IETF Logo Mail Archive

Re: [Lsr] WG Last Call for IGP extension for PCEP security capability support in the PCE discovery - draft-ietf-lsr-pce-discovery-security-support-05

"Acee Lindem (acee)" <acee@cisco.com> Thu, 22 July 2021 15:11 UTC

Return-Path: <acee@cisco.com>
X-Original-To: lsr@ietfa.amsl.com
Delivered-To: lsr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 44ED33A49D5; Thu, 22 Jul 2021 08:11:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.494
X-Spam-Level:
X-Spam-Status: No, score=-10.494 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_COMMENT_SAVED_URL=1.391, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_NONE=0.001, T_HTML_ATTACH=0.01, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=Ntbl7w1B; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=VPTrUaP4
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GgPZKJ-RhoqE; Thu, 22 Jul 2021 08:11:24 -0700 (PDT)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2E7503A49B4; Thu, 22 Jul 2021 08:11:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=108360; q=dns/txt; s=iport; t=1626966684; x=1628176284; h=from:to:cc:subject:date:message-id:mime-version; bh=OlgWdJHzdTjxWiz5yOz8gUifAfF4NDhRnrrr7806N1g=; b=Ntbl7w1Be4eiSv5rMCoH3/zvbLY98sI5gainp4+v5LKlei7dx8nilERE VWUg2uKaFYt+XVkAmt4i4sx/WZ5ZyDhbY6Fs98b2WUPiRfvCyQhEXgvbc pELLX03dYkFmSdXldVjvXPdIkA1QxhhPLjrLZ/O1sgwz7k5CNwjQ73mpE U=;
X-Files: Diff_ draft-ietf-lsr-pce-discovery-security-support-05.txt.orig - draft-ietf-lsr-pce-discovery-security-support-05.txt.html : 71232
X-IPAS-Result: A0AIAwCBiflgl40NJK1QCh4BAQsSDIIOC4EjMCMuflo3MQKERoFfgWkDhTmIYAOJF4ZVikSBQoERA1QEBwEBAQ0BATcKBAEBgyKBNQIXgl8CJTcGDgIEAQEBAQMCAwEBAQEFAQEFAQEBAgEGBBQBAQEBAQEBAXKFaA2GRQECBBIIAwYKEwEBJRIBEQEIEQMBAhYLAQIHAgQwHQoEAQ0FDg0Hgk8BglUDLwEOnHgBgToCih96gTKBAYIHAQEGBASBSkGDHBiCLQcJgTqCfIQMAQGENoIqAiccgg2BFAEnHIIyMD6CVwsBAQIBF38JCQEHCwEJLwkGBgESglg2gi6CKwEtRAEBPCYBA1EBARQMAiQKKxZDAQURGAEJBhQFBwcBApUsiDo3gTmIeoZjjgIKgyaFOoR8hzqMTgUmg2OBR4IPiAiXIpYJghyKF5MsSIRmAgQCBAUCDgEBBoF2I2twcBU7KgGCPglHGQ6NfSIMAQwJFYM6hRSFSnMCAQorAgYBCgEBAwmLBF4BAQ
IronPort-PHdr: A9a23:ICtfXxJfDP9qTcBRjNmcuYEyDhhOgF28FgIQ44AszbNDbqrl+I7tb wTT5vRo2VnOW4iTq/dJkPHfvK2oX2scqY2Av3YPfN0pNVcFhMwakhZmDJuDDkv2f/LvZjYxW sVPSFEj+Gu0YgBZHc/kbAjUpXu/pTcZBhT4M19zIeL4Uo7fhsi6zaa84ZrWNg5JnzG6J7h1K UbekA==
IronPort-HdrOrdr: A9a23:bXMGAqiFLAhZnTOr8Up0cFLKS3BQXuYji2hC6mlwRA09TyX4ra qTdZEgviMc5wx9ZJhNo7y90dC7MBThHPxOgLX5TI3MYOCOggLBEGgF1+vfKlbbdREWmNQtsJ tIQuxTD8DxEEg/reuS2njdLz/4+qjlzEl/v5a980tQ
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.84,261,1620691200"; d="html'217?scan'217,208,217";a="724910156"
Received: from alln-core-8.cisco.com ([173.36.13.141]) by alln-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 22 Jul 2021 15:11:22 +0000
Received: from mail.cisco.com (xbe-aln-004.cisco.com [173.36.7.19]) by alln-core-8.cisco.com (8.15.2/8.15.2) with ESMTPS id 16MFBMVb021290 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK); Thu, 22 Jul 2021 15:11:22 GMT
Received: from xfe-aln-002.cisco.com (173.37.135.122) by xbe-aln-004.cisco.com (173.36.7.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.15; Thu, 22 Jul 2021 10:11:22 -0500
Received: from xfe-rtp-004.cisco.com (64.101.210.234) by xfe-aln-002.cisco.com (173.37.135.122) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.15; Thu, 22 Jul 2021 10:11:21 -0500
Received: from NAM11-CO1-obe.outbound.protection.outlook.com (64.101.32.56) by xfe-rtp-004.cisco.com (64.101.210.234) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.15 via Frontend Transport; Thu, 22 Jul 2021 11:11:21 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=n+fBe5wTrR5oe88Byo7Sv56fUGqVtAQnsFviw5YGeqKtQIDvRDHT2v/qx/WBDq03IYWxuFr45uJ/GxYyYuRCeLIXcO/dWSMDscfSSHjep7Skl0sFpqOy5oFmk2787w8qioW+pW1dII4t5z/63U3JO3qOZSlV+Fy9qwqU6/eCuG5o8rDjsu6pEwcu8LZQOeqkVKj/HQBdbLYLlTCoVc8dr56LfKiJdMSW1KrelQqzL+JpFFwgRTX1r0lPc6RXrfrnBJ9IGYcwcTaygHcOoOXfpTLnuPpi066LkBBiOM+Z8CWL+tsvXKohvD0TXNNmi9UsW4HXxQD1PWrpdPIP2hWx/g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hda2DVNfqhq3ybCf0MuMeOnfP15DvmbeOYbKJnJA9mU=; b=e/vOCzksU5JwJeBt2uYU+AgxMDDLm09X1b6i1bbttMbyIptE9mzK/VscDcnDBTPYrtDoLYJmSIrtabJHcyXwR2KMKJGs7inIAKQgcBOeHNXzlGnLYxPjm0j2c2hJInLRVfAYZ9iH2CNB0j1lq1zsje9v91pK+w6ufK4n8JWjkmZ3FMe3vK+2IWMh3SJX5kPeo5yzbBWRr5UW0qKOg3QHosG8/eOjtkuEpJH3+UerQqcUmWanJJFLdBx6WCtiNb8aLLckPfW3zmLaOUPlQSNkIFP6SNuyfTSPeQ6tngrHceBj+0aJFDtWIYPgXQiq01K/zPSGFwgExmi9JD5aQnrIZg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hda2DVNfqhq3ybCf0MuMeOnfP15DvmbeOYbKJnJA9mU=; b=VPTrUaP49G74ci7D0eKJrhrESz67m73C6KyTTZdfcQSU8tSIjVHU7x9cOytslW2mQahHZ5gu6t9aVFZ2DsgWggPbmNL5AAPCxdGQEvGbvvDm4bun3lUkeAYImD5eCUreOngQGMJk2Lc/QN1GsHJLnPWiBBJ1iFs6xRUI0mbHTdA=
Received: from BYAPR11MB2887.namprd11.prod.outlook.com (2603:10b6:a03:89::27) by SJ0PR11MB5182.namprd11.prod.outlook.com (2603:10b6:a03:2ae::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4352.24; Thu, 22 Jul 2021 15:11:19 +0000
Received: from BYAPR11MB2887.namprd11.prod.outlook.com ([fe80::dc2e:765f:512c:b39e]) by BYAPR11MB2887.namprd11.prod.outlook.com ([fe80::dc2e:765f:512c:b39e%7]) with mapi id 15.20.4331.034; Thu, 22 Jul 2021 15:11:19 +0000
From: "Acee Lindem (acee)" <acee@cisco.com>
To: "Acee Lindem (acee)" <acee=40cisco.com@dmarc.ietf.org>, "lsr@ietf.org" <lsr@ietf.org>
CC: "draft-ietf-lsr-pce-discovery-security-support@ietf.org" <draft-ietf-lsr-pce-discovery-security-support@ietf.org>
Thread-Topic: [Lsr] WG Last Call for IGP extension for PCEP security capability support in the PCE discovery - draft-ietf-lsr-pce-discovery-security-support-05
Thread-Index: AQHXfwvT8Z0Uuayt+E6k31jzZjbDFA==
Date: Thu, 22 Jul 2021 15:11:19 +0000
Message-ID: <0A11504D-BD7C-4A2D-B1D0-8C18D7851CFE@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.51.21071101
authentication-results: dmarc.ietf.org; dkim=none (message not signed) header.d=none;dmarc.ietf.org; dmarc=none action=none header.from=cisco.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: df2faeff-aea9-4214-513a-08d94d22f5bf
x-ms-traffictypediagnostic: SJ0PR11MB5182:
x-microsoft-antispam-prvs: <SJ0PR11MB5182E0A7898BDA15DB6C257EC2E49@SJ0PR11MB5182.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: bQolDDe1m9Ncoalk5i8volsciBe6lbJR27YqF0zTreV8l2Dn4YLoNoEW6jVjk7FrP89nc4T65jTPfUvRsXCWRj+sTeh5YjFnM0AkN2md0V+AmVoUreDoIi60oWOILt0ZPw4vExaCbIquJj89ZnxiUeUdSZ1CprOa4N/kuD+ic/3zG/5HM7qPrL+amHq9Oj27848WVC/67Ld08/E4ON1mMei0sdI4ZYZSs4+C+fAr20gav5Q/2nYbE3G9hPfoyeheC5Brd/lcIccicsYaVgrdVeoZ4lSqtPrWU52xFzst/1rn4rs/AfGQ9ubWau2vLRjwjfQqm/iBaVBGTX2xmgWbdy4NLWd9eLuq8k4L/IuHWe7qaq6mi6DhqPkp3s1KHKZUJv7xUORvZ8vwpSmCmWWmbp9SRwH8wq/UzvYoMAG9fggPlt7mhIYoA1KZXGFV8mBUVQgSnpnHsfC/3tmz5W4LGLQ3CRyOcERLLIquR34Uj/8YPdMJQMSabBEcMH+gdR1KnicbOXJx85eDo4qyQnlpX/S87IlBe1zBGSc9Io0BWEpFogpvsAMdMeEIMiGn53OiXHf4sqA37emLhUGj7vdPQa74k4XjTOfkLCPQy6Z8kFPlmKr3K0mUMZim6CmXL0hvqFp1mIRjcYnD0qMu1jFHdhjjoh4/+ZdumruqOYsWTTkljkCgqcbNUTQBv9rnPcfr7jGLRbcHJUxMn8AktxGUbwNXBmfXzMyEwfGMCBeUb2uYJbPBrSrxfsX0t+Jkc4Pd9To37/S6qwi68krmmvaeSS1Ln3+5kr2ICDhzenw4aGS54ZaRNTI2zG4vjCQaEtq8
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR11MB2887.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(376002)(346002)(366004)(39860400002)(136003)(396003)(2616005)(66556008)(64756008)(66446008)(122000001)(66476007)(6506007)(66616009)(76116006)(36756003)(2906002)(8936002)(5660300002)(6486002)(478600001)(33656002)(966005)(66946007)(53546011)(4326008)(86362001)(186003)(38100700002)(316002)(15650500001)(83380400001)(99936003)(110136005)(71200400001)(6512007)(8676002)(38070700004)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: eaCdFNrZs0Q/JInVdVB0idwXrUIcrOUJD7VeAwpqwbDJH6UqUGALRkZhZsYzYFoukfhbN83EvE1no5jqI0iDGGZJjSV3Z7o3iy0OSIMvHBUQvPjPmHsphyGQqQ+5prZn+e5d6zOhxUKhTTtDLEcCrAIFMZLe94j5IgPnjMGPs3/kZnkZjMkkE/LfgD5if/9vYIy3kaEOMRY1otbyEayoddQ/KZRdkUgmjNTJpvNEAT8pu5gS+cZeZaWSRUf+SFpsFrF2ifQ1aC4NnNQHXxHEoyMi4JUz81hmtrU4Mqhxiq9tmYaRW+Uc/r83knGaJ11hgy/nQJ8IB0i1VoIo+KpQldaszEbknXC7eplHMS4L9FmDlipkuDYUIC/SBOCNGIOd67NY2qoc0osgvMtyplbJUKaWHZ1/J+znwK35aQVct8pb+y1SMFXLTWg2d4kRQqeJIvcet98MP7w6mFO8wrpuH0rNwb2uIdmZ0xNZSHPK+PH8BwDDb7Lx6QCkJkzEaSPNn8DUN5MD3bBXLDjHG2nVOn55gAqzzeRRgoQRzYn+uo8v4JO+rRfA0ieim/5+rCkIlvR8RGZR3VCxevNwiLf/blpLUp7T84crGXwUgTWBFw7knyDYk6DlWL0/dEvm8mMikmug9lSMSl6BbJbscZiFFqOwcX9A3xffQyh+dA8f9Hp1qcZI4u4HonSioYURkPjv0ZDnlekkp0L/iSqNerNe1HwTENJpkIz9MnNU4TalZbAxDCxWNl414FqYKvZTx2xoAwynHdn3NKh3ROSbRz4OWOj/M43eVv067dCJnT9EbU7uXN2LlUABHj90NFRu1QHpHrFh8jin/UTd0KJDAf66rumqspeYF6swjR0zTFi9ol3cBuqCMD8kHIOUvsUnrVesT7RUjHW6Kb4LNGkidVC3W0j6wX09o2HknYvJb8vkx8BKwSA3B6fRUgRlfc0ccWqBCh1vi36ACwf/rgSNwD/dsQsYCpqIdazskJe4vkb2SP3owA8DGGDmm2TD3ynM7Z6nL+u9fTRQw65zfu7hrDYYBOemIs2Guwbd5A2jnOklXLQrNH4qIERbVSFim6/AHLaQ5T17Jx6jY3yfavLE1Ddgpe33hZRG7nzia1lJaYVdZRhjKK0mdEvdFLK1L9NtGiLaLmhYiE9Ykroz1MO0JVhhBJyrJ5Gc1J6FEY135wFWoBAVT0OvwYlmgDnmnkHo1117VPCDZpoxX9HW3v21WnxOarHlSLU7dfNv+f1tyOajEfttmuh/VMF9s+LpkStkQKWDbiCiiIfMqfYBgnpwoA1R4xMwL3Y8tEYMutZsnDeAqbwHigL1d1oNVzUAy89qioBj/G6aWtUinyOVuQtKz0A9n9WWicmpKk9P9jyhlwTGKG0=
x-ms-exchange-transport-forked: True
Content-Type: multipart/mixed; boundary="_004_0A11504DBD7C4A2DB1D08C18D7851CFEciscocom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BYAPR11MB2887.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: df2faeff-aea9-4214-513a-08d94d22f5bf
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Jul 2021 15:11:19.4779 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: UjxST6iv+l18aSk95wOMLJMP5IalFYEa8A5aMeYZWspX+9dKbaLAbrjBs06zp1rB
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR11MB5182
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.19, xbe-aln-004.cisco.com
X-Outbound-Node: alln-core-8.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/lsr/9RHAHhTeQXpjj74SkskkoPcdfsE>
Subject: Re: [Lsr] WG Last Call for IGP extension for PCEP security capability support in the PCE discovery - draft-ietf-lsr-pce-discovery-security-support-05
X-BeenThere: lsr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Link State Routing Working Group <lsr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lsr>, <mailto:lsr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lsr/>
List-Post: <mailto:lsr@ietf.org>
List-Help: <mailto:lsr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lsr>, <mailto:lsr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Jul 2021 15:11:31 -0000

Speaking as a WG member, I support publication.

I only have one functional comment and that is on Appendix A. Note that a key-chain or key-id would be useful for MD5 as well as TLS and TCP-AO. I’m not suggesting that you add MD5 since it is historic but support of MD5 as specified in RFC 5440 would require configuration of the same key or key-chain on the PCC and PCE server.

I also have some editorial comments that you can decide whether or not to apply. Of note are that I don’t think you need to say “looking for connecting with a” and can simply say “looking for a”. Also, once this document is published the capability bits and sub-TLVs are not longer “new”.

See full set of editorial comments in attached RFC diff.

Thanks,
Acee


From: Lsr <lsr-bounces@ietf.org> on behalf of "Acee Lindem (acee)" <acee=40cisco.com@dmarc.ietf.org>
Date: Wednesday, July 21, 2021 at 12:46 PM
To: "lsr@ietf.org" <lsr@ietf.org>
Cc: "draft-ietf-lsr-pce-discovery-security-support@ietf.org" <draft-ietf-lsr-pce-discovery-security-support@ietf.org>
Subject: [Lsr] WG Last Call for IGP extension for PCEP security capability support in the PCE discovery - draft-ietf-lsr-pce-discovery-security-support-05

This begins a 3-week WG Last Call, ending on August 4th, 2021, for draft-ietf-lsr-pce-discovery-security-support. Please indicate your support or objection to this list before the end of the WG last call. The longer WG last call is to account for IETF week.

  https://datatracker.ietf.org/doc/draft-ietf-lsr-pce-discovery-security-support/


Thanks,
Acee

v2.23.0 | Report a Bug | By Email