Re: [Pce] Stephen Farrell's No Objection on draft-ietf-pce-stateful-pce-18: (with COMMENT)
Jonathan Hardwick <Jonathan.Hardwick@metaswitch.com> Tue, 11 April 2017 14:35 UTC
Return-Path: <Jonathan.Hardwick@metaswitch.com>
X-Original-To: pce@ietfa.amsl.com
Delivered-To: pce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3052212922E; Tue, 11 Apr 2017 07:35:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.021
X-Spam-Level:
X-Spam-Status: No, score=-2.021 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=metaswitch.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QhmyHTKSuCJd; Tue, 11 Apr 2017 07:35:17 -0700 (PDT)
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-bl2nam02on0130.outbound.protection.outlook.com [104.47.38.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 91B64129B23; Tue, 11 Apr 2017 07:35:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=metaswitch.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=77g3OcGUeD6ktNZK0qXIoIqonlZ90oXdPsfQ6xYXdBk=; b=iWP2FhXFjr0y3VPGebhXsBDfOJ+IONDZsLNagycRqr0NF0B5yS7GCQ9y0LXVL9zwYZjSEcj1K2tVaHuzPxKHOyqHJLhmOPWQ88aQOjrVAXjZkyOacBmZnny+bUf4BHtLPmTjYZK28QZfP73H2nKWJBVYHpni8/tC90OpefhVd6M=
Received: from BY2PR0201MB1910.namprd02.prod.outlook.com (10.163.75.152) by BY2PR0201MB1912.namprd02.prod.outlook.com (10.163.75.154) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1019.17; Tue, 11 Apr 2017 14:35:11 +0000
Received: from BY2PR0201MB1910.namprd02.prod.outlook.com ([10.163.75.152]) by BY2PR0201MB1910.namprd02.prod.outlook.com ([10.163.75.152]) with mapi id 15.01.1019.025; Tue, 11 Apr 2017 14:35:11 +0000
From: Jonathan Hardwick <Jonathan.Hardwick@metaswitch.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, The IESG <iesg@ietf.org>
CC: "draft-ietf-pce-stateful-pce@ietf.org" <draft-ietf-pce-stateful-pce@ietf.org>, Julien Meuric <julien.meuric@orange.com>, "pce-chairs@ietf.org" <pce-chairs@ietf.org>, "julien.meuric@orange.com" <julien.meuric@orange.com>, "pce@ietf.org" <pce@ietf.org>
Thread-Topic: Stephen Farrell's No Objection on draft-ietf-pce-stateful-pce-18: (with COMMENT)
Thread-Index: AQHSnlOUd1C3Mf5MIUS/swMNwm03qKHAYgeA
Date: Tue, 11 Apr 2017 14:35:11 +0000
Message-ID: <BY2PR0201MB19106DFD4DFF2886F23DA0E184000@BY2PR0201MB1910.namprd02.prod.outlook.com>
References: <148966849007.14242.13141291039786806721.idtracker@ietfa.amsl.com>
In-Reply-To: <148966849007.14242.13141291039786806721.idtracker@ietfa.amsl.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: cs.tcd.ie; dkim=none (message not signed) header.d=none;cs.tcd.ie; dmarc=none action=none header.from=metaswitch.com;
x-originating-ip: [82.132.227.234]
x-microsoft-exchange-diagnostics: 1; BY2PR0201MB1912; 7:/hzHeLuchBPn2XMmOyPtauexi+fhN2YujwB9gAGOZNhilCONo/IcJ34Mvb+piVSmjaX1u03BX0NnM9CwJ5n6J51Xqs/xdRhUrNzKJb4YIIGbNL8Frq4rRwgLBVCmguo5RfzKEuYdBL6om/8eUoWJ7jjdsMcxVyN7BzDZKrS50OLYnAz2kVHCtI1L2jTeg6i22MNKsnRO+Bv0mslo0JounEMhZe+3APcVO3lZtEV22b8njxEfxGeuLZ5F/F6hnC1Mv7LyA8ziz9DByEwg4mb/8c+dHNEKK2LHHW197TXMfuxIvY2oYn0jzldd9/akL6SaUdpAfIDaRzv3Jp2YAztRww==
x-ms-office365-filtering-correlation-id: e15e6421-6528-43ff-3e85-08d480e7f600
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075)(201703131423075)(201703031133081); SRVR:BY2PR0201MB1912;
x-microsoft-antispam-prvs: <BY2PR0201MB19123A6822560134663A28A284000@BY2PR0201MB1912.namprd02.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(32856632585715)(120809045254105)(192374486261705)(18271650672692);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040450)(601004)(2401047)(8121501046)(5005006)(93006095)(93001095)(10201501046)(3002001)(6041248)(20161123555025)(20161123564025)(20161123562025)(201703131423075)(201702281528075)(201703061421075)(20161123560025)(6072148); SRVR:BY2PR0201MB1912; BCL:0; PCL:0; RULEID:; SRVR:BY2PR0201MB1912;
x-forefront-prvs: 0274272F87
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(39450400003)(39410400002)(39400400002)(13464003)(66654002)(66066001)(5660300001)(7736002)(305945005)(74316002)(2950100002)(229853002)(189998001)(54356999)(54906002)(8936002)(122556002)(53936002)(77096006)(33656002)(25786009)(3846002)(6116002)(102836003)(7696004)(50986999)(53546009)(76176999)(6306002)(3660700001)(8676002)(6506006)(6436002)(81166006)(3280700002)(9686003)(86362001)(4326008)(99286003)(2900100001)(55016002)(6246003)(2906002)(38730400002)(230783001); DIR:OUT; SFP:1102; SCL:1; SRVR:BY2PR0201MB1912; H:BY2PR0201MB1910.namprd02.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: metaswitch.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Apr 2017 14:35:11.6592 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 9d9e56eb-f613-4ddb-b27b-bfcdf14b2cdb
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR0201MB1912
Archived-At: <https://mailarchive.ietf.org/arch/msg/pce/4Vaar3mponjptA8pq4Y0a0TXuXA>
Subject: Re: [Pce] Stephen Farrell's No Objection on draft-ietf-pce-stateful-pce-18: (with COMMENT)
X-BeenThere: pce@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Path Computation Element <pce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pce>, <mailto:pce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pce/>
List-Post: <mailto:pce@ietf.org>
List-Help: <mailto:pce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pce>, <mailto:pce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Apr 2017 14:35:19 -0000
Hi Stephen Many thanks for this comment. I'm picking up this thread and replying as PCE working group chair, as the authors are unavailable. I apologise for the delay. Please see my proposed resolutions inline below, marked with "Jon>" Best regards Jon -----Original Message----- From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie] Sent: 16 March 2017 12:48 To: The IESG <iesg@ietf.org> Cc: draft-ietf-pce-stateful-pce@ietf.org; Julien Meuric <julien.meuric@orange.com>; pce-chairs@ietf.org; julien.meuric@orange.com; pce@ietf.org Subject: Stephen Farrell's No Objection on draft-ietf-pce-stateful-pce-18: (with COMMENT) Stephen Farrell has entered the following ballot position for draft-ietf-pce-stateful-pce-18: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-pce-stateful-pce/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- In 10.1, some references seem to be needed to say how to do that authentication and encryption. IIUC, that's a work in progress, or is that right? If so, when's it likely to be done and usable? Jon> You are correct - this is being specified in draft-ietf-pce-pceps. That document is ready to be submitted to the IESG (we are only waiting for the IPR poll to conclude) but draft-ietf-pce-stateful-pce is likely to be published first. We already discussed how to handle this with draft-ietf-pce-stateful-sync-optimizations, which was approved for publication recently. I think that we should handle it in a consistent way for draft-ietf-pce-stateful-pce. So I propose this change: OLD As a general precaution, it is RECOMMENDED that these PCEP extensions only be activated on authenticated and encrypted sessions across PCEs and PCCs belonging to the same administrative authority. NEW As a general precaution, it is RECOMMENDED that these PCEP extensions only be activated on authenticated and encrypted sessions across PCEs and PCCs belonging to the same administrative authority, using Transport Layer Security (TLS) [I-D.ietf-pce-pceps], as per the recommendations and best current practices in [RFC7525]. An administrator could also expose the speaker entity id as part of the certificate, so that the peer's identity can be verified. END NEW
- Re: [Pce] Stephen Farrell's No Objection on draft… Stephen Farrell
- Re: [Pce] Stephen Farrell's No Objection on draft… Jonathan Hardwick
- [Pce] Stephen Farrell's No Objection on draft-iet… Stephen Farrell