Re: [sfc] TR: New Version Notification for draft-rebo-sfc-nsh-integrity-01.txt
<Dirk.von-Hugo@telekom.de> Tue, 05 November 2019 15:23 UTC
Return-Path: <Dirk.von-Hugo@telekom.de>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F1D8F1200C3 for <sfc@ietfa.amsl.com>; Tue, 5 Nov 2019 07:23:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.298
X-Spam-Level:
X-Spam-Status: No, score=-4.298 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=telekom.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dB5EIRx_JKZx for <sfc@ietfa.amsl.com>; Tue, 5 Nov 2019 07:23:38 -0800 (PST)
Received: from mailout31.telekom.de (mailout31.telekom.de [194.25.225.143]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6EE5B1200D6 for <sfc@ietf.org>; Tue, 5 Nov 2019 07:23:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telekom.de; i=@telekom.de; q=dns/txt; s=dtag1; t=1572967326; x=1604503326; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=XstYWcfJmLLvUNO8f3gXiBBqTkSydHPej9BDRTpNT/A=; b=LhHx3nW0xfoZs+n0IssmXvQYFEf8RYVSv7W7u14CFAYocKAzFB9hVkf8 ZIiNmPKH12jNg1w+olFkH3QznRhFvMsM/+NUImstskDZmtGEC+K3Epk6C gv0P1JiliSIxc420t4knP6xl6GY2jcj8c2t5nLW3w4lAFBgmO/IBUejTe vPVCOwurbAMHBUt8O2wzi2vlTE+r9mBDofJaF20beSfdGNIyJHnSmJEI2 0kI83+4CbGvLiG4G4LozFsBRXVCN85Wyf7AV3Kwz0oBOCU479CR7Kj/fn ygXqtDwhfC6fbcx+cFoBxhtDZJ1ZS+rTt95lJupsG1HpAUdAOxBczps4x w==;
IronPort-SDR: bfV+ByRLUXlLAwP+0qxrTOhsaYC21rRnXWiB6ONSrwnd1kskovhS65D1j2AEgWsVQ4hnny3QX/ r22u3IJFCoww==
Received: from qdec94.de.t-internal.com ([10.171.255.41]) by MAILOUT31.dmznet.de.t-internal.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 Nov 2019 14:13:38 +0100
X-IronPort-AV: E=Sophos;i="5.68,271,1569276000"; d="scan'208";a="535335269"
X-MGA-submission: MDH1jrsgxD9EVnLZF7EzZFBxMAS+jdAVPBvKRt94mAYUfy42wk3EBUT+7iUqfvveYBOXHxxkQRo/llWE29FkIh7V74YyevK3lpP5ycBqUUJQxq1EGffJIkUIvJSzwedZLZ8+oELP5ruI2Mio9pxM4Ldk0ciOrZyJFxvYv+Lt8gQxjw==
Received: from he105711.emea1.cds.t-internal.com ([10.169.118.42]) by QDEC97.de.t-internal.com with ESMTP/TLS/AES256-SHA; 05 Nov 2019 14:15:08 +0100
Received: from HE105715.EMEA1.cds.t-internal.com (10.169.118.51) by HE105711.emea1.cds.t-internal.com (10.169.118.42) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 5 Nov 2019 14:15:05 +0100
Received: from HE104160.emea1.cds.t-internal.com (10.171.40.36) by HE105715.EMEA1.cds.t-internal.com (10.169.118.51) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Tue, 5 Nov 2019 14:15:05 +0100
Received: from GER01-FRA-obe.outbound.protection.outlook.de (51.4.80.24) by O365mail03.telekom.de (172.30.0.232) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 5 Nov 2019 14:15:03 +0100
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EEYNW7HxPi8FXLjEWvApjlbu75fwobY1rdWRZNwhvRoPMCyt/rVruqOQ7wRlPklDUFQlau6xRGXS49VRAftgYB/VeA3/YCZBZCgTqiVGDk5PGTeXbHoE3NDLGAfyJiAphpZ/kSfayCXH7fHQqkqI1gq+oLj2Zr2WVYdX0l9XqASNYcSuvubNct0/A+Fbj+1J1NJ8eIR4/WuEdMyMW7NxLs/nK6EVDFbq5yH4j15PoEk/jtavQvypGTYRqKhBQuQWMwgjM4bS4A2Jj8MT2I8E34af0Sc9TEqdVNTYNpMwVubGPf4ivnSxe8thGzyBtQAUlbsEGQAuYdoVfbEzYPIkEA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=XstYWcfJmLLvUNO8f3gXiBBqTkSydHPej9BDRTpNT/A=; b=ZNoXgI3cd+wbTD3lvmuGgoeMnej+SErbOnXqVPMaQs+zrF0RWYG+QnYRxkT/Hy3hEmbzHzwHguo8OJDa6P/0jrVcZ5oLv83hsFmWaY8ipCJjvJxPcKfDAejjCyr4mn2sRx9whtVWibIawqeyFjcPvc9TtmsBbnle2Ad3GklOsxFfmo4zEikT49DJ/5w+RdX95o9RjbynHTQ22tuzHUDxcAP3pXKTsRa2mHR8Dl9b7SS5ZKrUd8wFWgVyeGqpwHpM3jCAhibtN95iqdc2a7HBVqF3RLK+80bm9Klrb9peQfoMxHxHNcESz9r/IxLrOqV16ZR9oUPM+a1VhjVUIHaN9w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=telekom.de; dmarc=pass action=none header.from=telekom.de; dkim=pass header.d=telekom.de; arc=none
Received: from LEXPR01MB1246.DEUPRD01.PROD.OUTLOOK.DE (10.158.162.154) by LEXPR01MB1200.DEUPRD01.PROD.OUTLOOK.DE (10.158.163.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2408.24; Tue, 5 Nov 2019 13:15:05 +0000
Received: from LEXPR01MB1246.DEUPRD01.PROD.OUTLOOK.DE ([fe80::d4c0:c3e:f322:e06f]) by LEXPR01MB1246.DEUPRD01.PROD.OUTLOOK.DE ([fe80::d4c0:c3e:f322:e06f%3]) with mapi id 15.20.2408.024; Tue, 5 Nov 2019 13:15:04 +0000
From: Dirk.von-Hugo@telekom.de
To: jmh@joelhalpern.com, sfc@ietf.org
CC: mohamed.boucadair@orange.com, TirumaleswarReddy_Konda@McAfee.com
Thread-Topic: [sfc] TR: New Version Notification for draft-rebo-sfc-nsh-integrity-01.txt
Thread-Index: AQHVkycEzZ5lKVBtyEerRla+vFxRYqd7KCSQgAAEe4CAATUysA==
Date: Tue, 05 Nov 2019 13:15:04 +0000
Message-ID: <LEXPR01MB1246F506DC62AA4E491EE2A6D17E0@LEXPR01MB1246.DEUPRD01.PROD.OUTLOOK.DE>
References: <157288238359.16503.4915397025250194299.idtracker@ietfa.amsl.com> <787AE7BB302AE849A7480A190F8B93303134D9F2@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <3b5bf706-2676-db09-02da-2d2c314c0448@joelhalpern.com>
In-Reply-To: <3b5bf706-2676-db09-02da-2d2c314c0448@joelhalpern.com>
Accept-Language: de-DE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Dirk.von-Hugo@telekom.de;
x-originating-ip: [212.201.104.11]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: e71d7af1-7fb7-4d5d-43a5-08d761f22c3f
x-ms-traffictypediagnostic: LEXPR01MB1200:
x-ms-exchange-purlcount: 7
x-microsoft-antispam-prvs: <LEXPR01MB1200CAB0E07F63DED902FAF9D17E0@LEXPR01MB1200.DEUPRD01.PROD.OUTLOOK.DE>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0212BDE3BE
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(39860400002)(396003)(376002)(346002)(366004)(13464003)(189003)(199004)(53754006)(110136005)(446003)(316002)(66476007)(66574012)(11346002)(5660300002)(26005)(102836004)(7696005)(76176011)(53546011)(15650500001)(7736002)(2501003)(33656002)(81156014)(81166006)(966005)(8676002)(478600001)(186003)(2906002)(229853002)(8936002)(14454004)(476003)(486006)(66556008)(76116006)(66946007)(71190400001)(3846002)(6116002)(305945005)(66066001)(9686003)(55016002)(6246003)(86362001)(54906003)(6306002)(4326008)(64756008)(256004)(71200400001)(66446008)(14444005); DIR:OUT; SFP:1101; SCL:1; SRVR:LEXPR01MB1200; H:LEXPR01MB1246.DEUPRD01.PROD.OUTLOOK.DE; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: telekom.de does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: uyJqJDOBTpMOFgHnTuOB0LwhLSjWOPfZ5cBMSFtKtBPzxTsOsNiS9Y1Ja4yb8jA998HCkLvepvKFQQdprgvUDYxLu4oIvU4oyi3ZLkXdnf/EfZws/ArS0Crg1y4LxuJDsiIvw6wWv4WAaB8cNbYt0vXnMSvCbfgM9OxuiVPunLFwLwWm2WJ7fbo8nVYF7+mgMs9rUgOYOZI1+j5aK9O1fMTRqcWXBJVwoGwlx21J2UPfL8zOkiuvujOrdSQ2qUg6PtWI8Ay56ivlntzNPcr7FO7fVce6I8gu3a4JBn5T6kjBxiS/5C2G3PbHl5XZgcFzJ4Ol71QxA3v2ncVaLus6i0l7rJwk46P2vJNmyCga3RVIiuYoZk4x253MxdeQFxWzZcQY8Vq9mZ5+Gg3HSOdWcppMcjzbnCfOmEyGI7lC6t1hh7VClS+UYuOz1TiEdgABnr0a4j/qIFrNB6x7cOJUqVxQXYuCG+vqHaO18q+aqrs=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: e71d7af1-7fb7-4d5d-43a5-08d761f22c3f
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Nov 2019 13:15:04.7784 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bde4dffc-4b60-4cf6-8b04-a5eeb25f5c4f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 3KLsvUeZsOANSQ7XEoRvawyKD8OGekkF4XoO6B3orOoA12pyGU5KihImJQDVQZaoEaRp18K3z6xvqORgh74SUDZWLJPSuDygreD2wQoH4KI=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LEXPR01MB1200
X-OriginatorOrg: telekom.de
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/_yYNL_hVh4e1ksO02GaI8LJPByM>
Subject: Re: [sfc] TR: New Version Notification for draft-rebo-sfc-nsh-integrity-01.txt
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Nov 2019 15:23:40 -0000
Hi all, I think is very valuable work also from point of view of future flexible network deployments - and also will help to put other WG drafts further where security, privacy, and integrity should definitely be provided. Thanks to Med and Tiru! So far I detect no missing issues, only some nits which I will point out to the authors ... Please progress in Singapure! Kind regards Dirk -----Original Message----- From: sfc <sfc-bounces@ietf.org> On Behalf Of Joel M. Halpern Sent: Montag, 4. November 2019 17:04 To: sfc@ietf.org Subject: Re: [sfc] TR: New Version Notification for draft-rebo-sfc-nsh-integrity-01.txt Thank you for your work on this Med and Tiru. Working Group, this is a topic we have in the charter, and explicitly told the IESG we would work on. Please review and comment on the approach described here. Thank you, Joel (as co-chair) On 11/4/2019 10:56 AM, mohamed.boucadair@orange.com wrote: > Hi all, > > This new version integrates the comments we received offline. The main changes are: > > * Clarify why we don't encrypt the base and service path headers > * Clarify that all metadata is integrity protected > * Clarify that the Base header may (or not) be covered by integrity protection. Both schemes are discussed with trade-offs called out. > * Updated the solution overview to provide a big picture view. > > A detailed diff can be found at: > https://www.ietf.org/rfcdiff?url2=draft-rebo-sfc-nsh-integrity-01 > > Please review and share your comments. > > Cheers, > Tiru & Med > >> -----Message d'origine----- >> De : internet-drafts@ietf.org [mailto:internet-drafts@ietf.org] >> Envoyé : lundi 4 novembre 2019 16:46 À : Reddy K; Tirumaleswar Reddy; >> BOUCADAIR Mohamed TGI/OLN Objet : New Version Notification for >> draft-rebo-sfc-nsh-integrity-01.txt >> >> >> A new version of I-D, draft-rebo-sfc-nsh-integrity-01.txt >> has been successfully submitted by Mohamed Boucadair and posted to >> the IETF repository. >> >> Name: draft-rebo-sfc-nsh-integrity >> Revision: 01 >> Title: Integrity Protection for Network Service Header (NSH) and >> Encryption of Sensitive Metadata >> Document date: 2019-11-04 >> Group: Individual Submission >> Pages: 21 >> URL: https://www.ietf.org/internet-drafts/draft-rebo-sfc-nsh- >> integrity-01.txt >> Status: https://datatracker.ietf.org/doc/draft-rebo-sfc-nsh- >> integrity/ >> Htmlized: https://tools.ietf.org/html/draft-rebo-sfc-nsh-integrity-01 >> Htmlized: https://datatracker.ietf.org/doc/html/draft-rebo-sfc-nsh- >> integrity >> Diff: https://www.ietf.org/rfcdiff?url2=draft-rebo-sfc-nsh- >> integrity-01 >> >> Abstract: >> This specification adds integrity protection and optional encryption >> directly to Network Service Headers (NSH) used for Service Function >> Chaining (SFC). >> >> >> >> >> Please note that it may take a couple of minutes from the time of >> submission until the htmlized version and diff are available at >> tools.ietf.org. >> >> The IETF Secretariat > > _______________________________________________ > sfc mailing list > sfc@ietf.org > https://www.ietf.org/mailman/listinfo/sfc > _______________________________________________ sfc mailing list sfc@ietf.org https://www.ietf.org/mailman/listinfo/sfc
- [sfc] TR: New Version Notification for draft-rebo… mohamed.boucadair
- Re: [sfc] TR: New Version Notification for draft-… Joel M. Halpern
- [sfc] FW: TR: New Version Notification for draft-… Dirk.von-Hugo
- Re: [sfc] TR: New Version Notification for draft-… Dirk.von-Hugo
- Re: [sfc] TR: New Version Notification for draft-… Shunsuke Homma
- Re: [sfc] TR: New Version Notification for draft-… Joel M. Halpern
- Re: [sfc] TR: New Version Notification for draft-… Shunsuke Homma