[secdir] Issue with PCEP
Julien Meuric <julien.meuric@orange-ftgroup.com> Wed, 13 July 2011 15:04 UTC
Return-Path: <julien.meuric@orange-ftgroup.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 812B521F86F4 for <secdir@ietfa.amsl.com>; Wed, 13 Jul 2011 08:04:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.249
X-Spam-Level:
X-Spam-Status: No, score=-102.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_FR=0.35, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o+b4Zo9vIX1k for <secdir@ietfa.amsl.com>; Wed, 13 Jul 2011 08:04:22 -0700 (PDT)
Received: from r-mail2.rd.francetelecom.com (r-mail2.rd.francetelecom.com [217.108.152.42]) by ietfa.amsl.com (Postfix) with ESMTP id 014F421F86E5 for <secdir@ietf.org>; Wed, 13 Jul 2011 08:04:22 -0700 (PDT)
Received: from r-mail2.rd.francetelecom.com (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id DDE9BFC400A; Wed, 13 Jul 2011 17:04:20 +0200 (CEST)
Received: from ftrdsmtp1.rd.francetelecom.fr (unknown [10.192.128.46]) by r-mail2.rd.francetelecom.com (Postfix) with ESMTP id B4D64FC4009; Wed, 13 Jul 2011 17:04:20 +0200 (CEST)
Received: from ftrdmel10.rd.francetelecom.fr ([10.192.128.44]) by ftrdsmtp1.rd.francetelecom.fr with Microsoft SMTPSVC(6.0.3790.4675); Wed, 13 Jul 2011 17:04:20 +0200
Received: from [10.193.71.150] ([10.193.71.150]) by ftrdmel10.rd.francetelecom.fr with Microsoft SMTPSVC(6.0.3790.4675); Wed, 13 Jul 2011 17:04:19 +0200
Message-ID: <4E1DB3F3.8080103@orange-ftgroup.com>
Date: Wed, 13 Jul 2011 17:04:19 +0200
From: Julien Meuric <julien.meuric@orange-ftgroup.com>
Organization: France Telecom
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.17) Gecko/20110424 Lightning/1.0b2 Thunderbird/3.1.10
MIME-Version: 1.0
To: secdir@ietf.org
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 13 Jul 2011 15:04:19.0921 (UTC) FILETIME=[245D6410:01CC416E]
X-Mailman-Approved-At: Fri, 15 Jul 2011 09:47:35 -0700
Cc: Adrian Farrel <adrian@olddog.co.uk>, 'JP Vasseur' <jpv@cisco.com>
Subject: [secdir] Issue with PCEP
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Jul 2011 15:04:22 -0000
Dear Security Directorate, In the PCE WG, an issue had been reported by several implementers of PCEP, the "Path Computation Element communication Protocol" specified in RFC 5440 (cf. the thread on http://www.ietf.org/mail-archive/web/pce/current/msg02426.html or http://tools.ietf.org/agenda/80/slides/pce-0.pdf). This issue is related to the fact that the TCP source port of a PCEP session is fixed. To summarize, some operating systems (including Linux) are not that flexible when it comes to assigning a fixed source port. A reasonable solution to this issue is to remove that restriction on the source port of a PCEP session. It is backward compatible with current RFC 5440 and has been agreed with the Tranport Area ADs. From a security perspective, do you issue any blocking issue in moving forward with this solution? Thank you, Julien, PCE co-chair
- [secdir] Issue with PCEP Julien Meuric
- Re: [secdir] Issue with PCEP Brian Weis
- Re: [secdir] Issue with PCEP Julien Meuric