IETF Logo Mail Archive

Re: [OPSEC] additional documents needing a home...

"Steinthor Bjarnason (sbjarnas)" <sbjarnas@cisco.com> Mon, 06 October 2008 11:02 UTC

Return-Path: <opsec-bounces@ietf.org>
X-Original-To: opsec-archive@optimus.ietf.org
Delivered-To: ietfarch-opsec-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AD71C3A6AB3; Mon, 6 Oct 2008 04:02:03 -0700 (PDT)
X-Original-To: opsec@core3.amsl.com
Delivered-To: opsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E645728C1A1 for <opsec@core3.amsl.com>; Mon, 6 Oct 2008 04:02:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZJVjjlWtmSbK for <opsec@core3.amsl.com>; Mon, 6 Oct 2008 04:02:00 -0700 (PDT)
Received: from ams-iport-1.cisco.com (ams-iport-1.cisco.com [144.254.224.140]) by core3.amsl.com (Postfix) with ESMTP id 61A413A6AAD for <opsec@ietf.org>; Mon, 6 Oct 2008 04:02:00 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.33,367,1220227200"; d="scan'208";a="21718380"
Received: from ams-dkim-2.cisco.com ([144.254.224.139]) by ams-iport-1.cisco.com with ESMTP; 06 Oct 2008 11:02:33 +0000
Received: from ams-core-1.cisco.com (ams-core-1.cisco.com [144.254.224.150]) by ams-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id m96B2XCH007844; Mon, 6 Oct 2008 13:02:33 +0200
Received: from xbh-ams-332.emea.cisco.com (xbh-ams-332.cisco.com [144.254.231.87]) by ams-core-1.cisco.com (8.13.8/8.13.8) with ESMTP id m96B2XTI000620; Mon, 6 Oct 2008 11:02:33 GMT
Received: from xmb-ams-333.cisco.com ([144.254.231.78]) by xbh-ams-332.emea.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 6 Oct 2008 13:02:33 +0200
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Mon, 06 Oct 2008 13:02:31 +0200
Message-ID: <AF93875118CE454893CE91658901DAA106BD884F@xmb-ams-333.emea.cisco.com>
In-Reply-To: <48E6D46B.7020401@bogus.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [OPSEC] additional documents needing a home...
Thread-Index: AcklyL0wFx8h/26sQoiIn+iEsW4zFAB2XYAQ
References: <92c950310808250646t50c00ce0w8a778dc19c08188b@mail.gmail.com> <77ead0ec0809302014p336614afp433ea8de040713c5@mail.gmail.com><6D26D1FE43A66F439F8109CDD424196501ED2F61@INEXC1U01.in.lucent.com> <48E6D46B.7020401@bogus.com>
From: "Steinthor Bjarnason (sbjarnas)" <sbjarnas@cisco.com>
To: opsec@ietf.org
X-OriginalArrivalTime: 06 Oct 2008 11:02:33.0244 (UTC) FILETIME=[087EA5C0:01C927A3]
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=1104; t=1223290953; x=1224154953; c=relaxed/simple; s=amsdkim2001; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=sbjarnas@cisco.com; z=From:=20=22Steinthor=20Bjarnason=20(sbjarnas)=22=20<sbjarn as@cisco.com> |Subject:=20RE=3A=20[OPSEC]=20additional=20documents=20need ing=20a=20home... |Sender:=20; bh=Io4ttAGXvVPdLNkjPjLiwJ5/1ITUghQqYXx9npeygbs=; b=B0q34pwiiwGVvQ3r8jTolAfEwVmKaSD8nOhttEOE7iPVz0ST83aqMZkjGe Y2Y2Cr4sllktjHp21PEeGUol3ZUpnXKxpixpJvD8DCAenJFTTkhvdUCHSsCY mMZixDzjYj;
Authentication-Results: ams-dkim-2; header.From=sbjarnas@cisco.com; dkim=pass ( sig from cisco.com/amsdkim2001 verified; );
Subject: Re: [OPSEC] additional documents needing a home...
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/opsec>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: opsec-bounces@ietf.org
Errors-To: opsec-bounces@ietf.org

Hi,

See below for comments:

> Regarding:
> 
> http://tools.ietf.org/html/draft-bhatia-manral-igp-crypto-requ
irements-00
> 
> I have concerns about this document making protocol 
> requirements within the scope of our charter. Making this a 
> set of protocol best practices I think hews more closely to 
> our charter (and doesn't belong in routing).
> 
> any thoughts on that?
> 
I see the benefit in having a document which recommends which routing
protocol authentication schemes to use.  Having such a document
available, will automatically put pressure on the routing protocol
developers to implement what's missing (in case there are still some
implementations out there which still do not support this).

So, I suggest this document should be adopted by the WG but with a more
"recommend/best practice" focus.

> problems with manual keying seems straight up our alley.
> 
> http://tools.ietf.org/html/draft-manral-rpsec-existing-crypto-05
> 
> and I have no reservations for taking that one to our ADs.
> 
Agree 100%

Regards
  Steinthor
_______________________________________________
OPSEC mailing list
OPSEC@ietf.org
https://www.ietf.org/mailman/listinfo/opsec

v2.23.0 | Report a Bug | By Email