Re: [lisp] draft-farinacci-lisp-crypto-01 - Call for WG Adoption

Dino Farinacci <> Thu, 04 December 2014 21:30 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 861811A6F2B for <>; Thu, 4 Dec 2014 13:30:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ieHNWf8viij8 for <>; Thu, 4 Dec 2014 13:30:51 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:400e:c02::22e]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 7FDDE1A6F27 for <>; Thu, 4 Dec 2014 13:30:51 -0800 (PST)
Received: by with SMTP id w10so18493116pde.33 for <>; Thu, 04 Dec 2014 13:30:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=XNqHp+VIXkJqiUrCTp2f7QuDoBTEE0c617U8nkZaRJ8=; b=IhqhuMtpCNuCJqo6Cc23WY1AMrijFTAbpNJTY+Jbaqsij9/lF3mvYHTVIm1y+tM0n/ hjfGsGH9eQnEsXnOGB/Yb0TQMZdI5RI60Js/+FvdwG4s/4eZu9LXoz80ZMy+GGTxzTgY uNg2SrTcs9n9/fYuB0XbRvevaO3/pKXNO2o0/qXpek/AnAUEyGE3hAFXFFl/z5xKTze1 vKjvOu+uEsskzVtcr7ehi/bkRGaZcURmXiDNrSkKC9jG09X+fh9gTeUW/W7C2ai8vtbu n5NW2HqIRO6TcUmjKDlkxp86bWyGZ+gblUjcsLrQeW03m2SUlx1xbYNJOoN1pZ8nd5LT cJLA==
X-Received: by with SMTP id mz1mr22639717pdb.14.1417728650763; Thu, 04 Dec 2014 13:30:50 -0800 (PST)
Received: from [] ([]) by with ESMTPSA id ud7sm26864821pbc.11.2014. for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 04 Dec 2014 13:30:49 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 8.0 \(1990.1\))
From: Dino Farinacci <>
In-Reply-To: <>
Date: Thu, 04 Dec 2014 13:30:43 -0800
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <> <>
To: Fabio Maino <>
X-Mailer: Apple Mail (2.1990.1)
Subject: Re: [lisp] draft-farinacci-lisp-crypto-01 - Call for WG Adoption
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 04 Dec 2014 21:30:54 -0000

Do you support the control-plane mechanisms in the draft?

The advantage of having more bits for encryption is that we can have more data-plane keys. With the current lisp-crypto proposal, we only have 3 keys-ids.

But I would use caution here, because the state of the art in data-plane encapsulations is all over the place. And while generalization is nice, it often isn't practical. And what results in the marketplace is a subset of options being delivered in a general design that brings you back to the same result of having a specific format that would need to change later.


> On Dec 4, 2014, at 11:08 AM, Fabio Maino <> wrote:
> I don't support adoption of this document.
> The document is proposing an extension of the LISP header to support data plane security.  However, there has been quite a lot of discussion in various WGs, including LISP, about the need for a more flexible overlay encapsulation. Besides support for data plane security, the requirements include capability to support non IP payloads, and to support metadata for various applications including service chaining  and policy tags.
> I believe that rather than just adding incremental support for data plane security, the WG should  have a comprehensive look at how to extend the LISP header to address the requirements above. draft-lewis-lisp-gpe, that was presented to the WG a few times, tries to address all of those requirements.
> Extending the semantic of the header to support data plane security, at least for HW implementations, comes at about the same cost of addressing all of the requirements above. I believe the same is true, to a lesser extent, even with SW implementations (at least those that deal with the encap in the kernel).
> Thanks,
> Fabio
> On 12/4/14, 3:27 AM, Luigi Iannone wrote:
>> Hi All,
>> During the 91st IETF authors of the draft-farinacci-lisp-crypto-01
>> []
>> asked for WG adoption. Meeting participants expressed consensus on adoption.
>> This message begins the two weeks call for WG adoption to confirm the meeting outcome.
>> The call ends on  December 19th 2014.
>> Please respond to the LISP mailing list with any statements of approval or disapproval.
>> Recall that:
>> - This is not WG Last Call. The document is not final, and the WG is expected to
>>   modify the document’s content until there is WG consensus that the content is solid.
>>   Therefore, please don’t oppose adoption just because you want to see changes to its content.
>> - If you have objections to adoption of the document, please state your reasons why,
>>   and explain what it would take to address your concerns.
>> - If you have issues with the content, by all means raise those issues and we can
>>   begin a dialog about how best to address them.
>>                                                                                                                                Luigi and Joel
>> _______________________________________________
>> lisp mailing list
> _______________________________________________
> lisp mailing list