Re: [perpass] Fwd: FW: I-D Action: draft-farrelll-mpls-opportunistic-encrypt-00.txt
Yaron Sheffer <yaronf.ietf@gmail.com> Fri, 10 January 2014 21:14 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0416B1AE12A for <perpass@ietfa.amsl.com>; Fri, 10 Jan 2014 13:14:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QbvIuN_J7GvM for <perpass@ietfa.amsl.com>; Fri, 10 Jan 2014 13:14:48 -0800 (PST)
Received: from mail-ee0-x235.google.com (mail-ee0-x235.google.com [IPv6:2a00:1450:4013:c00::235]) by ietfa.amsl.com (Postfix) with ESMTP id 8BE831AE1BC for <perpass@ietf.org>; Fri, 10 Jan 2014 13:14:48 -0800 (PST)
Received: by mail-ee0-f53.google.com with SMTP id b57so2139285eek.40 for <perpass@ietf.org>; Fri, 10 Jan 2014 13:14:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=UB4bt2jVr1qebXBiR2FgYjr0tFEIPVWjz4VEVeUF5HA=; b=BjhFZ3oAweAOWTk7uJlvDLBpd8U+kJSWhmXmY4ViQvU0tqfdgDTOp66b5ENhfALxeI oZynpEa24tapNL3EIeP1cSi8N4+5pSrh7FE8jpJhfvN11HWNAc+QNyQWYQpYcmM8Nzxs eFLkHOee7DMfCf2kKraAVf3wab+bdvf3Oxv3phMEalqMxIIdGcCRnZtVf7OD5A906bXW VSPOOdj8KlEYVR4RUYIXyoaXB28LGeLWuptMOo1XRWtA13dhOm6MBlFShsikZEHPtyAW J1Ixu8j6gD2DK2vgQGQvgJKc6M7q+UYE/VOb2f4b27zqxfSJ2FLFcnL7NXG+Bg2w8GOn G4Jw==
X-Received: by 10.15.31.196 with SMTP id y44mr12101459eeu.96.1389388478097; Fri, 10 Jan 2014 13:14:38 -0800 (PST)
Received: from [10.0.0.6] (bzq-79-183-21-20.red.bezeqint.net. [79.183.21.20]) by mx.google.com with ESMTPSA id l4sm17632860een.13.2014.01.10.13.14.36 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 10 Jan 2014 13:14:37 -0800 (PST)
Message-ID: <52D062BB.1030906@gmail.com>
Date: Fri, 10 Jan 2014 23:14:35 +0200
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: perpass@ietf.org, Stephen Farrell <stephen.farrell@cs.tcd.ie>
References: <mailman.42.1389384009.839.perpass@ietf.org>
In-Reply-To: <mailman.42.1389384009.839.perpass@ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [perpass] Fwd: FW: I-D Action: draft-farrelll-mpls-opportunistic-encrypt-00.txt
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Jan 2014 21:14:50 -0000
Hi Stephen, I haven't read the protocol yet (although I must say Sec. 4.3 worries me, it reminds me of the renegotiation vulnerability), but: - I understand MPLS traffic is often protected at a higher layer by IPsec. If we had a good opportunistic solution for IKE/IPsec, it could also cover this use case. And we know people are working on such solutions. [Here, that's me and my little turf war]. - But even at layer 2, there are existing solutions like WPA or MacSec. Can none of them be used (or extended) for this use case and do we really have to develop both the bulk encryption and key exchange from scratch? Sorry to be such a spoilsport. Thanks, Yaron
- [perpass] Fwd: FW: I-D Action: draft-farrelll-mpl… Stephen Farrell
- Re: [perpass] Fwd: FW: I-D Action: draft-farrelll… Watson Ladd
- Re: [perpass] Fwd: FW: I-D Action: draft-farrelll… Stephen Farrell
- Re: [perpass] Fwd: FW: I-D Action: draft-farrelll… Watson Ladd
- Re: [perpass] Fwd: FW: I-D Action: draft-farrelll… Yaron Sheffer
- Re: [perpass] Fwd: FW: I-D Action: draft-farrelll… Stephen Farrell
- Re: [perpass] Fwd: FW: I-D Action: draft-farrelll… Paul Wouters
- Re: [perpass] Fwd: FW: I-D Action: draft-farrelll… Leif Johansson
- Re: [perpass] Fwd: FW: I-D Action: draft-farrelll… Yaron Sheffer
- Re: [perpass] Fwd: FW: I-D Action: draft-farrelll… Stephen Kent
- Re: [perpass] Fwd: FW: I-D Action: draft-farrelll… Theodore Ts'o
- Re: [perpass] Fwd: FW: I-D Action: draft-farrelll… Stephen Kent
- Re: [perpass] Fwd: FW: I-D Action: draft-farrelll… Theodore Ts'o
- Re: [perpass] Fwd: FW: I-D Action: draft-farrelll… Stephen Kent
- Re: [perpass] Fwd: FW: I-D Action: draft-farrelll… Stephen Farrell
- Re: [perpass] Fwd: FW: I-D Action: draft-farrelll… Michael Richardson
- Re: [perpass] Fwd: FW: I-D Action: draft-farrelll… Alex Elsayed