[sfc] TR: New Version Notification for draft-rebo-sfc-nsh-integrity-03.txt
<mohamed.boucadair@orange.com> Fri, 31 January 2020 10:11 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B2BF1200D6; Fri, 31 Jan 2020 02:11:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v5B5zMAIiI0U; Fri, 31 Jan 2020 02:11:55 -0800 (PST)
Received: from relais-inet.orange.com (relais-inet.orange.com [80.12.66.40]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A26DD120026; Fri, 31 Jan 2020 02:11:48 -0800 (PST)
Received: from opfedar03.francetelecom.fr (unknown [xx.xx.xx.5]) by opfedar21.francetelecom.fr (ESMTP service) with ESMTP id 488CgQ5Gttz7txc; Fri, 31 Jan 2020 11:11:46 +0100 (CET)
Received: from Exchangemail-eme6.itn.ftgroup (unknown [xx.xx.13.20]) by opfedar03.francetelecom.fr (ESMTP service) with ESMTP id 488CgQ3msWzCqlg; Fri, 31 Jan 2020 11:11:46 +0100 (CET)
Received: from OPEXCAUBMA2.corporate.adroot.infra.ftgroup ([fe80::e878:bd0:c89e:5b42]) by OPEXCAUBMA1.corporate.adroot.infra.ftgroup ([::1]) with mapi id 14.03.0468.000; Fri, 31 Jan 2020 11:11:46 +0100
From: mohamed.boucadair@orange.com
To: "sfc@ietf.org" <sfc@ietf.org>, "Daniel Migault (daniel.migault@ericsson.com)" <daniel.migault@ericsson.com>, Tal Mizrahi <tal.mizrahi.phd@gmail.com>, "draft-nguyen-sfc-security-architecture@ietf.org" <draft-nguyen-sfc-security-architecture@ietf.org>
CC: "draft-rebo-sfc-nsh-integrity@ietf.org" <draft-rebo-sfc-nsh-integrity@ietf.org>
Thread-Topic: New Version Notification for draft-rebo-sfc-nsh-integrity-03.txt
Thread-Index: AQHV2B2Qz5rOWDrfLkWBXBUv3LnGCagEiwDw
Date: Fri, 31 Jan 2020 10:11:45 +0000
Message-ID: <787AE7BB302AE849A7480A190F8B933031414498@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
References: <158046495501.21167.17747228467131682657.idtracker@ietfa.amsl.com>
In-Reply-To: <158046495501.21167.17747228467131682657.idtracker@ietfa.amsl.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.114.13.245]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/_yknhoyFthf_MoX2HMCKxBF1TwE>
Subject: [sfc] TR: New Version Notification for draft-rebo-sfc-nsh-integrity-03.txt
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jan 2020 10:11:56 -0000
Hi all, We prepared an updated version of the draft to take into account the comments received so far (from Tal and Daniel, in particular). The main changes are: * More compact format: abandon the use of separate TLVs for timestamp and key id. * Add a new section following the timestamp template suggested by Tal. * Add a discussion to clarify to what extent the proposal solves the attacks discussed in draft-nguyen-sfc-security-architecture Daniel raised a comment about the use of AES-GCM + HAMC but this may have some implications (CPU, additional 128 bit). We are planning to share the draft on the saag mailing list to have more feedback. Please review and share your comments. Cheers, Med -----Message d'origine----- De : internet-drafts@ietf.org [mailto:internet-drafts@ietf.org] Envoyé : vendredi 31 janvier 2020 11:03 À : Dan Wing; Tirumaleswar Reddy; Tirumaleswar Reddy.K; BOUCADAIR Mohamed TGI/OLN Objet : New Version Notification for draft-rebo-sfc-nsh-integrity-03.txt A new version of I-D, draft-rebo-sfc-nsh-integrity-03.txt has been successfully submitted by Mohamed Boucadair and posted to the IETF repository. Name: draft-rebo-sfc-nsh-integrity Revision: 03 Title: Integrity Protection for Network Service Header (NSH) and Encryption of Sensitive Context Headers Document date: 2020-01-31 Group: Individual Submission Pages: 28 URL: https://www.ietf.org/internet-drafts/draft-rebo-sfc-nsh-integrity-03.txt Status: https://datatracker.ietf.org/doc/draft-rebo-sfc-nsh-integrity/ Htmlized: https://tools.ietf.org/html/draft-rebo-sfc-nsh-integrity-03 Htmlized: https://datatracker.ietf.org/doc/html/draft-rebo-sfc-nsh-integrity Diff: https://www.ietf.org/rfcdiff?url2=draft-rebo-sfc-nsh-integrity-03 Abstract: This specification adds integrity protection and optional encryption of sensitive metadata directly to Network Service Headers (NSH) used for Service Function Chaining (SFC). Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
- [sfc] TR: New Version Notification for draft-rebo… mohamed.boucadair