Re: [mpls] AD review of draft-ietf-mpls-ldp-hello-crypto-auth
Loa Andersson <loa@pi.nu> Thu, 17 April 2014 11:13 UTC
Return-Path: <loa@pi.nu>
X-Original-To: mpls@ietfa.amsl.com
Delivered-To: mpls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE6EB1A0090 for <mpls@ietfa.amsl.com>; Thu, 17 Apr 2014 04:13:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.172
X-Spam-Level:
X-Spam-Status: No, score=-2.172 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.272] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id btHsQVwe3WY8 for <mpls@ietfa.amsl.com>; Thu, 17 Apr 2014 04:12:57 -0700 (PDT)
Received: from pipi.pi.nu (pipi.pi.nu [83.168.239.141]) by ietfa.amsl.com (Postfix) with ESMTP id 15C1C1A004A for <mpls@ietf.org>; Thu, 17 Apr 2014 04:12:56 -0700 (PDT)
Received: from [192.168.0.123] (81-229-83-119-no65.business.telia.com [81.229.83.119]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: loa@pi.nu) by pipi.pi.nu (Postfix) with ESMTPSA id 7EF201800905; Thu, 17 Apr 2014 13:12:52 +0200 (CEST)
Message-ID: <534FB734.2020005@pi.nu>
Date: Thu, 17 Apr 2014 13:12:52 +0200
From: Loa Andersson <loa@pi.nu>
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0
MIME-Version: 1.0
To: adrian@olddog.co.uk, draft-ietf-mpls-ldp-hello-crypto-auth.all@tools.ietf.org
References: <002301cf5743$b1a74af0$14f5e0d0$@olddog.co.uk>
In-Reply-To: <002301cf5743$b1a74af0$14f5e0d0$@olddog.co.uk>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/mpls/RjDGcXYvfRfeuXpB7e6BVAn7wJM
Cc: mpls@ietf.org
Subject: Re: [mpls] AD review of draft-ietf-mpls-ldp-hello-crypto-auth
X-BeenThere: mpls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Multi-Protocol Label Switching WG <mpls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mpls>, <mailto:mpls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mpls/>
List-Post: <mailto:mpls@ietf.org>
List-Help: <mailto:mpls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mpls>, <mailto:mpls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Apr 2014 11:13:02 -0000
Adrian, Given my limited understanding of the security mechanisms, I nevertheless have one question I need to ask. You say: On 2014-04-13 20:10, Adrian Farrel wrote: > It would help if the document was a > little clearer about which attacks it is defending against and why normal > protection at the edge of the network is not considered enough for the former, > and why a bad actor within the network would waste its time attacking LDP when > there is so much else it can do! My understanding is that this document was written as a response to the risk analysis in RFC 6952. If I remember correctly you had a number of questions, but also said that you had no objections after having these question answered. Since RFC 6952 says we have a security hole that we need to close, you said that you approve of that, we tried to fill the hole; how should I understand the comment above? Do you just want another reference to RFC 6952? /Loa -- Loa Andersson email: loa@mail01.huawei.com Senior MPLS Expert loa@pi.nu Huawei Technologies (consultant) phone: +46 739 81 21 64
- [mpls] AD review of draft-ietf-mpls-ldp-hello-cry… Adrian Farrel
- Re: [mpls] AD review of draft-ietf-mpls-ldp-hello… Loa Andersson
- Re: [mpls] AD review of draft-ietf-mpls-ldp-hello… Adrian Farrel
- Re: [mpls] AD review of draft-ietf-mpls-ldp-hello… Loa Andersson
- Re: [mpls] AD review of draft-ietf-mpls-ldp-hello… Adrian Farrel
- Re: [mpls] AD review of draft-ietf-mpls-ldp-hello… Vero Zheng
- Re: [mpls] AD review of draft-ietf-mpls-ldp-hello… Adrian Farrel