[OPSAWG] FW: New Version Notification for draft-li-opsec-sav-gap-analysis-00.txt

Guyunan <guyunan@huawei.com> Tue, 22 September 2020 07:39 UTC

Return-Path: <guyunan@huawei.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB57C3A14A1; Tue, 22 Sep 2020 00:39:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5NJ2PVwoIn7w; Tue, 22 Sep 2020 00:38:59 -0700 (PDT)
Received: from huawei.com (lhrrgout.huawei.com [185.176.76.210]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B6693A149E; Tue, 22 Sep 2020 00:38:59 -0700 (PDT)
Received: from lhreml730-chm.china.huawei.com (unknown [172.18.7.108]) by Forcepoint Email with ESMTP id 24F6DDDD787400838F2F; Tue, 22 Sep 2020 08:38:58 +0100 (IST)
Received: from lhreml730-chm.china.huawei.com (10.201.108.81) by lhreml730-chm.china.huawei.com (10.201.108.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1913.5; Tue, 22 Sep 2020 08:38:57 +0100
Received: from DGGEML423-HUB.china.huawei.com (10.1.199.40) by lhreml730-chm.china.huawei.com (10.201.108.81) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.1.1913.5 via Frontend Transport; Tue, 22 Sep 2020 08:38:57 +0100
Received: from DGGEML532-MBX.china.huawei.com ([169.254.8.242]) by dggeml423-hub.china.huawei.com ([10.1.199.40]) with mapi id 14.03.0487.000; Tue, 22 Sep 2020 15:38:53 +0800
From: Guyunan <guyunan@huawei.com>
To: "opsawg@ietf.org" <opsawg@ietf.org>
CC: "draft-li-opsec-sav-gap-analysis.authors@ietf.org" <draft-li-opsec-sav-gap-analysis.authors@ietf.org>
Thread-Topic: New Version Notification for draft-li-opsec-sav-gap-analysis-00.txt
Thread-Index: AQHWkK4s4C8s2vNt8UmoJYkv1DHgBKl0QqQw
Date: Tue, 22 Sep 2020 07:38:53 +0000
Message-ID: <C01B0098369B2D4391851938DA6700B717BF1E32@DGGEML532-MBX.china.huawei.com>
References: <160075806336.11024.16994146843277929776@ietfa.amsl.com>
In-Reply-To: <160075806336.11024.16994146843277929776@ietfa.amsl.com>
Accept-Language: en-US, zh-CN
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.153.194.221]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/W94dTP1FIiFQPc3Wu-4oT0BTQhw>
Subject: [OPSAWG] FW: New Version Notification for draft-li-opsec-sav-gap-analysis-00.txt
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Sep 2020 07:39:02 -0000

Dear WG,

We have newly submitted a draft that identifies two specific situations of IP spoofing where existing anti-spoofing approaches may fail to work. Besides, we also have a section discussing how such cases could possibly be tackled. 

Any thoughts or suggestions would be very welcome!

BR,

Yunan

-----Original Message-----
From: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org] 
Sent: Tuesday, September 22, 2020 3:01 PM
To: Guyunan <guyunan@huawei.com>; Dan Li <tolidan@tsinghua.edu.cn>; Tao Lin <lintao@h3c.com>; Lancheng Qin <qlc19@mails.tsinghua.edu.cn>; Jianping Wu <jianping@cernet.edu.cn>
Subject: New Version Notification for draft-li-opsec-sav-gap-analysis-00.txt


A new version of I-D, draft-li-opsec-sav-gap-analysis-00.txt
has been successfully submitted by Yunan Gu and posted to the IETF repository.

Name:		draft-li-opsec-sav-gap-analysis
Revision:	00
Title:		Soure Address Validation: Gap Analysis
Document date:	2020-09-22
Group:		Individual Submission
Pages:		12
URL:            https://www.ietf.org/id/draft-li-opsec-sav-gap-analysis-00.txt
Status:         https://datatracker.ietf.org/doc/draft-li-opsec-sav-gap-analysis/
Htmlized:       https://datatracker.ietf.org/doc/html/draft-li-opsec-sav-gap-analysis
Htmlized:       https://tools.ietf.org/html/draft-li-opsec-sav-gap-analysis-00


Abstract:
   This document identifies scenarios where existing IP spoofing
   approaches for detection and mitigation don't perform perfectly.
   Exsiting SAV (source address validation) approaches, either Ingress
   ACL filtering [RFC2827], unicast Reverse Path Forwarding (uRPF)
   [RFC3704], Feasible Path uRPF [RFC 3704], or Enhanced Feasible-Path
   uRPF [RFC8704] has limitations regarding eihter automated
   implemetation objective or detection accuracy objective (0% false
   positive and 0% false negative).  This document provides the gap
   analysis of the exsting SAV approaches, and also provides solution
   discussions.


                                                                                  


Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat