Re: [lisp] A Stab At Opportunistic Encryption for LISP

Edward Lopez <elopez@fortinet.com> Tue, 04 March 2014 01:19 UTC

Return-Path: <elopez@fortinet.com>
X-Original-To: lisp@ietfa.amsl.com
Delivered-To: lisp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA5301A021E for <lisp@ietfa.amsl.com>; Mon, 3 Mar 2014 17:19:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.737
X-Spam-Level:
X-Spam-Status: No, score=-4.737 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.547, SPF_PASS=-0.001, T_HTML_ATTACH=0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iZUitE0PAIMY for <lisp@ietfa.amsl.com>; Mon, 3 Mar 2014 17:19:37 -0800 (PST)
Received: from smtp.fortinet.com (smtp.fortinet.com [208.91.113.81]) by ietfa.amsl.com (Postfix) with ESMTP id C77B11A0213 for <lisp@ietf.org>; Mon, 3 Mar 2014 17:19:36 -0800 (PST)
From: Edward Lopez <elopez@fortinet.com>
To: "lisp@ietf.org list" <lisp@ietf.org>
Thread-Topic: A Stab At Opportunistic Encryption for LISP
Thread-Index: AQHPNww8b2z7LAwvt0OI7waAfMayqZrQp5CA
Date: Tue, 4 Mar 2014 01:19:33 +0000
Message-ID: <8D969E27-2BBE-4BE7-80C1-14675C2255B5@fortinet.com>
References: <6BC34AAF-E8D8-4D94-BF86-67BA834564CC@fortinet.com>
In-Reply-To: <6BC34AAF-E8D8-4D94-BF86-67BA834564CC@fortinet.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [78.149.18.188]
Content-Type: multipart/mixed; boundary="_005_8D969E272BBE4BE780C114675C2255B5fortinetcom_"
MIME-Version: 1.0
X-FEAS-SYSTEM-WL: 192.168.221.212
Archived-At: http://mailarchive.ietf.org/arch/msg/lisp/doVsOlMR4nxKjKhOdW5Cb_PxGws
Subject: Re: [lisp] A Stab At Opportunistic Encryption for LISP
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Mar 2014 01:19:42 -0000

As I’ve previously noted, there was a significant lapse in time since I was able to last work on this draft for lisp-oe.  Even then, there was a significant difference between myself and Dino regarding the methodology of actually encrypting the packets, where lisp-oe using IPSec ESP, and lisp-crypto is evolving its own methodology.  While we will both constructively agree to disagree, Dino has asked me to remove his name from my draft, as to not misrepresent his position.

Both lisp-crypto and lisp-oe agree on the need to establish a key within a single packet exchange, which I do believe is the critical work.  It may be possible to join work on commonality within the key-exchange aspects of the drafts, while working separately on the actual LISP packet encryption scheme.

Attached is 'draft-lopez-lisp-oe-01’, which reflects this change.

Thanks!
Ed Lopez



***  Please note that this message and any attachments may contain confidential 
and proprietary material and information and are intended only for the use of 
the intended recipient(s). If you are not the intended recipient, you are hereby 
notified that any review, use, disclosure, dissemination, distribution or copying 
of this message and any attachments is strictly prohibited. If you have received 
this email in error, please immediately notify the sender and destroy this e-mail 
and any attachments and all copies, whether electronic or printed.
Please also note that any views, opinions, conclusions or commitments expressed 
in this message are those of the individual sender and do not necessarily reflect 
the views of Fortinet, Inc., its affiliates, and emails are not binding on 
Fortinet and only a writing manually signed by Fortinet's General Counsel can be 
a binding commitment of Fortinet to Fortinet's customers or partners. Thank you. ***