Re: Working Group Last Call on BFD Authentication Documents (expires September 13, 2019)

Mahesh Jethanandani <> Tue, 10 September 2019 20:18 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id B9D7A120288 for <>; Tue, 10 Sep 2019 13:18:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id p5QIhjG3jfth for <>; Tue, 10 Sep 2019 13:18:07 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::535]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id B339C1208DA for <>; Tue, 10 Sep 2019 13:18:07 -0700 (PDT)
Received: by with SMTP id i18so10277089pgl.11 for <>; Tue, 10 Sep 2019 13:18:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ExbiCpsHChIoM6Sy+loXZrNEwvceDiPT3acHj3Kph6U=; b=iQMJP04ONWwfx8pupGSafpkWwMVW5lOg9ljrJ1XS5tL/K3OdtOb+OxRBq/hbc1xz1L bFVjZ0LzEdOIqC+C8KSNnWEoftJ6udxl9mLWg9wbO9cJGnh+IY4XvUuruyq/Vq1fUok6 j10u5+8NQVBnt5RkAtGE2VAuNHQdgrwqp439LJ8W5VJs+3UcY6UdoKZGBURhmTjPdW78 mAkCKNZmi71o6FiyM/OAiBBRneD1SvRD6Aj3K4keBH8PTyE8qXDOG/rYMkubBP6pEnGj qof3TKjk3Z/eBY8QquIIJ2jFYAht7hmrhqwi/KMq3jwwsQ2uLGAdFxHFi9vx1W0OY1N+ bxWw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ExbiCpsHChIoM6Sy+loXZrNEwvceDiPT3acHj3Kph6U=; b=an3AQpMYrkR1+jufrbbhNOU/Cwm6+a8vObHwyuNCVgveUT1Klmn1DmWqZbybHImZj8 pbb0c7KhS0dBVZmKAG9kuOqwhJzKN11u8ATQWUs2hX9BIYOd04YjjhP3/YgFnoj49jpk bZG8VNCbjHiR4snebXbuKJSZMnL1J7jmZUBgoSZe0o5lgQ2pM52uGAwSu4kFlsyn7f4o fASz4Wbqy9pcnHpK+YpTb4HWyhv5xkkB5M7qhFqSDo0QnWtKF0/tO1pxpPgPH7LnC0Nq IyyH8oQKnE9HIaVBYgB9ePV1tJ7pN0B43woPivvmbjKlcayWvIh70YN0I/SoQqwR0MG9 TS+Q==
X-Gm-Message-State: APjAAAWrZ5b/yYi7JMxhGllclT37xkx7UUE6xwcaj9OvlLRRSxO04LSk EdJv2BYFYzeF/HseCmfaqKs0UoUX
X-Google-Smtp-Source: APXvYqzaRs76H6VwaHtikAicZd/6PNgzFRRrIE0yndoAbzDf68Z2UU5jLks7mUt+zO8qSWGt6KsYtg==
X-Received: by 2002:a17:90a:eb12:: with SMTP id j18mr1421273pjz.66.1568146687058; Tue, 10 Sep 2019 13:18:07 -0700 (PDT)
Received: from [] ([]) by with ESMTPSA id h15sm4701440pgn.76.2019. (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 10 Sep 2019 13:18:06 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
Subject: Re: Working Group Last Call on BFD Authentication Documents (expires September 13, 2019)
From: Mahesh Jethanandani <>
In-Reply-To: <>
Date: Tue, 10 Sep 2019 13:18:05 -0700
Cc: "rtg-bfd@ietf. org" <>
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <> <> <> <>
To: Jeffrey Haas <>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <>
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 10 Sep 2019 20:18:11 -0000

Hi Jeff,

I would like to point out that there are three drafts that we are doing LC on, whereas the IPR is only on the authentication draft. While I would like to see all three drafts advance, I would hate to see IPR as the reason why none of them advance.

The reason for advocating the advancement of all the drafts is more than the fact that I have worked on them. It is that they significantly improve the authenticity and security of BFD session. For example, the secure sequence number draft addresses the question of replay attacks on monotonically increasing sequence numbers in the BFD packet. Similarly, the stability draft allows for detection of lost frames in a BFD session to measure its (un)stability and to detect the possibility of a failure. Finally, the authentication mechanism has allowed for the number of sessions supported with authentication to more than 10X.


> On Sep 10, 2019, at 10:04 AM, Jeffrey Haas <> wrote:
> Working Group,
> This last call period is set to expire at the end of the week.
> Please respond whether you believe these documents SHOULD or SHOULD NOT be
> advanced for publication.
> -- Jeff
> On Tue, Aug 27, 2019 at 11:17:18AM -0400, Jeffrey Haas wrote:
>> Working Group,
>> As we discussed in Montreal at IETF-105, the last hang up on progressing the
>> authentication documents (thread copied below) was concerns on the IPR
>> against them.
>> The holder of the IPR believes their discloures are consistent with prior
>> IPR posted against the BFD suite of published RFCs.o
>> We are thus proceeding with the Working Group Last Call for these documents.
>> You are encouraged to provide technical feedback for the contents of the
>> documents, which addresses providing stronger authentication on the BFD
>> protocol.  
>> Please indicate whether you believe these documents should be advanced to
>> the IESG for publication as RFCs.
>> -- Jeff and Reshad
>> On Tue, Jul 02, 2019 at 02:37:15PM -0400, Jeffrey Haas wrote:
>>> Working Group,
>>> A followup on this item.
>>> Currently, the status is identical to that which was last posted.  Mahesh
>>> did make contact with Ciena IPR holders regarding the state of the license.
>>> It is their belief that their disclosure is consistent with similar IPR
>>> filed against BFD.  Citing two similar ones:
>>> It also appears to be their belief that the current wording doesn't require
>>> that a license fee is due.  However, this is private commentary.
>>> At this point, my recommendation to the working group is we decide if we'll
>>> proceed with the publication process.  Let's use this time prior to IETF 105
>>> to discuss any pending issues on these documents.
>>> -- Jeff
>>> On Sat, Feb 16, 2019 at 12:07:40PM -0500, Jeffrey Haas wrote:
>>>> Working Group,
>>>> On March 28, 2018, we started Working Group Last Call on the following document
>>>> bundle:
>>>>  draft-ietf-bfd-secure-sequence-numbers
>>>>  draft-ietf-bfd-optimizing-authentication
>>>>  draft-ietf-bfd-stability
>>>> The same day, Mahesh Jethanandani acknowledged there was pending IPR
>>>> declarations against these drafts.  An IPR declaration was finally posted on
>>>> November 1, 2018.  In particular, it notes a patent.  The licenseing is
>>>> RAND.  
>>>> In the time since the WGLC was requested, there were a number of technical
>>>> comments made on these drafts.  It's my belief that all substantial
>>>> technical comments had been addressed in the last posted version of these
>>>> documents.  Note that there was one lingering comment about Yang
>>>> considerations for the BFD module with regard to enabling this optimized
>>>> authentication mode which can be dealt with separably.
>>>> The chairs did not carry out a further consensus call to ensure that there
>>>> are no further outstanding technical issues.
>>>> On November 21, Greg Mirsky indicated an objection to progressing the
>>>> document due to late disclosure.
>>>> Since we are a little over a month prior to the upcoming IETF 104, this
>>>> seems a good time to try to decide how the Working Group shall finish this
>>>> work.  Since we are meeting in Prague, this may progress to microphone
>>>> conversation.
>>>> For the moment, the chairs' perceived status of the documents are:
>>>> - No pending technical issues with the documents with one known issue.
>>>> - Concerns over late disclosure of IPR.
>>>> - No solid consensus from the Working Group that we're ready to proceed.
>>>>  This part may be covered by a future consensus call, but let's hear list
>>>>  discussion first.
>>>> -- Jeff

Mahesh Jethanandani