[nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up
Eric Rescorla <ekr@rtfm.com> Fri, 23 May 2025 16:32 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: nasr@mail2.ietf.org
Delivered-To: nasr@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id B0FA82C576DB for <nasr@mail2.ietf.org>; Fri, 23 May 2025 09:32:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20230601.gappssmtp.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UgcjBwvpYad8 for <nasr@mail2.ietf.org>; Fri, 23 May 2025 09:32:38 -0700 (PDT)
Received: from mail-yb1-xb33.google.com (mail-yb1-xb33.google.com [IPv6:2607:f8b0:4864:20::b33]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 088DB2C576C9 for <nasr@ietf.org>; Fri, 23 May 2025 09:32:38 -0700 (PDT)
Received: by mail-yb1-xb33.google.com with SMTP id 3f1490d57ef6-e733cd55f9eso69188276.1 for <nasr@ietf.org>; Fri, 23 May 2025 09:32:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20230601.gappssmtp.com; s=20230601; t=1748017957; x=1748622757; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=20sFgJ4VFP49tMagZvijdbJ7DjtrgwKp4wD4f4Vu84M=; b=xblP8oKSKY9XauRKr3/VqvB96M58QyvWO5TrgfF/bJxKYJePt+tWQ2liMXz3C/SBXf WVFqBFFSgFkc7cDSAK63VefNaT5JmzFjj9Go2F6jjc1/GFfhubOY6L9mkwn6i8GBx0IS egU4e2IyOzmovDqpD8bdvJNE2nczIvHXibEC02hjQz0B4CW5mE1WEMr1nW04VSGo+YdQ bJtMSKOusaOZRRwl+IE6Sf/8/JFmzO4PPhsuUK981hiADbt6MLc29LwkKAlOiiStj9HV ufhdxEtnmZ3Zr4X2h1KdddAyD9J0oHCfS5T4m4dK7YBmJBKbRJzDnjelizcXcvnV2KQh BbhQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748017957; x=1748622757; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=20sFgJ4VFP49tMagZvijdbJ7DjtrgwKp4wD4f4Vu84M=; b=OX0tpsImho089x6PVqFrdkGGbA/pJJivi77Trrv6KJ46ZjSLG8qHB2AOJB6cZIstrF Zy5MzjFRtE+8KxE79q9VNs1cclmku2pL6YQPFZfYbOMa6iQZQKTga8sZRobcJ0PEx4Ku ny0JTo8/M0YQzwDBO/Af+/wVZodeN2iGXgtgsRDKWdFaGutBKZs8iKEgeW0R8ubGuaTK AbRCM/lRwIvOJjcCdVeK7Y3CAmpBMAHN4LJCwilFzmRdU0gWXWM+J1nYjaM6y+IPzWDc or2qqFR4s43fAUmRx0A831QBUu63dDaF5jZ76gMdF9WKX4URuBCBG3RiaM0y4xg8dFZ2 gObA==
X-Forwarded-Encrypted: i=1; AJvYcCVaIE8bA3FnjRtVBcHxXoTWDSBcDC0khrfuIgm564N4qaKiR87SBmpbU20rm4p8Epr1tzk4@ietf.org
X-Gm-Message-State: AOJu0Yw4W55ICtBu1aS3n8mXpWlJDBDyPyhCpWE87w3CmdVmcLDmzsil h5bGCScBC+0ntFgXPqSLz8bTL6YVKaKz12k97vGv6nBZGMs7Hen4L83Ndi4uCYsb01kJB4RIZzs pW2z+vvdK9k/L4O7ZNU5JweU1i8wwcNxuri4tcwRXOg==
X-Gm-Gg: ASbGncsT0v33zLytSQ6xDgZK4++K337Te8R2dTZBwTRs9Q291ftoOrxJtXuEJALgcR7 PlfXyVAVyePHvGykzcWHudv8AyYS39Bx4bVgnNTYtWkULI2KVxWv6dNVU9UW+9ctgMgqObByYGr 41nfX/jpNQx+jzSbJgmRduSyVjGxIsnuFpY/I=
X-Google-Smtp-Source: AGHT+IHbr8rs+nGqm9yxqBi1+JDYjgzHwFxddYG+wc3JqpC1uVL3cUKDLjPJcAVsgacyexc5oP70IRrtgrzki9oCxFs=
X-Received: by 2002:a05:6902:5401:b0:e7d:61b5:839 with SMTP id 3f1490d57ef6-e7d919b4fcdmr219140276.17.1748017957321; Fri, 23 May 2025 09:32:37 -0700 (PDT)
MIME-Version: 1.0
References: <87c61c52-839f-f66e-a66a-b737f01ca93f@ietf.contact> <CABcZeBMOvFXkQ2OFBpz2Ri5_Oz-pHGs=2fHvBNptOdjQy9F7ww@mail.gmail.com> <11730e71-f409-bbaf-9bc1-4f88d207bcab@ietf.contact> <CABcZeBMDg9cFGtf6AMwSiq3ZnZnrvwoAc7TjD0Ftq-JC8jWusQ@mail.gmail.com> <d3de69d6-f46b-fe0c-b6dc-8180864bd9b0@ietf.contact> <CABcZeBO15H=+ds0deqvtOzKvX+JvFzCn2pht3fcKYcp7df=UFw@mail.gmail.com> <52b08a1b-45e2-b03b-a0a8-12e55b56bfa8@ietf.contact> <CABcZeBOwZ3=pz=Xz1D3YwJ6_svTidt5azWDFnTwexsE508rmkA@mail.gmail.com> <ee313d5a-967b-c434-804c-097e4777ca20@ietf.contact> <CABcZeBP7-A52XPghkCWa7f15Xa1UvoHKujhNPzvoH+cP+McSWQ@mail.gmail.com> <Z_mZqmJs8Su1Tt2Y@faui48e.informatik.uni-erlangen.de> <CABcZeBMK5kBN2YG4Xev5CTVyk00BXAUWa4P_Ov9Q7K+-b1B5Pw@mail.gmail.com> <52075b58d6f64ef98871f1296a6e347f@huawei.com> <CACsn0c=sfhN+zJ7r7vpCe4gOXbLU8HAA0hwvgxoB3cGmMTH4WQ@mail.gmail.com> <c73fe830-413e-04b8-92f7-28c994034c81@ietf.contact> <CACsn0c=+2b5-x9FnjZHDFWxs31HUyPyd42==DeyKqXuP2SVssg@mail.gmail.com> <59336c94-08ea-2961-6390-50bf70f7befd@ietf.contact> <CACsn0cmGaWNRP6Nrj1F1O8vYeuM2EB9d9Ah6N_Lz-m6cp0y7HQ@mail.gmail.com> <2025052016324389942321@chinamobile.com> <CACsn0cm7r77B-fOwhP4sfOMsvxBhy_75wAYERzG6Fp6co7ZeYA@mail.gmail.com> <4cfab84c8bc74efdbb642650638931d7@huawei.com>
In-Reply-To: <4cfab84c8bc74efdbb642650638931d7@huawei.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 23 May 2025 09:32:00 -0700
X-Gm-Features: AX0GCFte7Tf3DInB0-CtvkX9b9K7ZD_pHCZws_OakaQ1cmBzaLlk1h5M_kyPWt4
Message-ID: <CABcZeBNGt_9iG10enECOT0JgA1EwN1MsR-RDNDCC+a4TiG8WxQ@mail.gmail.com>
To: Luigi IANNONE <luigi.iannone@huawei.com>
Content-Type: multipart/alternative; boundary="00000000000068518b0635d0251c"
Message-ID-Hash: 5XKLFHCMBWTWREZBYH4QW36623TBFLOW
X-Message-ID-Hash: 5XKLFHCMBWTWREZBYH4QW36623TBFLOW
X-MailFrom: ekr@rtfm.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Watson Ladd <watsonbladd@gmail.com>, Meiling Chen <chenmeiling@chinamobile.com>, Henk Birkholz <henk.birkholz@ietf.contact>, Liuchunchi <liuchunchi=40huawei.com@dmarc.ietf.org>, Toerless Eckert <tte@cs.fau.de>, "nasr@ietf.org" <nasr@ietf.org>, IETF SAAG <saag@ietf.org>, Luigi Iannone <ggx@gigix.net>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up
List-Id: Network Attestation for Secure Routing <nasr.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/nasr/2Zf34mAsnljjbRBo7Ccp8O2gda0>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nasr>
List-Help: <mailto:nasr-request@ietf.org?subject=help>
List-Owner: <mailto:nasr-owner@ietf.org>
List-Post: <mailto:nasr@ietf.org>
List-Subscribe: <mailto:nasr-join@ietf.org>
List-Unsubscribe: <mailto:nasr-leave@ietf.org>
On Thu, May 22, 2025 at 12:52 AM Luigi IANNONE <luigi.iannone@huawei.com> wrote: > Hi Watson, > > > > > Correct. Some claims are easy to verify. Most aren't. Statements that > "the > > router supports X" aren't really interesting. Statements that "this > > configuration will never pass your traffic over a bad link" are, but are > a lot > > harder to show. > > > > > > > [LI] Agreed. This is a very claim hard show/attest. > Note however that this is not what NASR is trying to do. > NASR is more about router has feature X, Y, and Z which is what I want, > and that traffic goes through the selected routers that support X, Y and Z. > NASR is not about proving that traffic does not go somewhere else (proof > of non-transit is out of scope). > As I understood the presentations, you wanted to make claims like: * This traffic was sent over an encrypted link * All traffic to address X will be sent over an encrypted link * This traffic is not being sent to a spanning port or otherwise available for monitoring Correct? -Ekr -Ekr > Ciao > > L. >
- [nasr] NASR BOF Follow-Up Liuchunchi(Peter)
- [nasr] Re: [saag] NASR BOF Follow-Up Meiling Chen
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Richard Barnes
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Michael Richardson
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Luigi IANNONE
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Meiling Chen
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up 刘鹏辉
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Toerless Eckert
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Watson Ladd
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Liuchunchi(Peter)
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Michael Richardson
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Liuchunchi(Peter)
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Richard Barnes
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Watson Ladd
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Toerless Eckert
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Toerless Eckert
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Watson Ladd
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Toerless Eckert
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Toerless Eckert
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Watson Ladd
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Michael Richardson
- [nasr] Summary of Discussions So far---Re: [saag]… Meiling Chen
- [nasr] Re: Summary of Discussions So far---Re: [s… Luigi IANNONE
- [nasr] Re: Summary of Discussions So far---Re: [s… Meiling Chen
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Meiling Chen
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Watson Ladd
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Luigi IANNONE
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Meiling Chen
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Liuchunchi(Peter)
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Toerless Eckert
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Meiling Chen
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Toerless Eckert
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Meiling Chen
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Luigi IANNONE
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Meiling Chen
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Stephen Farrell
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Luigi IANNONE
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Liuchunchi(Peter)
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Toerless Eckert
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Liuchunchi(Peter)
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Meiling Chen
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Adrian Farrel
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Luigi IANNONE
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Eric Rescorla
- [nasr] Re: [saag] Re: Re: NASR BOF Follow-Up Carsten Bormann