Re: [OSPF] WG Last Call for Supporting Authentication Trailer for OSPFv3 - draft-ietf-ospf-auth-trailer-ospfv3-03.txt

Curtis Villamizar <curtis@occnc.com> Tue, 12 April 2011 03:40 UTC

Return-Path: <curtis@occnc.com>
X-Original-To: ospf@ietfc.amsl.com
Delivered-To: ospf@ietfc.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfc.amsl.com (Postfix) with ESMTP id CC55FE069F for <ospf@ietfc.amsl.com>; Mon, 11 Apr 2011 20:40:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[AWL=0.500, BAYES_00=-2.599]
Received: from mail.ietf.org ([208.66.40.236]) by localhost (ietfc.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0hZl1Afu2+CZ for <ospf@ietfc.amsl.com>; Mon, 11 Apr 2011 20:40:18 -0700 (PDT)
Received: from harbor.orleans.occnc.com (harbor.orleans.occnc.com [173.9.106.135]) by ietfc.amsl.com (Postfix) with ESMTP id 3013EE0663 for <ospf@ietf.org>; Mon, 11 Apr 2011 20:40:18 -0700 (PDT)
Received: from harbor.orleans.occnc.com (harbor.orleans.occnc.com [173.9.106.135]) by harbor.orleans.occnc.com (8.13.6/8.13.6) with ESMTP id p3C3eDnC023873; Mon, 11 Apr 2011 23:40:13 -0400 (EDT) (envelope-from curtis@harbor.orleans.occnc.com)
Message-Id: <201104120340.p3C3eDnC023873@harbor.orleans.occnc.com>
To: "Bhatia, Manav (Manav)" <manav.bhatia@alcatel-lucent.com>
From: Curtis Villamizar <curtis@occnc.com>
In-reply-to: Your message of "Tue, 12 Apr 2011 08:38:47 +0530." <7C362EEF9C7896468B36C9B79200D8350CFD037ADA@INBANSXCHMBSA1.in.alcatel-lucent.com>
Date: Mon, 11 Apr 2011 23:40:13 -0400
Sender: curtis@occnc.com
Cc: "ospf@ietf.org" <ospf@ietf.org>
Subject: Re: [OSPF] WG Last Call for Supporting Authentication Trailer for OSPFv3 - draft-ietf-ospf-auth-trailer-ospfv3-03.txt
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: curtis@occnc.com
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ospf>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Apr 2011 03:40:19 -0000

In message <7C362EEF9C7896468B36C9B79200D8350CFD037ADA@INBANSXCHMBSA1.in.alcatel-lucent.com>;
"Bhatia, Manav (Manav)" writes:
>  
> Hi Curtis,
>  
> This draft aligns the OSPFv3 security mechanism with that of
> OSPFv2. Once this is done, any proposal or extension that works for
> OSPFv2 will work for OSPFv3 as well.
>  
> If for example, we decide to go via the nonce and session ID mechanism
> or the KARP boot count, then that mechanism will work for OSPFv3 also.
>  
> So, this really is orthogonal to the work that's being carried out in
> KARP/OSPF WGs. Once that gets frozen it will be applicable to OSPFv3
> as well. However, that can happen only once we have this piece in.
>  
> Cheers, Manav

Thanks.

Curtis


> > It is weak with only the 32 bit sequence number.  That said, if there
> > is concensus for moving forward as-is I have no objection.  It is a
> > step in the right direction, though IMHO it is too small a step in the
> > right direction and would not have to be revisited quite as soon if
> > something more robust were proposed.
> > 
> > Bottom line.  Falls short of what I'd like to see but no objection.
> > 
> > Curtis
> > 
> > _______________________________________________
> > OSPF mailing list
> > OSPF@ietf.org
> > https://www.ietf.org/mailman/listinfo/ospf