Re: [saag] SEC-DIR QA review of draft-ietf-trill-channel-tunnel-07.txt

"Susan Hares" <> Wed, 19 August 2015 01:03 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 8C7BF1A2130 for <>; Tue, 18 Aug 2015 18:03:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -99.054
X-Spam-Status: No, score=-99.054 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DOS_OUTLOOK_TO_MX=2.845, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Xus-8rohj21O for <>; Tue, 18 Aug 2015 18:03:21 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id C27731A21A0 for <>; Tue, 18 Aug 2015 18:03:20 -0700 (PDT)
X-Default-Received-SPF: pass (skip=loggedin (res=PASS)) x-ip-name=;
From: "Susan Hares" <>
To: <>
Date: Tue, 18 Aug 2015 21:03:18 -0400
Message-ID: <01cb01d0da1a$d652f470$82f8dd50$>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_01CC_01D0D9F9.4F45E850"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQGdftgYrTxMM4fgXu6G1IsGfy/Iip55KD4Q
Content-Language: en-us
Archived-At: <>
Cc: 'Jon Hudson' <>
Subject: Re: [saag] SEC-DIR QA review of draft-ietf-trill-channel-tunnel-07.txt
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 19 Aug 2015 01:03:23 -0000



Would you review following four drafts from TRILL which create a new
directory service mechanism for IP/MAC address mappings?   In you QA review,
would  determine if the security mechanisms in this IP address/MAC Address
have: good security mechanisms and meet the privacy concerns? 


These 4 drafts are in the process of Routing QA reviews and IANA Reviews
(where appropriate).   


1)       TRILL: Edge Directory Assist Mechanisms: This draft provides the
overview of the TRILL directory mechanisms.  These mechanisms aim at
reducing multi-destination traffic, particularly ARP/ND and unknown unicast
flooding. It can also be used to detect traffic with forged source


Routing QA review on draft-trill-directory-assist-mechanisms-03.txt


Note:  Draft has not been revised to handle these comments. 


2)       draft-ietf-trill-arp-optimization - This draft describes how reduce
ARP/ND traffic within a TRILL Campus by the following mechanisms: a)
learning MAC/IP addresses maping via ISIS application sub-TLVor b) getting
IP/MAC addresses from directory services (push/pull).  This draft gives step
by step instructions on the mechanisms. 


Routing QA review:


Note: Draft has not been revised to handle these comments. 


3)        draft-ietf-trill-channel-tunnel-07.txt on your QA review: The
TRILL directory mechanisms have push/pull mechanisms.  The
draft-ietf-trill-channel-tunnel draft is needed to provide a mechanism to
secure pull directory messages.  Push directory messages are IS-IS PDUs so
these drafts can use IS-IS authentication.


4)      draft-ietf-trill-ia-appsubtlv-05:  This draft reports of addresses
for TRILL interfaces in ISIS application sub-TLV (reduces/replaces need for


Note: No Routing QA Review yet (awaiting review) 



Thank you, 


Sue Hares 

TRILL-co-chair and document shepherd for this group.