Re: [P2PSIP] Review of DRR and RPR documents
Zongning <zongning@huawei.com> Wed, 10 April 2013 01:07 UTC
Return-Path: <zongning@huawei.com>
X-Original-To: p2psip@ietfa.amsl.com
Delivered-To: p2psip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D742621F9795 for <p2psip@ietfa.amsl.com>; Tue, 9 Apr 2013 18:07:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -105.999
X-Spam-Level:
X-Spam-Status: No, score=-105.999 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, J_CHICKENPOX_31=0.6, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9WhnIpP8aC3n for <p2psip@ietfa.amsl.com>; Tue, 9 Apr 2013 18:07:51 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) by ietfa.amsl.com (Postfix) with ESMTP id 33FA021F978F for <p2psip@ietf.org>; Tue, 9 Apr 2013 18:07:50 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml204-edg.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.5-GA FastPath queued) with ESMTP id AQF51350; Wed, 10 Apr 2013 01:07:49 +0000 (GMT)
Received: from LHREML405-HUB.china.huawei.com (10.201.5.242) by lhreml204-edg.china.huawei.com (172.18.7.223) with Microsoft SMTP Server (TLS) id 14.1.323.7; Wed, 10 Apr 2013 02:07:19 +0100
Received: from nkgeml405-hub.china.huawei.com (10.98.56.36) by lhreml405-hub.china.huawei.com (10.201.5.242) with Microsoft SMTP Server (TLS) id 14.1.323.7; Wed, 10 Apr 2013 02:07:47 +0100
Received: from NKGEML501-MBS.china.huawei.com ([169.254.2.126]) by nkgeml405-hub.china.huawei.com ([10.98.56.36]) with mapi id 14.01.0323.007; Wed, 10 Apr 2013 09:07:43 +0800
From: Zongning <zongning@huawei.com>
To: "cjbc@it.uc3m.es" <cjbc@it.uc3m.es>, Roni Even <ron.even.tlv@gmail.com>
Thread-Topic: [P2PSIP] Review of DRR and RPR documents
Thread-Index: AQHN+JbQ+lELkghHqEm4neGtHGOlyJi9vfsAgBDYXgCAAIb9UA==
Date: Wed, 10 Apr 2013 01:07:42 +0000
Message-ID: <B0D29E0424F2DE47A0B36779EC666779256422DC@nkgeml501-mbs.china.huawei.com>
References: <1358855465.4174.24.camel@acorde.it.uc3m.es> <058001ce2d1a$a9012ff0$fb038fd0$@gmail.com> <1365555640.4323.19.camel@acorde.it.uc3m.es>
In-Reply-To: <1365555640.4323.19.camel@acorde.it.uc3m.es>
Accept-Language: en-US, zh-CN
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.138.41.75]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Cc: "draft-ietf-p2psip-rpr@tools.ietf.org" <draft-ietf-p2psip-rpr@tools.ietf.org>, "draft-ietf-p2psip-drr@tools.ietf.org" <draft-ietf-p2psip-drr@tools.ietf.org>, "p2psip@ietf.org" <p2psip@ietf.org>
Subject: Re: [P2PSIP] Review of DRR and RPR documents
X-BeenThere: p2psip@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Peer-to-Peer SIP working group discussion list <p2psip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/p2psip>, <mailto:p2psip-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/p2psip>
List-Post: <mailto:p2psip@ietf.org>
List-Help: <mailto:p2psip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Apr 2013 01:07:52 -0000
Hi, Carlos, I made mistake (using wrong file) when I tried to submit RPR draft, so that I could not do automatic post via IETF portal. I have asked 'internet-drafts@ietf.org' to do manual post and hope to see RPR draft in IETF repository soon. Sorry about that. -Ning > -----Original Message----- > From: Carlos Jesús Bernardos Cano [mailto:cjbc@it.uc3m.es] > Sent: Wednesday, April 10, 2013 9:01 AM > To: Roni Even > Cc: p2psip@ietf.org; draft-ietf-p2psip-drr@tools.ietf.org; > draft-ietf-p2psip-rpr@tools.ietf.org > Subject: Re: [P2PSIP] Review of DRR and RPR documents > > Hi Roni, > > Sorry for my late reply. > > I think I'm fine with your proposed text. I've seen that you have > updated DRR. Nnce you update RPR draft, I'll review both documents again > and post any further comments that I have (if any), as part of my > shepherd review. > > Thanks, > > Carlos > > On Sat, 2013-03-30 at 10:46 +0300, Roni Even wrote: > > Hi Carlos, > > The current text in the security section of both drafts is > > > > "As a routing alternative, the security part of RPR conforms to section 13.6 in > based draft[I-D.ietf-p2psip-base] which describes routing security." > > > > I saw you comment "I think this sections has to be extended. It is not clear to > me how the proposed approach conforms to -base security without providing > more details. How DoS attachs would be avoided for example, by trying to > forge the destination address". > > > > I am not sure what we can add here. The security section of the base draft > starts with an overview that references RFC5765. DRR and RPR are only > adding routing options. > > DRR provides a direct path back to the source and as such reduce the > problem on malicious nodes on the route to affect the route back. The digital > signatures defined in the based draft protects against changes of the > forwarding header. > > > > > > RPR as specified in the draft (section3.2) is using a trusted node close to the > initiating node, using a trusted nodes is recommended as a security policy. > We can look at RPR as DRR in the direction toward the destination and since it > is not an arbitrary node in the middle but one that should be trusted (managed > network, bootstrap peers or configured relay) and using the based security > recommendation will suffice. > > > > > > We can try to add more text based on the above observation > > > > for DRR > > > > "As a routing alternative, the security part of DRR conforms to section 13 > with emphasis one section 13.6 in based draft[I-D.ietf-p2psip-base] which > describes routing security. The DRR routing option provide the information > about the route back to the source. According to section 13 of the base drat > the forwarding header MUST be digitally signed protecting the DRR routing > information." > > > > For RPR > > > > "As a routing alternative, the security part of RPR conforms to section 13 > with emphasis one section 13.6 in based draft[I-D.ietf-p2psip-base] which > describes routing security. RPR behave like a DRR requesting node towards the > destination node. The RPR relay node is not an arbitrary node but should be a > trusted one (managed network, bootstrap peers or configured relay) which > will make it less of a risk as outlined in section13 of the based draft." > > > > Thanks > > Roni Even > > > > > > -----Original Message----- > > From: p2psip-bounces@ietf.org [mailto:p2psip-bounces@ietf.org] On Behalf > Of Carlos Jes?s Bernardos Cano > > Sent: 22 January, 2013 1:51 PM > > To: p2psip@ietf.org > > Cc: draft-ietf-p2psip-drr@tools.ietf.org; draft-ietf-p2psip-rpr@tools.ietf.org > > Subject: [P2PSIP] Review of DRR and RPR documents > > > > Hi, > > > > As agreed during the last meeting, I've performed a review of > draft-ietf-p2psip-drr and draft-ietf-p2psip-rpr documents, prior to shipping > them to the IESG for publication. My reviews are attached to this e-mail (I > added comments to the PDF version of each draft, hope this is fine). > > > > I'd like authors to go through the comments before sending the documents to > the IESG. There might be some issues that need to be brought to the WG for > discussion. > > > > I'd also like to ask the WG for opinion on one particular aspect. I'm wondering > if it would be better to merge both documents into a single one. Currently, both > documents make quite a lot of cross-references, but still there is duplicate text > in both of them, so I'd be more in favor of merging (personal opinion). Please, > comment on this on the mailing list. > > > > Thanks, > > > > Carlos > > >
- [P2PSIP] Review of DRR and RPR documents Carlos Jesús Bernardos Cano
- Re: [P2PSIP] Review of DRR and RPR documents Roni Even
- Re: [P2PSIP] Review of DRR and RPR documents Carlos Jesús Bernardos Cano
- Re: [P2PSIP] Review of DRR and RPR documents Zongning
- Re: [P2PSIP] Review of DRR and RPR documents Carlos Jesús Bernardos Cano
- Re: [P2PSIP] Review of DRR and RPR documents Roni Even
- Re: [P2PSIP] Review of DRR and RPR documents Roni Even
- Re: [P2PSIP] Review of DRR and RPR documents Carlos Jesús Bernardos Cano
- Re: [P2PSIP] Review of DRR and RPR documents Zongning
- Re: [P2PSIP] Review of DRR and RPR documents Carlos Jesús Bernardos Cano