Re: I-D Action: draft-ietf-bfd-optimizing-authentication-10.txt

"Reshad Rahman (rrahman)" <rrahman@cisco.com> Wed, 22 July 2020 23:10 UTC

Return-Path: <rrahman@cisco.com>
X-Original-To: rtg-bfd@ietfa.amsl.com
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 24A6A3A0924 for <rtg-bfd@ietfa.amsl.com>; Wed, 22 Jul 2020 16:10:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.62
X-Spam-Level:
X-Spam-Status: No, score=-9.62 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=Qn0pN/u0; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=nGKirqw0
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Yikg6AkQ6pny for <rtg-bfd@ietfa.amsl.com>; Wed, 22 Jul 2020 16:10:45 -0700 (PDT)
Received: from rcdn-iport-7.cisco.com (rcdn-iport-7.cisco.com [173.37.86.78]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 05BD43A0908 for <rtg-bfd@ietf.org>; Wed, 22 Jul 2020 16:10:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=5612; q=dns/txt; s=iport; t=1595459444; x=1596669044; h=from:to:subject:date:message-id:references:in-reply-to: content-id:content-transfer-encoding:mime-version; bh=Bjv/w4nHVAZo0TFbLdWAfs5879WF+SVgpogwJGFtoz4=; b=Qn0pN/u0nn5UpyimJYyGc3SNb8GL/1LvcPGA4r4ikUjjZrfI3f1c4gKE KnN+EL47lzYveweYdfduxiu9usTVOMczFevucO315x9aObzoExJWchYBv FJoBVakvkJHYF4H4rNLlj4JJMzvTjdShYUQuUd34/1ZzRy8na9U8IDAHg I=;
IronPort-PHdr: =?us-ascii?q?9a23=3A4rtlYRwGtLMivpXXCy+N+z0EezQntrPoPwUc9p?= =?us-ascii?q?sgjfdUf7+++4j5ZRWDt/pohV7NG47c7qEMh+nXtvXmXmoNqdaEvWsZeZNBHx?= =?us-ascii?q?kClY0NngMmDcLEbC+zLPPjYyEgWsgXUlhj8iK0NEFUHID1YFiB6nG35CQZTx?= =?us-ascii?q?P4Mwc9L+/pG4nU2sKw0e36+5DabwhSwjSnZrYnJxStpgKXvc4T0oY=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0B4AQBfxhhf/5FdJa1gHAEBAQEBAQc?= =?us-ascii?q?BARIBAQQEAQFAgTkEAQELAYFRUQdvWC8sCoQpg0YDjSoligKOXIFCgREDVQs?= =?us-ascii?q?BAQEMAQElCAIEAQGETAIXgXcCJDcGDgIDAQELAQEFAQEBAgEGBG2FXAyFcQE?= =?us-ascii?q?BAQMBEhERDAEBOA8CAQgOCgICJgICAh8RFRACBAESIoMEAYJLAw4gAQ6iegK?= =?us-ascii?q?BOYhhdoEygwEBAQWBNwIOQUKCaQ0Lgg4JgQ4qAYJpg1WGMxqBQT+BOAwQgk0?= =?us-ascii?q?+ghpCAQECAQEVgSwaF4J/M4ItjyCDOpFpkEJNCoJdiFaMHYRzAx6Ce4EfiCG?= =?us-ascii?q?IEosEkgaBaIhBgl+RfwIEAgQFAg4BAQWBaSSBV3AVGksBgj4JRxcCDY4eg3G?= =?us-ascii?q?FFIVCdDcCBgEHAQEDCXyOGQGBEAEB?=
X-IronPort-AV: E=Sophos;i="5.75,383,1589241600"; d="scan'208";a="792024720"
Received: from rcdn-core-9.cisco.com ([173.37.93.145]) by rcdn-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 22 Jul 2020 23:10:43 +0000
Received: from XCH-RCD-005.cisco.com (xch-rcd-005.cisco.com [173.37.102.15]) by rcdn-core-9.cisco.com (8.15.2/8.15.2) with ESMTPS id 06MNAhvu007976 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 22 Jul 2020 23:10:43 GMT
Received: from xhs-rtp-002.cisco.com (64.101.210.229) by XCH-RCD-005.cisco.com (173.37.102.15) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 22 Jul 2020 18:10:43 -0500
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by xhs-rtp-002.cisco.com (64.101.210.229) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 22 Jul 2020 19:10:42 -0400
Received: from NAM12-DM6-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Wed, 22 Jul 2020 19:10:42 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=E5Zw6jgI7U9ZtRplxt2PUJco0Z2n9OLkWiCZwiRusEu5OhT19NuXCAHxiZarFwYUlvhrMHRa3L2rdEdldsAmrqhIIJVq73HP51UrR1/Ol9sDhy1kJkVV51K83vlUwlL8M2HSiHcbCuq1OicUgbLCTwIl602FFP7Sn8uoRY8dZFhXTkBtkAsq8DA52bTlXVEnGUnEbZoZ+gTfNoBFinQ5x3U9m8uyz5jZXc38wJvnymdArL9OYiQTf2mRw4kb1NFrK1cBlqC14Z2laV1UFcpDErfRQBGHyzbXP8JAp7+Euhn2s6kuU9s0raqIgu6BFsVoafzPLrLsdAvvtr27ZFdNpw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Bjv/w4nHVAZo0TFbLdWAfs5879WF+SVgpogwJGFtoz4=; b=Oc8DsRVm31Utywqs72NlSnQJssoF/a9LpjwmvQsIW9eczvzwamlyJrgd2HJ5RlDD6aH8RWxo7F8axubiwBTxXj5zBB8ZVy8GeZqpaEqLYcork6gc1hvM40+S6HnhN7J/DCuXZ1n31sVY5vObE5AE4B13PP8f3aASDW67ZBoTuup+jQ1jeRJvZIHgIZW2mG8ETu6T2WCldgjjv6izfo3L9CjIzNvWDhdzwgNkJdeDFHMvyemtH/ZYTScH+qduT3r4EixFpjBROGadFf9pGh+dEno27CZmmT6771trsvGdf6LRdIVAoOJP+b3BAihUCxoRMGzKTzqkTML1wnQBWISDaQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Bjv/w4nHVAZo0TFbLdWAfs5879WF+SVgpogwJGFtoz4=; b=nGKirqw0l1X1AoGuTkJR8BuPQgxK+LiD/qVAMEb/SZD8r/LDLbCDVczk1ZNOfV8N/fatVOz2xG41pd08bXjDpr0m6RrnLCP7Q5/tEwrqN1ho9tOJK3z6tnWZQ8lgqRv0+yyzJl3Lsa+kX4gM7yOw5Nv5LuCmvn0FDBY+ajZ9H3s=
Received: from DM6PR11MB3883.namprd11.prod.outlook.com (2603:10b6:5:19f::32) by DM5PR11MB1402.namprd11.prod.outlook.com (2603:10b6:3:7::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3216.23; Wed, 22 Jul 2020 23:10:41 +0000
Received: from DM6PR11MB3883.namprd11.prod.outlook.com ([fe80::78fd:2267:f563:497b]) by DM6PR11MB3883.namprd11.prod.outlook.com ([fe80::78fd:2267:f563:497b%7]) with mapi id 15.20.3216.022; Wed, 22 Jul 2020 23:10:41 +0000
From: "Reshad Rahman (rrahman)" <rrahman@cisco.com>
To: Mahesh Jethanandani <mjethanandani@gmail.com>, "rtg-bfd@ietf. org" <rtg-bfd@ietf.org>
Subject: Re: I-D Action: draft-ietf-bfd-optimizing-authentication-10.txt
Thread-Topic: I-D Action: draft-ietf-bfd-optimizing-authentication-10.txt
Thread-Index: AQHWWUj8estRbnwSu0OXwm1uDoRSlKkF/YUAgA4HeAA=
Date: Wed, 22 Jul 2020 23:10:41 +0000
Message-ID: <012789B0-D1D4-47F4-9593-4E9963931228@cisco.com>
References: <159466724499.14803.15233027731222579839@ietfa.amsl.com> <FC5206AF-9CDB-4CC2-9967-B4BF5A17141B@gmail.com>
In-Reply-To: <FC5206AF-9CDB-4CC2-9967-B4BF5A17141B@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.37.20051002
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [142.113.229.50]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 0f45008d-f6c0-41cb-4ee1-08d82e947469
x-ms-traffictypediagnostic: DM5PR11MB1402:
x-microsoft-antispam-prvs: <DM5PR11MB1402E1573746029E4FC21062AB790@DM5PR11MB1402.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:3826;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: rSry+bX8spEitvVle6saqqNzQIMb62dqk30+8I6d6NXbzKrC3/Nj8WSbYp4KuuS9wyXLRe+neYgH93YtTKbAcsXz8Mk0e/xPrY/49WlOorxaSW3tsnetfIE+wheDiCaOCppf9wpp1DNUAfVCs2OUHk++sRNHF8zo5khDTQRA6gtYwtTLda2cOL/xx6AvHjCWqOlBtrk8BlDaHt9RC2OwkNLH7r7TApsiH1cYY/e7Cpuxytkrr07dX/dcOR91fJ1BTPcgOL3RNjZuMwJj3FJb7hs2Y4sciBp8/E6jUlgOLbwD5P0+unZn6uxEcPGxMyR0rMcE4KPTYjzHOVWMxPBzhypFgQZmGCGvvgLYm/Q4UxVidoOa8/Yk62+lRVjxg+Ue74X5DJO4O8NvxUTgAzqEIg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR11MB3883.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(39860400002)(136003)(376002)(346002)(396003)(366004)(6486002)(8676002)(26005)(186003)(8936002)(2906002)(478600001)(36756003)(86362001)(33656002)(83380400001)(316002)(66476007)(66556008)(64756008)(66446008)(91956017)(76116006)(66946007)(6512007)(110136005)(6506007)(53546011)(2616005)(66574015)(966005)(5660300002)(71200400001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: quUzunqibM3gEypmtxOBaOSsHmZaUYobQGyiZjkjTEqirH6cHrGV05mum531/fzYsHVkAzGHAG3Ak/C6JDW8nQWnz8gSTutygjSNi/9Fbp4Uyk1A1HgBiLw+MVcFK4gn6N3RwaCumwb+j7w7T86CQ2Cj6/Q5Aejx3fHTv9K5rbR+IZb/LzkVwQYC0MBS82rejQbVp11EJmTPj0P1Oo/in20WA8rqURiaxCdNL/OityZW2yX2VMddpVFF8Yt2ycyxK9+KaIgCHFXnXuIdC8waehQmNMaPXLD4GdG8j2FoknT9aEcbkHYGb/9sZSpIjeoJMAmsQijkxOenLFn4kfqnVMmf7xuCZPCBA1qAI1m6dtU3srEbxztowtVqRy0OZjMwikSscTFets5Wk5/FoxelxRAeZNYvMdua4SntQ8+9Lxt7Js8ZAIheOJV1QrWK1AgWc1dGkBVe3HOlCvOm9CFbELeI2idA3isvlyNuus85SR5PcXrNFJZaPffk7f6xNqoL
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <691F639C92A71D468941ADD98D0A7298@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR11MB3883.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 0f45008d-f6c0-41cb-4ee1-08d82e947469
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Jul 2020 23:10:41.4651 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: mssHlIR9/oUR5fh9wCQjx694mxFxDACsdQnpHwXzD5EUFepywhfTiUUtsJIXKawnQgslhFmdf6htxA/TAr57Vg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR11MB1402
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.15, xch-rcd-005.cisco.com
X-Outbound-Node: rcdn-core-9.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-bfd/PGYtZ96p9u8tTw5MzaKemO99g_w>
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-bfd/>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2020 23:10:47 -0000

Mahesh, thanks for addressing my comments. 

I will update the shepherd write-up based on my comments below.

General: both "BFD control packet" and "BFD packet" are used. I think we should stick to "BFD control packet".
General: s/BFD Control packet/BFD control packet/

Introduction, next-to last paragraph. Instead of "The interval of this non-state change frame can be...", I'd suggest "The interval of these BFD packets can be..." or "The interval of the BFD packets without a significant change can be...". Anyway remove "frame" as previously discussed and avoid use of "non-state change" now that you've defined what a significant change is.

Section 1.2. The new table could be incorrectly interpreted as having 1 entry. Suggest changing this to bullet form would make it clearer.

Section 1.2 introduces the term "configured interval" but section 2 uses the term "configured period". Also for the description, what about "interval at which BFD control packets are authenticated in the UP state". 
Also wondering if instead we should have a new bfd.AuthUpStateInterval state variable (see 6.8.1 of RFC5880) since having this value may not always be configured (implementation specific)?

Section 2. Replace  "frame" by "packet" or "BFD control packet"  as appropriate.

Section 2. Thanks for modifying the table as per our discussions. Regarding adding AdminDown to the table, I believe I misled you. Our discussion was based on "what happens if we're UP and receive a packet which says AdminDown"? As per 6.2 of RFC5880, the receiver would go to DOWN state. However the rows/columns in the table are for the local state (new and old), and not for state in received packet. Since we can't go to AdminDown state or leave AdmnDown state based on a packet received, AdminDown state should be removed from this table . I think it'd be good to add a reference to the BFD FSM (6.8.2 of RFC5880) in the paragraph before the table.

Section 2. For configured period (or whatever we decide to call it) add a reference to section 1.2.

Section 4. s/to to/to/

Regards,
Reshad.

On 2020-07-13, 4:56 PM, "Rtg-bfd on behalf of Mahesh Jethanandani" <rtg-bfd-bounces@ietf.org on behalf of mjethanandani@gmail.com> wrote:

    This version of the draft addresses some of the shepherd comments. Welcome any feedback.

    > On Jul 13, 2020, at 12:07 PM, internet-drafts@ietf.org wrote:
    > 
    > 
    > A New Internet-Draft is available from the on-line Internet-Drafts directories.
    > This draft is a work item of the Bidirectional Forwarding Detection WG of the IETF.
    > 
    >        Title           : Optimizing BFD Authentication
    >        Authors         : Mahesh Jethanandani
    >                          Ashesh Mishra
    >                          Ankur Saxena
    >                          Manav Bhatia
    > 	Filename        : draft-ietf-bfd-optimizing-authentication-10.txt
    > 	Pages           : 8
    > 	Date            : 2020-07-13
    > 
    > Abstract:
    >   This document describes an optimization to BFD Authentication as
    >   described in Section 6.7 of BFD RFC 5880.  This document updates RFC
    >   5880.
    > 
    > 
    > The IETF datatracker status page for this draft is:
    > https://datatracker.ietf.org/doc/draft-ietf-bfd-optimizing-authentication/
    > 
    > There are also htmlized versions available at:
    > https://tools.ietf.org/html/draft-ietf-bfd-optimizing-authentication-10
    > https://datatracker.ietf.org/doc/html/draft-ietf-bfd-optimizing-authentication-10
    > 
    > A diff from the previous version is available at:
    > https://www.ietf.org/rfcdiff?url2=draft-ietf-bfd-optimizing-authentication-10
    > 
    > 
    > Please note that it may take a couple of minutes from the time of submission
    > until the htmlized version and diff are available at tools.ietf.org.
    > 
    > Internet-Drafts are also available by anonymous FTP at:
    > ftp://ftp.ietf.org/internet-drafts/
    > 
    > 

    Mahesh Jethanandani
    mjethanandani@gmail.com