Re: [pcp] WGLC: draft-ietf-pcp-anycast-02 comments due by NOV 10
"Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com> Thu, 30 October 2014 09:57 UTC
Return-Path: <tireddy@cisco.com>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3BE6F1AD094 for <pcp@ietfa.amsl.com>; Thu, 30 Oct 2014 02:57:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IjyD76qgY-8r for <pcp@ietfa.amsl.com>; Thu, 30 Oct 2014 02:57:08 -0700 (PDT)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BECFF1A86FA for <pcp@ietf.org>; Thu, 30 Oct 2014 02:57:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2211; q=dns/txt; s=iport; t=1414663028; x=1415872628; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=8+fN6ZDQKFpmcI5w02ky/AhdJUQQ5ccP1InpyOys2p8=; b=cRMUkFyZF/Bv5jRHcZn/j6Bmwe6vRSrF+apfifEWVZTqvkCfe3RI35lW 17iuo9sZVNiRE9MM6kaPdIeqrp/7N+ZHvaPzwF2B3yB2m0WVE+rwpGv3G MJeTaL1SvN4DV683DiwICNuBw9S1mKRXXm455w1WiltviAW0QIJG49Meg 0=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AhAFAMkKUlStJV2U/2dsb2JhbABcgw5UWATNSwqHTQKBJBYBAQEBAX2EAgEBAQMBAQEBNzQLBQcEAgEIEQQBAQEKFAkHJwsUCQgBAQQBDQUIiDAJDcgeAQEBAQEBAQEBAQEBAQEBAQEBAQEBEwSNQYJtEQEfMQcGgyeBHgWFFYx4jQ6DSpFEg3hsgQ85gQMBAQE
X-IronPort-AV: E=Sophos;i="5.07,284,1413244800"; d="scan'208";a="91649143"
Received: from rcdn-core-12.cisco.com ([173.37.93.148]) by alln-iport-1.cisco.com with ESMTP; 30 Oct 2014 09:57:07 +0000
Received: from xhc-aln-x14.cisco.com (xhc-aln-x14.cisco.com [173.36.12.88]) by rcdn-core-12.cisco.com (8.14.5/8.14.5) with ESMTP id s9U9v7n0013344 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Thu, 30 Oct 2014 09:57:07 GMT
Received: from xmb-rcd-x10.cisco.com ([169.254.15.250]) by xhc-aln-x14.cisco.com ([173.36.12.88]) with mapi id 14.03.0195.001; Thu, 30 Oct 2014 04:57:07 -0500
From: "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com>
To: Markus Stenberg <markus.stenberg@iki.fi>, Dave Thaler <dthaler@microsoft.com>
Thread-Topic: [pcp] WGLC: draft-ietf-pcp-anycast-02 comments due by NOV 10
Thread-Index: Ac/yI95Brf3vcxhCSdqFqWbTC/OErACIi68AAAem4GA=
Date: Thu, 30 Oct 2014 09:57:07 +0000
Message-ID: <913383AAA69FF945B8F946018B75898A28352302@xmb-rcd-x10.cisco.com>
References: <0d54be2504534facaaaddfb275ba982d@BY2PR03MB412.namprd03.prod.outlook.com> <E9BFF7F2-AF64-4787-BFD6-C4F619C95B04@iki.fi>
In-Reply-To: <E9BFF7F2-AF64-4787-BFD6-C4F619C95B04@iki.fi>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [173.39.67.202]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/pcp/N4WPDUU8Jg5dA1dqlPdVpH2nefs
Cc: "pcp@ietf.org" <pcp@ietf.org>
Subject: Re: [pcp] WGLC: draft-ietf-pcp-anycast-02 comments due by NOV 10
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp/>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Oct 2014 09:57:11 -0000
> -----Original Message----- > From: pcp [mailto:pcp-bounces@ietf.org] On Behalf Of Markus Stenberg > Sent: Thursday, October 30, 2014 2:03 PM > To: Dave Thaler > Cc: pcp@ietf.org > Subject: Re: [pcp] WGLC: draft-ietf-pcp-anycast-02 comments due by NOV 10 > > On 27.10.2014, at 22.23, Dave Thaler <dthaler@microsoft.com> wrote: > > This email initiates a Working Group Last Call on : > > draft-ietf-pcp-anycast-02 to conclude on Monday, November 10th at the > PCP WG meeting in Honolulu. Please send comments to the list. > > > > As a reminder, when responding to a WGLC, what we chairs are looking > > for is a statement about document quality (not really about whether > > the mechanism should move forward). That is, state whether you think the > document is ready as is, or if not, what issues you see. > > I think the document (and the mechanism) is mostly fine and needed. > > What I am wondering about is security considerations section; given > implementations not aware of this draft, a host on the inner side can also > advertise the anycast address, and potentially get traffic meant for first-hop > PCP server. One possible way to mitigate that attack is use PCP authentication (PCP client and server must be able to mutually authenticate). -Tiru > Given the scheme defined in section 2.1 (SHOULD use first-hop > first), it is possible, although not probable. But still, I would say the same > problem is both on local network(s) _and_ on the other side of the firewall. > > (It could also state that finding (platform independently) next-hop gateway > programmatically can be hard for pure 'applications' sometimes, but I > wonder if this is too much detail. But if app just chose anycast address, the > above SHOULD would not be followed and the security considerations > problems would be more severe.) > > Also.. Is there actually defined mechanism to redirect or provide list of PCP > servers that is mentioned in the introduction? > > Cheers, > > -Markus > > _______________________________________________ > pcp mailing list > pcp@ietf.org > https://www.ietf.org/mailman/listinfo/pcp
- [pcp] WGLC: draft-ietf-pcp-anycast-02 comments du… Dave Thaler
- Re: [pcp] WGLC: draft-ietf-pcp-anycast-02 comment… Markus Stenberg
- Re: [pcp] WGLC: draft-ietf-pcp-anycast-02 comment… Tirumaleswar Reddy (tireddy)
- Re: [pcp] WGLC: draft-ietf-pcp-anycast-02 comment… mohamed.boucadair
- Re: [pcp] WGLC: draft-ietf-pcp-anycast-02 comment… Sebastian Kiesel
- Re: [pcp] WGLC: draft-ietf-pcp-anycast-02 comment… Simon Perreault
- Re: [pcp] WGLC: draft-ietf-pcp-anycast-02 comment… mohamed.boucadair
- Re: [pcp] WGLC: draft-ietf-pcp-anycast-02 comment… Sebastian Kiesel
- Re: [pcp] WGLC: draft-ietf-pcp-anycast-02 comment… mohamed.boucadair
- Re: [pcp] WGLC: draft-ietf-pcp-anycast-02 comment… Dave Thaler
- Re: [pcp] WGLC: draft-ietf-pcp-anycast-02 comment… 🔓Dan Wing
- Re: [pcp] WGLC: draft-ietf-pcp-anycast-02 comment… Charles Eckel (eckelcu)