Re: [nvo3] New Version Notification for draft-mglt-nvo3-geneve-security-requirements-06.txt
Daniel Migault <daniel.migault@ericsson.com> Tue, 02 April 2019 21:07 UTC
Return-Path: <mglt.ietf@gmail.com>
X-Original-To: nvo3@ietfa.amsl.com
Delivered-To: nvo3@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E360312003E for <nvo3@ietfa.amsl.com>; Tue, 2 Apr 2019 14:07:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.647
X-Spam-Level:
X-Spam-Status: No, score=-1.647 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D1rJJqQN5DsB for <nvo3@ietfa.amsl.com>; Tue, 2 Apr 2019 14:07:06 -0700 (PDT)
Received: from mail-lf1-f53.google.com (mail-lf1-f53.google.com [209.85.167.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3EF30120077 for <nvo3@ietf.org>; Tue, 2 Apr 2019 14:07:06 -0700 (PDT)
Received: by mail-lf1-f53.google.com with SMTP id b7so10054370lfg.9 for <nvo3@ietf.org>; Tue, 02 Apr 2019 14:07:06 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=FzK07VQEVVkAb22CKCMJlk0W5gIshZ98iIbTecK+2W4=; b=l106zdooB20xPIE4J/Y4IlJtMQU72X0IUkl7HkeDtmDNRaCjaCpem0otpMwiXxoMd0 6V6szUSduRsxBRr566CzzFuc353LAltdYRM9YyXaL9nyEV/5yS/JR41g1aKXLli9jP5b dXnDPR35VgSnxSloTkJknp1wLc2BV3q2pwqkVFkvFh1bRjtEcU2ZPQUGVRN/U0VDXazw j4k75AO0sR6exd1ojk92sRtTWPAqxmBfAKIgBVrevzulW7jrfhp3KWT2N/VdsR3A/o6o uH3TlV8AQO6VwpYjFTLZeHAe7ldoC3QEhkkGrU7N4vtVqs0mLJe/EqB+DksIQe0bAcHF xgQw==
X-Gm-Message-State: APjAAAVSjBGOEe4AxUhxumejzZmaWzdK8FO/2/8EG9nuck49bOZNDVor Q8aF+x/lUMM0Z1HVM99VickHJwPl/2XddAwBgoE=
X-Google-Smtp-Source: APXvYqzYW4kQ51lhBWDHhNmdS0+EPicfMvk1Cts3kMGVi3Owz+8KZJoAum7kuo/9KpnDvf85qRbcNs0dZOR/35ymcgQ=
X-Received: by 2002:ac2:5b49:: with SMTP id i9mr30106125lfp.75.1554239224436; Tue, 02 Apr 2019 14:07:04 -0700 (PDT)
MIME-Version: 1.0
References: <155140820316.28736.16220301811782333020.idtracker@ietfa.amsl.com> <DM6PR15MB3098714F78AD24077DC4254AE3760@DM6PR15MB3098.namprd15.prod.outlook.com> <C5A274B25007804B800CB5B289727E35904EDDE5@ORSMSX111.amr.corp.intel.com> <CADZyTk=s73qqFbhNm5JVOj2rdf-W-VpBObNyz7h1Jo4MWczvzg@mail.gmail.com>
In-Reply-To: <CADZyTk=s73qqFbhNm5JVOj2rdf-W-VpBObNyz7h1Jo4MWczvzg@mail.gmail.com>
From: Daniel Migault <daniel.migault@ericsson.com>
Date: Tue, 02 Apr 2019 17:06:53 -0400
Message-ID: <CADZyTkkVpxDQsS-zB8wcz6J8dqg7_afa7K4a-KePSyJ-KGNHrg@mail.gmail.com>
To: "Ganga, Ilango S" <ilango.s.ganga@intel.com>
Cc: "nvo3@ietf.org" <nvo3@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000de5d0e058592844f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/nvo3/Zqv3xRL_LDKrSnhBI6g2bmp68mE>
Subject: Re: [nvo3] New Version Notification for draft-mglt-nvo3-geneve-security-requirements-06.txt
X-BeenThere: nvo3@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Network Virtualization Overlays \(NVO3\) Working Group" <nvo3.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nvo3>, <mailto:nvo3-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nvo3/>
List-Post: <mailto:nvo3@ietf.org>
List-Help: <mailto:nvo3-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nvo3>, <mailto:nvo3-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Apr 2019 21:07:09 -0000
Hi Ilango, I would appreciate that you go through the requirements mostly the SEC-GEN of the latest version and let us know your concerns. I believe that would be also helpful to understand what it seems I am missing regarding the transit devices. If I remember correctly, the need to protect Geneve Options for transit devices has been stated to the mike. Yours, Daniel On Mon, Mar 11, 2019 at 2:42 AM Daniel Migault <daniel.migault@ericsson.com> wrote: > Hi Illango, > > Though we would appreciate your comment on the new version. We would also > appreciate you go through the issues [1] we opened and answered based on > your previous comments. More specifically, in case the issue has not been > addressed, we would be able to keep the discussion based on the provided > responses rather than re-opening parallel issues. We believe that would be > beneficial to reach consensus. > > Yours, > Daniel > > > [1] https://github.com/mglt/draft-mglt-nvo3-geneve-security-requirements > /issues > > > On Sat, Mar 2, 2019 at 10:29 PM Ganga, Ilango S <ilango.s.ganga@intel.com> > wrote: > >> Hi Daniel, >> >> I quickly glanced through the document, the draft still makes assumptions >> and imposes requirements that is unsupported by Geneve architecture. We had >> provided this input on the previous draft version. However this is still >> maintained in this version. The new draft was posted 2 days ago, I will >> review the document in detail and provide my feedback. >> >> Regards, >> Ilango >> >> >> >> -----Original Message----- >> From: nvo3 [mailto:nvo3-bounces@ietf.org] On Behalf Of Daniel Migault >> Sent: Thursday, February 28, 2019 6:48 PM >> To: nvo3@ietf.org >> Subject: [nvo3] FW: New Version Notification for >> draft-mglt-nvo3-geneve-security-requirements-06.txt >> >> Hi, >> >> Please find an update of the draft. We considered the feed back received >> during the meeting in Bangkok as well as the comments from Magnus. >> >> So far no issue has been raised that could prevent the draft from being >> adopted, and we believe the draft can be adopted. >> >> Yours, >> Daniel >> >> -----Original Message----- >> From: internet-drafts@ietf.org <internet-drafts@ietf.org> >> Sent: Thursday, February 28, 2019 9:43 PM >> To: Sami Boutros <boutros@vmware.com>; Dan Wings <dwing@vmware.com>; Dan >> Wing <dwing@vmware.com>; Daniel Migault <daniel.migault@ericsson.com>; >> Suresh Krishnan <suresh@kaloom.com> >> Subject: New Version Notification for >> draft-mglt-nvo3-geneve-security-requirements-06.txt >> >> >> A new version of I-D, draft-mglt-nvo3-geneve-security-requirements-06.txt >> has been successfully submitted by Daniel Migault and posted to the IETF >> repository. >> >> Name: draft-mglt-nvo3-geneve-security-requirements >> Revision: 06 >> Title: Geneve Security Requirements >> Document date: 2019-02-28 >> Group: Individual Submission >> Pages: 26 >> URL: >> https://www.ietf.org/internet-drafts/draft-mglt-nvo3-geneve-security-requirements-06.txt >> Status: >> https://datatracker.ietf.org/doc/draft-mglt-nvo3-geneve-security-requirements/ >> Htmlized: >> https://tools.ietf.org/html/draft-mglt-nvo3-geneve-security-requirements-06 >> Htmlized: >> https://datatracker.ietf.org/doc/html/draft-mglt-nvo3-geneve-security-requirements >> Diff: >> https://www.ietf.org/rfcdiff?url2=draft-mglt-nvo3-geneve-security-requirements-06 >> >> Abstract: >> The document defines the security requirements to protect tenants >> overlay traffic against security threats from the NVO3 network >> components that are interconnected with tunnels implemented using >> Generic Network Virtualization Encapsulation (Geneve). >> >> The document provides two sets of security requirements: 1. >> requirements to evaluate the data plane security of a given >> deployment of Geneve overlay. Such requirements are intended to >> Geneve overlay provider to evaluate a given deployment. >> 2. requirement a security mechanism need to fulfill to secure any >> deployment of Geneve overlay deployment >> >> >> >> >> Please note that it may take a couple of minutes from the time of >> submission until the htmlized version and diff are available at >> tools.ietf.org. >> >> The IETF Secretariat >> >> _______________________________________________ >> nvo3 mailing list >> nvo3@ietf.org >> https://www.ietf.org/mailman/listinfo/nvo3 >> >> _______________________________________________ >> nvo3 mailing list >> nvo3@ietf.org >> https://www.ietf.org/mailman/listinfo/nvo3 >> >
- [nvo3] FW: New Version Notification for draft-mgl… Daniel Migault
- Re: [nvo3] New Version Notification for draft-mgl… Ganga, Ilango S
- Re: [nvo3] New Version Notification for draft-mgl… Daniel Migault
- Re: [nvo3] New Version Notification for draft-mgl… Daniel Migault