Re: [Pce] I-D Action: draft-ietf-pce-pceps-18.txt
Dhruv Dhody <dhruv.dhody@huawei.com> Tue, 05 September 2017 03:29 UTC
Return-Path: <dhruv.dhody@huawei.com>
X-Original-To: pce@ietfa.amsl.com
Delivered-To: pce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 03A541321EB; Mon, 4 Sep 2017 20:29:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.22
X-Spam-Level:
X-Spam-Status: No, score=-4.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ju0DyJSHhPF9; Mon, 4 Sep 2017 20:29:45 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2288D13218E; Mon, 4 Sep 2017 20:29:43 -0700 (PDT)
Received: from 172.18.7.190 (EHLO LHREML713-CAH.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DNX43489; Tue, 05 Sep 2017 03:29:41 +0000 (GMT)
Received: from BLREML405-HUB.china.huawei.com (10.20.4.41) by LHREML713-CAH.china.huawei.com (10.201.108.36) with Microsoft SMTP Server (TLS) id 14.3.301.0; Tue, 5 Sep 2017 04:29:41 +0100
Received: from BLREML501-MBX.china.huawei.com ([10.20.5.198]) by BLREML405-HUB.china.huawei.com ([10.20.4.41]) with mapi id 14.03.0301.000; Tue, 5 Sep 2017 08:59:30 +0530
From: Dhruv Dhody <dhruv.dhody@huawei.com>
To: "pce@ietf.org" <pce@ietf.org>
CC: "pce-chairs@ietf.org" <pce-chairs@ietf.org>, "BRUNGARD, DEBORAH A" <db3546@att.com>, Eric Rescorla <ekr@rtfm.com>
Thread-Topic: [Pce] I-D Action: draft-ietf-pce-pceps-18.txt
Thread-Index: AQHTJfWLTbhQQnifd06MxLyE8k4t66KloItQ
Date: Tue, 05 Sep 2017 03:29:29 +0000
Message-ID: <23CE718903A838468A8B325B80962F9B8CBBE7D3@blreml501-mbx>
References: <150458141707.28732.18441323224205211619@ietfa.amsl.com>
In-Reply-To: <150458141707.28732.18441323224205211619@ietfa.amsl.com>
Accept-Language: en-GB, zh-CN, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.18.79.147]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020206.59AE1A26.0055, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: a983b50749163193d8509ff43f61ba92
Archived-At: <https://mailarchive.ietf.org/arch/msg/pce/RUXBBMNLvvfSWlMtHv1MS0QpNbk>
Subject: Re: [Pce] I-D Action: draft-ietf-pce-pceps-18.txt
X-BeenThere: pce@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Path Computation Element <pce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pce>, <mailto:pce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pce/>
List-Post: <mailto:pce@ietf.org>
List-Help: <mailto:pce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pce>, <mailto:pce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Sep 2017 03:29:47 -0000
Hi WG, An update is made after discuss with Eric. Thanks Eric for continuing the discussion on your 'discuss'. The change made is in the case of TLS negotiation failure after both PCEP peers have sent the StartTLS message. OLD: After the exchange of StartTLS messages, if the TLS negotiation fails for some reason (e.g. the required mechanisms for certificate revocation checking are not available), both peers SHOULD immediately close the connection. Since the initiator has no way to know if the peer is willing to accept PCEP connection without TLS, based on the local policy, it MAY attempt to re-establish the PCEP session without TLS. The attempt to re-establish the PCEP session without TLS SHOULD be limited to only once. NEW: After the exchange of StartTLS messages, if the TLS negotiation fails for some reason (e.g. the required mechanisms for certificate revocation checking are not available), both peers MUST immediately close the connection. END See diff at - https://www.ietf.org/rfcdiff?url1=draft-ietf-pce-pceps-16&url2=draft-ietf-pce-pceps-18 With this update all comments during IESG evaluation are handled. Thanks! Dhruv > -----Original Message----- > From: Pce [mailto:pce-bounces@ietf.org] On Behalf Of internet- > drafts@ietf.org > Sent: 05 September 2017 08:47 > To: i-d-announce@ietf.org > Cc: pce@ietf.org > Subject: [Pce] I-D Action: draft-ietf-pce-pceps-18.txt > > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Path Computation Element WG of the IETF. > > Title : Secure Transport for PCEP > Authors : Diego R. Lopez > Oscar Gonzalez de Dios > Qin Wu > Dhruv Dhody > Filename : draft-ietf-pce-pceps-18.txt > Pages : 25 > Date : 2017-09-04 > > Abstract: > The Path Computation Element Communication Protocol (PCEP) defines > the mechanisms for the communication between a Path Computation > Client (PCC) and a Path Computation Element (PCE), or among PCEs. > This document describes the usage of Transport Layer Security (TLS) > to enhance PCEP security, hence the PCEPS acronym proposed for it. > The additional security mechanisms are provided by the transport > protocol supporting PCEP, and therefore they do not affect the > flexibility and extensibility of PCEP. > > This document updates RFC 5440 in regards to the PCEP initialization > phase procedures. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-pce-pceps/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-ietf-pce-pceps-18 > https://datatracker.ietf.org/doc/html/draft-ietf-pce-pceps-18 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-pce-pceps-18 > > > Please note that it may take a couple of minutes from the time of > submission until the htmlized version and diff are available at > tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > Pce mailing list > Pce@ietf.org > https://www.ietf.org/mailman/listinfo/pce
- [Pce] I-D Action: draft-ietf-pce-pceps-18.txt internet-drafts
- Re: [Pce] I-D Action: draft-ietf-pce-pceps-18.txt Dhruv Dhody
- Re: [Pce] I-D Action: draft-ietf-pce-pceps-18.txt BRUNGARD, DEBORAH A
- Re: [Pce] I-D Action: draft-ietf-pce-pceps-18.txt Qin Wu