IETF Logo Mail Archive

Re: [Last-Call] Opsdir telechat review of draft-ietf-acme-dtnnodeid-10

Linda Dunbar <linda.dunbar@futurewei.com> Sat, 22 October 2022 03:41 UTC

Return-Path: <linda.dunbar@futurewei.com>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E8A62C1522CF; Fri, 21 Oct 2022 20:41:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=futurewei.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Nd_79X0IAz_l; Fri, 21 Oct 2022 20:41:51 -0700 (PDT)
Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2101.outbound.protection.outlook.com [40.107.93.101]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 824D9C1522CA; Fri, 21 Oct 2022 20:41:50 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bPAlftpGP6Ke4h9FJ7XhHgFXQfLunXyNUSr+9D4jPPuWWkU65f+Z2QOu3hBFRo/VUkZ73ra7VO6zrNPfqSR+t60Einhtx9iuOsdSvnuhVme2Y4qOBZ3JTNabi2ABGhAQl13zw+QV+liHgHB7/Xk25DH0wO2lzhoBXz7gmJijhIaI13FVvCgMZKz6FyqpQMm6bZgf/LY26UZM8CZtJwJnUXUmL8e7Pn6N7vF6nEmGcm/qhiTWaII4BAm9HKnUkHUgKV6dF3csuGBPjcp+Lwp5K+PmcrfX7m1JOJFNOBoDB+Oqtp9jYPVkBQ64M+W7DS4uQltv2GhzJfC/gMDeZP/SyQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=1wLur3/0dM5OpC9D3XKfDUJwekvszZejEMLjgrl7pIc=; b=R9ytZW/tj1SzTKdJKIHyHgkhSYm4Q/Uat62cAi8fCEYTA82ohE2gaut0FNKSrnxME3Bq4W5ILKfOPHKLAnCW9PYMX46v1oPD9Gk/QrG0XeLtZtmcY8esEv5sKjm/I0MyXswkoGq9L3v3A+0+Z1wGzEHzvETYtzOtRm0vHVWZcW8BZ070mPl7ZfP4Fh27Tu5fGryWVvX1+4ax7dNbZU8MNe6rgE0XTq9Hs7h6o1OSyQwn/9ubJKWsKguW1lnMMJMpV7Pv0y/ybcLXMRoExwZoa5Q3qsqotqLpmp2iaSN81OBnD0N/CbWKab+5x7uQQ9+6K/+/81SL2yeST4llS0zZkg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=futurewei.com; dmarc=pass action=none header.from=futurewei.com; dkim=pass header.d=futurewei.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Futurewei.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1wLur3/0dM5OpC9D3XKfDUJwekvszZejEMLjgrl7pIc=; b=W91Kdwd1Fg2y+HSrz88eUECRHKFzZy7Eu/Cse4gYNre5fxqDoH/sBa5iomznwLVx2PLmvgiXfQVWLj933X4VEoO6QfMHdOJe+dn89dm0SCyXOF8fKDiRD9TpYUxPPZ2WxGiA39FBhRE19Xs7jiF/5JHHgp0vauVU3RhRzT8pCXo=
Received: from PH0PR13MB4922.namprd13.prod.outlook.com (2603:10b6:510:92::5) by DM6PR13MB3657.namprd13.prod.outlook.com (2603:10b6:5:248::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5723.20; Sat, 22 Oct 2022 03:41:48 +0000
Received: from PH0PR13MB4922.namprd13.prod.outlook.com ([fe80::c2bb:fc29:24b:5598]) by PH0PR13MB4922.namprd13.prod.outlook.com ([fe80::c2bb:fc29:24b:5598%6]) with mapi id 15.20.5746.017; Sat, 22 Oct 2022 03:41:47 +0000
From: Linda Dunbar <linda.dunbar@futurewei.com>
To: Brian Sipos <brian.sipos+ietf@gmail.com>
CC: Deb Cooley <debcooley1@gmail.com>, Roman Danyliw <rdd@cert.org>, "ops-dir@ietf.org" <ops-dir@ietf.org>, "acme@ietf.org" <acme@ietf.org>, "draft-ietf-acme-dtnnodeid.all@ietf.org" <draft-ietf-acme-dtnnodeid.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>
Thread-Topic: Opsdir telechat review of draft-ietf-acme-dtnnodeid-10
Thread-Index: AQHY5N8vm9a5GAFVE0uBDPW+hfxAaq4X3u4AgADcnACAAGKTAP//rvQAgABVKQD//67CgIAAbTyA///dEYAADCaIgP//9l6A
Date: Sat, 22 Oct 2022 03:41:47 +0000
Message-ID: <A94F08F8-9A9A-49DE-95F4-EB35ED2FBC24@futurewei.com>
References: <166630648814.52985.10284820365346811952@ietfa.amsl.com> <BN2P110MB11076DDD8A34680DE318379EDC2A9@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM> <855DAAAE-A1BF-4577-922D-BC0F671CD0E8@futurewei.com> <DE4B11FF-1E07-44FA-9D9E-7EAE51BC393F@futurewei.com> <BN2P110MB1107FE073820EFCEE803710ADC2D9@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM> <560A8DBD-4CA4-4E49-BFA9-7452E4E1FE4F@futurewei.com> <BN2P110MB1107102AF46BE43B6F3828C0DC2D9@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM> <CFE4A64B-2F75-4187-A019-8AA476094587@futurewei.com> <CAGgd1OcFMyctz5T+sYj==6d6nfb5uz=jEfCfHo9LH-r=39sBhA@mail.gmail.com> <F661A7F8-4EC0-4954-87AA-AB555026829C@futurewei.com> <CAM1+-ggs+1k4_TampbrAZ1RKzHWU1MuuJbPHy-QvpqCf+uYMFQ@mail.gmail.com>
In-Reply-To: <CAM1+-ggs+1k4_TampbrAZ1RKzHWU1MuuJbPHy-QvpqCf+uYMFQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.66.22101101
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=futurewei.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: PH0PR13MB4922:EE_|DM6PR13MB3657:EE_
x-ms-office365-filtering-correlation-id: fd2e5e2c-d072-48f8-809e-08dab3df58d4
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: IpAUgBLAIAWNstgqtoscPIiTo/XiAIqCq/1CFyI/NqVjF1N4oHUp1Pdq7EFbPB1bT7BcGZJLbYUQ5xH9z5jltKz2AtBbeSYzHw18d3uPv/mkIOQ3vrz+dwmvZf90OrMXoiWDbq5uSzGd+wBKFmBq+5XZ/BBRAh1uwl6WrnG433aIjjP2fbyUPwoIv7B3xOAUWMWOGINVaPdl8bPM3POxpqIh+XCt6nLx4SHvlnzPUrj/g3ejaV8ttH0LXw3q1ctRn3Hrkmf4cp674xm5Vb9ENEfXl0GL8T4xMmuZzQ9NP28E61LmE2d+q2PzIjaI9QdTyfMElGs6s/cHsR70OCrurVuJeJb9eyZtoBl73eiTsL77UnWTIlKWLmtwWu6Q4s1zzSgOgvN9l+6NCDYedOlS36U9Leej3q587S/CFaUuBuqxzCmMCQdGVxrcd8Wu1ugCBNKFKkO2Lu1cWPrKG1JZBRccC4IUSMX1Pcm+i2qGE53fZHPQcD/vLnSCc4eKVaAax/BRxSbjOmRy73BPjQYF5G8jBA0IQaHPv+0Xnn6i+kDy+9gIOpCVUWVpvpE0gTSBGaPeeFoDn6Y01zh+3coUm25KP/QUD1zUtJ92aA1+85CmSxAXQ49fQsi3s/nESzJN/DRuYvsEdzzRDohFmTR7kUDp8MILn9fCbzBQHMbpqf4MwC2Og9qhM7VYZcbcHR4jjicD8F96l1aX3noe1WXPQOUILJAidX/BpeloFSaN7dnUM9XBLkudXcj4yCK901wL4Bj3ZZ05asCHdXS8LugyjfQ2QWOuDb+K6p22c7a1JC3GQAgcweOhUntuyr0FSDeSe/p3nRM/5pK33yzW1MyPug==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR13MB4922.namprd13.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(366004)(376002)(396003)(346002)(136003)(39840400004)(451199015)(33656002)(36756003)(86362001)(38100700002)(122000001)(166002)(38070700005)(2906002)(44832011)(83380400001)(8936002)(5660300002)(6512007)(186003)(53546011)(2616005)(6506007)(26005)(54906003)(71200400001)(478600001)(45080400002)(66556008)(66476007)(91956017)(76116006)(66946007)(4326008)(6486002)(316002)(64756008)(8676002)(41300700001)(66446008)(966005)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: qHBzCyCouYlbECXvH7BAEdOLF3wHMT6o51jJ3I46w0tAa5u8ElhfJtXKlsX0kEv9n5i5RZVfKvk9q8wc8isCj1ywqsOmBab2rcR0RKwOtAen9FKYoPkhddonbSahkhgyhlqAjOcSeLy+2bK0tZ0tZibx8ebqBZrD4wv7cm0LAnDdsiQfSBrRd3jgq1Zw6ISOFfPi2wMo5hTYgZRGVY3U/RSoB23vKrqluixJE7ZW+MwSPq4nZbeV9wY59wObe8EJk5KlbJsjWPEzZEDMbWc/URO18FT+xiFdxQW/1gg+hE8zbIMOzpKzNcXPRD2Jj+Q1aOCuP3xawGPS0LSJNsogm088gqgeXmO2ZOBfILKvsLh3FXE6uaGxJcgcV5G5d+0OkmPzQw9biysLeUhjXV6sN5Z0+UgGvRmDzOEx1IBc1UhklgNfQzYbIh6hn6K+XgYXrK2jOw0rTLaQmI2/QUpnbh5Zuud/F3CRtILCu11qQ4M5BubEnuClYn/UZb2idLjf5IiZj0gLUdU1jk6yyAAsos6ccne1UR58ywejZwK9IFsfHXBxkMQnmpKnBFDxd1kUBv3zzfU5RUtwBvVtEW5PyrkU5q+1h8GX7TbINeA8bX35Lh0R6r9pHJ7pLlQpjdzFPSgQfa7RwfzGOEZ55+mW9pbedEJyCfS6VqnlbUW40uZqlFriGSD0o4vVSWdH8EfYTx+pbKo0TrCqRW4BA1OXZ96aD6ptFUkRe/DkRKvwC55KTEZRkEbBJb68QKxtmqU7Gca0fLgRWvtUI+B4AdZdZVBZFtDcETzNYdQZBr4ApOrVTHvSrc6XYE7eERTuUBdiJbHFmqZyRk6HnPD+z5oXfjm0r8UHAu68H5MfTXHiJH5vOWnmrkGamv4REWrk7S27AJUxyTXMau+og1y/GIj9wI2i1JFzg3wlcPFuSy9E1oDhsDGqGJeY6itAo7EVNtjLL9x96OmHYAu487A+TKf5RR6VsqC2MtLVS3zjxJoA9IQ/6ED+pZfQB06EewoeozOW4W2vgKveXzpabHyoX+u54VMDB4E+mN/O18l0eMjeC1Q1K5nhuQEUuFHiBHqEtMtKXM02QKN1A7fYTRrFKTl/WZozq1ipGnfH6gT2zwC0emWympmz0PVgdvOzvNJKF2eWoPslz5/Rg4kZkBlgA0VWx2Iz8VX4zarebaE8Ehd1ebRzkDNUmrR62FjDDBn9jsu6wij0d/0VcRcuNsnzqWxxUTIiFdCG7nalvXJ69onjmxFHd5fyiA6ONk2+JwN4zlAKoTsm/yUpzi8TnRuZTG5/DtbdIAOspzgynHKaQC/eoiE5i0wGflcPvGFFmZHepYtayrHAdH8t0hJ591JfOj29n4bsADbmu5XcLqIMkcou618T3vOUGbuIZuw0zwj/lAQrwPhMkqlHajw5tj4pFdAGMCWfhSQSO45r0jzlHq6go/lF0fHKMf0UxQIcV4bbUYgAXHfW0XtinHamI4J/WVUv43ec2xMteLTgZ48dT+8Ee8gy70wkezak0POR8BLNg+opkqOjEOjxKUvVTlJ9cduocTo043XFkaddSZ/eAgChkKxbcKE7msyVdfl+fHWrLncKAnombXP2BSovXW7jD7capA==
Content-Type: multipart/alternative; boundary="_000_A94F08F89A9A49DE95F4EB35ED2FBC24futureweicom_"
MIME-Version: 1.0
X-OriginatorOrg: Futurewei.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR13MB4922.namprd13.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: fd2e5e2c-d072-48f8-809e-08dab3df58d4
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Oct 2022 03:41:47.5299 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 0fee8ff2-a3b2-4018-9c75-3a1d5591fedc
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: O/aKRHVwVUE9xS3FdVmVWLUJNMapTs93VdQcIdXzbWHaLKCAUoFMznEkr4o7q3CZdRp6MvdLtSKtLJkYQXQWjQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR13MB3657
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/XBR4sE-MqJfPlhb5jsFRJmG56lg>
Subject: Re: [Last-Call] Opsdir telechat review of draft-ietf-acme-dtnnodeid-10
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 22 Oct 2022 03:41:57 -0000

Brian,

Thank you very much for the detailed explanation.

Linda

From: Brian Sipos <brian.sipos+ietf@gmail.com>
Date: Friday, October 21, 2022 at 6:16 PM
To: Linda Dunbar <linda.dunbar@futurewei.com>
Cc: Deb Cooley <debcooley1@gmail.com>, Roman Danyliw <rdd@cert.org>, "ops-dir@ietf.org" <ops-dir@ietf.org>, "acme@ietf.org" <acme@ietf.org>, "draft-ietf-acme-dtnnodeid.all@ietf.org" <draft-ietf-acme-dtnnodeid.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>
Subject: Re: Opsdir telechat review of draft-ietf-acme-dtnnodeid-10

Linda,
To provide some clarification: a "delay-tolerant network" isn't just a descriptive term, it is a specific type of overlay network operating with the Bundle Protocol of RFC 9171 in accordance with the principals of RFC 4838. This proposed validation method is both conceptually and procedurally analogous to the email validation of RFC 8823, and a DTN can be thought of in the same way as an email transport network: email addresses exist independently of the IP addresses or DNS names of the clients used to originate and receive those email messages, just as DTN Node IDs (and the BP Agents that transfer bundles) exist independently of whatever network, IP or otherwise, that transports bundles addressed with those Node IDs. This is why the RFC 8823 validation mechanism exists separately from the IP/DNS mechanisms, and is why the DTN Node ID mechanism requires its own mechanism.

Brian S.

On Fri, Oct 21, 2022 at 6:28 PM Linda Dunbar <linda.dunbar@futurewei.com<mailto:linda.dunbar@futurewei.com>> wrote:
Deb,

The discussion stemmed from my question about the mechanism specified in the draft-ietf-acme-dtnnodeid-10 not touching upon the special properties of Delay Tolerant. For example, are there any special considerations for the satellite network that requires hours or days of the round trip instead of the traditional network of ms for the round trip?
This triggered me to ask if the mechanism is applicable to validate IDs in other types of networks, like SD-WAN.

Linda

From: Deb Cooley <debcooley1@gmail.com<mailto:debcooley1@gmail.com>>
Date: Friday, October 21, 2022 at 2:33 PM
To: Linda Dunbar <linda.dunbar@futurewei.com<mailto:linda.dunbar@futurewei.com>>
Cc: Roman Danyliw <rdd@cert.org<mailto:rdd@cert.org>>, "ops-dir@ietf.org<mailto:ops-dir@ietf.org>" <ops-dir@ietf.org<mailto:ops-dir@ietf.org>>, "acme@ietf.org<mailto:acme@ietf.org>" <acme@ietf.org<mailto:acme@ietf.org>>, "draft-ietf-acme-dtnnodeid.all@ietf.org<mailto:draft-ietf-acme-dtnnodeid.all@ietf.org>" <draft-ietf-acme-dtnnodeid.all@ietf.org<mailto:draft-ietf-acme-dtnnodeid.all@ietf.org>>, "last-call@ietf.org<mailto:last-call@ietf.org>" <last-call@ietf.org<mailto:last-call@ietf.org>>
Subject: Re: Opsdir telechat review of draft-ietf-acme-dtnnodeid-10

Linda,

I'm now very confused.  The original topic was comments on a DTN acme draft.  How did we get to discussing Virtual Network IDs of SD-WAN edge devices?

Do you want to get X.509 certificates for these devices?  Or do you have something else in mind to validate these devices?

Deb Cooley

On Fri, Oct 21, 2022 at 2:02 PM Linda Dunbar <linda.dunbar@futurewei.com<mailto:linda.dunbar@futurewei.com>> wrote:
Roman,

Thanks.
I don't see how DTN wg is relevant, as the SD-WAN is NOT Delay Tolerant Network. More relevance is on the "certificate issuance mechanism" to validate if the IDs advertised by a remote node are legitime.

Does ACME Wg work on "Certificate issuance mechanism" for remote node IDs?

Linda
On 10/21/22, 12:53 PM, "Roman Danyliw" <rdd@cert.org<mailto:rdd@cert.org>> wrote:

    IMO, the simplest thing would be to pose this question on the DTN WG mailing list.  This very specific work is being done in the ACME WG because it has the expertise on the certificate issuance mechanism, but I see you applicability to SD-WAN as more general.

    Roman

    > -----Original Message-----
    > From: Linda Dunbar <linda.dunbar@futurewei.com<mailto:linda.dunbar@futurewei.com>>
    > Sent: Friday, October 21, 2022 1:48 PM
    > To: Roman Danyliw <rdd@cert.org<mailto:rdd@cert.org>>; ops-dir@ietf.org<mailto:ops-dir@ietf.org>
    > Cc: acme@ietf.org<mailto:acme@ietf.org>; draft-ietf-acme-dtnnodeid.all@ietf.org<mailto:draft-ietf-acme-dtnnodeid.all@ietf.org>; last-call@ietf.org<mailto:last-call@ietf.org>
    > Subject: Re: Opsdir telechat review of draft-ietf-acme-dtnnodeid-10
    >
    > Roman,
    >
    > Can you give me a few names with who I can chat to find out more?
    >
    > Thank you
    >
    > Linda
    >
    > On 10/21/22, 12:38 PM, "Roman Danyliw" <rdd@cert.org<mailto:rdd@cert.org>> wrote:
    >
    >     Hi Linda!
    >
    >     As I understand the scenario below, it would align to the work in this
    > document only to the degree that the SD-WAN network would be an underlay
    > to the DTN Bundle Protocol (via some as of yet undefined convergence layer)
    > and the Virtual Network IDs would have an easy mapping to the DTN-specific
    > addressing mechanism (Endpoint IDs per Section 4.2.5 of RFC9171).  I'll let the
    > DTN experts correct me or provide more insight on the alignment.
    >
    >     As an aside, there is a critical IANA issue with this document and it is being
    > pulled from the planned telechat docket.
    >
    >     Roman
    >
    >     > -----Original Message-----
    >     > From: Linda Dunbar <linda.dunbar@futurewei.com<mailto:linda.dunbar@futurewei.com>>
    >     > Sent: Friday, October 21, 2022 12:46 PM
    >     > To: Roman Danyliw <rdd@cert.org<mailto:rdd@cert.org>>; ops-dir@ietf.org<mailto:ops-dir@ietf.org>
    >     > Cc: acme@ietf.org<mailto:acme@ietf.org>; draft-ietf-acme-dtnnodeid.all@ietf.org<mailto:draft-ietf-acme-dtnnodeid.all@ietf.org>; last-
    > call@ietf.org<mailto:call@ietf.org>
    >     > Subject: Re: Opsdir telechat review of draft-ietf-acme-dtnnodeid-10
    >     >
    >     > Roman,
    >     >
    >     > Can the mechanism specified in the draft be used to validate the Virtual
    >     > Network IDs of SD-WAN edge devices?
    >     > For example, an SDWAN edge deployed in a remote site, say a shopping
    > mall,
    >     > might advertise the routes and client VPN IDs to the BGP Route-Reflector
    > (RR).
    >     > The RR needs to validate the Client's IDs are legitimate. Can the mechanism
    >     > specified in the draft do the job?
    >     >
    >     > Thanks, Linda
    >     >
    >     >
    >     > On 10/20/22, 10:36 PM, "Linda Dunbar" <linda.dunbar@futurewei.com<mailto:linda.dunbar@futurewei.com>>
    >     > wrote:
    >     >
    >     >     Roman,
    >     >
    >     >     With you bringing back the explanation, all makes sense to me now.
    > Wish
    >     > your explanation is incorporated into the document.
    >     >     Thanks, Linda
    >     >
    >     >     On 10/20/22, 6:53 PM, "Roman Danyliw" <rdd@cert.org<mailto:rdd@cert.org>> wrote:
    >     >
    >     >         Thanks for the re-review Linda.
    >     >
    >     >         ACME WG: here is the thread from the IETF LC where proposed
    > changes
    >     > were discussed:
    >     >
    > https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmailarc
    >     > hive.ietf.org<https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Fhive.ietf.org%2F&data=05%7C01%7Clinda.dunbar%40futurewei.com%7C9cf042b92da641a85a7608dab3ba47a8%7C0fee8ff2a3b240189c753a1d5591fedc%7C1%7C0%7C638019909933889052%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Nt50683UmXATnBNqEIoxg6dbHEwengsF7sGs8BpMswI%3D&reserved=0>%2Farch%2Fmsg%2Flast-
    >     >
    > call%2FnujBgHd6ZKHY6fG58ZWBKzFGVWs%2F&amp;data=05%7C01%7Clinda.
    >     >
    > dunbar%40futurewei.com<https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2F40futurewei.com%2F&data=05%7C01%7Clinda.dunbar%40futurewei.com%7C9cf042b92da641a85a7608dab3ba47a8%7C0fee8ff2a3b240189c753a1d5591fedc%7C1%7C0%7C638019909934045240%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=X2FY5HSuhP7BYqtPJ5P4d8o%2BhL7N20bJX46QUHZgIoQ%3D&reserved=0>%7C3d47157879904a302e3008dab2f65009%7C0fee
    >     >
    > 8ff2a3b240189c753a1d5591fedc%7C1%7C0%7C638019068235813966%7CUn
    >     >
    > known%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik
    >     >
    > 1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&amp;sdata=t83ICajIF%2FEIKz
    >     > ibHtGs0T9FFSQpSFmBxKdxxgGHkPY%3D&amp;reserved=0
    >     >
    >     >         > -----Original Message-----
    >     >         > From: Linda Dunbar via Datatracker <noreply@ietf.org<mailto:noreply@ietf.org>>
    >     >         > Sent: Thursday, October 20, 2022 6:55 PM
    >     >         > To: ops-dir@ietf.org<mailto:ops-dir@ietf.org>
    >     >         > Cc: acme@ietf.org<mailto:acme@ietf.org>; draft-ietf-acme-dtnnodeid.all@ietf.org<mailto:draft-ietf-acme-dtnnodeid.all@ietf.org>; last-
    >     > call@ietf.org<mailto:call@ietf.org>
    >     >         > Subject: Opsdir telechat review of draft-ietf-acme-dtnnodeid-10
    >     >         >
    >     >         > Reviewer: Linda Dunbar
    >     >         > Review result: Has Issues
    >     >         >
    >     >         > I have reviewed this document as part of the Ops area directorate's
    >     > ongoing
    >     >         > effort to review all IETF documents being processed by the IESG.
    > These
    >     >         > comments were written primarily for the benefit of the Ops area
    >     > directors.
    >     >         > Document editors and WG chairs should treat these comments just
    > like
    >     > any
    >     >         > other last call comments.
    >     >         >
    >     >         > This document specifies an extension to ACME protocol which allows
    > an
    >     > ACME
    >     >         > server to validate the Delay-Tolerant Networking Node ID for an
    > ACME
    >     > client.
    >     >         >
    >     >         > I had the following comments for the -07 version. I don't think the
    > latest
    >     >         > version (-10) resolved my comments.
    >     >         >
    >     >         > Issues:
    >     >         >
    >     >         > The document didn't describe how the Node ID described in this
    >     > document is
    >     >         > related to the Delay Tolerant Network. I see the mechanism can be
    >     > equally
    >     >         > used in any network. What are the specifics related to the "Delay
    >     > Tolerant
    >     >         > Network"?
    >     >         > It would be helpful if the document adds a paragraph explaining the
    >     > specific
    >     >         > characteristics of the Delay-Tolerant Network that require the
    > additional
    >     >         > parameters/types used for validating the Node-ID for an ACME
    > client.
    >     >         >
    >     >         > Thank you,
    >     >         >
    >     >         > Linda Dunbar
    >     >         >
    >     >
    >     >
    >

v2.23.0 | Report a Bug | By Email