[nasr] Re: [saag] Re: NASR BOF Follow-Up
Henk Birkholz <henk.birkholz@ietf.contact> Fri, 11 April 2025 16:45 UTC
Return-Path: <henk.birkholz@ietf.contact>
X-Original-To: nasr@mail2.ietf.org
Delivered-To: nasr@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id B01341ACCD02; Fri, 11 Apr 2025 09:45:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.172
X-Spam-Level:
X-Spam-Status: No, score=-4.172 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-1.374, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=ietf.contact
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h5El-xyotTV4; Fri, 11 Apr 2025 09:45:29 -0700 (PDT)
Received: from smtp01-ext2.udag.de (smtp01-ext2.udag.de [62.146.106.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id B831E1ACCCFD; Fri, 11 Apr 2025 09:45:29 -0700 (PDT)
Received: from [IPV6:2a01:599:70e:2547:9109:a3af:4961:cdb4] (tmo-126-220.customers.d1-online.com [80.187.126.220]) by smtp01-ext2.udag.de (Postfix) with ESMTPA id 4C70BE0253; Fri, 11 Apr 2025 18:45:26 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ietf.contact; s=uddkim-202310; t=1744389928; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=IkpNtBFT66pOtY0F6GwzgEEinBD08NGvQ10vJlKJc4s=; b=flZ4iAnnqqPqDqTT3sQdZudK0+QQ240/iKazZnnaJG6Cwcdq9hfAxhbrgW3Kbz6ni9dzvc GyfjiYusn/GKsHsSVSgoC1y+SvHaeMTGCykQLT75jdlGlGQtLrP1GUkb+OmhwU4M5rH9su hS51XEiyIUyXbtCogUZ0Qqf87C9C0yZb9e/WoFEQqLHxqQgYr9LUjsdnWNiTLJJmjQn36J kciWqmMfRdG4l8DvNAYvXwfnQ6Soz/hdhB8SPbIX3fyJsP9p0tKAYVSyq+8u1q+u1l5S6k csJpULUuCQHw0lYfTtmixlWhDguuTfuxXBljM/mcELLqrvYtnQCvfRAatm8hLQ==
Message-ID: <d3de69d6-f46b-fe0c-b6dc-8180864bd9b0@ietf.contact>
Date: Fri, 11 Apr 2025 18:45:25 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.11.0
Content-Language: en-US
To: Eric Rescorla <ekr@rtfm.com>
References: <ef08bf0afa924713acc629dff8156761@huawei.com> <2025040312042771743841@chinamobile.com> <CAL02cgSg53nOB8BCSNCLGC78r41P_1VzBPoj2yOJP1qbS0jqfA@mail.gmail.com> <CABcZeBPFaJMsWyNozXS+osh251631vCStkrmOk=WQig5c1_0qw@mail.gmail.com> <87c61c52-839f-f66e-a66a-b737f01ca93f@ietf.contact> <CABcZeBMOvFXkQ2OFBpz2Ri5_Oz-pHGs=2fHvBNptOdjQy9F7ww@mail.gmail.com> <11730e71-f409-bbaf-9bc1-4f88d207bcab@ietf.contact> <CABcZeBMDg9cFGtf6AMwSiq3ZnZnrvwoAc7TjD0Ftq-JC8jWusQ@mail.gmail.com>
From: Henk Birkholz <henk.birkholz@ietf.contact>
In-Reply-To: <CABcZeBMDg9cFGtf6AMwSiq3ZnZnrvwoAc7TjD0Ftq-JC8jWusQ@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Authentication-Results: smtp01-ext2.udag.de; auth=pass smtp.auth=henk.birkholz@ietf.contact smtp.mailfrom=henk.birkholz@ietf.contact
Message-ID-Hash: 4ORSO23F4QCUDZONSBO2Z2GJO3WBWM3K
X-Message-ID-Hash: 4ORSO23F4QCUDZONSBO2Z2GJO3WBWM3K
X-MailFrom: henk.birkholz@ietf.contact
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Richard Barnes <rlb@ipv.sx>, Meiling Chen <chenmeiling@chinamobile.com>, "Liuchunchi(Peter)" <liuchunchi@huawei.com>, "nasr@ietf.org" <nasr@ietf.org>, IETF SAAG <saag@ietf.org>, Luigi Iannone <ggx@gigix.net>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [nasr] Re: [saag] Re: NASR BOF Follow-Up
List-Id: Network Attestation for Secure Routing <nasr.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/nasr/kViJ38xN70xxwlmdZ7GtrDZCOT4>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nasr>
List-Help: <mailto:nasr-request@ietf.org?subject=help>
List-Owner: <mailto:nasr-owner@ietf.org>
List-Post: <mailto:nasr@ietf.org>
List-Subscribe: <mailto:nasr-join@ietf.org>
List-Unsubscribe: <mailto:nasr-leave@ietf.org>
On 11.04.25 15:38, Eric Rescorla wrote: > > > On Fri, Apr 11, 2025 at 2:01 AM Henk Birkholz > <henk.birkholz@ietf.contact> wrote: > > On 10.04.25 21:01, Eric Rescorla wrote: > > > > > > On Thu, Apr 10, 2025 at 11:40 AM Henk Birkholz > > <henk.birkholz@ietf.contact> wrote: > > > > On 03.04.25 21:11, Eric Rescorla wrote: > > > > > [0] Of course you could hash the individual configuration > values, > > > but this is much the same as publishing the configuration. > > > > Is it? I am curious why. > > > > > > Because the values themselves are generally low entropy, so if you > > publish their hashes, then it's generally easy to determine the > preimage. > > > > -Ekr > > Would some salt help here (like the salted hashes in sd-cwt)? > > > Probably not very much. What salt does is make it more difficult to > amortize computation > across multiple hashed values. However, if the total number of possible > values > is low (e.g., you have some configuration setting with 3 values) then > you can > just exhaustively search at query time. That makes a lot of sense - and might be another good reason not to put these types of Claims into Evidence. I still think it is better to include software components that provide the conveyance mechanism (e.g., a YANG server with YANG Push capability) in a TCB and then use successfully appraised software components for trusted telemetry to convey such values for evaluation. Viele Grüße, Henk > > -Ekr > > > > Viele Grüße, > > Henk > > > > > > > Viele Grüße, > > > > Henk > > > > > > > > > > > It was not raised in the BoF, but I would like to > point out a > > > logical inconsistency at the core of the proposition > here: On the > > > one hand, the proponents assert that end-to-end > cryptographic > > > protections are not sufficient to keep endpoints safe. On > > the other > > > hand, the premise of the proposed solution is ... more > > > cryptography. Attestations, MACSEC, etc. So the > argument here > > > cannot rest on a hand-wavy "cryptography isn't > enough"; you > > need to > > > articulate what specific risks you're addressing. > > > > > > Honestly, when I read the charter for this work, I did not > > initially > > > have as negative a reaction. I initially presumed it > was like > > > verified SFC, and that you would do things like making > a firewall > > > rule a little more permissive if the flow had been > verified > > > upstream. It's not implausible that there are some > use cases of > > > that shape. But instead, the presentations in the BoF > framed an > > > impossible problem and an unworkable solution, which > clearly > > I could > > > not support. > > > > > > Hope that helps, > > > --Richard > > > > > > > > > On Thu, Apr 3, 2025 at 12:05 AM Meiling Chen > > > <chenmeiling@chinamobile.com > <mailto:chenmeiling@chinamobile.com> > > <mailto:chenmeiling@chinamobile.com > <mailto:chenmeiling@chinamobile.com>> > > <mailto:chenmeiling@chinamobile.com > <mailto:chenmeiling@chinamobile.com> > > <mailto:chenmeiling@chinamobile.com > <mailto:chenmeiling@chinamobile.com>>>> > > > wrote: > > > > > > Hi all, > > > > > > We will continue to track and actively address the > issues > > raised > > > on NASR BoF, for convenience, I have brought the Q&A > > record to > > > the email list. > > > Welcome to continue discussing with those who are > concerned > > > about these issues. > > > > > > Q1: Why is not end-to-end protection sufficient > and why > > should > > > we care about where the traffic goes through? > > > Q2: Why this is important to assure at the > network layer? > > > Q3: List actual concrete examples of existing > regulations. > > > Q4: List the technical requirements in detail. > > > Q5: NASR being a possible way to address pervasive > traffic > > > monitoring threats? > > > > > > Q6: Proof of transit does not imply that the packet > > didn’t exit > > > the path. ---->PoNT is out of scope. > > > > > > Q7: There is work about proof of transit that has been > > done in > > > SFC, what is needed to highlight what is not there (in > > routing, > > > RATS, SFC PoT) which NASR will provide.--> > > > > > > NASR is the joint use of attestation techncology > and proof of > > > transit. > > > > > > Q8: What about lawful interceptions?----> > > > > > > Trustworthiness as defined in RATS can attest that a > > router does > > > what is supposed to do, including lawful > interception if > > it is > > > what it is supposed to do. > > > > > > Q9: There is work from RATS, like RFC 9684, that > can be > > used in > > > NASR. Why an independent effort? Why not putting this > > work in an > > > existing WG?----> > > > > > > RATS is the building block to create path > attestation, whose > > > usage is then verified with proof of transit. > These two > > things > > > together look out of the scope of RATS. NASR does > not want to > > > replace RFC 9684, but rather leverage it. > > > > > > Q10: What is exactly the definition of a path in > NASR? BGP > > > session? Tunnel? physical links?----> > > > > > > A document in PANRG has a good definition of what > a path is. > > > > > > Q11: Trustworthiness and traffic engineering are > already > > > addressed in different places, so what is new in > NASR? ----> > > > > > > The possibility for the customers to verify that the > > traffic has > > > been engineered in the way they asked. How to do it is > > the gap > > > NASR wants to fill. > > > > > > Q12: Candidate solutions from problems exist in > other venues > > > (Routing security / SFC)----> > > > > > > True, but they do not address the combination > (forwarding). > > > > > > Q13: Proposed work may result in fragmentation of the > > Internet, > > > including and excluding poeople?----> > > > > > > No. That is the wrong terminology to use. NASR is > about path > > > complaint to a set of claims. Is a specific > service in a > > limited > > > domain not a general service for the Internet. > > > > > > Q14: Clarification of requirements whether the > > requirement is to > > > detect nodes along the path that do not support > NASR?----> > > > > > > No. Only have proof that traffic went through a > set of nodes > > > that support NASR. > > > > > > Q15: Bringing the work to RATS would not work. RATS is > > already > > > bloated and bringing all this work there is not > possible. > > > > > > Q16: PoT has cryptographic cost.---> > > > > > > Implementation on SRv6 shows that the cost is very > limited. > > > > > > Q17: Remark about the scope of implementation: > Internet or > > > limited domain?---> > > > > > > limited domain implemented at the operator level. > > > > > > Q18: Need to verify every configuration (binary / > > configuration > > > files / routers) in order to determine the > properties of the > > > path?--->This is not how remote attestation works. > There > > is no > > > configuration shared, the configuration is > attested through > > > trusted third party. You share hash values that attest > > the the > > > property. > > > > > > Q19: Why not doing this in the SFC WG?---->Piece > can be > > done in > > > other WG, but from a global perspective wold be > better to > > have a WG. > > > > > > Q20: For reliability, what about having multiple > paths? > > Can it > > > be a scalability issue? ----Yes, the attribute of > > multiple path > > > is included. > > > > > > Best, > > > Meiling > > > > > > *From:* Liuchunchi\(Peter\) > > > <mailto:liuchunchi <mailto:liuchunchi> > > <mailto:liuchunchi > <mailto:liuchunchi>>=40huawei.com@dmarc.ietf.org > <mailto:40huawei.com@dmarc.ietf.org> > > <mailto:40huawei.com@dmarc.ietf.org > <mailto:40huawei.com@dmarc.ietf.org>>> > > > *Date:* 2025-03-29 19:19 > > > *To:* nasr@ietf.org <mailto:nasr@ietf.org> > <mailto:nasr@ietf.org <mailto:nasr@ietf.org>> > > <mailto:nasr@ietf.org <mailto:nasr@ietf.org> > <mailto:nasr@ietf.org <mailto:nasr@ietf.org>>>; IETF SAAG > > > <mailto:saag@ietf.org <mailto:saag@ietf.org> > <mailto:saag@ietf.org <mailto:saag@ietf.org>>> > > > *CC:* ggx@gigix.net <mailto:ggx@gigix.net> > <mailto:ggx@gigix.net <mailto:ggx@gigix.net>> > > <mailto:ggx@gigix.net <mailto:ggx@gigix.net> > <mailto:ggx@gigix.net <mailto:ggx@gigix.net>>> > > > *Subject:* [saag] NASR BOF Follow-Up > > > > > > Hi NASR, SAAG,____ > > > > > > __ __ > > > > > > Thanks everyone for participating and contributing > > valuable > > > feedbacks to the NASR BOF last week! Thank you > Nancy and > > > Luigi for mediating a productive discussion, and > > thanks Deb > > > for supervising the process.____ > > > > > > __ __ > > > > > > During the process, we had extensive > discussions that > > showed > > > both major interests in the problem and differing > > > understanding of the objective. For example, NASR > > represents > > > new use case requirements that aim to extend > Remote > > > Attestation benefits to the network scale, > providing more > > > comprehensive security visibility and behavioral > > assurance > > > across network deployments to the customers. > But NASR > > is not > > > intended, in any capacity, to serve as a > substitute for > > > end-to-end encryption technology, etc. ____ > > > > > > __ __ > > > > > > The poll result shows a clear consensus that > this is > > an IETF > > > problem, but a rougher (at best) or no > consensus that the > > > problem is well understood. ____ > > > > > > __ __ > > > > > > To help on that, next steps we will work on a > dedicated > > > document that collects all valuable feedbacks from > > the BOF > > > and resolve them one-by-one. Again, we > sincerely thank > > > everyone who contributed valuable feedbacks > and cares > > about > > > bringing more security and transparency to > networks!____ > > > > > > __ __ > > > > > > Best regards,____ > > > > > > Peter (Chunchi) Liu____ > > > > > > __ __ > > > > > > _______________________________________________ > > > saag mailing list -- saag@ietf.org > <mailto:saag@ietf.org> <mailto:saag@ietf.org <mailto:saag@ietf.org>> > > <mailto:saag@ietf.org <mailto:saag@ietf.org> > <mailto:saag@ietf.org <mailto:saag@ietf.org>>> > > > To unsubscribe send an email to > saag-leave@ietf.org <mailto:saag-leave@ietf.org> > > <mailto:saag-leave@ietf.org <mailto:saag-leave@ietf.org>> > > > <mailto:saag-leave@ietf.org > <mailto:saag-leave@ietf.org> <mailto:saag-leave@ietf.org > <mailto:saag-leave@ietf.org>>> > > > > > > -- > > > nasr mailing list -- nasr@ietf.org > <mailto:nasr@ietf.org> <mailto:nasr@ietf.org <mailto:nasr@ietf.org>> > > <mailto:nasr@ietf.org <mailto:nasr@ietf.org> > <mailto:nasr@ietf.org <mailto:nasr@ietf.org>>> > > > To unsubscribe send an email to nasr-leave@ietf.org > <mailto:nasr-leave@ietf.org> > > <mailto:nasr-leave@ietf.org <mailto:nasr-leave@ietf.org>> > > > <mailto:nasr-leave@ietf.org > <mailto:nasr-leave@ietf.org> <mailto:nasr-leave@ietf.org > <mailto:nasr-leave@ietf.org>>> > > > > > >
- [nasr] NASR BOF Follow-Up Liuchunchi(Peter)
- [nasr] Re: [saag] NASR BOF Follow-Up Meiling Chen
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Richard Barnes
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Michael Richardson
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Luigi IANNONE
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Meiling Chen
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up 刘鹏辉
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Toerless Eckert
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Watson Ladd
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Liuchunchi(Peter)
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Michael Richardson
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Liuchunchi(Peter)
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Richard Barnes
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Watson Ladd
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Toerless Eckert
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Toerless Eckert
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Watson Ladd
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Toerless Eckert
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Toerless Eckert
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Watson Ladd
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Michael Richardson
- [nasr] Summary of Discussions So far---Re: [saag]… Meiling Chen
- [nasr] Re: Summary of Discussions So far---Re: [s… Luigi IANNONE
- [nasr] Re: Summary of Discussions So far---Re: [s… Meiling Chen
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Meiling Chen
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Watson Ladd
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Luigi IANNONE
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Meiling Chen
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Liuchunchi(Peter)
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Toerless Eckert
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Meiling Chen
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Toerless Eckert
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Henk Birkholz
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Meiling Chen
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Luigi IANNONE
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Meiling Chen
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Stephen Farrell
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Luigi IANNONE
- [nasr] Re: [saag] Re: Re: Re: NASR BOF Follow-Up Liuchunchi(Peter)
- [nasr] Re: [saag] Re: NASR BOF Follow-Up Toerless Eckert
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Liuchunchi(Peter)
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Eric Rescorla
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Meiling Chen
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Adrian Farrel
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Luigi IANNONE
- [nasr] Re: [saag] Re: Re: Re: Re: Re: NASR BOF Fo… Eric Rescorla
- [nasr] Re: [saag] Re: Re: NASR BOF Follow-Up Carsten Bormann