Re: [Pce] I-D Action: draft-ietf-pce-pceps-18.txt
"BRUNGARD, DEBORAH A" <db3546@att.com> Tue, 05 September 2017 18:01 UTC
Return-Path: <db3546@att.com>
X-Original-To: pce@ietfa.amsl.com
Delivered-To: pce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46CA9132DA2; Tue, 5 Sep 2017 11:01:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.4
X-Spam-Level:
X-Spam-Status: No, score=-5.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-2.8, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fIKedVH9ixgq; Tue, 5 Sep 2017 11:01:42 -0700 (PDT)
Received: from mx0a-00191d01.pphosted.com (mx0b-00191d01.pphosted.com [67.231.157.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 59A5F132DFE; Tue, 5 Sep 2017 11:01:42 -0700 (PDT)
Received: from pps.filterd (m0049458.ppops.net [127.0.0.1]) by m0049458.ppops.net-00191d01. (8.16.0.21/8.16.0.21) with SMTP id v85I1AH2035380; Tue, 5 Sep 2017 14:01:38 -0400
Received: from alpi155.enaf.aldc.att.com (sbcsmtp7.sbc.com [144.160.229.24]) by m0049458.ppops.net-00191d01. with ESMTP id 2ct0u1r0u9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 05 Sep 2017 14:01:38 -0400
Received: from enaf.aldc.att.com (localhost [127.0.0.1]) by alpi155.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id v85I1YcJ011826; Tue, 5 Sep 2017 14:01:37 -0400
Received: from mlpi407.sfdc.sbc.com (mlpi407.sfdc.sbc.com [130.9.128.239]) by alpi155.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id v85I1Ib8011048 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 5 Sep 2017 14:01:30 -0400
Received: from MISOUT7MSGHUBAG.ITServices.sbc.com (MISOUT7MSGHUBAG.itservices.sbc.com [130.9.129.151]) by mlpi407.sfdc.sbc.com (RSA Interceptor); Tue, 5 Sep 2017 18:00:56 GMT
Received: from MISOUT7MSGUSRDE.ITServices.sbc.com ([169.254.5.141]) by MISOUT7MSGHUBAG.ITServices.sbc.com ([130.9.129.151]) with mapi id 14.03.0361.001; Tue, 5 Sep 2017 14:00:56 -0400
From: "BRUNGARD, DEBORAH A" <db3546@att.com>
To: Dhruv Dhody <dhruv.dhody@huawei.com>, "pce@ietf.org" <pce@ietf.org>
CC: "pce-chairs@ietf.org" <pce-chairs@ietf.org>
Thread-Topic: [Pce] I-D Action: draft-ietf-pce-pceps-18.txt
Thread-Index: AQHTJfV3PaaQLilsX0mL0Sb5IFrG56Kl5YCAgACvPiA=
Date: Tue, 05 Sep 2017 18:00:55 +0000
Message-ID: <F64C10EAA68C8044B33656FA214632C87CE65C8B@MISOUT7MSGUSRDE.ITServices.sbc.com>
References: <150458141707.28732.18441323224205211619@ietfa.amsl.com> <23CE718903A838468A8B325B80962F9B8CBBE7D3@blreml501-mbx>
In-Reply-To: <23CE718903A838468A8B325B80962F9B8CBBE7D3@blreml501-mbx>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [135.70.202.171]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-RSA-Inspected: yes
X-RSA-Classifications: public
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-09-05_07:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_policy_notspam policy=outbound_policy score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1709050260
Archived-At: <https://mailarchive.ietf.org/arch/msg/pce/qn86IeM9UGl-ili9Q6vGDpEZgcY>
Subject: Re: [Pce] I-D Action: draft-ietf-pce-pceps-18.txt
X-BeenThere: pce@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Path Computation Element <pce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pce>, <mailto:pce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pce/>
List-Post: <mailto:pce@ietf.org>
List-Help: <mailto:pce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pce>, <mailto:pce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Sep 2017 18:01:45 -0000
Thanks Dhruv for holding the pen on this critical document for PCE and working with the IESG on their comments for improving the document! Deborah > -----Original Message----- > From: Dhruv Dhody [mailto:dhruv.dhody@huawei.com] > Sent: Monday, September 04, 2017 11:29 PM > To: pce@ietf.org > Cc: pce-chairs@ietf.org; BRUNGARD, DEBORAH A <db3546@att.com>; Eric > Rescorla <ekr@rtfm.com> > Subject: RE: [Pce] I-D Action: draft-ietf-pce-pceps-18.txt > > Hi WG, > > An update is made after discuss with Eric. Thanks Eric for continuing the > discussion on your 'discuss'. > > The change made is in the case of TLS negotiation failure after both PCEP peers > have sent the StartTLS message. > > OLD: > After the exchange of StartTLS messages, if the TLS negotiation fails > for some reason (e.g. the required mechanisms for certificate > revocation checking are not available), both peers SHOULD immediately > close the connection. Since the initiator has no way to know if the > peer is willing to accept PCEP connection without TLS, based on the > local policy, it MAY attempt to re-establish the PCEP session without > TLS. The attempt to re-establish the PCEP session without TLS SHOULD > be limited to only once. > NEW: > After the exchange of StartTLS messages, if the TLS negotiation fails > for some reason (e.g. the required mechanisms for certificate > revocation checking are not available), both peers MUST immediately > close the connection. > END > > See diff at - https://urldefense.proofpoint.com/v2/url?u=https- > 3A__www.ietf.org_rfcdiff-3Furl1-3Ddraft-2Dietf-2Dpce-2Dpceps-2D16-26url2- > 3Ddraft-2Dietf-2Dpce-2Dpceps-2D18&d=DwIFAg&c=LFYZ- > o9_HUMeMTSQicvjIg&r=6UhGpW9lwi9dM7jYlxXD8w&m=tVxrnFGyNsSVioJp_ul > H_-lsuXd- > o6ODUeSYNzXZM0Q&s=qbQiWHiY7dEFAIeOMS3wM7fBMMhozS05d9rnuozvhd > Q&e= > > With this update all comments during IESG evaluation are handled. > > Thanks! > Dhruv > > > -----Original Message----- > > From: Pce [mailto:pce-bounces@ietf.org] On Behalf Of internet- > > drafts@ietf.org > > Sent: 05 September 2017 08:47 > > To: i-d-announce@ietf.org > > Cc: pce@ietf.org > > Subject: [Pce] I-D Action: draft-ietf-pce-pceps-18.txt > > > > > > A New Internet-Draft is available from the on-line Internet-Drafts > > directories. > > This draft is a work item of the Path Computation Element WG of the IETF. > > > > Title : Secure Transport for PCEP > > Authors : Diego R. Lopez > > Oscar Gonzalez de Dios > > Qin Wu > > Dhruv Dhody > > Filename : draft-ietf-pce-pceps-18.txt > > Pages : 25 > > Date : 2017-09-04 > > > > Abstract: > > The Path Computation Element Communication Protocol (PCEP) defines > > the mechanisms for the communication between a Path Computation > > Client (PCC) and a Path Computation Element (PCE), or among PCEs. > > This document describes the usage of Transport Layer Security (TLS) > > to enhance PCEP security, hence the PCEPS acronym proposed for it. > > The additional security mechanisms are provided by the transport > > protocol supporting PCEP, and therefore they do not affect the > > flexibility and extensibility of PCEP. > > > > This document updates RFC 5440 in regards to the PCEP initialization > > phase procedures. > > > > > > The IETF datatracker status page for this draft is: > > https://urldefense.proofpoint.com/v2/url?u=https- > 3A__datatracker.ietf.org_doc_draft-2Dietf-2Dpce- > 2Dpceps_&d=DwIFAg&c=LFYZ- > o9_HUMeMTSQicvjIg&r=6UhGpW9lwi9dM7jYlxXD8w&m=tVxrnFGyNsSVioJp_ul > H_-lsuXd-o6ODUeSYNzXZM0Q&s=qyyOR8SD81Hnixb- > MgME8Z7L0NovuKCzGNNt7PWYTZg&e= > > > > There are also htmlized versions available at: > > https://urldefense.proofpoint.com/v2/url?u=https- > 3A__tools.ietf.org_html_draft-2Dietf-2Dpce-2Dpceps- > 2D18&d=DwIFAg&c=LFYZ- > o9_HUMeMTSQicvjIg&r=6UhGpW9lwi9dM7jYlxXD8w&m=tVxrnFGyNsSVioJp_ul > H_-lsuXd-o6ODUeSYNzXZM0Q&s=TdxXKOIpYfAf6SBw- > 7ZTgcGNc7BNXp8mmE2rARfT0B4&e= > > https://urldefense.proofpoint.com/v2/url?u=https- > 3A__datatracker.ietf.org_doc_html_draft-2Dietf-2Dpce-2Dpceps- > 2D18&d=DwIFAg&c=LFYZ- > o9_HUMeMTSQicvjIg&r=6UhGpW9lwi9dM7jYlxXD8w&m=tVxrnFGyNsSVioJp_ul > H_-lsuXd-o6ODUeSYNzXZM0Q&s=NH- > P1MmkcSTlbBNCgMvFuEBLtNi3dA4EtBY3Pi7p26Q&e= > > > > A diff from the previous version is available at: > > https://urldefense.proofpoint.com/v2/url?u=https- > 3A__www.ietf.org_rfcdiff-3Furl2-3Ddraft-2Dietf-2Dpce-2Dpceps- > 2D18&d=DwIFAg&c=LFYZ- > o9_HUMeMTSQicvjIg&r=6UhGpW9lwi9dM7jYlxXD8w&m=tVxrnFGyNsSVioJp_ul > H_-lsuXd-o6ODUeSYNzXZM0Q&s=H9jEXpSdf44FK0d5- > K0aFUdXiOi4CDCENXoZe983y40&e= > > > > > > Please note that it may take a couple of minutes from the time of > > submission until the htmlized version and diff are available at > > tools.ietf.org. > > > > Internet-Drafts are also available by anonymous FTP at: > > https://urldefense.proofpoint.com/v2/url?u=ftp-3A__ftp.ietf.org_internet- > 2Ddrafts_&d=DwIFAg&c=LFYZ- > o9_HUMeMTSQicvjIg&r=6UhGpW9lwi9dM7jYlxXD8w&m=tVxrnFGyNsSVioJp_ul > H_-lsuXd- > o6ODUeSYNzXZM0Q&s=PBKMbM2Wyf9AGDUgZVq8QoajUkbvqJMIxW9VWzMk > dIQ&e= > > > > _______________________________________________ > > Pce mailing list > > Pce@ietf.org > > https://urldefense.proofpoint.com/v2/url?u=https- > 3A__www.ietf.org_mailman_listinfo_pce&d=DwIFAg&c=LFYZ- > o9_HUMeMTSQicvjIg&r=6UhGpW9lwi9dM7jYlxXD8w&m=tVxrnFGyNsSVioJp_ul > H_-lsuXd- > o6ODUeSYNzXZM0Q&s=6GAViva04B1Y4b4EJrfxhrRKeBUT36eiFTtplE3YHy4&e=
- [Pce] I-D Action: draft-ietf-pce-pceps-18.txt internet-drafts
- Re: [Pce] I-D Action: draft-ietf-pce-pceps-18.txt Dhruv Dhody
- Re: [Pce] I-D Action: draft-ietf-pce-pceps-18.txt BRUNGARD, DEBORAH A
- Re: [Pce] I-D Action: draft-ietf-pce-pceps-18.txt Qin Wu