IETF Logo Mail Archive

[mpls] FW: I-D Action: draft-farrelll-mpls-opportunistic-encrypt-00.txt

"Adrian Farrel" <adrian@olddog.co.uk> Thu, 09 January 2014 11:51 UTC

Return-Path: <adrian@olddog.co.uk>
X-Original-To: mpls@ietfa.amsl.com
Delivered-To: mpls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DDED51AE29B for <mpls@ietfa.amsl.com>; Thu, 9 Jan 2014 03:51:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.553
X-Spam-Level:
X-Spam-Status: No, score=-0.553 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_BL_SPAMCOP_NET=1.347, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yuN8muUI3Vo4 for <mpls@ietfa.amsl.com>; Thu, 9 Jan 2014 03:51:20 -0800 (PST)
Received: from asmtp1.iomartmail.com (asmtp1.iomartmail.com [62.128.201.248]) by ietfa.amsl.com (Postfix) with ESMTP id A8AE91AE20E for <mpls@ietf.org>; Thu, 9 Jan 2014 03:51:19 -0800 (PST)
Received: from asmtp1.iomartmail.com (localhost.localdomain [127.0.0.1]) by asmtp1.iomartmail.com (8.13.8/8.13.8) with ESMTP id s09Bp6rA026716; Thu, 9 Jan 2014 11:51:08 GMT
Received: from 950129200 (14.21.90.92.rev.sfr.net [92.90.21.14]) (authenticated bits=0) by asmtp1.iomartmail.com (8.13.8/8.13.8) with ESMTP id s09Bp4wT026686 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Thu, 9 Jan 2014 11:51:05 GMT
From: Adrian Farrel <adrian@olddog.co.uk>
To: mpls@ietf.org
References: <20140109114335.11656.57445.idtracker@ietfa.amsl.com>
In-Reply-To: <20140109114335.11656.57445.idtracker@ietfa.amsl.com>
Date: Thu, 09 Jan 2014 11:51:03 -0000
Message-ID: <01be01cf0d31$13fdea40$3bf9bec0$@olddog.co.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQMUV0gQu98E8zPvuS9WnPXs2HJTspfxslEg
Content-Language: en-gb
Cc: stephen.farrell@cs.tcd.ie
Subject: [mpls] FW: I-D Action: draft-farrelll-mpls-opportunistic-encrypt-00.txt
X-BeenThere: mpls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: adrian@olddog.co.uk
List-Id: Multi-Protocol Label Switching WG <mpls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mpls>, <mailto:mpls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mpls/>
List-Post: <mailto:mpls@ietf.org>
List-Help: <mailto:mpls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mpls>, <mailto:mpls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jan 2014 11:51:22 -0000

Hi MPLS working group,

Stephen and I have been looking at MPLS data plane security and wondering
whether anything could be done to help protect against various types of bulk
surveillance achieved by tapping entire links without requiring full and
management-heavy establishment of security associations.

This I-D is very rough! it is a first attempt to show what might be achieved. We
are confident that there are problems with what we have suggested both from a
security and an MPLS perspective. Your thoughts and comments are encouraged.

Thanks,
The Farrel twins.

> -----Original Message-----
> From: I-D-Announce [mailto:i-d-announce-bounces@ietf.org] On Behalf Of
> internet-drafts@ietf.org
> Sent: 09 January 2014 11:44
> To: i-d-announce@ietf.org
> Subject: I-D Action: draft-farrelll-mpls-opportunistic-encrypt-00.txt
> 
> 
> A New Internet-Draft is available from the on-line Internet-Drafts
directories.
> 
> 
>         Title           : Opportunistic Encryption in MPLS Networks
>         Authors         : Adrian Farrel
>                           Stephen Farrell
> 	Filename        : draft-farrelll-mpls-opportunistic-encrypt-00.txt
> 	Pages           : 22
> 	Date            : 2014-01-09
> 
> Abstract:
>    This document describes a way to apply opportunistic encryption
>    between adjacent nodes on an MPLS Label Switched Path (LSP) or
>    between end points of an LSP.  It explains how keys may be exchanged
>    to enable the encryption, and indicates how key identifiers are
>    exchanged in encrypted MPLS packets.  Finally, this document
>    describes the applicability of opportunistic encryption in MPLS
>    networks with an indication of the level of improved security as well
>    as the continued vulnerabilities.
> 
>    This document does not describe security for MPLS control plane
>    protocols.
> 
> 
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-farrelll-mpls-opportunistic-encrypt/
> 
> There's also a htmlized version available at:
> http://tools.ietf.org/html/draft-farrelll-mpls-opportunistic-encrypt-00
> 
> 
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
> 
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
> 
> _______________________________________________
> I-D-Announce mailing list
> I-D-Announce@ietf.org
> https://www.ietf.org/mailman/listinfo/i-d-announce
> Internet-Draft directories: http://www.ietf.org/shadow.html
> or ftp://ftp.ietf.org/ietf/1shadow-sites.txt

v2.23.0 | Report a Bug | By Email