Re: [sfc] Fwd: New Version Notification for draft-ietf-sfc-multi-layer-oam-05.txt
Gyan Mishra <hayabusagsm@gmail.com> Fri, 11 December 2020 06:20 UTC
Return-Path: <hayabusagsm@gmail.com>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 022A83A15FC; Thu, 10 Dec 2020 22:20:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.087
X-Spam-Level:
X-Spam-Status: No, score=-2.087 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kZy0_mWV1AfV; Thu, 10 Dec 2020 22:20:13 -0800 (PST)
Received: from mail-pf1-x42e.google.com (mail-pf1-x42e.google.com [IPv6:2607:f8b0:4864:20::42e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C537E3A15FA; Thu, 10 Dec 2020 22:20:13 -0800 (PST)
Received: by mail-pf1-x42e.google.com with SMTP id b26so6375115pfi.3; Thu, 10 Dec 2020 22:20:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=shIlPmPuLK5zrfchav3xP3K6WJGKPRAz1JuWfRPKqV8=; b=HZESFnFIXsbfvzdmePAsgEt7QnmO2xQuWaKmRtBy3pvqER0Cp/yg+0pzQ5PIyJXJOl wCMA90yHWXiOcTQR+ODcTITjHMjbVS4LmU48GrM6G3km0AHWWSK6K5/Y68dt7/I/0beO izEMikQtYwrjIW+gRwRbXLUxUXW6O0HhJLp2rudyIOft47+Wh1RoBart40POcHPQjUnv kCgqBDfJg0tyI9nkHwmlyStlxGXOCy8AdtQKfhI/Q4XdDbSc7VRd0SLKFlQGrIA+2bFu vUNa0CCHF95DLc3XCMezDi+EdwpUK18e48ch3XFQ/8DbNU3QYFnB6kkGk198QH+gJWBf 7hZw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=shIlPmPuLK5zrfchav3xP3K6WJGKPRAz1JuWfRPKqV8=; b=b/jbbtigc6ddQYN4WvACL4HpkKTGoj2HNn7VTYpYV8zhqs5R9FNPJqwub2ZB+w3a/j Blvdy/ro2frMryAJQZXCajKasF8q7BGcBRDAd6GmIMNya3zSCZw5DQzYWLQqdlYulKi7 hY7MNCDzgJXSsvWLsY4aanidCzv7T5q+2yoCPbOVsd9or5+ZBHv/gVia9mm+6dbFTT5i xWDa2Ag1vU2h0ZK1Ylc1wQvQs94QRkjQxD8YKylcUPOWBysjcBD6RPZ5W1NI3mWGWADz /BOJ1Ix3Nlfsx3cFvtyF4hUblRMAMwmF/sTyJz7LxOM/6lIDVXKliAhfd9q7DMyv3mF7 2l3Q==
X-Gm-Message-State: AOAM533Ne+ODLphL1Gqk6jD9ZerrN/1zgltetU0yH/BK923uFWEIKfqh lkArwJqi2SwIPniqamcGvPeIPKiKAoVQbgv09NE=
X-Google-Smtp-Source: ABdhPJz8QDnMSxLXTT9UIdUmIsghccGr1U86ptyQZkVMNDIO9cJRgxa3NFQUkrKdB250DjB731+kYGC/SmiW+nHUxxg=
X-Received: by 2002:a62:e408:0:b029:19e:2c4b:6a8e with SMTP id r8-20020a62e4080000b029019e2c4b6a8emr10614356pfh.30.1607667613041; Thu, 10 Dec 2020 22:20:13 -0800 (PST)
MIME-Version: 1.0
References: <159002475323.18843.9559672930298713998@ietfa.amsl.com> <CA+RyBmXXRoPkhXjhpneC8UyBDbxh8P81YDYpRTnbqQiLu64ogQ@mail.gmail.com> <CABNhwV2MGC8pc8hGZGDK1LSs+dZ54mBOD9t6K=Ci0E95bvxO7w@mail.gmail.com> <CA+RyBmUtgfePBpM3a7U0+4uXUQCoXRpetAuE_=K0bpjUQuTnGw@mail.gmail.com>
In-Reply-To: <CA+RyBmUtgfePBpM3a7U0+4uXUQCoXRpetAuE_=K0bpjUQuTnGw@mail.gmail.com>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Fri, 11 Dec 2020 01:20:02 -0500
Message-ID: <CABNhwV0TPS4KKJ46DjEHFjvwfqS3P0vqftsh6rbTK3LMhEgDng@mail.gmail.com>
To: Greg Mirsky <gregimirsky@gmail.com>
Cc: Service Function Chaining IETF list <sfc@ietf.org>, sfc-chairs@ietf.org
Content-Type: multipart/alternative; boundary="000000000000fe074905b62a48e1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/SiTUdA7TOtrSvxagW-LDFjjU1sQ>
Subject: Re: [sfc] Fwd: New Version Notification for draft-ietf-sfc-multi-layer-oam-05.txt
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Dec 2020 06:20:16 -0000
Hi Greg That is good news that you are looking at related drafts SFC consistency OAM and SFC Echo Reply Return path from security POV. I reviewed the security update diff you attached for multi layer oam draft and I don’t see any issues. Thanks Gyan On Thu, Dec 10, 2020 at 5:38 PM Greg Mirsky <gregimirsky@gmail.com> wrote: > Hi Gyan, > thank you for a great suggestion. We've taken a fresh look at the draft > and two related documents, SFC Consistency OAM and SFC Echo Reply Return > Path, from the security point of view. We propose to add a new > Authentication TLV in the draft-ietf-sfc-multi-layer-oam (see attached diff > and the new working version). Also, the new TLV can be used to authenticate > the SFC Reply TLV and SFF Information Record TLV (we're preparing updates > of these drafts). > Authors welcome reviews of the proposed changes to the WG document. We > greatly appreciate your comments, questions, and suggestions. > > Regards, > Greg > > On Mon, Dec 7, 2020 at 5:47 PM Gyan Mishra <hayabusagsm@gmail.com> wrote: > >> Dear Greg & Authors >> >> Please consider adding an improved security mechanism to protect the >> integrity of the SFC Echo Request/Reply function. >> >> This feature would be highly valuable to operators. >> >> Thank you >> >> Gyan >> >> On Wed, May 20, 2020 at 10:51 PM Greg Mirsky <gregimirsky@gmail.com> >> wrote: >> >>> Dear All, >>> this version includes a minor update to the Security Considerations >>> section. >>> We, the authors, believe that the draft is ready for the WG LC. It >>> defines an essential function of SFC OAM - SFP Echo request/reply. Per our >>> analysis, existing OAM mechanisms cannot support both SFP ping and SFP >>> traceroute. Consider ICMP. When encapsulated in NSH, it supports the ping >>> function but, per our analysis, cannot be used as an SFP tracing tool. >>> We much appreciate your comments and questions. >>> >>> Dear Jim and Joel, >>> please kindly consider the WG LC for this draft. >>> >>> Regards, >>> Greg >>> >>> ---------- Forwarded message --------- >>> From: <internet-drafts@ietf.org> >>> Date: Wed, May 20, 2020 at 6:32 PM >>> Subject: New Version Notification for >>> draft-ietf-sfc-multi-layer-oam-05.txt >>> To: Bhumip Khasnabish <vumip1@gmail.com>, Cui(Linda) Wang < >>> lindawangjoy@gmail.com>, Greg Mirsky <gregimirsky@gmail.com>, Wei Meng < >>> meng.wei2@zte.com.cn> >>> >>> >>> >>> A new version of I-D, draft-ietf-sfc-multi-layer-oam-05.txt >>> has been successfully submitted by Greg Mirsky and posted to the >>> IETF repository. >>> >>> Name: draft-ietf-sfc-multi-layer-oam >>> Revision: 05 >>> Title: Active OAM for Service Function Chains in Networks >>> Document date: 2020-05-20 >>> Group: sfc >>> Pages: 18 >>> URL: >>> https://www.ietf.org/internet-drafts/draft-ietf-sfc-multi-layer-oam-05.txt >>> Status: >>> https://datatracker.ietf.org/doc/draft-ietf-sfc-multi-layer-oam/ >>> Htmlized: >>> https://tools.ietf.org/html/draft-ietf-sfc-multi-layer-oam-05 >>> Htmlized: >>> https://datatracker.ietf.org/doc/html/draft-ietf-sfc-multi-layer-oam >>> Diff: >>> https://www.ietf.org/rfcdiff?url2=draft-ietf-sfc-multi-layer-oam-05 >>> >>> Abstract: >>> A set of requirements for active Operation, Administration and >>> Maintenance (OAM) of Service Function Chains (SFCs) in networks is >>> presented. Based on these requirements an encapsulation of active >>> OAM message in SFC and a mechanism to detect and localize defects >>> described. Also, this document updates RFC 8300 in the definition of >>> O (OAM) bit in the Network Service Header (NSH) and defines how the >>> active OAM message identified in SFC NSH. >>> >>> >>> >>> >>> Please note that it may take a couple of minutes from the time of >>> submission >>> until the htmlized version and diff are available at tools.ietf.org. >>> >>> The IETF Secretariat >>> >>> >>> _______________________________________________ >>> sfc mailing list >>> sfc@ietf.org >>> https://www.ietf.org/mailman/listinfo/sfc >>> >> >> >> -- >> >> <http://www.verizon.com/> >> >> *Gyan Mishra* >> >> *Network Solutions A**rchitect * >> >> >> >> *M 301 502-134713101 Columbia Pike >> <https://www.google.com/maps/search/13101+Columbia+Pike%C2%A0+Silver+Spring,+MD?entry=gmail&source=g>*Silver >> Spring, MD >> <https://www.google.com/maps/search/13101+Columbia+Pike%C2%A0+Silver+Spring,+MD?entry=gmail&source=g> >> >> -- <http://www.verizon.com/> *Gyan Mishra* *Network Solutions A**rchitect * *M 301 502-134713101 Columbia Pike *Silver Spring, MD
- [sfc] Fwd: New Version Notification for draft-iet… Greg Mirsky
- Re: [sfc] New Version Notification for draft-ietf… Carlos Pignataro (cpignata)
- Re: [sfc] New Version Notification for draft-ietf… Greg Mirsky
- Re: [sfc] New Version Notification for draft-ietf… Greg Mirsky
- Re: [sfc] New Version Notification for draft-ietf… Carlos Pignataro (cpignata)
- Re: [sfc] New Version Notification for draft-ietf… Greg Mirsky
- Re: [sfc] New Version Notification for draft-ietf… Carlos Pignataro (cpignata)
- Re: [sfc] New Version Notification for draft-ietf… Greg Mirsky
- Re: [sfc] Fwd: New Version Notification for draft… Gyan Mishra
- Re: [sfc] Fwd: New Version Notification for draft… Greg Mirsky
- Re: [sfc] Fwd: New Version Notification for draft… Greg Mirsky
- Re: [sfc] Fwd: New Version Notification for draft… Gyan Mishra