[Isis-wg] Review of draft-ietf-isis-extended-sequence-no-tlv-04
Nevil Brownlee <n.brownlee@auckland.ac.nz> Thu, 26 March 2015 16:47 UTC
Return-Path: <n.brownlee@auckland.ac.nz>
X-Original-To: expand-draft-ietf-isis-extended-sequence-no-tlv.all@virtual.ietf.org
Delivered-To: isis-wg@ietfa.amsl.com
Received: by ietfa.amsl.com (Postfix, from userid 65534) id C02921A88AF; Thu, 26 Mar 2015 09:47:06 -0700 (PDT)
X-Original-To: xfilter-draft-ietf-isis-extended-sequence-no-tlv.all@ietfa.amsl.com
Delivered-To: xfilter-draft-ietf-isis-extended-sequence-no-tlv.all@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 915141A87E0 for <xfilter-draft-ietf-isis-extended-sequence-no-tlv.all@ietfa.amsl.com>; Thu, 26 Mar 2015 09:47:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cM-173CO9o44 for <xfilter-draft-ietf-isis-extended-sequence-no-tlv.all@ietfa.amsl.com>; Thu, 26 Mar 2015 09:47:04 -0700 (PDT)
Received: from zinfandel.tools.ietf.org (zinfandel.tools.ietf.org [IPv6:2001:1890:123a::1:2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B3831A8897 for <draft-ietf-isis-extended-sequence-no-tlv.all@ietf.org>; Thu, 26 Mar 2015 09:46:51 -0700 (PDT)
Received: from mx2.auckland.ac.nz ([130.216.125.245]:51884) by zinfandel.tools.ietf.org with esmtps (TLS1.0:RSA_ARCFOUR_128_SHA1:128) (Exim 4.82_1-5b7a7c0-XX) (envelope-from <n.brownlee@auckland.ac.nz>) id 1YbAvh-0002KJ-Bm for draft-ietf-isis-extended-sequence-no-tlv.all@tools.ietf.org; Thu, 26 Mar 2015 09:46:51 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=uoa; t=1427388410; x=1458924410; h=message-id:date:from:mime-version:to:subject: content-transfer-encoding; bh=4GDF/LtMKgq3spIzLRN3vdKPYK4Ubcl4ZOKTs8Zuzj8=; b=GOexvpqLPJxpyYjDh13RbzxQRQ4bgmdmnCu14/tcG6HsAUftcwON/bIw kgHvn1YMvchpmOPyAZGZZH89DisiViInTVGh/vqBxBtVyLW+HM1PTvG2/ YhyOX5YQjlByoXQKXd2ixk0W8TiYvS4nl1o5koepl7tslNAY80xxgaCP7 w=;
X-IronPort-AV: E=Sophos;i="5.11,473,1422874800"; d="scan'208";a="317057606"
X-Ironport-HAT: None - $RELAY-AUTH
X-Ironport-Source: 31.133.142.198 - Outgoing - Outgoing-SSL
Received: from dhcp-8ec6.meeting.ietf.org (HELO [31.133.142.198]) ([31.133.142.198]) by mx2-int.auckland.ac.nz with ESMTP; 27 Mar 2015 05:46:34 +1300
Message-ID: <551437E7.9030406@auckland.ac.nz>
Date: Fri, 27 Mar 2015 05:46:31 +1300
From: Nevil Brownlee <n.brownlee@auckland.ac.nz>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:31.0) Gecko/20100101 Thunderbird/31.5.0
MIME-Version: 1.0
To: ops-dir@ietf.org, draft-ietf-isis-extended-sequence-no-tlv.all@tools.ietf.org
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-SA-Exim-Connect-IP: 130.216.125.245
X-SA-Exim-Rcpt-To: draft-ietf-isis-extended-sequence-no-tlv.all@tools.ietf.org
X-SA-Exim-Mail-From: n.brownlee@auckland.ac.nz
X-SA-Exim-Version: 4.2.1 (built Mon, 26 Dec 2011 16:24:06 +0000)
X-SA-Exim-Scanned: Yes (on zinfandel.tools.ietf.org)
Resent-To: draft-ietf-isis-extended-sequence-no-tlv.all@ietf.org
Resent-Message-Id: <20150326164654.3B3831A8897@ietfa.amsl.com>
Resent-Date: Thu, 26 Mar 2015 09:46:51 -0700
Resent-From: n.brownlee@auckland.ac.nz
Archived-At: <http://mailarchive.ietf.org/arch/msg/draft-ietf-isis-extended-sequence-no-tlv.all@tools/CzDO60_dreleGtNpKt0FmWdN5LQ>
Archived-At: <http://mailarchive.ietf.org/arch/msg/isis-wg/YvUmMDAlBZBkA_8IiDDXvVWgsyc>
X-Mailman-Approved-At: Sun, 29 Mar 2015 04:04:47 -0700
Subject: [Isis-wg] Review of draft-ietf-isis-extended-sequence-no-tlv-04
X-BeenThere: isis-wg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF IS-IS working group <isis-wg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/isis-wg/>
List-Post: <mailto:isis-wg@ietf.org>
List-Help: <mailto:isis-wg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Mar 2015 16:47:06 -0000
Hi all: I have reviewed this document as part of the Operational directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the operational area directors. Document editors and WG chairs should treat these comments just like any other last call comments. Overall, it seems fine to me. Abstract: "This document defines Extended Sequence number TLV to protect Intermediate System to Intermediate System (IS-IS) PDUs from replay attacks." Draft addresses Security concerns raised by the use of IS-IS in Data Centre environments, and by the use of SDN in Data Centres. "This document defines Extended Sequence number (ESN) TLV to protect Intermediate System to Intermediate System (IS-IS) PDUs from replay attacks." I presume that the ESSN will be given a random (but non-zero) when the router boots up, then increments from there? This is covered in detail in Appendix A, but perhaps a forward reference to that in section 3 would be helpful. Section 5 on Backward Compatibility and Deployment seems clear to me, and should help Operators to use this new feature. Cheers, Nevil Co-chair, EMAN WG -- --------------------------------------------------------------------- Nevil Brownlee Computer Science Department | ITS Phone: +64 9 373 7599 x88941 The University of Auckland FAX: +64 9 373 7453 Private Bag 92019, Auckland 1142, New Zealand
- [Isis-wg] Review of draft-ietf-isis-extended-sequ… Nevil Brownlee
- Re: [Isis-wg] Review of draft-ietf-isis-extended-… Alia Atlas
- Re: [Isis-wg] Review of draft-ietf-isis-extended-… Uma Chunduri