IETF Logo Mail Archive

Re: I-D Action: draft-ietf-bfd-secure-sequence-numbers-08.txt

Reshad Rahman <reshad@yahoo.com> Thu, 11 March 2021 03:57 UTC

Return-Path: <reshad@yahoo.com>
X-Original-To: rtg-bfd@ietfa.amsl.com
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4CFAA3A0BF0 for <rtg-bfd@ietfa.amsl.com>; Wed, 10 Mar 2021 19:57:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.218
X-Spam-Level:
X-Spam-Status: No, score=-0.218 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, MALFORMED_FREEMAIL=0.878, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yahoo.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lt_dhGcVY7n0 for <rtg-bfd@ietfa.amsl.com>; Wed, 10 Mar 2021 19:56:58 -0800 (PST)
Received: from sonic310-15.consmr.mail.bf2.yahoo.com (sonic310-15.consmr.mail.bf2.yahoo.com [74.6.135.125]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5A2CD3A0BEB for <rtg-bfd@ietf.org>; Wed, 10 Mar 2021 19:56:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1615435017; bh=mUWQStl9GbjBQ8/oh6pSBBddsrmlpAda1xwERiGJYDo=; h=Date:Subject:From:To:CC:References:In-Reply-To:From:Subject:Reply-To; b=KG5tUKG2iebD1SUsY8CO8YBPzxEmuXHiFCJEYJZmonp4zQbW2te44uow8O0of/XInw2tfJNHi+p9tkx4fMR88AudzLtOq6JXL46XWH9HuHXKB3AHx5k7eD1Pl1+v3Mwz2u0rSyHffYNGQ+tFv2hvpGpKNFIbpIVm/OdsAx+j2c2uWX/6ADY13fJZ2C/DbBeDexxKG1hy66gd7bHEqr4medfjmbW8n964Bd4hMiOhJVQdKTu12Z4yQ8EiIsNirCAhcBo04S7WFIsQWfNkvzbNErZRBSRGmhJ5PfI9DjJcx1LPTz9IzY0oLw5EjYTJK6zv0iCm6qU9whbfhtCcsNXOYQ==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1615435017; bh=YbeNWT7MXzte1X1w+nTzJUHZIZ/NRcDMEKLPIshf2sO=; h=X-Sonic-MF:Date:Subject:From:To:From:Subject; b=HKANCrTbsFZZS+EdcHTn1dwLKH/Le0JVoJPPax4FtGxVLb/BBqcUKsEe3Q82HJ5MABhlooEiILqQa8QFbhKp+/5KIpfxvTq0cP/1/3pwEa0prkPHYqUMU+Sj/IyjFhL4FVj66BLtGmqPhGhWEYdw+2x1LGohD0Sjurg6btOntscz7+cLalYS3wodf8v5EAEqRGtL3gu8ydb0qN471NLtzNxjWGnIFeMh2jXBDKx8CkRlOISCyRD6ltbJ/A7QDvZelh9ZbXd/mvhJpsTnm2mAJsTKHHwPI7xav+ecmjUNGAB49WMHY0yd8PhPPzIskXTWJ6dvEwh/fjlpyg30+v1rVg==
X-YMail-OSG: NT8t1N8VM1m0QuZzZvYrRrz_Mnuhy772ZfilSVOCR77dHWkrJWE_vNycwO1CXDa Gjr0grr1VDPIEgX1MFUOtRyI7YikWiugpe_fTSVPRwsQ49TnzKUofn5IulnU2wt9QvgMQ3PMoo3u DAkpyGBXosYM1fYcbFJo9G03jN5oieZVPcJvrGji5grYUp8RBJyO2qhCogECsT18fG9bNjdKoB4k dQFCe.gihCjWJ8JsGDtl7Ui2IFLh8Gwu.YgHLrpMDR_b5QP6l7qTdS0IaQeKzQdzpK6lkYagWHQQ minWlpeeWa7_t6Z0op_W32wntq.EmNU9Bp.dYeiK4dFtAvXSzXiMADFG_J4yV6bzMqPx8G2t0_Yz Yrbgola8sRtZQNdjLaSNkNX992tD_vS01ALK47GOaUWqvXE1Vj0S0AxdEdgsRsG0EiTyyBT.aPLy 6l8Nf8wjs.Ieo8X9ONoqnLNq5hQVY_XGtd3IFBMp9oKBSauTz_YHtuM1KNPitQR6DXDsU5ATbHR8 M0k0Y9IQG14Vsjys7YdUxhJsYVkTYGq1lSc6rChDJSO1azCfziEolHb5PEn5P3C9.MeABlWUTr8A UYk5cO0xyaWVOEWJ_0yVsbDDJpWi5JIULN8tAvHvssQbWVgHJo95_tz_r9rh6SC5nfTdXfFFMTtt YadFRQml5Q4oMUxIMxZh.BWg6GORW.shcWYcVkYTPp1i2rEu1NGlf1biYVF69CGdARRbN2lTExph r880iISFK5GvoNJCic6O1JqdjiD9uZUqustOcq32a_SjDf_TeFjiCVwOyvGbNH.CmdknCSYZUUdw YFjdr6pDuwkDePZHSiH9U2mGMfZwaHFVHPJAVQqucZdACJsmk_hLQqtTEmRSPo8IXnUFqfAj33u. zMzI8d71h91G7jqMhpnWrtkfD2CEiVg7xcBUEwq3ICl39qAwNw3ensoLvpSEAOxFV1roZlnWVFKG nnnAhW.39edEwK8IqVXxwBjwsH1u00putHz4_hXPqUVPB7tZjGXg9OShfb6M_IanguubUy_cEpwQ CW2XnAGfrPqWW4I0Jk0JPkClaseY3vd0Y.9rcModdZ9L1PIY8kcJuPB3sEdSBiA7OikGr1wepEQv Bg2gyuhgw9yBXzb.oXS9fhocPFd07kNOe9iwFJHkephruM.SxT_yXxG6VKoFHFg2S6ZT5wnRJqgH rZxSOSXyaNgaC82UszVtDW3K_bXvuKJoFXCJMBiAV4O_NJHW_sQCD6rwMNG.kpr7cs1jrBR.QsvD qslzyY9eSeRp8JTkrjh8QxB0iAb_pzh6_RIPnmIdYv6slbKeQRiHKX2m9TjFqm2ZODLBP_kIGKiX 5W2gUdjYdFXXj.4KD9jtyuyaIGl1YnzXvO5.2gIOdFxDC1iZ79iGxGwgrJHI.HYiPxMl1HJqviRi GhvzmXwClXusXq8oEPoid9Bwngz3EY.2Fg7bn2gXT5ISrLeh4ioe2rryF7Uz8UtSvq5oSRGgdvD6 fpcyS8IUOgslNJxfUVHk4bYGhXaEHJmJKZaYvItHDOL85_RLv571eiG2uoxV35_b2e4W02K5fRBy z4I1I_8LD78cQnd85JI59iUL2Y5b2MF1iqV4p9ExbYgCaPe4hbCJbFRFUFzMJgnppPK.S01VznYW WkpbNW02IWm_e9kuspLAQtCy37RXH4RLWjfE457Pnxn5SkdzyviMJt4YvL1.YxgbcvDinpQjSw5y QE6FmYJgZmuA.DpAr0TebvxSwh0cC2fFXNp7J3CS0OSVc3i71e32Fo1RVu3EtC5uc4dBVRLBfOKK LsExT25L4aPMqni_Pbd_PDAmYCMGNsN0lbaJMA.MiVLQMbvzCYEr9KsNpwu3wv_BMMxm0Hpnagoc Dq.u4dbDBtp.X7xNDIQ0UR_QQIvezsYJlEBXSo7T6glk1MaRhsl5gXqOzL1Xsrtea7ptyWo.ecgk XcpZHrmUceUxtMiwcf8n_bJrOIO3fNgeFBP.fEsYr7HX9qTd_t2s.9PmoywFLuAenBIjvbMa4w0k GkKF63yeSAs2t1XSOg6y.uOqxZPG79PlL2wDMG6xvxuPP0ukK70mgScHkj6bVaHg29wRPk4AitDI _u.DUPdH05sZW.dcFp8q_7OPExUl4e2IHMiYslk6ucBB8oi9hqJRYwYZhp8BHLKeAV88O2PnuVoh WpBeR4aKfQvTQiHTXbuG5c1EKdoCb0IBtinBwbFCMwNd5tAPtIlKWd2y3uxCxkgSXD1eiZ9Sf7Yh KsiA3ogGkjFic09v5ENxCz3yaqjCdCoe0.4EeJPqwS.jQRAR.nT1bcwdCrjkSMIjbZydOKSpWmyE HATnbdTTSjy73pGWNEaI_lSb3HjXZGFUjNZi2X61UoCBPlddqNE5AKAnptISyUX.rpC_1j0pN_XJ VrRHgsaK0nCJe9NVhTxfdVrth1NCArbN4038WggR31h9L1j8Y8zupaCZkiPLwRuoxUw6Og57YuHO 4GtuI27ycH_Sku6zuXj8S1Hvq62d5Clus9AoYYRGDhZNAkZ4EpgTEdsBAsFzG7paZOlUroGa07Xw TezBGqz2yiYbs.CfhRyNB3qjDzQeEfCVhSsDcjOvKwoyI60kX2tXEgxIJC9wsRJUViRS6TBGL9ye ZIL_WNmk0DrS5rdeDrjgItlM6jkWe
X-Sonic-MF: <reshad@yahoo.com>
Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.bf2.yahoo.com with HTTP; Thu, 11 Mar 2021 03:56:57 +0000
Received: by smtp409.mail.ne1.yahoo.com (VZM Hermes SMTP Server) with ESMTPA ID 3cd0f18c5dee6cf19021c9b3b1dafe23; Thu, 11 Mar 2021 03:56:52 +0000 (UTC)
User-Agent: Microsoft-MacOutlook/16.44.20121301
Date: Wed, 10 Mar 2021 22:56:49 -0500
Subject: Re: I-D Action: draft-ietf-bfd-secure-sequence-numbers-08.txt
From: Reshad Rahman <reshad@yahoo.com>
To: Mahesh Jethanandani <mjethanandani@gmail.com>, Reshad Rahman <reshad=40yahoo.com@dmarc.ietf.org>
CC: "rtg-bfd@ietf. org" <rtg-bfd@ietf.org>
Message-ID: <E9401488-FEE0-4DBD-9415-AA3A1A3B6B1E@yahoo.com>
Thread-Topic: I-D Action: draft-ietf-bfd-secure-sequence-numbers-08.txt
References: <161523096352.2145.10949026299560929284@ietfa.amsl.com> <CAMMHi8gvfyQFwa6jnr7v-1u1GV-16QKdFBCtJ_R7oyXZeh3D7A@mail.gmail.com> <D057A636-3E75-4E44-BCCB-04280DF93B26@yahoo.com> <106C31C7-4118-4CEE-935A-D0F02183C987@gmail.com>
In-Reply-To: <106C31C7-4118-4CEE-935A-D0F02183C987@gmail.com>
Mime-version: 1.0
Content-type: multipart/alternative; boundary="B_3698261812_535520343"
X-Mailer: WebService/1.1.17927 mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo Apache-HttpAsyncClient/4.1.4 (Java/11.0.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-bfd/NviN19r2c87SatRFpUxe51N7muw>
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-bfd/>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Mar 2021 03:57:00 -0000

Hi Mahesh,

 

Inline <RR>.

 

From: Rtg-bfd <rtg-bfd-bounces@ietf.org> on behalf of Mahesh Jethanandani <mjethanandani@gmail.com>
Date: Wednesday, March 10, 2021 at 3:02 PM
To: Reshad Rahman <reshad=40yahoo.com@dmarc.ietf.org>
Cc: "rtg-bfd@ietf. org" <rtg-bfd@ietf.org>
Subject: Re: I-D Action: draft-ietf-bfd-secure-sequence-numbers-08.txt

 

Hi Reshad,

 

See inline with [mj]



On Mar 9, 2021, at 7:28 PM, Reshad Rahman <reshad=40yahoo.com@dmarc.ietf.org> wrote:

 

Hi Sonal,

 

Thanks for the update. But I believe not all comments from ~2 weeks ago (see attached) have been addressed. E.g. use of “symmetric algorithm” and “shared secret key” (as opposed to using variations of the same term).

 

[mj] I looked at the use of the word “shared” in the draft, and there are four instances.I believe in two of those cases it is being used to indicate that the key has to be shared between the sender the receiver, i.e. as an adjective to the word key.  Do you have another way to suggest similar text?

<RR> My comment in the email was “For the key, the terms “symmetric key”, “shared secret key” and “shared key” are used, settle on one for clarity (I believe it should be “shared key” or “shared secret”?)”.

So, I’m ok with the use of shared, but I would like less variations in the terms used (where possible), to avoid potential confusion. E.g “symmetric key”, “shared secret key”, “shared key” all refer to the same thing in this document, why use different terms? But maybe this is common practice for these terms.

 

 

 

The two other instances where it is still being used, in Section 3 with this line:

 

The result is computed, using a shared key, on the sequence number.
 

and then later in the same section with this line:

 

   Upon receiving the BFD Control packet, the receiver decrypts the
   ciphertext using the same provisioned shared key to produce the
   received sequence number.
 

we could change it to say “shared symmetric key”.

 

 Also, section 4 headline is still “Impact of using a hash”, but the text has been changed (hash -> cyphertext) here.

 

[mj]. Agree. We can change the header to say “Impact of using ciphertext in-lieu of sequence number”.

 

Would these changes address the remaining comments?

<RR> Yes.

 

Thanks,

Reshad.



 

Regards,

Reshad.

 

From: Rtg-bfd <rtg-bfd-bounces@ietf.org> on behalf of Sonal Agarwal <sagarwal12@gmail.com>
Date: Monday, March 8, 2021 at 2:40 PM
To: <rtg-bfd@ietf.org>
Subject: Re: I-D Action: draft-ietf-bfd-secure-sequence-numbers-08.txt

 

Hi all,

 

Version 8 of the draft addresses all Shepherd comments.

 

Regards,

Sonal.

 

 

On Mon, Mar 8, 2021 at 11:16 AM <internet-drafts@ietf.org> wrote:


A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Bidirectional Forwarding Detection WG of the IETF.

        Title           : Secure BFD Sequence Numbers
        Authors         : Mahesh Jethanandani
                          Sonal Agarwal
                          Ashesh Mishra
                          Ankur Saxena
                          Alan DeKok
        Filename        : draft-ietf-bfd-secure-sequence-numbers-08.txt
        Pages           : 6
        Date            : 2021-03-08

Abstract:
   This document describes a security enhancement for the sequence
   number used in BFD control packets.  This document updates RFC 5880.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-bfd-secure-sequence-numbers/

There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-bfd-secure-sequence-numbers-08
https://datatracker.ietf.org/doc/html/draft-ietf-bfd-secure-sequence-numbers-08

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-bfd-secure-sequence-numbers-08


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/



<Mail Attachment.eml>

 

Mahesh Jethanandani

mjethanandani@gmail.com

v2.23.0 | Report a Bug | By Email