IETF Logo Mail Archive

Re: [OPSEC] minutes part 2

R Atkinson <ran.atkinson@gmail.com> Tue, 23 December 2008 22:54 UTC

Return-Path: <opsec-bounces@ietf.org>
X-Original-To: opsec-archive@optimus.ietf.org
Delivered-To: ietfarch-opsec-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C46A33A6B4A; Tue, 23 Dec 2008 14:54:12 -0800 (PST)
X-Original-To: opsec@core3.amsl.com
Delivered-To: opsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6363228C175 for <opsec@core3.amsl.com>; Tue, 23 Dec 2008 14:54:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wGW6WxEJnXzm for <opsec@core3.amsl.com>; Tue, 23 Dec 2008 14:54:11 -0800 (PST)
Received: from yx-out-2324.google.com (yx-out-2324.google.com [74.125.44.30]) by core3.amsl.com (Postfix) with ESMTP id 7BF633A6B49 for <opsec@ietf.org>; Tue, 23 Dec 2008 14:54:11 -0800 (PST)
Received: by yx-out-2324.google.com with SMTP id 8so1564444yxg.49 for <opsec@ietf.org>; Tue, 23 Dec 2008 14:54:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:from:to :in-reply-to:content-type:content-transfer-encoding:mime-version :subject:date:references:x-mailer; bh=2LnG002zzcAAmzX/X5TBZr9hee0T32seZdFsawsYOSE=; b=WmGkkTLvOmtPi6JxYdn63MRo9OISAIs42PNlTm5QCSadvJaqpSUmQJ2Z7bSd7OZfZZ OHLjA7DgPKSIGzitmBqkr2A+D0K7CrzAdSIpfDXN8/BKkaazxcky3Sm2o0gpEACI8e9I N9iYiO5S2DOpfkWkAvCAyCOYJ9/RSCi3uZWd0=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:from:to:in-reply-to:content-type :content-transfer-encoding:mime-version:subject:date:references :x-mailer; b=Kpt7nDZE9SEAN4VcXb8aTURMSRIP3pHfnIkWO4pjo9C4+uS5k082+RxIS8sAoEhwBZ yt7B23mseSc/1SriNQ4RmH4KMx8H07JufNz8HyzzSrQMBDsQzH7eivWAHdtu2+gSV1Fg nmCoLPtUQjdLkwA0b/ng/5WQKDWbj2P/Mu66Q=
Received: by 10.100.154.17 with SMTP id b17mr4931369ane.155.1230072841920; Tue, 23 Dec 2008 14:54:01 -0800 (PST)
Received: from ?10.30.20.71? (pool-72-84-80-181.nrflva.fios.verizon.net [72.84.80.181]) by mx.google.com with ESMTPS id d21sm14368508and.46.2008.12.23.14.54.01 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 23 Dec 2008 14:54:01 -0800 (PST)
Message-Id: <81B44188-AB93-40D9-B335-09A0CC466CEF@gmail.com>
From: R Atkinson <ran.atkinson@gmail.com>
To: opsec@ietf.org
In-Reply-To: <49513A5B.7030307@bogus.com>
Mime-Version: 1.0 (Apple Message framework v930.3)
Date: Tue, 23 Dec 2008 17:54:00 -0500
References: <EC3F7E1D-F7C8-484A-A0C0-1A25E79AD86E@extremenetworks.com> <92c950310812161620j7d8aaa16m553940edadbe6d8f@mail.gmail.com> <12201E12-8A0B-4FBE-95A9-5C8B23DA46EC@gmail.com> <92c950310812171704x76e374bbv1bd74d74f5ca755b@mail.gmail.com> <C2E84336-3E35-4D68-BD81-3E222CD681F2@gmail.com> <92c950310812180801i10ac5f07l4ed58c87778ca9ba@mail.gmail.com> <49513A5B.7030307@bogus.com>
X-Mailer: Apple Mail (2.930.3)
Subject: Re: [OPSEC] minutes part 2
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/opsec>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"; DelSp="yes"
Sender: opsec-bounces@ietf.org
Errors-To: opsec-bounces@ietf.org

On  23 Dec 2008, at 14:22, Joel Jaeggli wrote:
> Just to be clear here... since the context disappeared some messages  
> back...
>
> RFC 2154 is what is being referred to here?
>
> Do we have deployments or operational experience to draw on?

Joel,

I am told there is limited use of RFC-2154 within US DoD.

I gather (from the URL provided earlier) that at least one
commercial router vendor supports it.

Note that I have not and do not propose that this WG recommend
RFC-2154 for general use at this time.  It would be unusual
to recommend an experimental status RFC for widespread use.
I suspect many folks would agree with that.

I have proposed, and continue to believe, that a document talking
about issues with IGP authentication mechanisms (and there are
lots of potential issues with IGP authentication at present)
ought also include analysis and discussion of RFC-2154.  If
RFC-2154 has issues, those would be useful to know in detail,
and such a document would be an appropriate place for such
information.

Cheers,

Ran

_______________________________________________
OPSEC mailing list
OPSEC@ietf.org
https://www.ietf.org/mailman/listinfo/opsec

v2.23.0 | Report a Bug | By Email