IETF Logo Mail Archive

Re: [Nfvrg] Research Group Preparation (a.k.a. "Last Call") for draft-irtf-nfvrg-gaps-network-virtualization

Rafa Marin Lopez <rafa@um.es> Sun, 18 June 2017 22:03 UTC

Return-Path: <rafa@um.es>
X-Original-To: nfvrg@ietfa.amsl.com
Delivered-To: nfvrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 90E3B128D6F for <nfvrg@ietfa.amsl.com>; Sun, 18 Jun 2017 15:03:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.922
X-Spam-Level:
X-Spam-Status: No, score=-1.922 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PGdSoOl6oPVY for <nfvrg@ietfa.amsl.com>; Sun, 18 Jun 2017 15:03:06 -0700 (PDT)
Received: from xenon42.um.es (xenon42.um.es [155.54.212.168]) by ietfa.amsl.com (Postfix) with ESMTP id D0FCC12762F for <nfvrg@irtf.org>; Sun, 18 Jun 2017 15:03:04 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by xenon42.um.es (Postfix) with ESMTP id 8A04D2047E; Mon, 19 Jun 2017 00:03:02 +0200 (CEST)
X-Virus-Scanned: by antispam in UMU at xenon42.um.es
Received: from xenon42.um.es ([127.0.0.1]) by localhost (xenon42.um.es [127.0.0.1]) (amavisd-new, port 10024) with LMTP id xIMdd57DalpZ; Mon, 19 Jun 2017 00:03:02 +0200 (CEST)
Received: from [192.168.1.37] (197.red-88-17-14.dynamicip.rima-tde.net [88.17.14.197]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: rafa) by xenon42.um.es (Postfix) with ESMTPSA id 74A562092A; Mon, 19 Jun 2017 00:03:00 +0200 (CEST)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Rafa Marin Lopez <rafa@um.es>
In-Reply-To: <CAL0psz=rGMEYs=RU8VsnyFS_nSaS5DVmvVv1tNdY__vhZwtDng@mail.gmail.com>
Date: Mon, 19 Jun 2017 00:02:59 +0200
Cc: Rafa Marin Lopez <rafa@um.es>
Content-Transfer-Encoding: quoted-printable
Message-Id: <21145595-D2D4-4FB6-8D42-03A482129B84@um.es>
References: <CAFL1SJQhzK1-jYcJtmv5JYAnXDNybS=mq3qNMsx5Tzk0WyOLDw@mail.gmail.com> <9254b66d9ff84432ab47e61a7858db26@HE105831.emea1.cds.t-internal.com> <CAL0psz=rGMEYs=RU8VsnyFS_nSaS5DVmvVv1tNdY__vhZwtDng@mail.gmail.com>
To: nfvrg@irtf.org
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfvrg/xFH4IQTJYuVlOLzgRJ0jwdzKAYw>
Subject: Re: [Nfvrg] Research Group Preparation (a.k.a. "Last Call") for draft-irtf-nfvrg-gaps-network-virtualization
X-BeenThere: nfvrg@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Network Function Virtualization Research Group \(NFVRG\) discussion list" <nfvrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/nfvrg>, <mailto:nfvrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfvrg/>
List-Post: <mailto:nfvrg@irtf.org>
List-Help: <mailto:nfvrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/nfvrg>, <mailto:nfvrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 18 Jun 2017 22:03:09 -0000

Dear authors:

I have reviewed the I-D and, in my opinion, it is well written and very comprehensible. Good work.

I have several minor comments:

1) OpenFlow is explicitly mentioned, however there is no reference to NETCONF or RESTCONF, which in my opinion are also important in this context.

2) Regarding security and privacy section. You mention somehow the possibility of a key material distribution ("For
   example, who will be in charge of provisioning and maintaining security credentials such as public and private keys?”). My comment is that we are contributing in I2NSF (https://datatracker.ietf.org/doc/draft-abad-i2nsf-sdn-ipsec-flow-protection/) in a way to manage IPsec SAs from a centralized security controller. In I2NSF, the Network Security Function (NSF) can be also a virtual NSF. My question is whether this is what you had in mind (management of security associations besides distributing credentials ).

3) Also under a security point of view, the AAA servers can be also considered as VNFs that needs to be managed, correct?. Just as a note, this may be related with this other (old) work about the management of AAA infrastructures (https://tools.ietf.org/html/draft-marin-sdnrg-sdn-aaa-mng-00)  

My 0.02 cents

Best Regards.


-----------------------------------------------------------
Rafael Marin Lopez, PhD
Dept. Information and Communications Engineering (DIIC)
Faculty of Computer Science-University of Murcia
30100 Murcia - Spain
Telf: +34868888501 Fax: +34868884151 e-mail: rafa@um.es
----------------------------------------------------------

v2.8.7 | Report a Bug | By Email