[OSPF] Stephen Farrell's No Objection on draft-ietf-ospf-transition-to-ospfv3-10: (with COMMENT)

"Stephen Farrell" <stephen.farrell@cs.tcd.ie> Wed, 29 June 2016 13:06 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: ospf@ietf.org
Delivered-To: ospf@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id C75FE12DDD7; Wed, 29 Jun 2016 06:06:20 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
To: The IESG <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.25.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20160629130620.18837.68874.idtracker@ietfa.amsl.com>
Date: Wed, 29 Jun 2016 06:06:20 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ospf/8t0Uza7pGTGTL6PHYAzu0ATPHFI>
Cc: ospf@ietf.org, draft-ietf-ospf-transition-to-ospfv3@ietf.org, ospf-chairs@ietf.org, wenhu.lu@gmail.com
Subject: [OSPF] Stephen Farrell's No Objection on draft-ietf-ospf-transition-to-ospfv3-10: (with COMMENT)
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.17
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ospf/>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jun 2016 13:06:21 -0000

Stephen Farrell has entered the following ballot position for
draft-ietf-ospf-transition-to-ospfv3-10: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)

Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.

The document, along with other ballot positions, can be found here:


section 4: Just checking that I've gotten this right. Is the
following correct? 

If RFC7166 is being used then there is never a need to modify
packets in a way that would break the authentication. In other
words, am I correct that this draft doesn't envisage any middlebox
changing an OSPF packet in between the source (of authentication)
and destination(s)? 

If that is correct, then we're good. 

If that is not correct, then I think more needs to be said in
section 4, as it is not at all clear to me how a source could emit a
packet that a middlebox could modify, without having to share the
symmetric secret used for RFC7166 authentication with that
middlebox, which would be fairly clearly undesirable.