[nasr] Re: [saag] Re: NASR BOF Follow-Up
Eric Rescorla <ekr@rtfm.com> Fri, 11 April 2025 13:39 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: nasr@mail2.ietf.org
Delivered-To: nasr@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id BCB811AAE3AB for <nasr@mail2.ietf.org>; Fri, 11 Apr 2025 06:39:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20230601.gappssmtp.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MzVYq66AP0aB for <nasr@mail2.ietf.org>; Fri, 11 Apr 2025 06:39:04 -0700 (PDT)
Received: from mail-yw1-x1135.google.com (mail-yw1-x1135.google.com [IPv6:2607:f8b0:4864:20::1135]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 8E0D41AAE39C for <nasr@ietf.org>; Fri, 11 Apr 2025 06:39:04 -0700 (PDT)
Received: by mail-yw1-x1135.google.com with SMTP id 00721157ae682-7043db8491dso20450877b3.0 for <nasr@ietf.org>; Fri, 11 Apr 2025 06:39:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20230601.gappssmtp.com; s=20230601; t=1744378744; x=1744983544; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=OBxfWDwdg+8atNqlxUChHXijNp+GeC76rvfA6+4rvus=; b=sF5UgYKm4TALNKgvNih1i9+BJtbTn9RlfT9ZTa0jFznmx0yhibKyMTcYMnzl1+vyUN I/cLKuwLJJrt+dfIrO/2Q3r1DXezotA/60imJ8yxoMX/8iNX4W17TIMzENuBYRBCTyiA i0ZemujMeSkPe39v9DzmAbS2ODRwp15ufM+z+tFzrJu1yRqnv16F0h+b6kJ7KP42Qyb4 cVXXwVZgqJBSh6DTeaVMpNJcEN7uO+5Z5c/okRX8Ptf7Xxd+fqO6rp7G5tLElhEjS0rF U1kpR24YrWZYtVFvPAGlnOmjDH9JCnalwf+ZxP7ILbMc50z/iEpfAFmhiHJzgYodoyUs qU1A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744378744; x=1744983544; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=OBxfWDwdg+8atNqlxUChHXijNp+GeC76rvfA6+4rvus=; b=wdPK9VN3MSnWxk/zZmkTbVNXW7sbTUVt4ruJiWToCGg5LFepcD/5RaKz1im4jFvmJf hvZr/uQSdle5UVhAxnKd3Z/8gVLURVC4mXg2HAWV5dFL5eHmevvvxk28i8I38S5hU0pP CC6fFkQFM0HdP7P5rB/8oOxq9KS7spg6m34M3QTP5Kq6ng+aJaNEN0iefKXNenZsI+yu G/VVFP9bhPn7wUQHyvkCAFgpLcKIBgpD6NeCdYCpbUtWFDuIlfcQ9EMAJ3nkOH7nBl12 2V5HaK9iuVbrghc6sYJSY9LjgFLC1igltUP7z6rIpGjsk2ExrVR9/fNX9h5YQSgzeTeU 6j1g==
X-Forwarded-Encrypted: i=1; AJvYcCUiBQm7OfcIBPoocEL+TAH24ce1gYsVe2tUH7FaBzeaCVwduU1tscJgAuf9d7keIdHfK1Pb@ietf.org
X-Gm-Message-State: AOJu0YyamuFjb/5jYaI80y1UfrXvcUUTuW8pAW7+yrUgf3wXhhHtAdci RJTfjD+9sVVlx6t27MxvfFOLbPVkVsH9KfHRCdzNvv2ntoRtoZnzideepRiBZkBmDmb2w7gi/Uh UvPv08Oyw4yAMCLmH7+ZaAkxyuwWNj4160jn+5w==
X-Gm-Gg: ASbGncsBMRX4g+51O/AIA33YoKtm83u8TsOzgKiu9aZO4xe/dsH/8wApkIPpJOQeiJq dGCQkEf7gsJKfq00R5T9T3aXZY0VSPYLAFGibQyA/5Tg7ch1hJtU+XaPztl16FH7QCvi/oXKK8q ZbGtgfHM5+VdPwJPpaMbjCeZul
X-Google-Smtp-Source: AGHT+IEqE1g7wq8fMXB6e4PIMrH6sz0GIED9XfpEwVBoKXqqlzxQTmJuG2TKZqxSpPQ0UiwZe+AcYJj8ZxtCmRMFBxE=
X-Received: by 2002:a05:690c:6d0f:b0:702:d85:59b5 with SMTP id 00721157ae682-70559a8f429mr45009897b3.33.1744378743813; Fri, 11 Apr 2025 06:39:03 -0700 (PDT)
MIME-Version: 1.0
References: <ef08bf0afa924713acc629dff8156761@huawei.com> <2025040312042771743841@chinamobile.com> <CAL02cgSg53nOB8BCSNCLGC78r41P_1VzBPoj2yOJP1qbS0jqfA@mail.gmail.com> <CABcZeBPFaJMsWyNozXS+osh251631vCStkrmOk=WQig5c1_0qw@mail.gmail.com> <87c61c52-839f-f66e-a66a-b737f01ca93f@ietf.contact> <CABcZeBMOvFXkQ2OFBpz2Ri5_Oz-pHGs=2fHvBNptOdjQy9F7ww@mail.gmail.com> <11730e71-f409-bbaf-9bc1-4f88d207bcab@ietf.contact>
In-Reply-To: <11730e71-f409-bbaf-9bc1-4f88d207bcab@ietf.contact>
From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 11 Apr 2025 06:38:27 -0700
X-Gm-Features: ATxdqUFLHiuFGqwszixttVZMvoxEyowD2-1nhLbe-QFulw1MyUDsEqJJuYBqet4
Message-ID: <CABcZeBMDg9cFGtf6AMwSiq3ZnZnrvwoAc7TjD0Ftq-JC8jWusQ@mail.gmail.com>
To: Henk Birkholz <henk.birkholz@ietf.contact>
Content-Type: multipart/alternative; boundary="00000000000061107b063280d34b"
Message-ID-Hash: VP63EK65C2CFOUCBROWVSRVHB6CU37CN
X-Message-ID-Hash: VP63EK65C2CFOUCBROWVSRVHB6CU37CN
X-MailFrom: ekr@rtfm.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Richard Barnes <rlb@ipv.sx>, Meiling Chen <chenmeiling@chinamobile.com>, "Liuchunchi(Peter)" <liuchunchi@huawei.com>, "nasr@ietf.org" <nasr@ietf.org>, IETF SAAG <saag@ietf.org>, Luigi Iannone <ggx@gigix.net>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [nasr] Re: [saag] Re: NASR BOF Follow-Up
List-Id: Network Attestation for Secure Routing <nasr.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/nasr/0X_kYtpESl55cSSUwFsMCVo4ocM>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nasr>
List-Help: <mailto:nasr-request@ietf.org?subject=help>
List-Owner: <mailto:nasr-owner@ietf.org>
List-Post: <mailto:nasr@ietf.org>
List-Subscribe: <mailto:nasr-join@ietf.org>
List-Unsubscribe: <mailto:nasr-leave@ietf.org>
On Fri, Apr 11, 2025 at 2:01 AM Henk Birkholz <henk.birkholz@ietf.contact> wrote: > On 10.04.25 21:01, Eric Rescorla wrote: > > > > > > On Thu, Apr 10, 2025 at 11:40 AM Henk Birkholz > > <henk.birkholz@ietf.contact> wrote: > > > > On 03.04.25 21:11, Eric Rescorla wrote: > > > > > [0] Of course you could hash the individual configuration values, > > > but this is much the same as publishing the configuration. > > > > Is it? I am curious why. > > > > > > Because the values themselves are generally low entropy, so if you > > publish their hashes, then it's generally easy to determine the preimage. > > > > -Ekr > > Would some salt help here (like the salted hashes in sd-cwt)? > Probably not very much. What salt does is make it more difficult to amortize computation across multiple hashed values. However, if the total number of possible values is low (e.g., you have some configuration setting with 3 values) then you can just exhaustively search at query time. -Ekr > > Viele Grüße, > > Henk > > > > > > > Viele Grüße, > > > > Henk > > > > > > > > > > > It was not raised in the BoF, but I would like to point out a > > > logical inconsistency at the core of the proposition here: On > the > > > one hand, the proponents assert that end-to-end cryptographic > > > protections are not sufficient to keep endpoints safe. On > > the other > > > hand, the premise of the proposed solution is ... more > > > cryptography. Attestations, MACSEC, etc. So the argument > here > > > cannot rest on a hand-wavy "cryptography isn't enough"; you > > need to > > > articulate what specific risks you're addressing. > > > > > > Honestly, when I read the charter for this work, I did not > > initially > > > have as negative a reaction. I initially presumed it was like > > > verified SFC, and that you would do things like making a > firewall > > > rule a little more permissive if the flow had been verified > > > upstream. It's not implausible that there are some use cases > of > > > that shape. But instead, the presentations in the BoF framed > an > > > impossible problem and an unworkable solution, which clearly > > I could > > > not support. > > > > > > Hope that helps, > > > --Richard > > > > > > > > > On Thu, Apr 3, 2025 at 12:05 AM Meiling Chen > > > <chenmeiling@chinamobile.com > > <mailto:chenmeiling@chinamobile.com> > > <mailto:chenmeiling@chinamobile.com > > <mailto:chenmeiling@chinamobile.com>>> > > > wrote: > > > > > > Hi all, > > > > > > We will continue to track and actively address the issues > > raised > > > on NASR BoF, for convenience, I have brought the Q&A > > record to > > > the email list. > > > Welcome to continue discussing with those who are > concerned > > > about these issues. > > > > > > Q1: Why is not end-to-end protection sufficient and why > > should > > > we care about where the traffic goes through? > > > Q2: Why this is important to assure at the network layer? > > > Q3: List actual concrete examples of existing regulations. > > > Q4: List the technical requirements in detail. > > > Q5: NASR being a possible way to address pervasive traffic > > > monitoring threats? > > > > > > Q6: Proof of transit does not imply that the packet > > didn’t exit > > > the path. ---->PoNT is out of scope. > > > > > > Q7: There is work about proof of transit that has been > > done in > > > SFC, what is needed to highlight what is not there (in > > routing, > > > RATS, SFC PoT) which NASR will provide.--> > > > > > > NASR is the joint use of attestation techncology and > proof of > > > transit. > > > > > > Q8: What about lawful interceptions?----> > > > > > > Trustworthiness as defined in RATS can attest that a > > router does > > > what is supposed to do, including lawful interception if > > it is > > > what it is supposed to do. > > > > > > Q9: There is work from RATS, like RFC 9684, that can be > > used in > > > NASR. Why an independent effort? Why not putting this > > work in an > > > existing WG?----> > > > > > > RATS is the building block to create path attestation, > whose > > > usage is then verified with proof of transit. These two > > things > > > together look out of the scope of RATS. NASR does not > want to > > > replace RFC 9684, but rather leverage it. > > > > > > Q10: What is exactly the definition of a path in NASR? BGP > > > session? Tunnel? physical links?----> > > > > > > A document in PANRG has a good definition of what a > path is. > > > > > > Q11: Trustworthiness and traffic engineering are already > > > addressed in different places, so what is new in NASR? > ----> > > > > > > The possibility for the customers to verify that the > > traffic has > > > been engineered in the way they asked. How to do it is > > the gap > > > NASR wants to fill. > > > > > > Q12: Candidate solutions from problems exist in other > venues > > > (Routing security / SFC)----> > > > > > > True, but they do not address the combination > (forwarding). > > > > > > Q13: Proposed work may result in fragmentation of the > > Internet, > > > including and excluding poeople?----> > > > > > > No. That is the wrong terminology to use. NASR is about > path > > > complaint to a set of claims. Is a specific service in a > > limited > > > domain not a general service for the Internet. > > > > > > Q14: Clarification of requirements whether the > > requirement is to > > > detect nodes along the path that do not support NASR?----> > > > > > > No. Only have proof that traffic went through a set of > nodes > > > that support NASR. > > > > > > Q15: Bringing the work to RATS would not work. RATS is > > already > > > bloated and bringing all this work there is not possible. > > > > > > Q16: PoT has cryptographic cost.---> > > > > > > Implementation on SRv6 shows that the cost is very > limited. > > > > > > Q17: Remark about the scope of implementation: Internet or > > > limited domain?---> > > > > > > limited domain implemented at the operator level. > > > > > > Q18: Need to verify every configuration (binary / > > configuration > > > files / routers) in order to determine the properties of > the > > > path?--->This is not how remote attestation works. There > > is no > > > configuration shared, the configuration is attested > through > > > trusted third party. You share hash values that attest > > the the > > > property. > > > > > > Q19: Why not doing this in the SFC WG?---->Piece can be > > done in > > > other WG, but from a global perspective wold be better to > > have a WG. > > > > > > Q20: For reliability, what about having multiple paths? > > Can it > > > be a scalability issue? ----Yes, the attribute of > > multiple path > > > is included. > > > > > > Best, > > > Meiling > > > > > > *From:* Liuchunchi\(Peter\) > > > <mailto:liuchunchi > > <mailto:liuchunchi>=40huawei.com@dmarc.ietf.org > > <mailto:40huawei.com@dmarc.ietf.org>> > > > *Date:* 2025-03-29 19:19 > > > *To:* nasr@ietf.org <mailto:nasr@ietf.org> > > <mailto:nasr@ietf.org <mailto:nasr@ietf.org>>; IETF SAAG > > > <mailto:saag@ietf.org <mailto:saag@ietf.org>> > > > *CC:* ggx@gigix.net <mailto:ggx@gigix.net> > > <mailto:ggx@gigix.net <mailto:ggx@gigix.net>> > > > *Subject:* [saag] NASR BOF Follow-Up > > > > > > Hi NASR, SAAG,____ > > > > > > __ __ > > > > > > Thanks everyone for participating and contributing > > valuable > > > feedbacks to the NASR BOF last week! Thank you Nancy > and > > > Luigi for mediating a productive discussion, and > > thanks Deb > > > for supervising the process.____ > > > > > > __ __ > > > > > > During the process, we had extensive discussions that > > showed > > > both major interests in the problem and differing > > > understanding of the objective. For example, NASR > > represents > > > new use case requirements that aim to extend Remote > > > Attestation benefits to the network scale, providing > more > > > comprehensive security visibility and behavioral > > assurance > > > across network deployments to the customers. But NASR > > is not > > > intended, in any capacity, to serve as a substitute > for > > > end-to-end encryption technology, etc. ____ > > > > > > __ __ > > > > > > The poll result shows a clear consensus that this is > > an IETF > > > problem, but a rougher (at best) or no consensus that > the > > > problem is well understood. ____ > > > > > > __ __ > > > > > > To help on that, next steps we will work on a > dedicated > > > document that collects all valuable feedbacks from > > the BOF > > > and resolve them one-by-one. Again, we sincerely thank > > > everyone who contributed valuable feedbacks and cares > > about > > > bringing more security and transparency to > networks!____ > > > > > > __ __ > > > > > > Best regards,____ > > > > > > Peter (Chunchi) Liu____ > > > > > > __ __ > > > > > > _______________________________________________ > > > saag mailing list -- saag@ietf.org <mailto:saag@ietf.org> > > <mailto:saag@ietf.org <mailto:saag@ietf.org>> > > > To unsubscribe send an email to saag-leave@ietf.org > > <mailto:saag-leave@ietf.org> > > > <mailto:saag-leave@ietf.org <mailto:saag-leave@ietf.org>> > > > > > > -- > > > nasr mailing list -- nasr@ietf.org <mailto:nasr@ietf.org> > > <mailto:nasr@ietf.org <mailto:nasr@ietf.org>> > > > To unsubscribe send an email to nasr-leave@ietf.org > > <mailto:nasr-leave@ietf.org> > > > <mailto:nasr-leave@ietf.org <mailto:nasr-leave@ietf.org>> > > > > > >
- [nasr] NASR BOF Follow-Up Liuchunchi(Peter)
- [nasr] Re: [saag] NASR BOF Follow-Up Meiling Chen
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Richard Barnes
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Michael Richardson
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Luigi IANNONE
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Meiling Chen
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up 刘鹏辉
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Toerless Eckert
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Watson Ladd
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Liuchunchi(Peter)
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Michael Richardson
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Liuchunchi(Peter)
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Richard Barnes
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Watson Ladd
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Toerless Eckert
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Toerless Eckert
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Watson Ladd
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Toerless Eckert
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Toerless Eckert
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Watson Ladd
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Michael Richardson
- [nasr] Summary of Discussions So far---Re: [saag]… Meiling Chen
- [nasr] Re: Summary of Discussions So far---Re: [s… Luigi IANNONE
- [nasr] Re: Summary of Discussions So far---Re: [s… Meiling Chen
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Meiling Chen
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Watson Ladd
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Luigi IANNONE
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Meiling Chen
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Liuchunchi(Peter)
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Toerless Eckert
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Meiling Chen
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Toerless Eckert
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Meiling Chen
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Luigi IANNONE
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Meiling Chen
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Stephen Farrell
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Luigi IANNONE
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Liuchunchi(Peter)
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Toerless Eckert
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Liuchunchi(Peter)
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Meiling Chen
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Adrian Farrel
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Luigi IANNONE
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Eric Rescorla
- [nasr] Re: [saag] Re: Re: NASR BOF Follow-Up Carsten Bormann