Re: [karp] [Isis-wg] FW: I-D Action: draft-chunduri-karp-is-is-gap-analysis-02.txt
"Les Ginsberg (ginsberg)" <ginsberg@cisco.com> Sun, 07 October 2012 20:46 UTC
Return-Path: <ginsberg@cisco.com>
X-Original-To: karp@ietfa.amsl.com
Delivered-To: karp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 059C621F870E; Sun, 7 Oct 2012 13:46:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.449
X-Spam-Level:
X-Spam-Status: No, score=-10.449 tagged_above=-999 required=5 tests=[AWL=0.150, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HzhEpg+HIDpf; Sun, 7 Oct 2012 13:46:09 -0700 (PDT)
Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) by ietfa.amsl.com (Postfix) with ESMTP id 076D121F86E5; Sun, 7 Oct 2012 13:46:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2830; q=dns/txt; s=iport; t=1349642769; x=1350852369; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=PyGDe4a8SP1H3t+brvo5hDQVj245b3P0+oaSTIgJQWk=; b=fGBcJ6Q6cFhyYfXL6bP/oLQ6ZuNvgig3rpVK69GOtSfOOrRJsl6PXv/j IGTnLk+o9/8Io3Mk1VsxyMbkMb/vpzF55Nl3HUYbuTzKVReT7YbOEBw8k m3h0IWmV9m/yDPM+gmPTV6AfSJ52TGf/0JUMtojAJbhwUocv3j/DZajZ0 4=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EAJTpcVCtJXG+/2dsb2JhbABFvyGBCIIgAQEBBAEBAQ8BJzQXBAIBCBEEAQELFAkHJwsUCAEIAgQBEggBGYdjC5kDnneLTxqFFmADlwCKEYMfgWmCbYFjNA
X-IronPort-AV: E=Sophos;i="4.80,548,1344211200"; d="scan'208";a="129191458"
Received: from rcdn-core2-3.cisco.com ([173.37.113.190]) by rcdn-iport-4.cisco.com with ESMTP; 07 Oct 2012 20:46:08 +0000
Received: from xhc-rcd-x03.cisco.com (xhc-rcd-x03.cisco.com [173.37.183.77]) by rcdn-core2-3.cisco.com (8.14.5/8.14.5) with ESMTP id q97Kk8ZB002967 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Sun, 7 Oct 2012 20:46:08 GMT
Received: from xmb-aln-x02.cisco.com ([169.254.5.217]) by xhc-rcd-x03.cisco.com ([173.37.183.77]) with mapi id 14.02.0318.001; Sun, 7 Oct 2012 15:46:08 -0500
From: "Les Ginsberg (ginsberg)" <ginsberg@cisco.com>
To: "isis-wg@ietf.org" <isis-wg@ietf.org>, "karp@ietf.org" <karp@ietf.org>
Thread-Topic: [Isis-wg] FW: I-D Action: draft-chunduri-karp-is-is-gap-analysis-02.txt
Thread-Index: AQH0YYvFe90q5LpjwaYD4fWye8XnA5dej//QgAJEdcA=
Date: Sun, 07 Oct 2012 20:46:08 +0000
Message-ID: <F3ADE4747C9E124B89F0ED2180CC814F1182E43B@xmb-aln-x02.cisco.com>
References: <20121005180149.3032.42028.idtracker@ietfa.amsl.com> <125001cda3a9$a0e69940$e2b3cbc0$@olddog.co.uk>
In-Reply-To: <125001cda3a9$a0e69940$e2b3cbc0$@olddog.co.uk>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.21.144.60]
x-tm-as-product-ver: SMEX-10.2.0.1135-7.000.1014-19250.001
x-tm-as-result: No--42.426500-8.000000-31
x-tm-as-user-approved-sender: No
x-tm-as-user-blocked-sender: No
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [karp] [Isis-wg] FW: I-D Action: draft-chunduri-karp-is-is-gap-analysis-02.txt
X-BeenThere: karp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion list for key management for routing and transport protocols <karp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/karp>, <mailto:karp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/karp>
List-Post: <mailto:karp@ietf.org>
List-Help: <mailto:karp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/karp>, <mailto:karp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Oct 2012 20:46:10 -0000
The draft fails to mention (Section 2.3.1(2)) that the mechanisms defined in the IS-IS base specification (ISO 10589) provide for efficient recovery from all LSP replay attacks - including inter-session replay. This is particularly disappointing in that this point has been discussed at some length in the context of draft-chunduri-isis-extended-sequence-no-tlv. Please see: http://www.ietf.org/mail-archive/web/isis-wg/current/msg03023.html Les > -----Original Message----- > From: isis-wg-bounces@ietf.org [mailto:isis-wg-bounces@ietf.org] On Behalf Of > Adrian Farrel > Sent: Saturday, October 06, 2012 3:02 AM > To: isis-wg@ietf.org > Subject: [Isis-wg] FW: I-D Action: draft-chunduri-karp-is-is-gap-analysis- > 02.txt > > Heads up > > > -----Original Message----- > > From: i-d-announce-bounces@ietf.org [mailto:i-d-announce-bounces@ietf.org] > > On Behalf Of internet-drafts@ietf.org > > Sent: 05 October 2012 19:02 > > To: i-d-announce@ietf.org > > Subject: I-D Action: draft-chunduri-karp-is-is-gap-analysis-02.txt > > > > > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > > > > > > Title : KARP IS-IS security gap analysis > > Author(s) : Uma Chunduri > > Albert Tian > > Wenhu Lu > > Filename : draft-chunduri-karp-is-is-gap-analysis-02.txt > > Pages : 12 > > Date : 2012-10-05 > > > > Abstract: > > This document analyzes the threats applicable for Intermediate system > > to Intermediate system (IS-IS) routing protocol and security gaps > > according to the KARP Design Guide. This document also provides > > specific requirements to address the gaps with both manual and auto > > key management protocols. > > > > > > The IETF datatracker status page for this draft is: > > https://datatracker.ietf.org/doc/draft-chunduri-karp-is-is-gap-analysis > > > > There's also a htmlized version available at: > > http://tools.ietf.org/html/draft-chunduri-karp-is-is-gap-analysis-02 > > > > A diff from the previous version is available at: > > http://www.ietf.org/rfcdiff?url2=draft-chunduri-karp-is-is-gap-analysis-02 > > > > > > Internet-Drafts are also available by anonymous FTP at: > > ftp://ftp.ietf.org/internet-drafts/ > > > > _______________________________________________ > > I-D-Announce mailing list > > I-D-Announce@ietf.org > > https://www.ietf.org/mailman/listinfo/i-d-announce > > Internet-Draft directories: http://www.ietf.org/shadow.html > > or ftp://ftp.ietf.org/ietf/1shadow-sites.txt > > _______________________________________________ > Isis-wg mailing list > Isis-wg@ietf.org > https://www.ietf.org/mailman/listinfo/isis-wg
- Re: [karp] [Isis-wg] FW: I-D Action: draft-chundu… Les Ginsberg (ginsberg)
- Re: [karp] [Isis-wg] FW: I-D Action: draft-chundu… Uma Chunduri