Re: [secdir] secdir review of draft-ietf-lisp-lcaf-15

Dino Farinacci <farinacci@gmail.com> Sat, 01 October 2016 19:31 UTC

Return-Path: <farinacci@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A289E12B113; Sat, 1 Oct 2016 12:31:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.8
X-Spam-Level:
X-Spam-Status: No, score=-0.8 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J14jk0QdLrqj; Sat, 1 Oct 2016 12:31:51 -0700 (PDT)
Received: from mail-pf0-x22d.google.com (mail-pf0-x22d.google.com [IPv6:2607:f8b0:400e:c00::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3FDEB12B105; Sat, 1 Oct 2016 12:31:51 -0700 (PDT)
Received: by mail-pf0-x22d.google.com with SMTP id s13so50828028pfd.2; Sat, 01 Oct 2016 12:31:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=LLVv7IsarbOlT9OjGFWvkEYnX9C9qXwLf7n2ayGEJ6I=; b=FpnNHulSjOkKTcwCiwrvSStWL5xKqk3Jwbnl91aZerKHnykg2ROkaY9sBk5EYblXK0 dIu2e8z/RCVCgnrxIrONMFQK7k55OuzWYOhsTKxIElJnZDZZZSnuezHhDStGwS9dhxVp Fgom7UUHVcBbcYnW2fz/+4Tn0Yo7eFY2YQhObXXCZOQTEE0zrUaEEGo/dd9CW3MZriWc 57dINlEmQIW7yrMYSZDT5KOelpsUWezdPOp8/Pq2h0dx11TX5XCgXv8V4qwgRHqdU66v yBCnwnKM+jdiSJpuRibE1Al7M/yArJoOwyuF58SH9ZuKuWTBuen+DdVpJ6kIxMEgS8X0 Y3Qg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=LLVv7IsarbOlT9OjGFWvkEYnX9C9qXwLf7n2ayGEJ6I=; b=XsGGT28351IdDMVsKL2qygHEhRpeyi6NkspOfETOBhZVuthKOQIogSuX8/dhBU3Tcj nzbuDlcdt//uSD2tRBxO1Q7Ln+tXAL4t7vX5p9kRG99qwERGyONDHvmhGeQs13bafXpL r7Uu89wg9o8N/TOfzOBrjatsJd0eECJKbZg93XvGcI+BV/0SHUD1+5PcyqcBf2jRrpvm axZGcjt2K+n2MgaMileoSZuVqZUIHHiAJjS0qlt/Em4pQmKZSY89SswIYFA1DBU2STjs 9HxpcH0MbmU2QytETy6RAjK0L8GKiwl36NTqvshdP0JQuG20pLseaIul1qGsXisIOvJs L5PA==
X-Gm-Message-State: AA6/9RlAPLSJh58w6x8YGGLSVcKO8erNUNY2TBGJHu5HUtZl1t9Jm4WE0Sh8OTKSVNsXcw==
X-Received: by 10.98.15.210 with SMTP id 79mr23651792pfp.183.1475350310791; Sat, 01 Oct 2016 12:31:50 -0700 (PDT)
Received: from ?IPv6:2603:3024:151c:55f0:f4f7:4750:802b:136? ([2603:3024:151c:55f0:f4f7:4750:802b:136]) by smtp.gmail.com with ESMTPSA id 77sm10849632pfx.91.2016.10.01.12.31.49 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sat, 01 Oct 2016 12:31:49 -0700 (PDT)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (1.0)
From: Dino Farinacci <farinacci@gmail.com>
X-Mailer: iPhone Mail (14A456)
In-Reply-To: <e2b4a503-356d-e581-7a27-406378161148@mandelberg.org>
Date: Sat, 1 Oct 2016 12:31:48 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <75EAB0F7-3358-43A7-A61B-275386B3787A@gmail.com>
References: <17032e8e-f1d0-8fb4-7294-2e2ca5c9fb06@mandelberg.org> <2290972B-B93D-496A-8AF3-16B72D19B654@gmail.com> <cea887fa-f076-2ada-c9c8-fce548dccfca@mandelberg.org> <D896C233-1414-4635-9DE3-FE10A7BF1E69@gmail.com> <4c2ca5d7-ce89-b107-f7fa-1f22ba19eaf5@mandelberg.org> <D5F42B1E-2B22-4B03-9084-65086169C1E0@gmail.com> <e2b4a503-356d-e581-7a27-406378161148@mandelberg.org>
To: David Mandelberg <david@mandelberg.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/Tm4GQffadP3Ot3xWrHaqD7V4ZAk>
Cc: The IESG <iesg@ietf.org>, draft-ietf-lisp-lcaf.all@ietf.org, secdir@ietf.org
Subject: Re: [secdir] secdir review of draft-ietf-lisp-lcaf-15
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 01 Oct 2016 19:31:52 -0000

So are we good to go?

Have a look at the last HTML diff file I sent and let me know if we are in sync. 

Per Deborah's suggestion I'll post a draft on Wed after the last call deadline. 

Dino

> On Oct 1, 2016, at 11:53 AM, David Mandelberg <david@mandelberg.org> wrote:
> 
>> On 10/01/2016 02:30 PM, Dino Farinacci wrote:
>> 
>>> On Oct 1, 2016, at 10:28 AM, DavidMandelberg <david@mandelberg.org> wrote:
>>> 
>>> are distinct LCAF addresses. Additionally, if an LCAF address is
>>> digitally signed or MACed, the specific encoding of the address must be
>>> preserved in order for the signature or MAC to be valid on receipt.
>> 
>> Okay so based in this text I finally get the point of your comment. 
>> 
>> But what you state is not true. These addresses are content in a message. If a message is signed and includes an address if the signer, that address is from the Io header. 
>> 
>> And no matter how the address is encoded, it always shows up as AFI=1 and an IPv4 address. 
> 
> Gotcha, it seems I misunderstood how LCAF will be used. Sorry for the noise.
> 
>> 
>> Dino
>> 
> 
> 
> -- 
> David Eric Mandelberg / dseomn
> http://david.mandelberg.org/
>