RE: TSVWG WGLC: draft-ietf-tsvwg-transport-encrypt-08, closes 23 October 2019
<emile.stephan@orange.com> Thu, 24 October 2019 16:10 UTC
Return-Path: <emile.stephan@orange.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EAF7D120965; Thu, 24 Oct 2019 09:10:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.597
X-Spam-Level:
X-Spam-Status: No, score=-2.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cRfzqf2GIZnG; Thu, 24 Oct 2019 09:10:55 -0700 (PDT)
Received: from relais-inet.orange.com (relais-inet.orange.com [80.12.70.36]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 43D90120979; Thu, 24 Oct 2019 09:10:55 -0700 (PDT)
Received: from opfednr01.francetelecom.fr (unknown [xx.xx.xx.65]) by opfednr26.francetelecom.fr (ESMTP service) with ESMTP id 46zXKT64zXz10GR; Thu, 24 Oct 2019 18:10:53 +0200 (CEST)
Received: from Exchangemail-eme6.itn.ftgroup (unknown [xx.xx.13.38]) by opfednr01.francetelecom.fr (ESMTP service) with ESMTP id 46zXKT51sgzDq7l; Thu, 24 Oct 2019 18:10:53 +0200 (CEST)
Received: from OPEXCAUBM44.corporate.adroot.infra.ftgroup ([fe80::e8a4:8bb:d7c2:f4e2]) by OPEXCAUBM5C.corporate.adroot.infra.ftgroup ([fe80::393d:418c:3f1d:991d%21]) with mapi id 14.03.0468.000; Thu, 24 Oct 2019 18:10:53 +0200
From: emile.stephan@orange.com
To: "Gorry Fairhurst (gorry@erg.abdn.ac.uk)" <gorry@erg.abdn.ac.uk>, tsvwg-chairs <tsvwg-chairs@ietf.org>, "Black, David" <David.Black@dell.com>
CC: "saag@ietf.org" <saag@ietf.org>, "opsawg@ietf.org" <opsawg@ietf.org>, "IETF IPPM WG (ippm@ietf.org)" <ippm@ietf.org>, "quic@ietf.org" <quic@ietf.org>, "tsvwg@ietf.org" <tsvwg@ietf.org>, "etosat@ietf.org" <etosat@ietf.org>
Subject: RE: TSVWG WGLC: draft-ietf-tsvwg-transport-encrypt-08, closes 23 October 2019
Thread-Topic: TSVWG WGLC: draft-ietf-tsvwg-transport-encrypt-08, closes 23 October 2019
Thread-Index: AdV+HJIZhebOrRcXTIK6bGArgFWweQEbzmAgAfqMkPA=
Date: Thu, 24 Oct 2019 16:10:53 +0000
Message-ID: <4460_1571933453_5DB1CD0D_4460_57_4_5AE9CCAA1B4A2248AB61B4C7F0AD5FB931F030A0@OPEXCAUBM44.corporate.adroot.infra.ftgroup>
References: <CE03DB3D7B45C245BCA0D2432779493630766752@MX307CL04.corp.emc.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.114.13.245]
Content-Type: multipart/alternative; boundary="_000_5AE9CCAA1B4A2248AB61B4C7F0AD5FB931F030A0OPEXCAUBM44corp_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/NaPRWjzlad022Pt7DFja7wJp4TM>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Oct 2019 16:10:58 -0000
Hi, My view on the draft is that a section is missing. I suggest adding a section 7 named "end-to-end interdomain OAM" to bridge iOAM and OAM of end-to-end encrypted flows. The content of the section might relies on the following: Fast interdomain troubleshooting requires a minimal interoperability to estimate delay and packet loss. QUIC spinbit approach is an example which supports end-to-end interdomain OAM. The signal exposed is end-to-end protected and not encrypted; its enforcement is under the control of the endpoint; its activation is limited to a small percentage of the flows. Here are other comments on the draft. I read the draft very quickly so several ones might be inappropriate: · Encryption and protection should be clearly separated; o TCPcrypt header protection (part end-to-end encrypted, part end-to-end protected and on-path readable) mechanism ; o QUIC spinbit protection (end-to-end protected and on-path readable); · QUIC spinbit on-path troubleshooting properties : applies to interdomain; · DTLS on-path troubleshooting properties might be described; · Not sure that the draft recall transport proxies usage, like for satco; · Security section should highlight the privacy risk when on-path probes have to do whole packet decryption to get header information ; Regards Emile De : saag [mailto:saag-bounces@ietf.org] De la part de Black, David Envoyé : mardi 8 octobre 2019 23:09 À : saag@ietf.org; opsawg@ietf.org Cc : tsvwg-chairs Objet : [saag] TSVWG WGLC: draft-ietf-tsvwg-transport-encrypt-08, closes 23 October 2019 FYI - some OPS area and SEC area eyes on this TSVWG draft now (during WGLC) would be a good thing ;-). Thanks, --David (TSVWG co-chair) From: Black, David <david.black@emc.com> Sent: Tuesday, October 8, 2019 5:06 PM To: tsvwg@ietf.org Cc: Black, David Subject: WGLC: draft-ietf-tsvwg-transport-encrypt-08, closes 23 October 2019 This email announces a TSVWG Working Group Last Call (WGLC) on: The Impact of Transport Header Confidentiality on Network Operation and Evolution of the Internet draft-ietf-tsvwg-transport-encrypt-08 https://datatracker.ietf.org/doc/draft-ietf-tsvwg-transport-encrypt/ This draft is intended to become an Informational RFC. This WGLC will run through the end of the day on Wednesday, October 23. That should allow time before the Singapore draft submission cutoff for the authors to revise the draft with any changes that result from WGLC. Comments should be sent to the tsvwg@ietf.org<mailto:tsvwg@ietf.org> list, although purely editorial comments may be sent directly to the authors. Please cc: the WG chairs at tsvwg-chairs@ietf.org<mailto:tsvwg-chairs@ietf.org> if you would like the chairs to track such editorial comments as part of the WGLC process. No IPR disclosures have been submitted directly on this draft. Thanks, David, Gorry and Wes (TSVWG Co-Chairs) _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
- RE: TSVWG WGLC: draft-ietf-tsvwg-transport-encryp… emile.stephan
- Re: TSVWG WGLC: draft-ietf-tsvwg-transport-encryp… Peter Gutmann
- Re: TSVWG WGLC: draft-ietf-tsvwg-transport-encryp… Eric Rescorla
- Re: [OPSAWG] TSVWG WGLC: draft-ietf-tsvwg-transpo… Joel M. Halpern
- Re: TSVWG WGLC: draft-ietf-tsvwg-transport-encryp… Peter Gutmann
- Re: [tsvwg] [OPSAWG] TSVWG WGLC: draft-ietf-tsvwg… Joe Touch
- Re: [tsvwg] [OPSAWG] TSVWG WGLC: draft-ietf-tsvwg… Joel M. Halpern
- Re: [OPSAWG] TSVWG WGLC: draft-ietf-tsvwg-transpo… Gorry Fairhurst
- Re: [OPSAWG] TSVWG WGLC: draft-ietf-tsvwg-transpo… Ian Swett
- RE: [ippm] [OPSAWG] TSVWG WGLC: draft-ietf-tsvwg-… MORTON, ALFRED C (AL)