Re: [mpls] Kathleen Moriarty's No Objection on draft-ietf-mpls-spring-lsp-ping-11: (with COMMENT)

"Carlos Pignataro (cpignata)" <cpignata@cisco.com> Tue, 10 October 2017 21:41 UTC

Return-Path: <cpignata@cisco.com>
X-Original-To: mpls@ietfa.amsl.com
Delivered-To: mpls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E2E8132D51; Tue, 10 Oct 2017 14:41:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.519
X-Spam-Level:
X-Spam-Status: No, score=-14.519 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J_9sWYjLHIsl; Tue, 10 Oct 2017 14:41:19 -0700 (PDT)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F9FF1321A2; Tue, 10 Oct 2017 14:41:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=7806; q=dns/txt; s=iport; t=1507671679; x=1508881279; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=eMisfaolUe4NyyR27sNF46QpnBpsSvCCHazI3lklsdU=; b=BgNB+83+uCDBaLnYcL7If9xqJgNoN2OUc5SoCrFgX/3gaI25k557JlA6 Dlofk4YueaaMQ/YxuRlqDrPu4/PiaqAHzgT9rSdQstUWGG7/rWeDCnkMt RM578UgjI4px4ecfZZJlz8c1uT8VPciHKKHrpfzHPUjL1+dgvxy7xTCSl I=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0CeAAD2Pd1Z/4cNJK1cGQEBAQEBAQEBA?= =?us-ascii?q?QEBBwEBAQEBg1tkbicHg3OKH49zgVSIZ4grhT8OggQKJYUWAhqENT8YAQIBAQE?= =?us-ascii?q?BAQEBayiFHgYjVhACAQg/AwICAh8RFBECBA4FiUBMAxUQA6hTgieHQQ2DYgEBA?= =?us-ascii?q?QEBAQEBAQEBAQEBAQEBAQEBARgFgy2CAoFRghULgnOCXoFzARIBV4JbL4IyBYo?= =?us-ascii?q?TjkuIIjwCh1yIEoR5DIIIhXOLCIx7iDkCERkBgTgBHziBAwt4FVsBhQccGYFOd?= =?us-ascii?q?gGHFYEkgRABAQE?=
X-IronPort-AV: E=Sophos; i="5.43,359,1503360000"; d="scan'208,217"; a="15239373"
Received: from alln-core-2.cisco.com ([173.36.13.135]) by alln-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 10 Oct 2017 21:41:18 +0000
Received: from XCH-RTP-018.cisco.com (xch-rtp-018.cisco.com [64.101.220.158]) by alln-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id v9ALfIQj009017 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 10 Oct 2017 21:41:18 GMT
Received: from xch-rtp-020.cisco.com (64.101.220.160) by XCH-RTP-018.cisco.com (64.101.220.158) with Microsoft SMTP Server (TLS) id 15.0.1320.4; Tue, 10 Oct 2017 17:41:17 -0400
Received: from xch-rtp-020.cisco.com ([64.101.220.160]) by XCH-RTP-020.cisco.com ([64.101.220.160]) with mapi id 15.00.1320.000; Tue, 10 Oct 2017 17:41:17 -0400
From: "Carlos Pignataro (cpignata)" <cpignata@cisco.com>
To: Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>
CC: The IESG <iesg@ietf.org>, "draft-ietf-mpls-spring-lsp-ping@ietf.org" <draft-ietf-mpls-spring-lsp-ping@ietf.org>, Loa Andersson <loa@pi.nu>, "mpls-chairs@ietf.org" <mpls-chairs@ietf.org>, "mpls@ietf.org" <mpls@ietf.org>
Thread-Topic: Kathleen Moriarty's No Objection on draft-ietf-mpls-spring-lsp-ping-11: (with COMMENT)
Thread-Index: AQHTQgkZTsSjfNpay0u2Oix+7ycdLaLd3/aA
Date: Tue, 10 Oct 2017 21:41:17 +0000
Message-ID: <EFC92399-2699-4877-8F23-D1BDDB369DC6@cisco.com>
References: <150766849317.13436.2227438826533682255.idtracker@ietfa.amsl.com>
In-Reply-To: <150766849317.13436.2227438826533682255.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.118.116.133]
Content-Type: multipart/alternative; boundary="_000_EFC92399269948778F23D1BDDB369DC6ciscocom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/mpls/zXUVrQ-PTgyHHKiR2YWDKPhbQCs>
Subject: Re: [mpls] Kathleen Moriarty's No Objection on draft-ietf-mpls-spring-lsp-ping-11: (with COMMENT)
X-BeenThere: mpls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Multi-Protocol Label Switching WG <mpls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mpls>, <mailto:mpls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mpls/>
List-Post: <mailto:mpls@ietf.org>
List-Help: <mailto:mpls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mpls>, <mailto:mpls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Oct 2017 21:41:21 -0000

Kathleen,

Please see inline.

On Oct 10, 2017, at 4:48 PM, Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com<mailto:Kathleen.Moriarty.ietf@gmail.com>> wrote:

Kathleen Moriarty has entered the following ballot position for
draft-ietf-mpls-spring-lsp-ping-11: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-mpls-spring-lsp-ping/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

I don't see mention of the possibility of the new LSP Ping and traceroute being
used for reconnaissance. Is there a reason that i snot applicable or should it
be added as a consideration?  Thanks.


It is a general consideration of the overall RFC 8029 approach, and not specific to this extension. As such, we did capture reconnaissance in Section 5 of RFC 8029, as:

   The third is an
   unauthorized source using an LSP ping to obtain information about the
   network.

Consequently, we are covered since there is no mitigation specific to the TFSs specified in draft-ietf-mpls-spring-lsp-ping.

Thanks for addressing the SecDir review:
https://mailarchive.ietf.org/arch/msg/secdir/HhRollkdh9Y581j7HlQys8kP4nE


You are welcome!

Best,

— Carlos.