Re: [saag] SEC-DIR QA review of draft-ietf-trill-channel-tunnel-07.txt

Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Wed, 19 August 2015 02:01 UTC

Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A36791A8A0F for <saag@ietfa.amsl.com>; Tue, 18 Aug 2015 19:01:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kXCCIS6A-w1K for <saag@ietfa.amsl.com>; Tue, 18 Aug 2015 19:01:52 -0700 (PDT)
Received: from mail-qk0-x22b.google.com (mail-qk0-x22b.google.com [IPv6:2607:f8b0:400d:c09::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8F4CE1A8A08 for <saag@ietf.org>; Tue, 18 Aug 2015 19:01:52 -0700 (PDT)
Received: by qkcs67 with SMTP id s67so65566230qkc.1 for <saag@ietf.org>; Tue, 18 Aug 2015 19:01:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:content-type:mime-version:subject:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=G4rjHf/oYrHNDT4QfrY9lVx3nWpYWayATwcgWBYvjFA=; b=FXDOUI2tBwLUAezg+L/6UzxETDkvUoh5gryo3RjYQRuehVG0FuWWpa9dvWm9+hCGUI kGOzmmhDknVs8V1F9ZKFMR4N/fQMRO5cIA2T1RrXRRaGewlqExEWXmdZKDKzy6kVyZy8 myVHupvNYnvJoV7xoJM50WQJizp5W2H9ZagnnXVACUyUibt/2vT6FEmEynxwrcfP3bzi 2HA6xARKl6EZwK3TWNwuzM2NKF/Kfe3CpXunrQDGKQSzc86iaPo5IfT87n4kg9djiCn9 /DYBiZgUEQxpm06Sk/cEPefIfr8eMOtDcrRbUT/cQPRdlGJ6Xw65s4lGHZTiP/eoKxYy Rfxg==
X-Received: by 10.55.40.162 with SMTP id o34mr18645340qko.106.1439949711757; Tue, 18 Aug 2015 19:01:51 -0700 (PDT)
Received: from [192.168.1.4] (209-6-114-252.c3-0.arl-ubr1.sbo-arl.ma.cable.rcn.com. [209.6.114.252]) by smtp.gmail.com with ESMTPSA id 79sm3274550qkz.25.2015.08.18.19.01.50 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 18 Aug 2015 19:01:51 -0700 (PDT)
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
X-Google-Original-From: Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (1.0)
X-Mailer: iPhone Mail (12H143)
In-Reply-To: <01f701d0da1f$34ec09f0$9ec41dd0$@ndzh.com>
Date: Tue, 18 Aug 2015 22:01:50 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <BDA2186B-A9BD-4CD0-B759-5DF62035F62B@gmail.com>
References: <01cb01d0da1a$d652f470$82f8dd50$@ndzh.com> <y4syef.ntb29b.2vaesa-qmf@mercury.scss.tcd.ie> <01f701d0da1f$34ec09f0$9ec41dd0$@ndzh.com>
To: Susan Hares <shares@ndzh.com>
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/58EiqzaAZm-n_V2kQK2LGSVKT0s>
Cc: "<jon.hudson@gmail.com>" <jon.hudson@gmail.com>, "<saag@ietf.org>" <saag@ietf.org>
Subject: Re: [saag] SEC-DIR QA review of draft-ietf-trill-channel-tunnel-07.txt
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Aug 2015 02:01:54 -0000

As I understand it, Russ has agreed to cover #1, so we just need help in the other 2 with #2 having priority.

We could just request early reviews and have them put into the rotation if no one volunteers.

Thanks,
Kathleen 

Sent from my iPhone

> On Aug 18, 2015, at 9:34 PM, Susan Hares <shares@ndzh.com>; wrote:
> 
> Stephen: 
> 
> I'm a WG chair for 3 WGs, and I'm pushing WG groups of WG drafts toward the IESG publishing so it may seem like a large group: 
> 
> Let me prioritize the drafts by WG: 
> 
> 1) I2RS - is a must have: 
> 
> I2RS is in the midst of a disagreement over the security requirements.  Without Russ Housley's help to review it, we are stuck for this work. Top priority 
> 
> 2)  TRILL - is a "Nice to have" as we are using Crypto-suites in tunneling protocol. 
> 
> This is a QA review for the next group of TRILL - which is providing a whole group of directory service.   If you do not do this now, then it will progress to IESG submission in September.   Donald Eastlake worked on these drafts so it is ok
> 
> 3) BGP - "Nothing more/less than usual" status - for all drafts.   
> 
> Sue 
> 
> 
> -----Original Message-----
> From: stephen.farrell@cs.tcd.ie [mailto:stephen.farrell@cs.tcd.ie] 
> Sent: Tuesday, August 18, 2015 9:18 PM
> To: shares@ndzh.com
> Cc: kathleen.moriarty.ietf@gmail.com; jon.hudson@gmail.com; d3e3e3@gmail.com; saag@ietf.org
> Subject: Re: RE: SEC-DIR QA review of draft-ietf-trill-channel-tunnel-07.txt
> 
> Sue,
> 
> How many more are on the way? I fear too many asks might cause fewer responses.
> 
> Ta,
> S.
> 
>> On Wed Aug 19 02:03:18 2015 GMT+0100, Susan Hares wrote:
>> Saag: 
>> 
>> 
>> 
>> Would you review following four drafts from TRILL which create a new
>> directory service mechanism for IP/MAC address mappings?   In you QA review,
>> would  determine if the security mechanisms in this IP address/MAC 
>> Address
>> have: good security mechanisms and meet the privacy concerns? 
>> 
>> 
>> 
>> These 4 drafts are in the process of Routing QA reviews and IANA Reviews
>> (where appropriate).   
>> 
>> 
>> 
>> 1)       TRILL: Edge Directory Assist Mechanisms: This draft provides the
>> overview of the TRILL directory mechanisms.  These mechanisms aim at 
>> reducing multi-destination traffic, particularly ARP/ND and unknown 
>> unicast flooding. It can also be used to detect traffic with forged 
>> source addresses.
>> 
>> 
>> 
>> Routing QA review on draft-trill-directory-assist-mechanisms-03.txt
>> https://mailarchive.ietf.org/arch/msg/trill/9QMAY54iiheEzFOKPLdv59QdA7
>> M
>> 
>> 
>> 
>> Note:  Draft has not been revised to handle these comments. 
>> 
>> 
>> 
>> 2)       draft-ietf-trill-arp-optimization - This draft describes how reduce
>> ARP/ND traffic within a TRILL Campus by the following mechanisms: a) 
>> learning MAC/IP addresses maping via ISIS application sub-TLVor b) 
>> getting IP/MAC addresses from directory services (push/pull).  This 
>> draft gives step by step instructions on the mechanisms.
>> 
>> 
>> 
>> Routing QA review:
>> http://www.ietf.org/mail-archive/web/rtg-dir/current/msg02606.html
>> 
>> 
>> 
>> Note: Draft has not been revised to handle these comments. 
>> 
>> 
>> 
>> 3)        draft-ietf-trill-channel-tunnel-07.txt on your QA review: The
>> TRILL directory mechanisms have push/pull mechanisms.  The 
>> draft-ietf-trill-channel-tunnel draft is needed to provide a mechanism 
>> to secure pull directory messages.  Push directory messages are IS-IS 
>> PDUs so these drafts can use IS-IS authentication.
>> 
>> 
>> 
>> 4)      draft-ietf-trill-ia-appsubtlv-05:  This draft reports of addresses
>> for TRILL interfaces in ISIS application sub-TLV (reduces/replaces 
>> need for ARP/ND )
>> 
>> 
>> 
>> Note: No Routing QA Review yet (awaiting review)
>> 
>> 
>> 
>> 
>> 
>> Thank you,
>> 
>> 
>> 
>> Sue Hares
>> 
>> TRILL-co-chair and document shepherd for this group.
>