Re: [sfc] TR: New Version Notification for draft-rebo-sfc-nsh-integrity-01.txt
Shunsuke Homma <shunsuke.homma.fp@hco.ntt.co.jp> Fri, 08 November 2019 12:33 UTC
Return-Path: <shunsuke.homma.fp@hco.ntt.co.jp>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 468A1120118 for <sfc@ietfa.amsl.com>; Fri, 8 Nov 2019 04:33:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CMm0RRasC93L for <sfc@ietfa.amsl.com>; Fri, 8 Nov 2019 04:33:18 -0800 (PST)
Received: from dish-sg.nttdocomo.co.jp (dish-sg.nttdocomo.co.jp [202.19.227.74]) by ietfa.amsl.com (Postfix) with ESMTP id 65DFC12007C for <sfc@ietf.org>; Fri, 8 Nov 2019 04:33:18 -0800 (PST)
X-dD-Source: Outbound
Received: from zssg-mailmd104.ddreams.local (zssg-mailmd900.ddreams.local [10.160.172.63]) by zssg-mailou104.ddreams.local (Postfix) with ESMTP id E14291200F8; Fri, 8 Nov 2019 21:33:17 +0900 (JST)
Received: from zssg-mailcc302.ddreams.local (zssg-mailcc302.ddreams.local [10.160.162.153]) by zssg-mailmd104.ddreams.local (dDREAMS) with ESMTP id <0Q0N011I8HJHEC70@dDREAMS>; Fri, 08 Nov 2019 21:33:17 +0900 (JST)
Received: from zssg-mailcc302 (localhost [127.0.0.1]) by zssg-mailcc302.ddreams.local (unknown) with SMTP id xA8CXH5l013134; Fri, 8 Nov 2019 21:33:17 +0900
Received: from zssg-mailmf103.ddreams.local (unknown [127.0.0.1]) by zssg-mailmf103.ddreams.local (Postfix) with ESMTP id 418C67E6036; Fri, 8 Nov 2019 21:33:07 +0900 (JST)
Received: from zssg-mailmf103.ddreams.local (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 404098E6058; Fri, 8 Nov 2019 21:33:07 +0900 (JST)
Received: from localhost (unknown [127.0.0.1]) by IMSVA (Postfix) with SMTP id 3F3908E6054; Fri, 8 Nov 2019 21:33:07 +0900 (JST)
X-IMSS-HAND-OFF-DIRECTIVE: localhost:10026
Received: from zssg-mailmf103.ddreams.local (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 996338E6054; Fri, 8 Nov 2019 21:33:06 +0900 (JST)
Received: from zssg-mailua104.ddreams.local (unknown [10.160.172.62]) by zssg-mailmf103.ddreams.local (Postfix) with ESMTP; Fri, 8 Nov 2019 21:33:06 +0900 (JST)
Received: from RDSVVDI0392 (unknown [10.171.80.137]) by zssg-mailua104.ddreams.local (dDREAMS) with ESMTPA id <0Q0N01B95HJ59WC0@dDREAMS>; Fri, 08 Nov 2019 21:33:05 +0900 (JST)
From: Shunsuke Homma <shunsuke.homma.fp@hco.ntt.co.jp>
References: <157288238359.16503.4915397025250194299.idtracker@ietfa.amsl.com> <787AE7BB302AE849A7480A190F8B93303134D9F2@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <3b5bf706-2676-db09-02da-2d2c314c0448@joelhalpern.com>
In-reply-to: <3b5bf706-2676-db09-02da-2d2c314c0448@joelhalpern.com>
Date: Fri, 08 Nov 2019 21:33:06 +0900
Message-id: <00e701d59630$abf4a030$03dde090$@hco.ntt.co.jp_1>
MIME-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
X-Mailer: Microsoft Outlook 14.0
Content-language: ja
Thread-index: AQItkg/QRNXaO7skuxxjGVqDDmFFqgEUm/5RAXbKMcymvOE+4A==
X-TM-AS-GCONF: 00
To: "'Joel M. Halpern'" <jmh@joelhalpern.com>, sfc@ietf.org
X-CC-Mail-RelayStamp: CC/Mail Relayed
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/oM_BLTGz9ExMnBnOpS_Dc6mI4U4>
Subject: Re: [sfc] TR: New Version Notification for draft-rebo-sfc-nsh-integrity-01.txt
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Nov 2019 12:33:20 -0000
Hi, I agree that integrity protection is important, and I'd like to support this work. In addition to encryption of metadata, I assume that a mechanism to prevent accidentally errors on metadata would be also needed. For example, it may be realized by integrating some error correction mechanism into NSH scheme, or defining a rule for a case that an SF/SF proxy detects metadata error is detected (e.g., delete the errored metadata, discard whole of packet). Best regards, Shunsuke -----Original Message----- From: sfc [mailto:sfc-bounces@ietf.org] On Behalf Of Joel M. Halpern Sent: Tuesday, November 05, 2019 1:04 AM To: sfc@ietf.org Subject: Re: [sfc] TR: New Version Notification for draft-rebo-sfc-nsh-integrity-01.txt Thank you for your work on this Med and Tiru. Working Group, this is a topic we have in the charter, and explicitly told the IESG we would work on. Please review and comment on the approach described here. Thank you, Joel (as co-chair) On 11/4/2019 10:56 AM, mohamed.boucadair@orange.com wrote: > Hi all, > > This new version integrates the comments we received offline. The main changes are: > > * Clarify why we don't encrypt the base and service path headers > * Clarify that all metadata is integrity protected > * Clarify that the Base header may (or not) be covered by integrity protection. Both schemes are discussed with trade-offs called out. > * Updated the solution overview to provide a big picture view. > > A detailed diff can be found at: https://www.ietf.org/rfcdiff?url2=draft-rebo-sfc-nsh-integrity-01 > > Please review and share your comments. > > Cheers, > Tiru & Med > >> -----Message d'origine----- >> De : internet-drafts@ietf.org [mailto:internet-drafts@ietf.org] >> Envoyé : lundi 4 novembre 2019 16:46 >> À : Reddy K; Tirumaleswar Reddy; BOUCADAIR Mohamed TGI/OLN >> Objet : New Version Notification for draft-rebo-sfc-nsh-integrity-01.txt >> >> >> A new version of I-D, draft-rebo-sfc-nsh-integrity-01.txt >> has been successfully submitted by Mohamed Boucadair and posted to the >> IETF repository. >> >> Name: draft-rebo-sfc-nsh-integrity >> Revision: 01 >> Title: Integrity Protection for Network Service Header (NSH) and >> Encryption of Sensitive Metadata >> Document date: 2019-11-04 >> Group: Individual Submission >> Pages: 21 >> URL: https://www.ietf.org/internet-drafts/draft-rebo-sfc-nsh- >> integrity-01.txt >> Status: https://datatracker.ietf.org/doc/draft-rebo-sfc-nsh- >> integrity/ >> Htmlized: https://tools.ietf.org/html/draft-rebo-sfc-nsh-integrity-01 >> Htmlized: https://datatracker.ietf.org/doc/html/draft-rebo-sfc-nsh- >> integrity >> Diff: https://www.ietf.org/rfcdiff?url2=draft-rebo-sfc-nsh- >> integrity-01 >> >> Abstract: >> This specification adds integrity protection and optional encryption >> directly to Network Service Headers (NSH) used for Service Function >> Chaining (SFC). >> >> >> >> >> Please note that it may take a couple of minutes from the time of >> submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> The IETF Secretariat > > _______________________________________________ > sfc mailing list > sfc@ietf.org > https://www.ietf.org/mailman/listinfo/sfc > _______________________________________________ sfc mailing list sfc@ietf.org https://www.ietf.org/mailman/listinfo/sfc
- [sfc] TR: New Version Notification for draft-rebo… mohamed.boucadair
- Re: [sfc] TR: New Version Notification for draft-… Joel M. Halpern
- [sfc] FW: TR: New Version Notification for draft-… Dirk.von-Hugo
- Re: [sfc] TR: New Version Notification for draft-… Dirk.von-Hugo
- Re: [sfc] TR: New Version Notification for draft-… Shunsuke Homma
- Re: [sfc] TR: New Version Notification for draft-… Joel M. Halpern
- Re: [sfc] TR: New Version Notification for draft-… Shunsuke Homma