Re: [OSPF] IETF 67 OSPF WG Meeting minutes - Correct file appended

"Phil Cowburn" <phil.cowburn@gmail.com> Thu, 16 November 2006 15:42 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GkjNV-0000PT-1T; Thu, 16 Nov 2006 10:42:13 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GkjNT-0000PJ-Ij for ospf@ietf.org; Thu, 16 Nov 2006 10:42:11 -0500
Received: from ug-out-1314.google.com ([66.249.92.171]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GkjNS-00050c-7V for ospf@ietf.org; Thu, 16 Nov 2006 10:42:11 -0500
Received: by ug-out-1314.google.com with SMTP id 72so426007ugd for <ospf@ietf.org>; Thu, 16 Nov 2006 07:42:09 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=Fq0QzmtVYlXGucF/McQdWX1mfVucX4kK7QbckpFvh2o5mBRO2G6wfDXFWg24PMiLDg/m4+E9mrgueMrotP1TtM8GLlstLKdwZjIxjPUKCNr0Wc5zhUP719imIuuig3U6QSb498A69BUUP268DZVPeCvyoYSc/4ZsG4mtvJuqBYI=
Received: by 10.78.170.17 with SMTP id s17mr689548hue.1163691728860; Thu, 16 Nov 2006 07:42:08 -0800 (PST)
Received: by 10.78.200.20 with HTTP; Thu, 16 Nov 2006 07:42:08 -0800 (PST)
Message-ID: <6e6ce9380611160742o11c0991axf41f9c04782ef001@mail.gmail.com>
Date: Thu, 16 Nov 2006 21:12:08 +0530
From: "Phil Cowburn" <phil.cowburn@gmail.com>
To: "Acee Lindem" <acee@cisco.com>
Subject: Re: [OSPF] IETF 67 OSPF WG Meeting minutes - Correct file appended
In-Reply-To: <45587A54.1090309@cisco.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <45587A54.1090309@cisco.com>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: d185fa790257f526fedfd5d01ed9c976
Cc: OSPF List <ospf@ietf.org>
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/ospf>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
Errors-To: ospf-bounces@ietf.org

Acee,

> Presentation Michael Barnes : Crypto alg reqmts for OSPFv2
>
>    Some discussion on list already
>
>    Crypto - only md5 to date, can be attacked, some want stronger algs
>         perhaps should specify these
>
>    How - 2328 can add other algs w/o too much problem

Yes it does, but debugging would be a nightmare! :-)

Let me not trigger a discussion again, i am ok with using the existing
type code!

>
>    This draft - new algorithms should be used and won't change
>    proto fields, there is key-id field which can has an associated
>    algorithm as a property.
>
>    Adding crypto terms- SA's - will carry key/alg choice, fairly
>    straight forward approach - should not cause backwards compatibility
>    because no change to OSPF proto fields - it's mis-config if one peers
>    has a different algorithm.
>
>    Acee: IPSec for v3, once done, lacks replay and key dist issues
>    on lan - w/v2 these problems are solved mainly (seq#>=, not
>    monotonic incr). Vishwas present requirements in Paris in both
>    OSPF and RPSEC WGs.
>
>    Sandy Murphy, Sparta : what is manditory to implement?
>    Michael - Separate doc will discuss what is req'd (ala ISIS approach)
>
> Presentation: Manav Bhatia - Crypto Requirements Document
>
>    NULL, MS5, sha1, cryptographic - refs in this doc
>    more algorithms keep coming eg des was once must, now is should ot
>
>    What doc must, should, - running doc as algorithms come and go
>    uses 2119 terms should+ = should may become must
>
>    See slides and draft for specific requirements.
>
>    Acee: "should not" wording is problematic for NULL and other
>    existing requirements.
>
>    Russ white: shold may become a must vs. should+ (better to say
>         what is meant)

I dont see any show stopper comments, so what is the status of the
auth drafts? There was a discussion on these drafts some time back and
the consensus was that the drafts would not be changed and we would
reuse the existing type code for additional authentication types.

If there are no further comments then should these be taken up as a new items?

>
> Presentation Lou Berger: berger-ospf-rfc2370bis followon to ietf66 - opaque
>    LSA across areas - problem w/validation - so instead rev'd 2370

..

>
>    Acee wanted MAY or Should added
>    Acee: when we add new info to TE LSAs - scalability issues -
>          give priority to base ospf LSA over the opaque LSAs.
>    Lou: We should take to list whether MAY or SHOULD should be in
>         the final text.

SHOULD sounds too strong to me. This is an implementation specific
issue and not all implementations may be able to prioritize OSPF pkts.
In view of this, a MAY should be sufficient as a recommendation from
the WG. Lets not word it any stronger than this.

>
>    Acee: Will validate on list that this is to become a WG document.

I am in favor of this.

Phil

_______________________________________________
OSPF mailing list
OSPF@ietf.org
https://www1.ietf.org/mailman/listinfo/ospf