Re: WGLC BFD Authentication Drafts

Greg Mirsky <gregimirsky@gmail.com> Thu, 29 March 2018 11:09 UTC

Return-Path: <gregimirsky@gmail.com>
X-Original-To: rtg-bfd@ietfa.amsl.com
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD36F126D73 for <rtg-bfd@ietfa.amsl.com>; Thu, 29 Mar 2018 04:09:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wT1sL8obvInT for <rtg-bfd@ietfa.amsl.com>; Thu, 29 Mar 2018 04:09:35 -0700 (PDT)
Received: from mail-lf0-x230.google.com (mail-lf0-x230.google.com [IPv6:2a00:1450:4010:c07::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A58C4126B7E for <rtg-bfd@ietf.org>; Thu, 29 Mar 2018 04:09:34 -0700 (PDT)
Received: by mail-lf0-x230.google.com with SMTP id p142-v6so7846092lfd.6 for <rtg-bfd@ietf.org>; Thu, 29 Mar 2018 04:09:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=iyr4OhFdgrd8+da3W+G8dNGYBgS8ZkuZKBAkqE4lrw4=; b=eVWyJoEO8IZ9hjU/FxA5+VQoV0WimWQEYlnT/Nk8BuYXPynqRt8Yw4QA6Umwdmnrkc KDherWJcjlJYSjfK4srYXHfJNvYJXPA6Zp5m80rmpDwrVG+M8hbuinQg0n0SZwhRdwMu HE9m2wfNQuesQIp5D4m8qTqdZfInkN7WxK6Av5EeyTQFPnI4eusFdjARa9gEvzLXN7xW tFSXTFomm/fiShuh0UMN8JWdAvyA3cAdmxCOIOoMRx8uFcJjkrEqz9q9G4HfeZv2rE0c UWu40TJbGGo6Ewux0ujwkvju1jtRko9MfTiwAKz8TMXDOTluZWgDTj+ms6/SJheri9Mb /uWQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=iyr4OhFdgrd8+da3W+G8dNGYBgS8ZkuZKBAkqE4lrw4=; b=A51emFfShZ85d+1/1X3cvhuBomwO196DcyzYaMsrsQEok2eKOC/LfymsFd3l8wMU6N 94kFvavEEuROlfrSNCZUmvlP2uWgEiCANGfqS5fCAGQMJ+vfhPIlWobJKUtNwJAFHiI3 iwSNJnmPBNIQYANP6/Mb+n4JHvDEalxTBpdTlBwGKd+YbLZ5jA0hyGfduAUIIbFAnNqg QqHvnYa5bqPu/cjb0vdhB9qsbn+hpo9SUXrZbbTy5Zw7URDWftXF8ZKcJLEKLjI9Ioob LFKb426bNHT91IiH2Dq49pPpaxSDZyhWsqFuOgBi/duFunWPdwmIytVSxUyWIFpSg6M1 fyVQ==
X-Gm-Message-State: AElRT7EfGl8I7iTcusmbhMJo3KA87nk0B2MPcHqoh+0d+gjcHMDu+XTY MtGigh2gF6orsxRJd8f9L5xydxihnUOjvseQ8KI=
X-Google-Smtp-Source: AIpwx4++ggPaMOZ9IVzkfOn8F7LYHRuknR4IJrY/hCrETDZ6hJb6I1o3SgZJlMqvMhxRg8hn5r3954A9aUziTt2qo0s=
X-Received: by 2002:a19:c3cb:: with SMTP id t194-v6mr5247132lff.60.1522321772851; Thu, 29 Mar 2018 04:09:32 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.46.73.66 with HTTP; Thu, 29 Mar 2018 04:09:32 -0700 (PDT)
In-Reply-To: <20180328163856.GB3126@pfrc.org>
References: <20180328163856.GB3126@pfrc.org>
From: Greg Mirsky <gregimirsky@gmail.com>
Date: Thu, 29 Mar 2018 14:09:32 +0300
Message-ID: <CA+RyBmVLPBKq1wthriY44FQN51bq85w3LfSR4K6WuRi=Kr1L9w@mail.gmail.com>
Subject: Re: WGLC BFD Authentication Drafts
To: Jeffrey Haas <jhaas@pfrc.org>
Cc: rtg-bfd@ietf.org
Content-Type: multipart/alternative; boundary="000000000000813a4f05688b28d8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-bfd/c0KY21QRzaRhZv9Cl-YoUuGrH8k>
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-bfd/>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2018 11:09:36 -0000

Dear WG Chairs, et. al,
I cannot support WG LC for draft-ietf-bfd-optimizing-authentication as my
comments at BFD WG meeting dating back to IETF-98
<https://datatracker.ietf.org/meeting/98/materials/minutes-98-bfd-00> still
not have been addressed nor even there was an attempt to address. As I've
asked to clarify impact of the proposed mechanism, particularly periodic
authentication, on the BFD State Machine, I'd point that the proposed
mechanism directly affects BFD security as discussed in RFC 5880 and the
section Security Considerations in the document, in my view, does not
adequately reflects that and doesn't explain how the security of the BFD
session maintained when the periodic authentication is in use.

Regards,
Greg

On Wed, Mar 28, 2018 at 7:38 PM, Jeffrey Haas <jhaas@pfrc.org> wrote:

> Working Group,
>
> The authors of the following Working Group drafts have requested
> Working Group Last Call on the following documents:
>
> https://tools.ietf.org/html/draft-ietf-bfd-secure-sequence-numbers-01
> https://tools.ietf.org/html/draft-ietf-bfd-optimizing-authentication-04
> https://tools.ietf.org/html/draft-ietf-bfd-stability-01
>
> Given the overlap of functionality, WGLC will conclude for the bundle
> simultaneously.
>
> Authors, please positively acknowledge whether or not you know about any
> IPR
> for your documents.  Progression of the document will not be done without
> that statement.
>
> Last call will complete on April 20.
>
> -- Jeff
>
>