Re: [saag] SEC-DIR QA review of draft-ietf-trill-channel-tunnel-07.txt

"Susan Hares" <shares@ndzh.com> Wed, 19 August 2015 01:34 UTC

Return-Path: <shares@ndzh.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 99CE11A854D for <saag@ietfa.amsl.com>; Tue, 18 Aug 2015 18:34:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.055
X-Spam-Level:
X-Spam-Status: No, score=-99.055 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DOS_OUTLOOK_TO_MX=2.845, USER_IN_WHITELIST=-100] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LQqOaQSG5eBr for <saag@ietfa.amsl.com>; Tue, 18 Aug 2015 18:34:38 -0700 (PDT)
Received: from hickoryhill-consulting.com (hhc-web3.hickoryhill-consulting.com [64.9.205.143]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3F2391A7035 for <saag@ietf.org>; Tue, 18 Aug 2015 18:34:38 -0700 (PDT)
X-Default-Received-SPF: pass (skip=forwardok (res=PASS)) x-ip-name=174.124.218.207;
From: "Susan Hares" <shares@ndzh.com>
To: <stephen.farrell@cs.tcd.ie>
References: <01cb01d0da1a$d652f470$82f8dd50$@ndzh.com> <y4syef.ntb29b.2vaesa-qmf@mercury.scss.tcd.ie>
In-Reply-To: <y4syef.ntb29b.2vaesa-qmf@mercury.scss.tcd.ie>
Date: Tue, 18 Aug 2015 21:34:34 -0400
Message-ID: <01f701d0da1f$34ec09f0$9ec41dd0$@ndzh.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQHAaYa2fX3u8KyFgrQWwvqpKyk8FgGLFGUKnicPPrA=
Content-Language: en-us
X-Authenticated-User: skh@ndzh.com
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/_SDmTzHxLL4D_UB_BsTgRCeYA44>
Cc: saag@ietf.org, jon.hudson@gmail.com
Subject: Re: [saag] SEC-DIR QA review of draft-ietf-trill-channel-tunnel-07.txt
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Aug 2015 01:34:39 -0000

Stephen: 

I'm a WG chair for 3 WGs, and I'm pushing WG groups of WG drafts toward the IESG publishing so it may seem like a large group: 

Let me prioritize the drafts by WG: 

1) I2RS - is a must have: 

 I2RS is in the midst of a disagreement over the security requirements.  Without Russ Housley's help to review it, we are stuck for this work. Top priority 

2)  TRILL - is a "Nice to have" as we are using Crypto-suites in tunneling protocol. 

This is a QA review for the next group of TRILL - which is providing a whole group of directory service.   If you do not do this now, then it will progress to IESG submission in September.   Donald Eastlake worked on these drafts so it is ok

3) BGP - "Nothing more/less than usual" status - for all drafts.   

Sue 


-----Original Message-----
From: stephen.farrell@cs.tcd.ie [mailto:stephen.farrell@cs.tcd.ie] 
Sent: Tuesday, August 18, 2015 9:18 PM
To: shares@ndzh.com
Cc: kathleen.moriarty.ietf@gmail.com; jon.hudson@gmail.com; d3e3e3@gmail.com; saag@ietf.org
Subject: Re: RE: SEC-DIR QA review of draft-ietf-trill-channel-tunnel-07.txt

Sue,

How many more are on the way? I fear too many asks might cause fewer responses.

Ta,
S.

On Wed Aug 19 02:03:18 2015 GMT+0100, Susan Hares wrote:
> Saag: 
> 
>  
> 
> Would you review following four drafts from TRILL which create a new
> directory service mechanism for IP/MAC address mappings?   In you QA review,
> would  determine if the security mechanisms in this IP address/MAC 
> Address
> have: good security mechanisms and meet the privacy concerns? 
> 
>  
> 
> These 4 drafts are in the process of Routing QA reviews and IANA Reviews
> (where appropriate).   
> 
>  
> 
> 1)       TRILL: Edge Directory Assist Mechanisms: This draft provides the
> overview of the TRILL directory mechanisms.  These mechanisms aim at 
> reducing multi-destination traffic, particularly ARP/ND and unknown 
> unicast flooding. It can also be used to detect traffic with forged 
> source addresses.
> 
>  
> 
> Routing QA review on draft-trill-directory-assist-mechanisms-03.txt
> https://mailarchive.ietf.org/arch/msg/trill/9QMAY54iiheEzFOKPLdv59QdA7
> M
> 
>  
> 
> Note:  Draft has not been revised to handle these comments. 
> 
>  
> 
> 2)       draft-ietf-trill-arp-optimization - This draft describes how reduce
> ARP/ND traffic within a TRILL Campus by the following mechanisms: a) 
> learning MAC/IP addresses maping via ISIS application sub-TLVor b) 
> getting IP/MAC addresses from directory services (push/pull).  This 
> draft gives step by step instructions on the mechanisms.
> 
>  
> 
> Routing QA review:
> http://www.ietf.org/mail-archive/web/rtg-dir/current/msg02606.html
> 
>  
> 
> Note: Draft has not been revised to handle these comments. 
> 
>  
> 
> 3)        draft-ietf-trill-channel-tunnel-07.txt on your QA review: The
> TRILL directory mechanisms have push/pull mechanisms.  The 
> draft-ietf-trill-channel-tunnel draft is needed to provide a mechanism 
> to secure pull directory messages.  Push directory messages are IS-IS 
> PDUs so these drafts can use IS-IS authentication.
> 
>  
> 
> 4)      draft-ietf-trill-ia-appsubtlv-05:  This draft reports of addresses
> for TRILL interfaces in ISIS application sub-TLV (reduces/replaces 
> need for ARP/ND )
> 
>  
> 
> Note: No Routing QA Review yet (awaiting review)
> 
>  
> 
>  
> 
> Thank you,
> 
>  
> 
> Sue Hares
> 
> TRILL-co-chair and document shepherd for this group. 
> 
>  
> 
>