Re: [Pce] AD review of draft-ietf-pce-binding-label-sid-10
Dhruv Dhody <dd@dhruvdhody.com> Fri, 01 October 2021 06:11 UTC
Return-Path: <dd@dhruvdhody.com>
X-Original-To: pce@ietfa.amsl.com
Delivered-To: pce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 92DA63A07F3 for <pce@ietfa.amsl.com>; Thu, 30 Sep 2021 23:11:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=dhruvdhody-com.20210112.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MRTlWf1MemPn for <pce@ietfa.amsl.com>; Thu, 30 Sep 2021 23:11:17 -0700 (PDT)
Received: from mail-pf1-x42e.google.com (mail-pf1-x42e.google.com [IPv6:2607:f8b0:4864:20::42e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B43403A07F4 for <pce@ietf.org>; Thu, 30 Sep 2021 23:11:17 -0700 (PDT)
Received: by mail-pf1-x42e.google.com with SMTP id s55so5958909pfw.4 for <pce@ietf.org>; Thu, 30 Sep 2021 23:11:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dhruvdhody-com.20210112.gappssmtp.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=9sNvIjhqoI38zyMQuxt6Z0MUA9+x6enLT6aBnnXjznY=; b=ys6fCfzBO/7ffKLuDPTjNb7ATMbVjBx1YY+Y8NuCSaWjrMsArjPYxjsIKRgAa4tPGi EC7eq5PD4wC154745A6u1a/+/YUkaSR0nj77UKC6J4xhXMyWR8oN2sV1uA7nMbHs+xYI QcLsSyqjH9h71m95Zam5V8wEvFsc3b7qxcxUILGGLi11yavljeNuRBI65xTw/aja4xeo TV/U9bX8X4ZVO+1FP6G9yzd/3KQcI5wKT0iDW+uu0SB4PfL8mnQm0B3c/67lmw+69vgg 7BjMbZ/sTbcG5edKkdL5t4NdMQ57hNbitAMmaOLRhZcW3V5nSfQNbKb8+kiQ55ONcZpj HvJA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=9sNvIjhqoI38zyMQuxt6Z0MUA9+x6enLT6aBnnXjznY=; b=Lqtdp/Q8dzCaFGBlJd3G843onq+iya68Y2rqfDNVytckPPlBkxLSxfYDhZXnKYFjS5 hPGYBgIho0vuEm0PkjCDpnNg1wOY4wdyzsamTw38/rFXrDu3MQS2q2AmXnTIOsmQVA+x 6JESzEYpR7jWGINFeD9qzbCaT5/VCzYJjAjzG/BOMWintflNisXDvkhguK4AjbE1ki9k 3kE0nvtJzF8hrii8zkTL75teDyWx5Quy7rky7osechxDq9Qx9YcIOvIyznkJ5l0eHxjr AWaCNeukwZkgc/SEAWqBZS74/UgbsWgVlCVocsiuo3kUNuJcD3ZWxMio1Mc4DRNhVyIL wyyw==
X-Gm-Message-State: AOAM532daljAZdtfYGQ2eZ7+7C/ZWVcsx+XALuMtzdFj95UN1bX65fyx W3bYXyBb9PX5RN+bynYAl2kOvRBKUNR+Dx4oSztPsg==
X-Google-Smtp-Source: ABdhPJwKQSLF63C1kmw0IlvHjv0Enly+YJxu2b7+q3qwMZheabfGvCU5BpxEhj+UfLK0zMuzEJv/B/Ly0/zUUUBM9cY=
X-Received: by 2002:aa7:8686:0:b0:44c:102:a57c with SMTP id d6-20020aa78686000000b0044c0102a57cmr5327933pfo.44.1633068676391; Thu, 30 Sep 2021 23:11:16 -0700 (PDT)
MIME-Version: 1.0
References: <3EF2EBC1-9EDA-4B73-8CFA-8449738ABEEB@juniper.net> <CAB75xn5Uc6KwF0EaMZyhbaZR4mo2gcY=ZgwMogpKb9n=OMzvPg@mail.gmail.com> <219BD519-4889-4CB8-BAD1-D0A08CA5AFE0@juniper.net>
In-Reply-To: <219BD519-4889-4CB8-BAD1-D0A08CA5AFE0@juniper.net>
From: Dhruv Dhody <dd@dhruvdhody.com>
Date: Fri, 01 Oct 2021 11:40:39 +0530
Message-ID: <CAP7zK5ZUDJGSPAPPKaEC-GeiOsLcqZ2Bum78jUPfGnRyr=hPOA@mail.gmail.com>
To: John Scudder <jgs@juniper.net>
Cc: Dhruv Dhody <dhruv.ietf@gmail.com>, "draft-ietf-pce-binding-label-sid@ietf.org" <draft-ietf-pce-binding-label-sid@ietf.org>, pce-chairs <pce-chairs@ietf.org>, "pce@ietf.org" <pce@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000059bc7005cd446e63"
Archived-At: <https://mailarchive.ietf.org/arch/msg/pce/NcGSmOU9nzob7cmfX2cdV-Knbnc>
Subject: Re: [Pce] AD review of draft-ietf-pce-binding-label-sid-10
X-BeenThere: pce@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Path Computation Element <pce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pce>, <mailto:pce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pce/>
List-Post: <mailto:pce@ietf.org>
List-Help: <mailto:pce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pce>, <mailto:pce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Oct 2021 06:11:21 -0000
Hi John, <snip> > > *************** > > *** 507,513 **** > > --- 558,573 ---- > > > > > > In some cases, a stateful PCE can request the PCC to allocate any > > + ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > binding value. It instructs the PCC by sending a PCUpd message > > + ^^^^^^^^^^^^^ > > + I don't understand what that means. My *guess* is that you mean > > + the PCE is just saying "hey PCC, please allocate a binding value > > + and tell me what it is". Is that right? If so I think this > > + could be worded even more clearly, perhaps "a stateful PCE may > > + want to request that the PCE allocate a binding value of the PCE's > > + own choosing"? > > + > > > > [Dhruv]: It should be PCC's own choosing. > > Were you just correcting my comment (to say I should have written “PCC” > the latter two times, I agree, my mistake), or was your point also to say > that yes, my guess is correct? If the latter, then as I mentioned, I’d > appreciate having the wording improved. > > [Dhruv]: I was correcting your suggested text (sorry for not being clear). I agree that clarifying text is a good idea. > > <snip> > > *************** > > *** 655,660 **** > > --- 742,758 ---- > > * Send a PCErr message with Error-Type=19 (Invalid Operation) > and > > Error-Value=16 (Attempted PCECC operations when PCECC > > capability was not advertised) > > + > > + You need to update your reference to point to RFC 9050. You should > > + then either reference §5.4 and NOT copy-and-paste the relevant text, > > + or you should (less desirably, IMO) update your copy-and-paste to > > + the text published with RFC 9050. Notably, RFC 9050 covers the case > > + of a legacy PCEP speaker, whereas the text in this spec doesn't. > > + > > + IMO since RFC 9050 already specifies what to do when the capability > > + isn't exchanged, there is no need to say anything at all in this > > + document, so unless you have a compelling reason (what?) to keep it, > > + please remove this bullet and its two sub-bullets. > > > > * Terminate the PCEP session > > > > > > > > [Dhruv]: The only reason to include this text is for "P=1 in the LSP > object" i.e. the presence of the LSP object with P flag set is to be > considered as a PCECC operation, which would not be the case in RFC9050. > > I see, thanks. In that case, then I guess the copy-paste needs to be > updated to follow the text in 9050, or if that doesn’t work for some reason > I’ve overlooked, in any case the text needs to be updated to cover the case > of a legacy speaker. > > [Dhruv]: Agree. > > *************** > > *** 745,754 **** > > [RFC8281] and [RFC8664] are applicable to this specification. No > > additional security measure is required. > > > > ! As described [RFC8664], SR allows a network controller to > instantiate > > and control paths in the network. A rogue PCE can manipulate > binding > > SID allocations to move traffic around for some other LSP that uses > > BSID in its SR-ERO. > > > > Thus, as per [RFC8231], it is RECOMMENDED that these PCEP extensions > > only be activated on authenticated and encrypted sessions across > PCEs > > --- 843,857 ---- > > [RFC8281] and [RFC8664] are applicable to this specification. No > > additional security measure is required. > > > > ! As described in [RFC8664], SR allows a network controller to > instantiate > > and control paths in the network. A rogue PCE can manipulate > binding > > SID allocations to move traffic around for some other LSP that uses > > BSID in its SR-ERO. > > + > > + Try as I might, I'm not able to figure out what, specifically, the > above > > + sentence (that begins "a rogue PCE") means. I mean, I get it, a rogue > > + PCE can misdirect traffic. Beyond that, can you help me understand > what > > + you meant to convey here? > > > > [Dhruv]: IMHO it highlights how this new capability of "allocating > binding SID" can be exploited by a rogue PCE to misdirect traffic. Path > {A, B, BSID_1} can be misdirected just by assigning the BSID_1 value to a > different LSP making it a lot easier (and harder to detect). > > I think it would be helpful to add something concrete like that. > > [Dhruv]: I agree. > > Thus, as per [RFC8231], it is RECOMMENDED that these PCEP extensions > > only be activated on authenticated and encrypted sessions across > PCEs > > *************** > > *** 773,778 **** > > --- 876,889 ---- > > > > The PCEP YANG module [I-D.ietf-pce-pcep-yang] could be extended to > > include policy configuration for binding label/SID allocation. > > + > > + It looks like pcep-yang expired a couple months ago, but I think > > + that's just an oversight and doesn't reflect the WG abandoning > > + the work. Is there any intention on the part of the WG, to > > + extend it as described? My understanding is that yes, the WG does > > + intend to do this -- in that case I think this section would be > > + stronger if you indicated that, something like "The PCEP YANG module > > + will be extended..." instead of "could be". > > > > > > > > [Dhruv]: This one is my fault. It is on my to-do list to update. > > OK, thanks. If the WG has consensus that the YANG module will be extended > as described, I think making the suggested change might help avoid > questions during IESG review. > > [Dhruv]: Sure! <snip> Cheng is holding the pen for this I-D. It's a holiday week in China, so let's give him some time to respond. Thanks! Dhruv
- [Pce] AD review of draft-ietf-pce-binding-label-s… John Scudder
- Re: [Pce] AD review of draft-ietf-pce-binding-lab… Dhruv Dhody
- Re: [Pce] AD review of draft-ietf-pce-binding-lab… John Scudder
- Re: [Pce] AD review of draft-ietf-pce-binding-lab… Dhruv Dhody
- Re: [Pce] AD review of draft-ietf-pce-binding-lab… Chengli (Cheng Li)