Re: [sfc] I-D Action: draft-ietf-sfc-nsh-integrity-03.txt
mohamed.boucadair@orange.com Fri, 22 January 2021 09:57 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 169023A11E8;
Fri, 22 Jan 2021 01:57:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.117
X-Spam-Level:
X-Spam-Status: No, score=-2.117 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001,
RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001,
SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001]
autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=orange.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id pDiAFFn_q7Zc; Fri, 22 Jan 2021 01:57:50 -0800 (PST)
Received: from relais-inet.orange.com (relais-inet.orange.com [80.12.70.34])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 5E66A3A11F2;
Fri, 22 Jan 2021 01:57:50 -0800 (PST)
Received: from opfednr00.francetelecom.fr (unknown [xx.xx.xx.64])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by opfednr24.francetelecom.fr (ESMTP service) with ESMTPS id 4DMZSX6pM2z1y0C;
Fri, 22 Jan 2021 10:57:48 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orange.com;
s=ORANGE001; t=1611309468;
bh=cxsstXxsu1tJg9oUxVHK0VCFLjJcamYL104Jt4Zr7MU=;
h=From:To:Subject:Date:Message-ID:Content-Type:
Content-Transfer-Encoding:MIME-Version;
b=GzsF0g1XKolh/NGrF9qYjp8KFH9h1p7qAO/VKhVJaJbvmWJrpaBYsNaNRe2LUzqCq
2BblAY33sgyzx6PrMKjOikgTtj/OoaPCzWxs26NTCm8kTHkG/ic2lhOdVL2MdhXT1C
84H7Ku7ycoGQeBDzHziC3BKUYKZQ9//u3bzLKVmsWNjkctgPGrR2/9fEC4vMsMkhtp
aHQqKtoC5e35KFrvYucKgrxu6gsTzhvuCVU3hY8hi7rvRbs+W5FsAYjd4Ks8oX6KQ6
NyqNrp1QwtTg0am9WV/qNDxZxr3/q5DgrL+YewoRxSQgUvJQ8jbGuQaxyCpDINzwDj
jEoGC1vpGVyOw==
Received: from Exchangemail-eme6.itn.ftgroup (unknown [xx.xx.13.45])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by opfednr00.francetelecom.fr (ESMTP service) with ESMTPS id 4DMZSX665QzDq85;
Fri, 22 Jan 2021 10:57:48 +0100 (CET)
From: <mohamed.boucadair@orange.com>
To: "sfc@ietf.org" <sfc@ietf.org>
CC: "draft-ietf-sfc-nsh-integrity.all@ietf.org"
<draft-ietf-sfc-nsh-integrity.all@ietf.org>
Thread-Topic: I-D Action: draft-ietf-sfc-nsh-integrity-03.txt
Thread-Index: AQHW8KSGdKzeLiT4jU6jtn+5OSMwP6ozaCEA
Date: Fri, 22 Jan 2021 09:57:46 +0000
Message-ID: <6660_1611309468_600AA19C_6660_183_2_787AE7BB302AE849A7480A190F8B9330315BECA3@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
References: <161130919309.10957.3357769217615551232@ietfa.amsl.com>
In-Reply-To: <161130919309.10957.3357769217615551232@ietfa.amsl.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.114.13.247]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/Ryfgbwu1fQjGPUg6_X5-Ar47q-4>
Subject: Re: [sfc] I-D Action: draft-ietf-sfc-nsh-integrity-03.txt
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>,
<mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>,
<mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jan 2021 09:57:52 -0000
Hi all, This version implemented the fix to address the play attack issue. It also clarifies two points raised by Greg (padding and IV Length set to 0). Cheers, Med > -----Message d'origine----- > De : I-D-Announce [mailto:i-d-announce-bounces@ietf.org] De la part > de internet-drafts@ietf.org > Envoyé : vendredi 22 janvier 2021 10:53 > À : i-d-announce@ietf.org > Cc : sfc@ietf.org > Objet : I-D Action: draft-ietf-sfc-nsh-integrity-03.txt > > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Service Function Chaining WG of the > IETF. > > Title : Integrity Protection for the Network > Service Header (NSH) and Encryption of Sensitive Context Headers > Authors : Mohamed Boucadair > Tirumaleswar Reddy > Dan Wing > Filename : draft-ietf-sfc-nsh-integrity-03.txt > Pages : 29 > Date : 2021-01-22 > > Abstract: > This specification adds integrity protection directly to the > Network > Service Header (NSH) used for Service Function Chaining (SFC). > Also, > this specification allows to encrypt sensitive metadata that is > carried in the NSH. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-sfc-nsh-integrity/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-ietf-sfc-nsh-integrity-03 > https://datatracker.ietf.org/doc/html/draft-ietf-sfc-nsh-integrity- > 03 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-sfc-nsh-integrity-03 > > > Please note that it may take a couple of minutes from the time of > submission until the htmlized version and diff are available at > tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > > _______________________________________________ > I-D-Announce mailing list > I-D-Announce@ietf.org > https://www.ietf.org/mailman/listinfo/i-d-announce > Internet-Draft directories: http://www.ietf.org/shadow.html or > ftp://ftp.ietf.org/ietf/1shadow-sites.txt _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
- [sfc] I-D Action: draft-ietf-sfc-nsh-integrity-03… internet-drafts
- Re: [sfc] I-D Action: draft-ietf-sfc-nsh-integrit… mohamed.boucadair