Re: [secdir] secdir review of draft-ietf-mpls-tp-oam-analysis-08
"Sprecher, Nurit (NSN - IL/Hod HaSharon)" <nurit.sprecher@nsn.com> Tue, 17 April 2012 07:18 UTC
Return-Path: <nurit.sprecher@nsn.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E338E21F84F8 for <secdir@ietfa.amsl.com>; Tue, 17 Apr 2012 00:18:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.598
X-Spam-Level:
X-Spam-Status: No, score=-6.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RRj4d6fd9Tiu for <secdir@ietfa.amsl.com>; Tue, 17 Apr 2012 00:18:28 -0700 (PDT)
Received: from demumfd001.nsn-inter.net (demumfd001.nsn-inter.net [93.183.12.32]) by ietfa.amsl.com (Postfix) with ESMTP id BC93021F84FF for <secdir@ietf.org>; Tue, 17 Apr 2012 00:18:27 -0700 (PDT)
Received: from demuprx017.emea.nsn-intra.net ([10.150.129.56]) by demumfd001.nsn-inter.net (8.12.11.20060308/8.12.11) with ESMTP id q3H7Haw7009532 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 17 Apr 2012 09:17:36 +0200
Received: from demuexc023.nsn-intra.net (demuexc023.nsn-intra.net [10.150.128.36]) by demuprx017.emea.nsn-intra.net (8.12.11.20060308/8.12.11) with ESMTP id q3H7HTce010560; Tue, 17 Apr 2012 09:17:33 +0200
Received: from DEMUEXC013.nsn-intra.net ([10.150.128.24]) by demuexc023.nsn-intra.net with Microsoft SMTPSVC(6.0.3790.4675); Tue, 17 Apr 2012 09:16:57 +0200
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CD1C6A.12B6A32A"
Date: Tue, 17 Apr 2012 09:16:56 +0200
Message-ID: <E4873516F3FC7547BCFE792C7D94039C019A3228@DEMUEXC013.nsn-intra.net>
In-Reply-To: A<C0E0A32284495243BDE0AC8A066631A80C900009@szxeml526-mbx.china.huawei.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: secdir review of draft-ietf-mpls-tp-oam-analysis-08
Thread-Index: AQHNCYTfIZ8uMvCtg0mge42m/0NwfZadxfiA
References: <CAFOuuo5TLJpkwrej_J06mKTH2Y70yF-rvYDn2x06QQJFmCpA6g@mail.gmail.com> A<C0E0A32284495243BDE0AC8A066631A80C900009@szxeml526-mbx.china.huawei.com>
From: "Sprecher, Nurit (NSN - IL/Hod HaSharon)" <nurit.sprecher@nsn.com>
To: ext Tina TSOU <Tina.Tsou.Zouting@huawei.com>
X-OriginalArrivalTime: 17 Apr 2012 07:16:57.0590 (UTC) FILETIME=[13158160:01CD1C6A]
X-purgate-type: clean
X-purgate-Ad: Categorized by eleven eXpurgate (R) http://www.eleven.de
X-purgate: clean
X-purgate: This mail is considered clean (visit http://www.eleven.de for further information)
X-purgate-size: 42319
X-purgate-ID: 151667::1334647056-00003570-09BCA762/0-0/0-0
X-Mailman-Approved-At: Tue, 17 Apr 2012 10:24:15 -0700
Cc: draft-ietf-mpls-tp-oam-analysis@tools.ietf.org, secdir@ietf.org
Subject: Re: [secdir] secdir review of draft-ietf-mpls-tp-oam-analysis-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Apr 2012 07:18:32 -0000
Tina hi, Thank you for your review. Please see inline. Best regards, Nurit -----Original Message----- From: ext Tina TSOU [mailto:Tina.Tsou.Zouting@huawei.com] Sent: Saturday, March 24, 2012 8:11 AM To: secdir@ietf.org; draft-ietf-mpls-tp-oam-analysis@tools.ietf.org Subject: secdir review of draft-ietf-mpls-tp-oam-analysis-08 I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. Some comments which may not be from security aspects only are below. 1) One missing OAM function I compared the OAM functions listed in this draft and those required in RFC5860 and find out one OAM function named Client Failure Indication (Section 2.2.10 of [RFC 5860]) is missing. I cannot see a reason for this. Since this is an informational analysis document, it is recommended to give a whole view. Specific clarifications are appreciated in the document. <Nurit> this document provides an overview of the MPLS-TP OAM tools that are specified in separate RFCs. It was agreed by the working group that the final version of this document refers to RFCs only. draft-ietf-mpls-tp-csf on "Indication of Client Failure in MPLS-TP" was expired on September 2011, hence we cannot refer to this document. Please note also that although the name of the FILE may confuse, this document does not make any analysis but rather presents an overview of the OAM tools. The purpose of the document is carried in the document TITLE and Abstract/Introduction. \<Nurit> 2) Lack of analysis about the compatibility with existing tools It is said in this document that compatibility with the existing tools has been maintained. But there is no detailed analysis which IMHO might be of great interest to the industry and should form an important part of this analysis document. <Nurit> As mentioned above, the purpose of the document is to provide an overview of the MPLS-TP OA tools. It is not a detailed analysis of the tools. Still, I think your idea is excellent, and may be a subject for another I-D. \<Nurit> 3) 1.1 Scope In the middle of this section, under the "three objectives", the first bullet reads o The OAM toolset should be developed based on existing MPLS architecture, technology, and toolsets. However, in the following paragraph it is written as o ITU-T OAM for Ethernet toolset as defined in [Y.1731]. This has been used for functionality guidelines for the performance measurement tools that were not previously supported in MPLS. There seem to be conflicts between the objective (should...existing MPLS....) <Nurit> I am afraid I cannot see the conflict between the sentences....I consulted with some colleagues and they could not see the conflict as well. \<Nurit> and the toolset development (...tools...not...supported in MPLS). [RFC 5860] says that "...the MPLS-TP design, SHOULD as far as reasonably possible, reuse existing MPLS standards." which looks more appropriate to me as the objective. Please clarify this point. 4) 1.1 Scope The third one of the "three objectives" in this draft reads o The OAM toolset developed for MPLS based transport networks needs to be fully inter-operable with existing MPLS OAM tools as documented in [RFC 5860]. I may be wrong but I find [RFC 5860] only requires OAM interoperability between distinct domains (w/wo IP capabilities). The original description is as follows: It is REQUIRED that OAM interoperability is achieved between distinct domains materializing the environments described in Section 2.1.4. My understanding of the "OAM interoperability" mentioned here refers to MPLS-TP OAM interoperable in different domains, but not MPLS-TP OAM and MPLS OAM interoperability. <Nurit> Section 2.1.4 to which you refer in your quote, discusses the environments. "There are environments where IP capabilities are present in the data plane. IP/MPLS environments are examples of such environments....". RFC 5860 continues to require that "When MPLS-TP is run with IP routing and forwarding capabilities, it MUST be possible to operate any of the existing IP/MPLS and PW OAM protocols (e.g., LSP-Ping [4], MPLS-BFD [13], VCCV [5], and VCCV-BFD [14])." \<Nurit> 5) MPLS-TP v.s. MPLS based transport networks The draft uses both "MPLS-TP" and "MPLS based transport networks". E.g. is it "MPLS-TP OAM" or OAM toolset developed for MPLS based transport networks? Are they the same? Or what is the relationship between them? <Nurit> thank you for catching this. We will clarify that they are the same. \<Nurit> Tina
- [secdir] secdir review of draft-ietf-pwe3-redunda… Radia Perlman
- [secdir] secdir review of draft-ietf-mpls-tp-oam-… Tina TSOU
- Re: [secdir] secdir review of draft-ietf-pwe3-red… Stewart Bryant
- Re: [secdir] secdir review of draft-ietf-pwe3-red… Bocci, Matthew (Matthew)
- Re: [secdir] secdir review of draft-ietf-mpls-tp-… Sprecher, Nurit (NSN - IL/Hod HaSharon)
- Re: [secdir] secdir review of draft-ietf-mpls-tp-… Tina TSOU