IETF Logo Mail Archive

Re: [Lsr] New Version Notification for draft-wu-lsr-pce-discovery-security-support-00.txt

Qin Wu <bill.wu@huawei.com> Fri, 24 August 2018 03:04 UTC

Return-Path: <bill.wu@huawei.com>
X-Original-To: lsr@ietfa.amsl.com
Delivered-To: lsr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EBD3E130DC1 for <lsr@ietfa.amsl.com>; Thu, 23 Aug 2018 20:04:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8pMe71fteW5M for <lsr@ietfa.amsl.com>; Thu, 23 Aug 2018 20:03:59 -0700 (PDT)
Received: from huawei.com (lhrrgout.huawei.com [185.176.76.210]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E38B11277CC for <lsr@ietf.org>; Thu, 23 Aug 2018 20:03:58 -0700 (PDT)
Received: from lhreml702-cah.china.huawei.com (unknown [172.18.7.107]) by Forcepoint Email with ESMTP id 0DF96257F9C3C for <lsr@ietf.org>; Fri, 24 Aug 2018 04:03:54 +0100 (IST)
Received: from NKGEML413-HUB.china.huawei.com (10.98.56.74) by lhreml702-cah.china.huawei.com (10.201.108.43) with Microsoft SMTP Server (TLS) id 14.3.399.0; Fri, 24 Aug 2018 04:03:54 +0100
Received: from NKGEML513-MBX.china.huawei.com ([169.254.1.79]) by NKGEML413-HUB.china.huawei.com ([10.98.56.74]) with mapi id 14.03.0399.000; Fri, 24 Aug 2018 11:03:44 +0800
From: Qin Wu <bill.wu@huawei.com>
To: "lsr@ietf.org" <lsr@ietf.org>
CC: "Acee Lindem (acee)" <acee@cisco.com>
Thread-Topic: New Version Notification for draft-wu-lsr-pce-discovery-security-support-00.txt
Thread-Index: AQHUO1Yg+5jLq2ECyU+LSXY1AXR5QKTONaOQ
Date: Fri, 24 Aug 2018 03:03:43 +0000
Message-ID: <B8F9A780D330094D99AF023C5877DABA9AFD7A4C@nkgeml513-mbx.china.huawei.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.138.33.244]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/lsr/mCR-Y-NB72VodiJLIc9UvoxErQQ>
Subject: Re: [Lsr] New Version Notification for draft-wu-lsr-pce-discovery-security-support-00.txt
X-BeenThere: lsr@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Link State Routing Working Group <lsr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lsr>, <mailto:lsr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lsr/>
List-Post: <mailto:lsr@ietf.org>
List-Help: <mailto:lsr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lsr>, <mailto:lsr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Aug 2018 03:04:01 -0000

Hi, Folks:
draft-wu-pce-discovery-pceps-support-07 has been resubmitted to LSR as draft-wu-lsr-pce-discovery-security-support-00 based on Chairs' suggestion.
https://tools.ietf.org/html/draft-wu-lsr-pce-discovery-security-support-00
This draft define IGP extension for PCEP security support, 
1.TCP AO which has been published as RFC5295.
2.PCEP over TLS which has been published as RFC8253 recently.

One issue raised by chair is shared key support for TCP-AO, how do you get shared key?
we believe to support TCP-AO, RFC5296 should also be implemented, which provide PSK and associated ciphersuit.
Let us know if you have any other opinion?

-Qin
-----邮件原件-----
发件人: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org] 
发送时间: 2018年8月24日 10:57
收件人: Daniel King; wangzitao; Dhruv Dhody; wangzitao; Diego R. Lopez; Diego Lopez; Qin Wu
主题: New Version Notification for draft-wu-lsr-pce-discovery-security-support-00.txt


A new version of I-D, draft-wu-lsr-pce-discovery-security-support-00.txt
has been successfully submitted by Qin Wu and posted to the IETF repository.

Name:		draft-wu-lsr-pce-discovery-security-support
Revision:	00
Title:		IGP extension for PCEP security capability support in the PCE discovery
Document date:	2018-08-23
Group:		Individual Submission
Pages:		6
URL:            https://www.ietf.org/internet-drafts/draft-wu-lsr-pce-discovery-security-support-00.txt
Status:         https://datatracker.ietf.org/doc/draft-wu-lsr-pce-discovery-security-support/
Htmlized:       https://tools.ietf.org/html/draft-wu-lsr-pce-discovery-security-support-00
Htmlized:       https://datatracker.ietf.org/doc/html/draft-wu-lsr-pce-discovery-security-support


Abstract:
   When a Path Computation Element (PCE) is a Label Switching Router
   (LSR) participating in the Interior Gateway Protocol (IGP), or even a
   server participating in IGP, its presence and path computation
   capabilities can be advertised using IGP flooding.  The IGP
   extensions for PCE discovery (RFC 5088 and RFC 5089) define a method
   to advertise path computation capabilities using IGP flooding for
   OSPF and IS-IS respectively.  However these specifications lack a
   method to advertise PCEP security (e.g., Transport Layer
   Security(TLS),TCP Authentication Option (TCP-AO)) support capability.

   This document proposes new capability flag bits for PCE-CAP-FLAGS
   sub-TLV that can be announced as attribute in the IGP advertisement
   to distribute PCEP security support information.

                                                                                  


Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat

v2.23.0 | Report a Bug | By Email