IETF Logo Mail Archive

Re: Optimizing Authentication - periodic re-authentication

Mahesh Jethanandani <mjethanandani@gmail.com> Thu, 01 February 2024 01:43 UTC

Return-Path: <mjethanandani@gmail.com>
X-Original-To: rtg-bfd@ietfa.amsl.com
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55C85C14F6AE; Wed, 31 Jan 2024 17:43:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.107
X-Spam-Level:
X-Spam-Status: No, score=-1.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id laGHwelviVzJ; Wed, 31 Jan 2024 17:43:45 -0800 (PST)
Received: from mail-pl1-x62b.google.com (mail-pl1-x62b.google.com [IPv6:2607:f8b0:4864:20::62b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D57CAC14F693; Wed, 31 Jan 2024 17:43:45 -0800 (PST)
Received: by mail-pl1-x62b.google.com with SMTP id d9443c01a7336-1d8d747a3bcso3127115ad.0; Wed, 31 Jan 2024 17:43:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1706751825; x=1707356625; darn=ietf.org; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:from:to:cc:subject:date:message-id:reply-to; bh=QuvDMS0JNPcLcFOGVC28oZgmrpzk6hvxLZfu5wzJexc=; b=Gvo1hWfTF/a87YoAhgRrNmPFS7tdK770zShJnf79DrQKQSLm4njh8w0kqiQAiXM39x IIouHB7zsVUai1O0Zur7G97tXkkR4Nz/o7nUrsipIPsa0Fi+FEcDmee7+Cm4n/Sivr/0 QnZgeLHXNoRQgLJOavfpj+9CxGqpFI/EaD37hBlZHJ7IiHFoMniqwPrUw3kUGY4kEZIJ KD0D7vYeTD7+tWapRpiPBhmRpyR4N7tMmguEbvt/YTZMgqWXA5d766VJdxOOxFLUk07f KyzkUbPfADX0ECIaDKWI92LWhC82n63Nd4fro1W+qWGVYnb9s2wKvFkThRUec4ZbG/JB fc3w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706751825; x=1707356625; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=QuvDMS0JNPcLcFOGVC28oZgmrpzk6hvxLZfu5wzJexc=; b=EiGRWo217SxkhVDbVAYK8GL4C+wzicErl+Ol575t6IJW1w4lH21CGbYQJz4fZaUcVl Jq6Ka+HpKLxkQvt1Xsa8MA0TuUKIHyWcdVEWJxFuvSG8sPZL9EPbCPBo1ARHPWF7upYL nVUew4idvvxuHCnc7+i5NcXjU66iCHpp5sunKwW2mB03XL5e48EX/WhP8PkB3nRvsJsw by20qOrppG+oClu1fG+gqEIheUAyA4wvQWUizLD0FE4QgUB5fITj4g9FuNpgq3Id1IF9 7VZ5rb26nbe2nnBaYQNsG8wM926ZobeH1wCBxc+dzMY62zL66Ta6wrdpco2bAdNBJi7l IIHw==
X-Gm-Message-State: AOJu0YwYldLvtHnqsFnFt2kGeCis0egnSrOgsZ9cDIn03+0QORttsn/x G/YoUFnH1Qzp0U5Rg1Icmu60Knjeh6FdeiAHjOModJOE0p0huMo4
X-Google-Smtp-Source: AGHT+IFuC2gXOzd3ogtytcVZUZcI8PghuxqQMGjzv5LYe6UJkvA2DTMlbBq5SzgIgMfUrdO77DLXAg==
X-Received: by 2002:a17:902:680b:b0:1d7:19ec:2eaf with SMTP id h11-20020a170902680b00b001d719ec2eafmr3131984plk.6.1706751824868; Wed, 31 Jan 2024 17:43:44 -0800 (PST)
X-Forwarded-Encrypted: i=0; AJvYcCXQ2LneLv2TOcnKDdcILNHL0qCqbYkctOkpxjESiVI1fRmX8XrlW2rQ8IahWh0qfpKphmhkvrhRv8IGbl1wSgOkwTfqGlM4T+jHQvTuqqPImPz5A0uqYpwy+SCiTpAUx4UODMietlFOaJ67Yyx1gXfgqBLM
Received: from smtpclient.apple ([70.234.233.187]) by smtp.gmail.com with ESMTPSA id jx11-20020a170903138b00b001d8faede8b0sm4813463plb.22.2024.01.31.17.43.44 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jan 2024 17:43:44 -0800 (PST)
From: Mahesh Jethanandani <mjethanandani@gmail.com>
Message-Id: <F782E8A8-7FA8-40AE-94FF-6E65FA1C118C@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_180A40CE-C2AF-49B1-9783-3B070224462B"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.15\))
Subject: Re: Optimizing Authentication - periodic re-authentication
Date: Wed, 31 Jan 2024 17:43:43 -0800
In-Reply-To: <8B34FDE7-C8EC-4792-A14A-1D76AA0A215A@yahoo.com>
Cc: Jeffrey Haas <jhaas@pfrc.org>, draft-ietf-bfd-optimizing-authentication@ietf.org, "rtg-bfd@ietf. org" <rtg-bfd@ietf.org>
To: Rahman <reshad=40yahoo.com@dmarc.ietf.org>
References: <9491CBCF-AAEA-4CF0-A07C-CB2E270EB125@pfrc.org> <8B34FDE7-C8EC-4792-A14A-1D76AA0A215A@yahoo.com>
X-Mailer: Apple Mail (2.3654.120.0.1.15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-bfd/dK38_BkDoXtAcrxNFtiyfTnMjbc>
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-bfd/>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Feb 2024 01:43:48 -0000

Ok. Will add it as part of next update.

> On Jan 31, 2024, at 5:38 PM, Rahman <reshad=40yahoo.com@dmarc.ietf.org> wrote:
> 
> Hi,
> 
> My only comment is we should be explicit about the action taken when we detect that the session has been compromised (no F received).
> 
> Regards,
> Reshad.
> 
> Sent from my iPhone
> 
>> On Jan 31, 2024, at 11:06 AM, Jeffrey Haas <jhaas@pfrc.org> wrote:
>> 
>> Reshad,
>> 
>>> On Jan 30, 2024, at 12:28 AM, Rahman <reshad@yahoo.com <mailto:reshad@yahoo.com>> wrote:
>>> 
>>> Jeff, good catch.
>>> 
>>> We can document both ways, ie we can let implementations decide which of the 2 methods below they prefer? Or is the concern that this will cause a DISCUSS?
>> 
>> Mahesh has proposed the fix for the next rev in this pull request:
>> 
>> https://github.com/bfd-wg/optimized-auth/pull/19/files <https://github.com/bfd-wg/optimized-auth/pull/19/files>
>> 
>> -- Jeff
>> 


Mahesh Jethanandani
mjethanandani@gmail.com

v2.23.0 | Report a Bug | By Email