IETF Logo Mail Archive

Re: I-D Action: draft-ietf-bfd-optimizing-authentication-10.txt

Manav Bhatia <manavbhatia@gmail.com> Thu, 23 July 2020 14:49 UTC

Return-Path: <manavbhatia@gmail.com>
X-Original-To: rtg-bfd@ietfa.amsl.com
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63FF83A0803 for <rtg-bfd@ietfa.amsl.com>; Thu, 23 Jul 2020 07:49:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id renkNmB6BCzV for <rtg-bfd@ietfa.amsl.com>; Thu, 23 Jul 2020 07:49:38 -0700 (PDT)
Received: from mail-il1-x133.google.com (mail-il1-x133.google.com [IPv6:2607:f8b0:4864:20::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EBA3A3A0801 for <rtg-bfd@ietf.org>; Thu, 23 Jul 2020 07:49:37 -0700 (PDT)
Received: by mail-il1-x133.google.com with SMTP id o3so4503728ilo.12 for <rtg-bfd@ietf.org>; Thu, 23 Jul 2020 07:49:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=1HdJtl8M7SOC063d14Bv9JUV920XvxqWpEGBenA6P10=; b=TOMuBOyEjDtUd8Wm1gUMCdq8RFR9lNpRYG42hxm7l61buf+XMyFpY5ebOtEH3fP+U+ AjK5VwN+IdxFnCngsBmQKcZX2j8EhM1ftGr0l6iNblIFeMtYwpIJufpd216sAwVVWkLG 5E5JAHHLgm5/LwxR6PGox23njjHTyw45BBaAaO103GMpJn+OI8L1CZXw2RWD7OrC3BGg COLGxMx2BG7CM+4mhsAl3k5zAjXEDvnEG8VoMQp6GiG42ME2DZmgPNt67fJ08N+gVRa3 sYa9sYoXFDiGTZigD6V0w6PnJXFp97nUhDjYuqBtPIQ/QiTbX1beA37iz91Y0EAjScqt bl6w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=1HdJtl8M7SOC063d14Bv9JUV920XvxqWpEGBenA6P10=; b=KNgmZ2a5UIE1X0Rvr+5Au5Q1oQ9LBRrg4i/WRFalBG3ib8IqDAbrj49hXKGwUuCyuq 4ztwokBd21SZ2q/qioWROg7pzikR7048e2veffR98oohyhVOLzcFoCC+oDc3pQMePoUy fALbAX8VwuA03omO1PPiC9Q2Dc0fiuM/PIxShx8TxVOVVFlDGbVq0R9w7g6BCVswxT3i bmjKRGz9RC60Q4+Yg9eT2futCbHcFyE6iXv38PeIiLaECTStTu7j6q1Dt8ghvgfDMCQ1 WcP3qtyQaji7x4BE6mjofQ2HXOQLbXeZnW7m3oIc3hp1WoniGb3F6LGggCDDDs3hmdpU nvAQ==
X-Gm-Message-State: AOAM5307g4QFEBo706xWK2J4SlftNMYMWHS8LshKHuGdEfXJ30PXgZCk yekeInEJIftnenTPyW135MDKGOQPOZ1/gdGGsjA=
X-Google-Smtp-Source: ABdhPJw4BjVfRyOZlTcwR49CAeAfOHyvF8pQJRCmL2mIZBi57xlAdSE1srQ9pAUsOyXtetLeXF1eNjIq+/3FSW1l950=
X-Received: by 2002:a05:6e02:e02:: with SMTP id a2mr2848773ilk.231.1595515777185; Thu, 23 Jul 2020 07:49:37 -0700 (PDT)
MIME-Version: 1.0
References: <159466724499.14803.15233027731222579839@ietfa.amsl.com> <FC5206AF-9CDB-4CC2-9967-B4BF5A17141B@gmail.com> <20200721004857.GB31779@pfrc.org> <2C632683-57D0-4E40-809E-6A907B38CDB5@gmail.com> <AF1DDAD1-D362-4BCA-A2D6-EB1477BDBDEF@cisco.com> <CAG1kdoifsdnawsB8jhcDMbprQt4e8p0g3rxxD2Wuw+5pH79e1g@mail.gmail.com> <20200723141024.GC6821@pfrc.org>
In-Reply-To: <20200723141024.GC6821@pfrc.org>
From: Manav Bhatia <manavbhatia@gmail.com>
Date: Thu, 23 Jul 2020 20:19:26 +0530
Message-ID: <CAG1kdojpsKVnC1tr6fj7cuxu4wC7TGtx-hyVcDaxf1bJYrfBMA@mail.gmail.com>
Subject: Re: I-D Action: draft-ietf-bfd-optimizing-authentication-10.txt
To: Jeffrey Haas <jhaas@pfrc.org>
Cc: "Reshad Rahman (rrahman)" <rrahman=40cisco.com@dmarc.ietf.org>, Mahesh Jethanandani <mjethanandani@gmail.com>, "rtg-bfd@ietf. org" <rtg-bfd@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000021fee305ab1cf792"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-bfd/e-HYogpVR2Ghok8rSdEACv7pC0c>
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-bfd/>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jul 2020 14:49:40 -0000

Hi Jeff,

I am sorry I dont understand this point.

I would like to stick to NULL because it's less prone to
implementation/inter-op bugs where you dont need to keep changing the kind
of auth you use depending upon where you are in your finite state machine
(FSM). And moreover, doing an AUTH adds no security to the protocol.

Cheers, Manav

On Thu, Jul 23, 2020 at 7:29 PM Jeffrey Haas <jhaas@pfrc.org> wrote:

> Manav,
>
> On Thu, Jul 23, 2020 at 08:01:01AM +0530, Manav Bhatia wrote:
> > GIven that there isnt a huge advantage in using Auth during INIT -> INIT
> > and Down -> Down we should probably stick to NULL for the sake of
> > simplicity. Unless, somebody finds a problem with using NULL.
>
> Part of the reason I flagged this point is that I expect commentary during
> IESG review.  This conversation was the forcing function to determine "no,
> we think extra authentication here is really useless even with slower
> timers".
>
> -- Jeff
>

v2.23.0 | Report a Bug | By Email