by alln-core-7.cisco.com (8.14.5/8.14.5) with ESMTP id u7FJZX9W028754 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 15 Aug 2016 19:35:33 GMT
Received: from xch-aln-001.cisco.com (173.36.7.11) by XCH-ALN-001.cisco.com (173.36.7.11) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Mon, 15 Aug 2016 14:35:33 -0500
Received: from xch-aln-001.cisco.com ([173.36.7.11]) by XCH-ALN-001.cisco.com ([173.36.7.11]) with mapi id 15.00.1210.000; Mon, 15 Aug 2016 14:35:33 -0500
From: "Les Ginsberg (ginsberg)" <ginsberg@cisco.com>
To: Mirja Kuehlewind <ietf@kuehlewind.net>, The IESG <iesg@ietf.org>
Thread-Topic: Mirja Kühlewind's No Objection on draft-ietf-isis-remaining-lifetime-03: (with COMMENT)
Thread-Index: AQHR9ypQ9sgKnf6apEqgCRT44dcubKBKZy6Q
Date: Mon, 15 Aug 2016 19:35:33 +0000
Message-ID: <e651513df2a94828a16112d0a5e8773b@XCH-ALN-001.cisco.com>
References: <147128892377.31567.13471988230474089464.idtracker@ietfa.amsl.com>
In-Reply-To: <147128892377.31567.13471988230474089464.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.24.26.146]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/isis-wg/XCtXx3O9If8gxnhMJWtpze2sctU>
Cc: "isis-wg@ietf.org" <isis-wg@ietf.org>, "chopps@chopps.org" <chopps@chopps.org>, "isis-chairs@ietf.org" <isis-chairs@ietf.org>, "draft-ietf-isis-remaining-lifetime@ietf.org" <draft-ietf-isis-remaining-lifetime@ietf.org>
Subject: Re: [Isis-wg] Mirja Kühlewind's No Objection on draft-ietf-isis-remaining-lifetime-03: (with COMMENT)
X-BeenThere: isis-wg@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF IS-IS working group <isis-wg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/isis-wg/>
List-Post: <mailto:isis-wg@ietf.org>
List-Help: <mailto:isis-wg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Aug 2016 19:35:37 -0000
Mirja - Thanx for your comments. Inline. > -----Original Message----- > From: Mirja Kuehlewind [mailto:ietf@kuehlewind.net] > Sent: Monday, August 15, 2016 12:22 PM > To: The IESG > Cc: draft-ietf-isis-remaining-lifetime@ietf.org; Christian Hopps; isis- > chairs@ietf.org; chopps@chopps.org; isis-wg@ietf.org > Subject: Mirja Kühlewind's No Objection on draft-ietf-isis-remaining-lifetime- > 03: (with COMMENT) > > Mirja Kühlewind has entered the following ballot position for > draft-ietf-isis-remaining-lifetime-03: No Objection > > When responding, please keep the subject line intact and reply to all email > addresses included in the To and CC lines. (Feel free to cut this introductory > paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-isis-remaining-lifetime/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Two small comments: > 1) Maybe explain briefly also in this doc what ZeroAgeLifetime is; that would > be helpful! [Les:] ISO10589 is the base specification for IS-IS which is explicitly referenced in the draft. It defines ZeroAgeLifetime - as well as many other aspects of LSPs and the operation of the protocol Update Process. I have a strong bias against explaining functionality which is defined by a referenced specification. There are only two possible outcomes: a)The explanation is 100% consistent with the reference - in which case the text is redundant. b)The explanation is either not consistent or subject to misinterpretation - in which case we have unnecessarily introduced ambiguity. So I do not want to add any such explanation. > 2) You write: > „Retention of stale LSPs therefore has no negative side effects other than > requiring additional memory for the LSPDB.“ -> Can this lead to a memory > exhaustion attack instead? Should this be discussed in the security section? > [Les:] In the existing world LSPs are retained in the database after they are purged. The draft does not change this behavior other than to extend the period during which stale LSPs would be retained by a maximum of 18 hours - and only then in a pathological case. From an attack perspective, an attacker cannot introduce new LSPs, they can only cause existing LSPs to be purged prematurely - so we are in fact guaranteeing the expected behavior we should see in the absence of an attack. Therefore I do not see that this introduces a memory exhaustion attack. Les
- Re: [Isis-wg] Mirja Kühlewind's No Objection on d… Les Ginsberg (ginsberg)
- [Isis-wg] Mirja Kühlewind's No Objection on draft… Mirja Kuehlewind