Re: [OPSEC] New Version Notification for draft-sriram-opsec-urpf-improvements-03.txt
"Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov> Tue, 06 March 2018 17:14 UTC
Return-Path: <kotikalapudi.sriram@nist.gov>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63076120721; Tue, 6 Mar 2018 09:14:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nistgov.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hwu_aqJDxafZ; Tue, 6 Mar 2018 09:14:22 -0800 (PST)
Received: from gcc01-dm2-obe.outbound.protection.outlook.com (mail-dm2gcc01on0706.outbound.protection.outlook.com [IPv6:2a01:111:f400:fd01::706]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0449E12420B; Tue, 6 Mar 2018 09:14:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nistgov.onmicrosoft.com; s=selector1-nist-gov; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=tKkUVrBTdMVqV/HFMbmvPV6isAMJbDBQMCNmOXannXU=; b=Bx4X+ChBnn+LEtMjRMbbFdAJaoVWgmlslcPEUA10M0s/JeM0IRoFB7ip+KSY2fxIi25iHnD9tN++sPunA5LCsp1Uq5wPIvpyQTDTnDXsAinLSJZMXBck1ld0bWFfIknaS51c8qj4V2NBCtDYeeJVXPaPuPVi2Grw3Ia+DN1Te1E=
Received: from BYAPR09MB2773.namprd09.prod.outlook.com (52.135.224.26) by BYAPR09MB2775.namprd09.prod.outlook.com (52.135.224.28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.548.13; Tue, 6 Mar 2018 17:14:19 +0000
Received: from BYAPR09MB2773.namprd09.prod.outlook.com ([fe80::d015:9eb2:757:ba95]) by BYAPR09MB2773.namprd09.prod.outlook.com ([fe80::d015:9eb2:757:ba95%13]) with mapi id 15.20.0548.016; Tue, 6 Mar 2018 17:14:19 +0000
From: "Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov>
To: "opsec@ietf.org" <opsec@ietf.org>
CC: "opsec-chairs@ietf.org" <opsec-chairs@ietf.org>, GROW WG <grow@ietf.org>
Thread-Topic: New Version Notification for draft-sriram-opsec-urpf-improvements-03.txt
Thread-Index: AQHTtNhsjry+RREQGUiWmVtSQDaqAKPDYzei
Date: Tue, 06 Mar 2018 17:14:19 +0000
Message-ID: <BYAPR09MB27736960BCA3016EAE85CC5484D90@BYAPR09MB2773.namprd09.prod.outlook.com>
References: <152029196185.12856.17191127990460094784.idtracker@ietfa.amsl.com>
In-Reply-To: <152029196185.12856.17191127990460094784.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=kotikalapudi.sriram@nist.gov;
x-originating-ip: [71.255.240.48]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BYAPR09MB2775; 7:MuQme83/4GSW1IZlv4nb51z8oIpuoVKIMDzifllqKmISZDLWwtNsECj2KAO+2UjgphRZWInKQywCst92HOKu2pa/+pt+YxmVW26ChOfwVc8HTx7fyZMyuAENrGpIY98Ax5UXP2tA77Zrqwo3A/VZEjRznR+b05yaw044mjHGaTg9AI3VocNYdUCLYGKjpjNxCONgvyeFGiflFvY4ziBXAJhA6g+uWMhTAVcvsbGc/JzBv32ms82dFmqKy9A4WK7W
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: bdfc0251-54a4-484d-5f26-08d58385b2ca
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4604075)(3008032)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:BYAPR09MB2775;
x-ms-traffictypediagnostic: BYAPR09MB2775:
x-microsoft-antispam-prvs: <BYAPR09MB277514C02B36430B15E8B0AD84D90@BYAPR09MB2775.namprd09.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(244540007438412);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040501)(2401047)(5005006)(8121501046)(3002001)(3231220)(944501244)(52105095)(10201501046)(93006095)(93001095)(6055026)(6041288)(20161123558120)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123562045)(20161123564045)(6072148)(201708071742011); SRVR:BYAPR09MB2775; BCL:0; PCL:0; RULEID:; SRVR:BYAPR09MB2775;
x-forefront-prvs: 06036BD506
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(39860400002)(39380400002)(396003)(346002)(376002)(189003)(199004)(377424004)(26005)(6116002)(74316002)(3846002)(54906003)(14454004)(25786009)(102836004)(68736007)(229853002)(305945005)(478600001)(33656002)(15650500001)(316002)(3280700002)(3660700001)(66066001)(2351001)(59450400001)(76176011)(6506007)(2906002)(966005)(5660300001)(106356001)(7736002)(6916009)(2950100002)(99286004)(53546011)(7696005)(53936002)(55016002)(8936002)(5640700003)(105586002)(8666007)(6436002)(4326008)(97736004)(1730700003)(81166006)(8676002)(9686003)(81156014)(6306002)(2501003)(186003)(2900100001)(6246003)(5250100002)(86362001); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR09MB2775; H:BYAPR09MB2773.namprd09.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: nist.gov does not designate permitted sender hosts)
x-microsoft-antispam-message-info: gne+Zro8RuVICeIWbXeAMkqh3LlNje2urJIGB3PQqE6b1mk6IZioTV0marsiHYMIog2tD3hgrPhScEprkfrpQ6N08ztFPr9OcoPWhHwtTUQ/PdVv4recYLzN6d0uTr9zplydRczBKb/IROT7gtOEDCbELrFsxKI3q9bIKqW8x51wix0IP3BelhtyH/JQC+9wyLEp03Hct8FADUhLDnoApHz75VvF9t11ia+ON3OM7o0JW764OykinNsmnXrr45bTK3puEbJzLTaUfzgDYVObE7nn9Gh2R6R/sP8uwrFbSfk9CXJ8nnaGkibr4kFEHFakK0ZCwHF4OdFTGPcYAt8f8w==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-Network-Message-Id: bdfc0251-54a4-484d-5f26-08d58385b2ca
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Mar 2018 17:14:19.4726 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR09MB2775
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/qeb_oKx-WZVa5HrGxj4qO-nzcPc>
Subject: Re: [OPSEC] New Version Notification for draft-sriram-opsec-urpf-improvements-03.txt
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Mar 2018 17:14:24 -0000
[Posting on OPSEC and GROW lists. There has been interest in this work in GROW also.] We (the authors) have gone through the draft carefully once again and made significant edits/rewrites to carefully address the comments we received in the OPSEC meeting in Prague last summer and to make the draft read better. https://tools.ietf.org/html/draft-sriram-opsec-urpf-improvements-03 Diff: https://tools.ietf.org/rfcdiff?url2=draft-sriram-opsec-urpf-improvements-03.txt Now the document specifies the two algorithms clearly: (1) for the not so challenging customer cone scenario (Algorithm A in Section 3.1.1); and (2) for the challenging customer cone scenario (Algorithm B in Section 3.4). Also, Section 3.6 (Summary of Recommendations) is new. We've requested the chairs for a slot in OPSEC meeting in London to give an update. We look forward to additional comments/discussion on the list anytime, and also in person in London. Thanks. Sriram ________________________________________ From: internet-drafts@ietf.org <internet-drafts@ietf.org> Sent: Monday, March 5, 2018 6:19 PM To: Sriram, Kotikalapudi (Fed); Montgomery, Douglas (Fed); Jeffrey Haas Subject: New Version Notification for draft-sriram-opsec-urpf-improvements-03.txt A new version of I-D, draft-sriram-opsec-urpf-improvements-03.txt has been successfully submitted by Kotikalapudi Sriram and posted to the IETF repository. Name: draft-sriram-opsec-urpf-improvements Revision: 03 Title: Enhanced Feasible-Path Unicast Reverse Path Filtering Document date: 2018-03-05 Group: Individual Submission Pages: 15 https://tools.ietf.org/html/draft-sriram-opsec-urpf-improvements-03 Abstract: This document identifies a need for improvement of the unicast Reverse Path Filtering techniques (uRPF) [BCP84] for source address validation (SAV) [BCP38]. The strict uRPF is inflexible about directionality, the loose uRPF is oblivious to directionality, and the current feasible-path uRPF attempts to strike a balance between the two [BCP84]. However, as shown in this draft, the existing feasible-path uRPF still has short comings. This document describes an enhanced feasible-path uRPF technique, which aims to be more flexible (in a meaningful way) about directionality than the feasible-path uRPF. It can potentially alleviate ISPs' concerns about the possibility of disrupting service for their customers, and encourage greater deployment of uRPF techniques.
- Re: [OPSEC] New Version Notification for draft-sr… Sriram, Kotikalapudi (Fed)