[Isis-wg] new revision of draft-ietf-isis-pcr

János Farkas <janos.farkas@ericsson.com> Fri, 18 September 2015 10:34 UTC

Return-Path: <Janos.Farkas@ericsson.com>
X-Original-To: isis-wg@ietfa.amsl.com
Delivered-To: isis-wg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 877781ACE84 for <isis-wg@ietfa.amsl.com>; Fri, 18 Sep 2015 03:34:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.9
X-Spam-Level:
X-Spam-Status: No, score=-3.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TIcbJZbDhFUN for <isis-wg@ietfa.amsl.com>; Fri, 18 Sep 2015 03:34:20 -0700 (PDT)
Received: from sesbmg23.ericsson.net (sesbmg23.ericsson.net [193.180.251.37]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0F5E41ACE9C for <isis-wg@ietf.org>; Fri, 18 Sep 2015 03:34:06 -0700 (PDT)
X-AuditID: c1b4fb25-f79a26d00000149a-2e-55fbe89d65a9
Received: from ESESSHC018.ericsson.se (Unknown_Domain [153.88.253.124]) by sesbmg23.ericsson.net (Symantec Mail Security) with SMTP id 95.92.05274.D98EBF55; Fri, 18 Sep 2015 12:34:05 +0200 (CEST)
Received: from [159.107.143.199] (153.88.183.153) by smtp.internal.ericsson.com (153.88.183.74) with Microsoft SMTP Server id 14.3.248.2; Fri, 18 Sep 2015 12:34:04 +0200
Message-ID: <55FBE89C.6030308@ericsson.com>
Date: Fri, 18 Sep 2015 12:34:04 +0200
From: =?UTF-8?B?SsOhbm9zIEZhcmthcw==?= <janos.farkas@ericsson.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0
MIME-Version: 1.0
To: <isis-wg@ietf.org>
References: <48E1A67CB9CA044EADFEAB87D814BFF6448CB62C@eusaamb107.ericsson.se> <55E9B74E.3060407@ericsson.com>
In-Reply-To: <55E9B74E.3060407@ericsson.com>
Content-Type: multipart/alternative; boundary="------------050301080205060901080905"
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrOLMWRmVeSWpSXmKPExsUyM+Jvje7cF79DDdoPC1gcPfSe1YHRY8mS n0wBjFFcNimpOZllqUX6dglcGRtflxQ87WGquHdgAVsD444rjF2MnBwSAiYSvRNnskPYYhIX 7q1n62Lk4hASOMoo0TltApSzllFi2oN/zCBVvALaEkvaTjF1MXJwsAioSnz7og0SZhNwkuhf cJoFxBYViJI4uuQqO0S5oMTJmU/A4iJAC96v6gQbIyygIzF3K8RiIYFcie+n9rGBjOQEivfP dAcJMwuESbTe+s8GUaIm8entQ/YJjPyzkEydhaQMwraQWPzmIDuELS/RvHU2M4StIbHgzj5G ZPEFjGyrGEWLU4uTctONjPVSizKTi4vz8/TyUks2MQJD9uCW36o7GC+/cTzEKMDBqMTDq1Dw O1SINbGsuDL3EKM0B4uSOG8z04NQIYH0xJLU7NTUgtSi+KLSnNTiQ4xMHJxSDYzNlx7KTPsb 59Zz7rTmqkbrmPdvVgcem31shuqfjq3TLac2/n/jsMXvT/sWhsP3sz/8+SuZJyj9dspzo6yW eNlni5/bmyZ8U7FcElJ+2Gh+RLhr24SjLDKTA6/Oa7gpOW12hIPP3I3HT55N2v7qyTP25xvC jZYky80xeJaRqyOroXpg5dFmq/gAJZbijERDLeai4kQAh+4khzoCAAA=
Archived-At: <http://mailarchive.ietf.org/arch/msg/isis-wg/ptR5KT-xInMidY7aTNQH9W4dGJY>
Subject: [Isis-wg] new revision of draft-ietf-isis-pcr
X-BeenThere: isis-wg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF IS-IS working group <isis-wg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/isis-wg/>
List-Post: <mailto:isis-wg@ietf.org>
List-Help: <mailto:isis-wg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Sep 2015 10:34:23 -0000

Hi,

The draft has been updated according to the comments received during WG 
Last Call. The new revision is available at: 
https://tools.ietf.org/html/draft-ietf-isis-pcr-02.

Thanks and regards,
Janos


On 9/4/2015 5:22 PM, János Farkas wrote:
> Hi Eric,
>
> Thank you very much for your review and comments!
>
> On 9/2/2015 9:39 PM, Eric Gray wrote:
>>
>> Authors,
>>
>> I have the following comments on the draft…
>>
>> We start section 4 with the statement: “An explicit tree is 
>> determined by a Path Computation
>>
>> Element (PCE) …”
>>
>> I believe that explicit trees may be determined without using a PCE, 
>> even if we might prefer
>>
>> to use a PCE.  One could, for example, construct one on paper.
>>
> I agree.
>
>>
>> I suspect we could say:
>>
>> -“Explicit trees may be determined in some fashion.  For example, an 
>> explicit tree may be
>>
>> determined by a Path Computation Element (PCE) [_RFC4655_].  A PCE is 
>> an entity that is
>>
>> capable of computing a topology for forwarding based on a network 
>> topology, its
>>
>> corresponding attributes, and potential constraints.  If a PCE is 
>> used, it MUST explicitly
>>
>> describe a forwarding tree as described in _Section 6.1_. Either a 
>> single PCE or multiple
>>
>> PCEs determine explicit trees for a domain.  Even if there are 
>> multiple PCEs in a domain,
>>
>> each explicit tree MUST be determined only by one PCE, which is 
>> referred to as the owner
>>
>> PCE of that tree.  PCEs and IS-IS PCR can  be used in combination 
>> with IS-IS shortest path
>>
>> bridging.
>>
>> “The remainder of this section, and subsequent sections, are written 
>> assuming PCE use.”
>>
>> A few minor points (reflected in the above re-wording):
>>
>> -“MUST be only determined by one PCE” is awkward (implies everything 
>> else has to be done by
>>
>> another PCE).
>>
>> -“SPB shortest path routing” is either redundant or incorrect.
>>
>> -It would  be very difficult to re-write the section to avoid 
>> dependence on PCE, but I suspect a
>>
>> statement to the effect that PCE is assumed will allow it to be read 
>> without loss of generality.
>>
>> -I left out the bit about not being required to follow shortest path 
>> as this seems obvious.
>>
> I agree with the wording you propose.
> I will update the text according to your proposal if there are no 
> further comments on it.
>
>
>> I am not sure how the second paragraph in the security considerations 
>> section is related to security, as
>>
>> it is currently worded.
>>
>> As I understand it, the issue that the paragraph aims to address has 
>> to do with a vulnerability that may
>>
>> exist when multiple PCEs are used and may be independently managed.  
>> In particular, the */importance/*
>>
>> parameter could be used maliciously by one PCE to ensure that it gets 
>> reservations.
>>
>> This is simply one variation of a general PCE issue; an independently 
>> managed, non-cooperating PCE is
>>
>> indistinguishable from a */PCE impersonation/* (in the sense used in 
>> the Security Considerations section of
>>
>> RFC 4655).
>>
> I agree with your points.
> I agree that referring to PCE security considerations of RFC 4655 is 
> missing; and adding it makes the security considerations more generic 
> and thus covering the particular case pointed on in the current version.
>
>> We may want to consider replacing the current second paragraph with 
>> the following two paragraphs.
>>
>> Any mechanism that chooses forwarding paths, and allocates resources 
>> to those paths, is potentially
>>
>> vulnerable to attack.  The security considerations section of RFC 
>> 4655 describes the risks associated
>>
>> with the use of PCE for this purpose and should be referred to.  Use 
>> of any other means to determine
>>
>> paths should only be used after considering similar concerns.
>>
>> Because the mechanism assumed for distributing tree information 
>> relies on IS-IS routing, IS-IS routing
>>
>> security considerations (Section 6, RFC 1195) and mechanisms (e.g. – 
>> RFC 5310)  used to authenticate
>>
>> peer advertisements apply.
>>
> I will replace the second paragraph with these ones you suggested if 
> there are no further comments.
>
> Thank you and regards,
> Janos
>
>
>> --
>>
>> Eric
>>
>> *Subject: *
>>
>> 	
>>
>> [Isis-wg] WG Last Call for for draft-ietf-isis-pcr
>>
>> *Date: *
>>
>> 	
>>
>> Mon, 24 Aug 2015 09:54:27 -0400
>>
>> *From: *
>>
>> 	
>>
>> Christian Hopps <chopps@chopps.org> <mailto:chopps@chopps.org>
>>
>> *To: *
>>
>> 	
>>
>> ISIS-WG <isis-wg@ietf.org> <mailto:isis-wg@ietf.org>
>>
>> *CC: *
>>
>> 	
>>
>> Hannes Gredler <hannes@gredler.at> <mailto:hannes@gredler.at>
>>
>> Hi Folks,
>>   
>> We are starting a WG Last Call on the following draft.
>>   
>> “IS-IS Path Computation and Reservation”
>> https://datatracker.ietf.org/doc/draft-ietf-isis-pcr/
>>   
>> The LC is set to expire 3 weeks from now (allowing for common vacation
>> time) on Monday, September 14, 2015.
>>   
>> Thanks,
>> Chris & Hannes.
>>   
>> _______________________________________________
>> Isis-wg mailing list
>> Isis-wg@ietf.org  <mailto:Isis-wg@ietf.org>
>> https://www.ietf.org/mailman/listinfo/isis-wg
>>
>
>
>
> _______________________________________________
> Isis-wg mailing list
> Isis-wg@ietf.org
> https://www.ietf.org/mailman/listinfo/isis-wg