Re: [sfc] Alvaro Retana's No Objection on draft-ietf-sfc-nsh-integrity-06: (with COMMENT)

Joel Halpern Direct <jmh.direct@joelhalpern.com> Thu, 15 July 2021 14:47 UTC

Return-Path: <jmh.direct@joelhalpern.com>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 020D73A0D3D; Thu, 15 Jul 2021 07:47:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=joelhalpern.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IICvB1ubMEt5; Thu, 15 Jul 2021 07:47:46 -0700 (PDT)
Received: from mailb2.tigertech.net (mailb2.tigertech.net [208.80.4.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 67F7D3A0C37; Thu, 15 Jul 2021 07:47:41 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mailb2.tigertech.net (Postfix) with ESMTP id 4GQcfj09w3z1nsdX; Thu, 15 Jul 2021 07:47:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=joelhalpern.com; s=2.tigertech; t=1626360461; bh=l4vKSz1uCAQbolyiTxQLl4IqRoaMTj+9Z2D++Jzxskw=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=rAjqAJfc8QR421JZF9/Xw5i82eodnNmjL+/4oRKOjgVlZDz42g4DLDLRXgSmX10MT EP48ZCHY7HLJmjrAtUbXmQrHrvAEFcvanU6kgvTUhyHY5DjN5t1ZhdCh09CrZWxRhQ VdVA6vxhJG0UVOjQzpwRpV8Qm04ji3Uo1lzfuJ+0=
X-Quarantine-ID: <ZQqIrPkc4m2S>
X-Virus-Scanned: Debian amavisd-new at b2.tigertech.net
Received: from [192.168.23.64] (50-233-136-230-static.hfc.comcastbusiness.net [50.233.136.230]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mailb2.tigertech.net (Postfix) with ESMTPSA id 4GQcfg62htz1ntvW; Thu, 15 Jul 2021 07:47:39 -0700 (PDT)
To: "Murray S. Kucherawy" <superuser@gmail.com>
Cc: Alvaro Retana <aretana.ietf@gmail.com>, The IESG <iesg@ietf.org>, Greg Mirsky <gregimirsky@gmail.com>, draft-ietf-sfc-nsh-integrity@ietf.org, Service Function Chaining IETF list <sfc@ietf.org>
References: <162611498183.7775.3562397379733537345@ietfa.amsl.com> <f5961690-4496-7f85-74ca-f3705d5a1c2e@joelhalpern.com> <CAMMESszF+jc7WKkAwmzAFs0A7bsDqXJKA3p5+cyexdU3fvNnDQ@mail.gmail.com> <1a5ae768-bf12-6d94-819c-7923e1f816ee@joelhalpern.com> <CAL0qLwbb4L5LrtMNokzkWTag+oZTs6hFbBtbfCnthO-m_cpfiA@mail.gmail.com>
From: Joel Halpern Direct <jmh.direct@joelhalpern.com>
Message-ID: <758d4dcf-5cdb-e493-a6bc-554024be6b62@joelhalpern.com>
Date: Thu, 15 Jul 2021 10:47:39 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0
MIME-Version: 1.0
In-Reply-To: <CAL0qLwbb4L5LrtMNokzkWTag+oZTs6hFbBtbfCnthO-m_cpfiA@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/f-QhhKrFmsNMISIvina9YydnVeY>
Subject: Re: [sfc] Alvaro Retana's No Objection on draft-ietf-sfc-nsh-integrity-06: (with COMMENT)
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Jul 2021 14:47:51 -0000

Given that the WG intent was that this be an optional extension, can you 
please suggest how we clarify that?

Thank you,
Joel

On 7/15/2021 10:32 AM, Murray S. Kucherawy wrote:
> On Mon, Jul 12, 2021 at 12:38 PM Joel M. Halpern <jmh@joelhalpern.com 
> <mailto:jmh@joelhalpern.com>> wrote:
> 
>     2) The discussion happened when 8300 was being approved.  We agreed
>     with
>     the IESG that we would not define a mandatory-to-implement NSH security
>     mechanism, but that we would add an optional NSH security mechanism.
>     Which this draft does.
> 
> 
> I think on reading the document, I didn't find it clear that this was an 
> optional thing or an extension.  It read to me a lot more like it was 
> filling an important gap left by RFC 8300, which to me leans much more 
> firmly in the direction that it's appropriate to call it an update.
> 
> -MSK