Re: [lisp] Restarting last call on LISP threats

Ronald Bonica <rbonica@juniper.net> Tue, 13 May 2014 17:22 UTC

Return-Path: <rbonica@juniper.net>
X-Original-To: lisp@ietfa.amsl.com
Delivered-To: lisp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C50081A018D for <lisp@ietfa.amsl.com>; Tue, 13 May 2014 10:22:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.602
X-Spam-Level:
X-Spam-Status: No, score=-101.602 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DOkT0NfAw2KL for <lisp@ietfa.amsl.com>; Tue, 13 May 2014 10:22:02 -0700 (PDT)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1lp0139.outbound.protection.outlook.com [207.46.163.139]) by ietfa.amsl.com (Postfix) with ESMTP id A191F1A017E for <lisp@ietf.org>; Tue, 13 May 2014 10:21:59 -0700 (PDT)
Received: from CO1PR05MB442.namprd05.prod.outlook.com (10.141.73.146) by DM2PR05MB639.namprd05.prod.outlook.com (10.141.157.150) with Microsoft SMTP Server (TLS) id 15.0.934.12; Tue, 13 May 2014 17:21:51 +0000
Received: from CO1PR05MB442.namprd05.prod.outlook.com ([169.254.13.25]) by CO1PR05MB442.namprd05.prod.outlook.com ([169.254.13.25]) with mapi id 15.00.0939.000; Tue, 13 May 2014 17:21:51 +0000
From: Ronald Bonica <rbonica@juniper.net>
To: =?iso-8859-1?Q?Roger_J=F8rgensen?= <rogerj@gmail.com>, Ross Callon <rcallon@juniper.net>
Thread-Topic: [lisp] Restarting last call on LISP threats
Thread-Index: AQHPa58LSm48HWl6Wky1MR3KNHiENZs9MyiAgAD04oCAAJ/u8A==
Date: Tue, 13 May 2014 17:21:50 +0000
Message-ID: <7aa1593be30a47d3a0edfc806d64796e@CO1PR05MB442.namprd05.prod.outlook.com>
References: <536CFA13.4010102@joelhalpern.com> <4e6c0aaac8fb4aba87ab137cc49b51dc@CO2PR05MB636.namprd05.prod.outlook.com> <CAKFn1SH_gu1+e6EsWESBsRw9EGiSQ+Z5r9E7GEhMO1FdNuM9nQ@mail.gmail.com>
In-Reply-To: <CAKFn1SH_gu1+e6EsWESBsRw9EGiSQ+Z5r9E7GEhMO1FdNuM9nQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [66.129.241.14]
x-forefront-prvs: 0210479ED8
x-forefront-antispam-report: SFV:NSPM; SFS:(10009001)(6009001)(428001)(51704005)(199002)(189002)(46102001)(74502001)(33646001)(4396001)(76482001)(15975445006)(1941001)(83072002)(21056001)(86362001)(76576001)(85852003)(101416001)(77982001)(81542001)(2656002)(74316001)(99286001)(81342001)(83322001)(50986999)(74662001)(76176999)(20776003)(79102001)(87936001)(54356999)(66066001)(19580395003)(99396002)(80022001)(24736002); DIR:OUT; SFP:1101; SCL:1; SRVR:DM2PR05MB639; H:CO1PR05MB442.namprd05.prod.outlook.com; FPR:; MLV:sfv; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (: juniper.net does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=rbonica@juniper.net;
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
Archived-At: http://mailarchive.ietf.org/arch/msg/lisp/br2Mxd-7sgr2qSOs6G58_s6_kR8
Cc: "lisp@ietf.org" <lisp@ietf.org>
Subject: Re: [lisp] Restarting last call on LISP threats
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 May 2014 17:22:05 -0000

Hi Roger,

Can this draft stand on its own, without integrating content from the documents that you reference?

                                                                                             Ron

> 
> There exist two draft that are relevant to what you address.
> 
> You have https://datatracker.ietf.org/doc/draft-farinacci-lisp-crypto/
> where the payload of a LISP encapsulated packet are encrypted. None of the
> keys for encrypting/decrypting are stored in the mapping system but is
> calculated by the xTR's involved.
> Then you have https://datatracker.ietf.org/doc/draft-ietf-lisp-sec/
> that attempts to secure the xTR to xTR relationship.
> 
> 
> 
> --
>