Re: [Rift] Security interop testing between RIFT-Juniper and RIFT-Python successfully completed

Tony Przygienda <> Fri, 19 July 2019 13:02 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id BD49E12012A for <>; Fri, 19 Jul 2019 06:02:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id q7Le1r0kRbp1 for <>; Fri, 19 Jul 2019 06:02:00 -0700 (PDT)
Received: from ( [IPv6:2a00:1450:4864:20::52e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 9543C120052 for <>; Fri, 19 Jul 2019 06:01:59 -0700 (PDT)
Received: by with SMTP id k21so34454472edq.3 for <>; Fri, 19 Jul 2019 06:01:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=axpGXxAqT7uG1NxDYEiPB47f7OnC5n9VFU3wr4OL2f4=; b=sFvaaKN7U2XNYU/4hrFlf88TEopgKUDQtIO07+Sxa8yaXMO2dLso7CWiG0doJeCJwI D1ABVhmiz79ntQMx46WiPkFj/G3xHAhMWsojQmxp4TxiDLfhdu13Thc5UKZI3NdnKZI0 OX7ep+5JEIx01ddF8M1EPgTo5iUIt/mJNdGDiLe1DwuFVt5d77TqhR7dtbX5E+lZKalN AT945xNP159vrpizyy+wwC+ZN7BHKt0pVSTsyIPs2mDhyHuTw+xJedCRJfTPTShOZRjY lOWnMB+4zmi0uZlu+YsCu4FtmhqbmqYf81iqdspUohEE5fqdgGOFS6ULx1vhaUiLobri Uktg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=axpGXxAqT7uG1NxDYEiPB47f7OnC5n9VFU3wr4OL2f4=; b=Gmw4UOGe3hN/q9QqsC032CscPwk6TcP4FOocGAuvqy37+htwRMdndoKq06KwhCRPow 1ljFNN1p8uvasV7tyf5X6Y11Y4lYhiMAHthvDKa+vcaog1WH3PMLoMp5CiKhHhXvIGOO L/OEjtwoL1mL0Wbf04Lu7Y1VYyGYwJcFX63tSG1CRytM5AL7WA+OsGht1axocbaRB4xQ ginjq4Os++JJ31UFrdDL+z3P54MLYMxBMm1TxBli4N+XBfx0+B7C0xQrV0hryJ4co1dn PWa/HdL0so70CYgB/32inSJKX270SLCSYIeicWzRKVgMn3oIeOV4QCKDCo/oZjD9hIiS RwJA==
X-Gm-Message-State: APjAAAUsrrvIpXyDyvEb2yw1vIYioeWL/VT5nVLguq67hoRGxiBRi836 9KkK90ipPMs/wCnfVrVrdL0hRetJ0VLCs3Fi48U=
X-Google-Smtp-Source: APXvYqxPWSG7c0fkQGuQc+4ZKexTYDuAomUro03Zhwugw23dFigosgw3TZ/EU86hU3+VJMtO86l1co6ZupMxE020EBI=
X-Received: by 2002:a50:b13b:: with SMTP id k56mr47628667edd.192.1563541318184; Fri, 19 Jul 2019 06:01:58 -0700 (PDT)
MIME-Version: 1.0
References: <> <>
In-Reply-To: <>
From: Tony Przygienda <>
Date: Fri, 19 Jul 2019 09:01:22 -0400
Message-ID: <>
To: Bruno Rijsman <>
Content-Type: multipart/alternative; boundary="000000000000dcb1f2058e0854d4"
Archived-At: <>
Subject: Re: [Rift] Security interop testing between RIFT-Juniper and RIFT-Python successfully completed
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of Routing in Fat Trees <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 19 Jul 2019 13:02:03 -0000

Bruno, <thumbs direction="up"/> and as usual thanks for the work. If you
manage some material, great, otherwise I strip 2 viewgraphs when giving
update to the group

with that we have 2 working interop'ed implementation of the spec

BTW, the juniper binary is not on the free download yet (0.10.* is without
sec envelope) but I'll be prep'ing 0.11 download Bruno was using in the
next 2 weeks here (as I mentioned previously, with much more material
around it included than previously given we're pretty much done with the
spec and schemas) ...

thanks, see you all in CA

-- tony

On Fri, Jul 19, 2019 at 6:52 AM Bruno Rijsman <>

> I am happy to report that I have successfully completed interop testing of
> RIFT security between RIFT-Juniper and RIFT-Python [1].
> In my earlier e-mail I had already reported that interoperability was
> achieved for the outer security envelope.
> Now, interoperability for origin security envelope is also working. As
> before, interop testing included both positive and negative test cases.
> This completes the interop testing of RIFT security.
> We did not find any issues that require changes in the draft. (There was
> only one very minor implementation issue which was quickly fixed.)
> For an updated feature guide of security in RIFT-Python see [2] (many
> enhancements were added during interop testing).
> Much has changed since I wrote the "RIFT Security Review" document [3]
> and, as a result, it is now out of date. I will update it to reflect the
> changes in the draft since May and the recent experiences from interop
> testing. I hope to post the updated version before the RIFT meeting at the
> IETF-105 in Montreal.
> [1]
> [2]
> [3]
> — Bruno
> PS: The interoperability tests are fully automated using the “”
> script in the RIFT-Python repository. The results can easily be reproduced
> by anyone with access to the RIFT-Python code (which is publicly available
> in GitHub), the RIFT-Juniper executable, and an AWS instance or physical
> Ubuntu server.
> On Jul 17, 2019, at 2:41 PM, Bruno Rijsman <> wrote:
> Status update on security interop testing between RIFT-Juniper and
> RIFT-Python:
> The outer keys are now interoperating fine.
> (A) As expected, the adjacency between RIFT-Juniper and RIFT-Python comes
> up to state 3way, when
>  (A1) authentication is disabled or
>  (A2) authentication is enabled with the same active keys or
>  (A3) authentication is enabled with different active keys and
> corresponding accept keys.
> (B) As expected, the adjacency between RIFT-Juniper and RIFT-Python does
> not come up to state 3way, when
>  (B1) Authentication is enabled on one side but not the other side
>  (B2) Authentication is enabled with different active keys and without
> corresponding accept keys
> Challenges along the way:
>  (C1) Juniper uses SHA-256(key + payload) whereas RIFT-Python uses
> HMAC-SHA-256(key, payload).  Solution: add support for SHA-256(key +
> payload) to RIFT-Python (in addition to HMAC-SHA-256).
>  (C2) RIFT-Juniper used different YAML configuration keywords than
> RIFT-Python.  Solution: change RIFT-Python to use the same configuration
> keywords.
>  (C3) RIFT-Juniper only support configuration of outer keys on a
> per-interface basis, whereas RIFT-Python support configuring the outer keys
> on a per-node and per-interface basis with an inheritance rule.  Solution:
> for interop testing, only use per-interface configuration.
>  (C4) RIFT-Juniper only supports SHA-256, whereas RIFT-Python also
> supports other key lengths (e.g. SHA-224, SHA-384, and more).  Solution:
> limit interop testing to SHA-256.
> All four of these issues are implementation issues, and none of these
> issues require any changes to the draft.
> Next step: finish interop testing for the origin keys. (I plan to do this
> Thursday  morning, Netherlands time)
> — Bruno