Re: [Nsaas] Existing work, other things

DIEGO LOPEZ GARCIA <> Wed, 10 September 2014 20:13 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id BDCE41A916D for <>; Wed, 10 Sep 2014 13:13:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -3.552
X-Spam-Status: No, score=-3.552 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-1.652] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id gIIU4wZWfz6T for <>; Wed, 10 Sep 2014 13:13:39 -0700 (PDT)
Received: from ( []) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 6D7391A0196 for <>; Wed, 10 Sep 2014 13:13:26 -0700 (PDT)
Received: from (unknown []) by IMSVA (Postfix) with ESMTP id BA75D2F0185; Wed, 10 Sep 2014 22:13:23 +0200 (CEST)
Received: from (unknown []) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 9FFA32F015A; Wed, 10 Sep 2014 22:13:23 +0200 (CEST)
Received: from ( by ( with Microsoft SMTP Server (TLS) id; Wed, 10 Sep 2014 22:13:23 +0200
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.1024.12; Wed, 10 Sep 2014 20:13:22 +0000
Received: from ([]) by ([]) with mapi id 15.00.1024.012; Wed, 10 Sep 2014 20:13:22 +0000
To: Melinda Shore <>
Thread-Topic: [Nsaas] Existing work, other things
Thread-Index: AQHPytPdgCtO8YJF9k+MT+eLXxwHH5v60awA
Date: Wed, 10 Sep 2014 20:13:20 +0000
Message-ID: <>
References: <> <> <> <> <> <> <> <> <> <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: []
x-microsoft-antispam: BCL:0;PCL:0;RULEID:;UriScan:;
x-forefront-prvs: 033054F29A
x-forefront-antispam-report: SFV:NSPM; SFS:(10019019)(6009001)(252514010)(51704005)(189002)(199003)(24454002)(51444003)(36756003)(561944003)(2656002)(46102001)(107046002)(90102001)(66066001)(20776003)(31966008)(93886004)(64706001)(15975445006)(85306004)(80022001)(82746002)(76482001)(83072002)(85852003)(83716003)(92726001)(92566001)(77982001)(79102001)(86362001)(74502001)(74662001)(76176999)(50986999)(54356999)(95666004)(99396002)(83322001)(19580405001)(19580395003)(106356001)(101416001)(81542001)(106116001)(81342001)(21056001)(87936001)(15202345003)(97736003)(110136001)(105586002)(4396001)(104396001); DIR:OUT; SFP:1102; SCL:1; SRVR:DB3PR06MB252;; FPR:; MLV:sfv; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
Content-Type: text/plain; charset="utf-8"
Content-ID: <>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "" <>, Linda Dunbar <>
Subject: Re: [Nsaas] Existing work, other things
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "*NSaaS: Network Security as a Service mailing list*" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 10 Sep 2014 20:13:44 -0000

I am aware of what NEA did (I was somehow involved with the people working there) but let me say that their problem space is different: NEA was dealing with the conditions for allowing endpoint attachment to a network, while NSaaS is intended precisely to deal with mediator (or middlebox if you like) functions. This said, it is very likely that many of the NEA results can be applicable one way or another to NSaaS, as well as many of the other results mentioned in this thread, and possibly together with others we will notice in the future.

I fully agree with your statement of trying to narrow the scope and identify the piece(s) of technical work to be solved. With that in mind I suggested the three aspects to be considered, intended as a first step to concrete the goals for a future group. For sure we need to refine them but I can tell you that we are seriously considering the provision of this kind of security services to our customers. So I guess we can consider the request to bring our "product managers" to the process fulfilled from our side...

Be goode,

On 7 Sep 2014, at 21:42 , Melinda Shore <> wrote:

> Again, there's been work done in the IETF on some of this (for example,
> network endpoint assessment (,
> tunnel endpoint discovery, ipsp, and so on.  I think my more general
> concern is that recently there's been a great deal of work being brought
> into the IETF that's not product-driven and doesn't have "organic"
> support, and it turns out to chew up a lot of IETF resources and
> frustrate the heck out of its proponents.  No technical work comes
> out of it and nobody's happy.  Because it's not product-driven there
> tends not to be a clear, existing framework to slip it into along
> with real-world requirements and expectations for how it might work.
> I don't think the problem statement/framework/requirements process
> that's developed is working well for the organization, IETF
> participants, or the industry, and I think that it might be time to
> take lessons learned about process and apply them here.
> That is to say, rather than getting mired in the same old unsuccessful
> process, it might be a better idea to identify a narrowly-scoped piece
> of work that *needs* to be done and focus on that.  Talk to product
> people before bringing a proposal in and asking for a BOF.  I tend to
> see this effort as going the way of the "cloud" effort, and so on,
> but it's early enough that it doesn't have to proceed down that same
> path.  Talk to product people *NOW*, and identify why this work belongs
> in the IETF.  It should never be the case that the problem you're
> trying to solve is how to create an IETF working group, but rather how
> to accomplish a specific piece of technical work that improves networks
> and networking.
> That is to say, talk to people who build products and talk to people
> who run networks, see what they need.  Bring your product managers
> into the process.
> Melinda

"Esta vez no fallaremos, Doctor Infierno"

Dr Diego R. Lopez
Telefonica I+D

Tel:    +34 913 129 041
Mobile: +34 682 051 091


Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción.

The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it.

Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição