Re: [Lsr] I-D Action: draft-ietf-lsr-pce-discovery-security-support-03.txt

"Les Ginsberg (ginsberg)" <ginsberg@cisco.com> Fri, 01 November 2019 15:07 UTC

Return-Path: <ginsberg@cisco.com>
X-Original-To: lsr@ietfa.amsl.com
Delivered-To: lsr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3531F1200B2 for <lsr@ietfa.amsl.com>; Fri, 1 Nov 2019 08:07:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=GwpZs7cK; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=g50h47Wu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id omy2Onxovfab for <lsr@ietfa.amsl.com>; Fri, 1 Nov 2019 08:07:01 -0700 (PDT)
Received: from alln-iport-2.cisco.com (alln-iport-2.cisco.com [173.37.142.89]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2F5E41200A1 for <lsr@ietf.org>; Fri, 1 Nov 2019 08:07:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4894; q=dns/txt; s=iport; t=1572620821; x=1573830421; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=CVG1iMLDf+fBmwVjAah5c+OJAGCEhuEvyh5OLOYqZtU=; b=GwpZs7cKIlPw/CNdzDYwFWcxPFutyFF8FC2qbDyBgXy2MwSBk8gYIIDA jVAqjlkSYBQgXRTMVDBRwx0eCuYbInIxcAK2lf0EwNDC+4GPGwblBbtBJ 4M+HsetJDDkNex/MqEgZ347osil96HLQoWVkctk49F8R5QsFfB2t/mUNX 4=;
IronPort-PHdr: =?us-ascii?q?9a23=3Ag2dpcRZZbyNs+aR1eEObyor/LSx94ef9IxIV55?= =?us-ascii?q?w7irlHbqWk+dH4MVfC4el20gabRp3VvvRDjeee87vtX2AN+96giDgDa9QNMn?= =?us-ascii?q?1NksAKh0olCc+BB1f8KavlbiohFslYW3du/mqwNg5eH8OtL1A=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0AzAABbSbxd/5tdJa1lGgEBAQEBAQE?= =?us-ascii?q?BAQMBAQEBEQEBAQICAQEBAYFsAgEBAQELAYFKUAVsWCAECyqEKINGA4p1ToI?= =?us-ascii?q?Ql3yCUgNUCQEBAQwBARgNCAIBAYRAAheDZCQ3Bg4CAwsBAQQBAQECAQUEbYU?= =?us-ascii?q?3DIVRAQEBAQMBARAREQwBASwMCwQCAQYCDgMEAQEDAiMDAgICJQsUAQgIAQE?= =?us-ascii?q?EARIIGoMBgkYDLgEOljmQYgKBOIhgdYEygn4BAQWBOAIOQYMQGIIXCYEOKAG?= =?us-ascii?q?MEBiBQD+BEAFGgkw+gmIBAQIBARaBMRgVD4JqMoIsj32FYJgZCoIkhxGOP4I?= =?us-ascii?q?8coZoj0+OQIFAhm6RJgIEAgQFAg4BAQWBaCOBWHAVGiGCbAlHERSDBoNzhRS?= =?us-ascii?q?FP3QMgRyNRAEB?=
X-IronPort-AV: E=Sophos;i="5.68,256,1569283200"; d="scan'208";a="363471655"
Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by alln-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 01 Nov 2019 15:06:59 +0000
Received: from XCH-RCD-013.cisco.com (xch-rcd-013.cisco.com [173.37.102.23]) by rcdn-core-4.cisco.com (8.15.2/8.15.2) with ESMTPS id xA1F6x53020405 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 1 Nov 2019 15:06:59 GMT
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by XCH-RCD-013.cisco.com (173.37.102.23) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 1 Nov 2019 10:06:59 -0500
Received: from xhs-rtp-002.cisco.com (64.101.210.229) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 1 Nov 2019 11:06:57 -0400
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-002.cisco.com (64.101.210.229) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Fri, 1 Nov 2019 11:06:57 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gBtDrUHuIFwqni6HsrXPB5lsiHiV1vmsX19jWOcFZrKVlz8RFm9ETJ5OaH+CKyhsMKeY49wzkJeGaXlPKR6pkReEbYq8BHW7EkqUvXBvdOrFH7SqzzIgkfxrorsFS167G8ma2kPUQBAoWkh1M1bocaqgT3s/7paA/0LCn4+uQ/PcptnUscy/cfeCTqj9EhpHiJdv3kX+w95POHurrmjZTU/HKNo/MMC5MHMW6q3jGacrmGllzkMNXhvwOpGjgHfTmfooJqx3FTzy6qUsSqLmNJU2f9tY0mkVCNsvA9Q+SJQ/KvQkQ1WDEMA43w3I4I2O/Gs98EQIpbOYCnhPcMehAw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CVG1iMLDf+fBmwVjAah5c+OJAGCEhuEvyh5OLOYqZtU=; b=DczmsaBCkhAxoHIi80EqY99zjB05L9iFE3trZiOpA4pQLj1tYT5oxHfQEcykyMFEo4Emp03PjRldY7vvLDI2FXZY+2n5Ab7SbLok1J7nm4LS+70rjOJiEzR4nzKE+8CarbYGFlIfqQYmjl8WrGHrDTdjs3O8wXQrdWsDVhPGD35Tn2yJpgYOcB5LFqWjZAttyXTqwJg4xJzR9mmJj2AdBGDDKihp+d0ImSwnJuTk9TnmBcUlWoEurDLIyY7fWlcAZ8OxLUtk47hVV7GMqvgEpH+1ZmLYJg2kkXLNPHd2pOgxMMIxgbM842qCSEf7hJRxeBJaO/yIJ70sAQSSErOfqQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CVG1iMLDf+fBmwVjAah5c+OJAGCEhuEvyh5OLOYqZtU=; b=g50h47WutB2YoFkZIZ1tLbjbLa1fYZZiv/2YprwI0iqb5QtvTzy4WE7z6W8Zp6pvgxYAaWn909QzswdP5asV0wXRtufpNqjbo3+Lh/s57LenMwqdGur3mPIFTuhSFqSfL4E5KY8PhGlKJLDMKmiZrhKxiEKAGqJfGqh03wgxjWo=
Received: from MWHPR11MB1341.namprd11.prod.outlook.com (10.169.237.144) by MWHPR11MB1902.namprd11.prod.outlook.com (10.175.53.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2387.23; Fri, 1 Nov 2019 15:06:55 +0000
Received: from MWHPR11MB1341.namprd11.prod.outlook.com ([fe80::5556:6e44:dbd2:a55f]) by MWHPR11MB1341.namprd11.prod.outlook.com ([fe80::5556:6e44:dbd2:a55f%11]) with mapi id 15.20.2387.028; Fri, 1 Nov 2019 15:06:55 +0000
From: "Les Ginsberg (ginsberg)" <ginsberg@cisco.com>
To: Qin Wu <bill.wu@huawei.com>, "lsr@ietf.org" <lsr@ietf.org>
Thread-Topic: [Lsr] I-D Action: draft-ietf-lsr-pce-discovery-security-support-03.txt
Thread-Index: AdWQfQ+o+TD/ntWwTniZBA6qXO6xKAASNP4A
Date: Fri, 1 Nov 2019 15:06:55 +0000
Message-ID: <MWHPR11MB1341C6CB198120DBF070EB7FC1620@MWHPR11MB1341.namprd11.prod.outlook.com>
References: <B8F9A780D330094D99AF023C5877DABAA93C1C49@dggeml511-mbx.china.huawei.com>
In-Reply-To: <B8F9A780D330094D99AF023C5877DABAA93C1C49@dggeml511-mbx.china.huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ginsberg@cisco.com;
x-originating-ip: [2001:420:c0c8:1006::d7]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 92a2f745-8f7f-4f1a-6266-08d75edd2295
x-ms-traffictypediagnostic: MWHPR11MB1902:
x-ms-exchange-purlcount: 5
x-microsoft-antispam-prvs: <MWHPR11MB1902F37488993A3E4D62B738C1620@MWHPR11MB1902.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-forefront-prvs: 020877E0CB
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(376002)(366004)(396003)(346002)(136003)(13464003)(199004)(189003)(33656002)(7696005)(71200400001)(81166006)(305945005)(316002)(2501003)(15650500001)(478600001)(8676002)(99286004)(4001150100001)(486006)(476003)(966005)(76176011)(110136005)(8936002)(6116002)(74316002)(7736002)(81156014)(52536014)(5660300002)(71190400001)(186003)(64756008)(66556008)(66574012)(66446008)(76116006)(102836004)(25786009)(66476007)(446003)(11346002)(2906002)(46003)(6246003)(14454004)(9686003)(6436002)(14444005)(6506007)(229853002)(256004)(55016002)(86362001)(6306002)(66946007)(53546011); DIR:OUT; SFP:1101; SCL:1; SRVR:MWHPR11MB1902; H:MWHPR11MB1341.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 2fGRuc+QC9sDAGRioU4GQrAUVm9SPvGCes/GwNUdI5GkLb/S9Lu2plPIF23e1DhVJyn5RDtnjKGucTjvQJ2DhHVg4+8u9wguUtP++aPhSBgB1QiLWv8QD8D7cligHyGHjnPBO4drEGACjYqv9uvjrZOBqcHk3BbvQfarVcaj4uBFqx+uk4ElNKP3K4006zkvvY48CKZ0beuVE5vkazh0JGFYp0vY7qNzYK+yqEx33OGo/UBBQj2/oi65uNhhSj8IKXjenkr4TkGLIPqybZJ8OxHAs8bWyH4GiQom1vNTPM4kQIcLkEFvV+5DZcNixBLvxDr0XuZCLlAwiqobU7E5OVdpY2nJkgMTOnDZfAYzd0ntTRZ2Kshl/wvLg8hkkRaooghbnviDPmjZD7tmHGieevYnev0P9XY5i4M/myUjxA2vA/BkQtCKCPZW+qWm+pwV0WcZOMxR+5nYdbTM2mEA7ykL2GwwiBW8JZrry5lywcU=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 92a2f745-8f7f-4f1a-6266-08d75edd2295
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Nov 2019 15:06:55.5514 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: jACHdG4cFQAG32+vcSRy/yWp2yBADr2+QSrKXiHDhxKj2vfjuIE6/FBghpvXga5Qnv3T8NxnMxvOanbAT9BkHA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR11MB1902
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.23, xch-rcd-013.cisco.com
X-Outbound-Node: rcdn-core-4.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/lsr/XQIccuZfPXzQ1qDhNQ7QG2hZLrI>
Subject: Re: [Lsr] I-D Action: draft-ietf-lsr-pce-discovery-security-support-03.txt
X-BeenThere: lsr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Link State Routing Working Group <lsr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lsr>, <mailto:lsr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lsr/>
List-Post: <mailto:lsr@ietf.org>
List-Help: <mailto:lsr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lsr>, <mailto:lsr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Nov 2019 15:07:03 -0000

Qin -

Thanx for addressing my comments - and for the update regarding PCE WG position.

The new version looks good to me.

   Les


> -----Original Message-----
> From: Lsr <lsr-bounces@ietf.org>; On Behalf Of Qin Wu
> Sent: Thursday, October 31, 2019 11:26 PM
> To: lsr@ietf.org
> Subject: Re: [Lsr] I-D Action: draft-ietf-lsr-pce-discovery-security-support-
> 03.txt
> 
> v-03 is posted to address additional comments from Les
> https://datatracker.ietf.org/doc/html/draft-ietf-lsr-pce-discovery-security-
> support-03
> Thanks Les for proposed change.
> 
> -Qin
> -----邮件原件-----
> 发件人: Lsr [mailto:lsr-bounces@ietf.org] 代表 internet-drafts@ietf.org
> 发送时间: 2019年11月1日 14:24
> 收件人: i-d-announce@ietf.org
> 抄送: lsr@ietf.org
> 主题: [Lsr] I-D Action: draft-ietf-lsr-pce-discovery-security-support-03.txt
> 
> 
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the Link State Routing WG of the IETF.
> 
>         Title           : IGP extension for PCEP security capability support in the PCE
> discovery
>         Authors         : Diego R. Lopez
>                           Qin Wu
>                           Dhruv Dhody
>                           Michael Wang
>                           Daniel King
> 	Filename        : draft-ietf-lsr-pce-discovery-security-support-03.txt
> 	Pages           : 9
> 	Date            : 2019-10-31
> 
> Abstract:
>    When a Path Computation Element (PCE) is a Label Switching Router
>    (LSR) participating in the Interior Gateway Protocol (IGP), or even a
>    server participating in IGP, its presence and path computation
>    capabilities can be advertised using IGP flooding.  The IGP
>    extensions for PCE discovery (RFC 5088 and RFC 5089) define a method
>    to advertise path computation capabilities using IGP flooding for
>    OSPF and IS-IS respectively.  However these specifications lack a
>    method to advertise PCEP security (e.g., Transport Layer
>    Security(TLS), TCP Authentication Option (TCP-AO)) support
>    capability.
> 
>    This document proposes new capability flag bits for PCE-CAP-FLAGS
>    sub-TLV that can be announced as attribute in the IGP advertisement
>    to distribute PCEP security support information.  In addition, this
>    document updates RFC 5088 and RFC 5089 to allow advertisement of Key
>    ID or Key Chain Name Sub-TLV to support TCP AO security capability.
> 
> 
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-lsr-pce-discovery-security-
> support/
> 
> There are also htmlized versions available at:
> https://tools.ietf.org/html/draft-ietf-lsr-pce-discovery-security-support-03
> https://datatracker.ietf.org/doc/html/draft-ietf-lsr-pce-discovery-security-
> support-03
> 
> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-lsr-pce-discovery-security-
> support-03
> 
> 
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
> 
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
> 
> _______________________________________________
> Lsr mailing list
> Lsr@ietf.org
> https://www.ietf.org/mailman/listinfo/lsr
> _______________________________________________
> Lsr mailing list
> Lsr@ietf.org
> https://www.ietf.org/mailman/listinfo/lsr