[sfc] Additional AD review comments on draft-ietf-sfc-nsh-20
Alia Atlas <akatlas@gmail.com> Thu, 07 September 2017 19:39 UTC
Return-Path: <akatlas@gmail.com>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4285132FAF; Thu, 7 Sep 2017 12:39:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qO_dlqcmh3M1; Thu, 7 Sep 2017 12:39:31 -0700 (PDT)
Received: from mail-wr0-x22a.google.com (mail-wr0-x22a.google.com [IPv6:2a00:1450:400c:c0c::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 84F05132FB1; Thu, 7 Sep 2017 12:39:30 -0700 (PDT)
Received: by mail-wr0-x22a.google.com with SMTP id m18so1210461wrm.2; Thu, 07 Sep 2017 12:39:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=futKPCeQk/cQOIpWmKFHL00CMIJtiL86QADiV5j9IGI=; b=d1STxM82C5Jw9vLCP947pBRPSSSfjsJpgyY7KIhICy95a4oiXv1aahtjcwwtPkKDbn xE4WZn+sfXQkLrSFszVVdqb9C1i2e7H89WbFBJiK5b2H4mCcZkBsO/iMR6U28VgCChFi WhlamX9HsSR8CQQhRmln8bf2Q52ZrUB58KJA0/+5zE6s0YlZs9n0li9ekTbPScVeT/IU zbZLUiYpmayFX5t7NhWJs99JdxnZ5Po43XAcDTbS59VMDqYWW4TFnqcQJcwqTdquLvhE SQnIsDp82Eu+cDtZC5lGEKf7zG0ztYr9aipUkBzb3Fei0u5KtEUL3zxzxvNVk2MCDPuL Fktg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=futKPCeQk/cQOIpWmKFHL00CMIJtiL86QADiV5j9IGI=; b=Alcyw5/zOJ7XqUEEo0VtnKlKcKT5G4bLbrO11CB7BbQ+UDTNpn9/SkvgN2yMAtJ9Xq 9FlOaEijdXA5rJuje0TbEdLJLe9cuCZ1FMzja4aQYe+o5qHal9udyZe2/7QDXpUUZKbx jVmOxv+JQpxKN68MMVbLYsKdXADFmNgY+Z64sxjfYcOgBA/jf5KGXjDpJY2EQsJpW6lk ijz9i/0Xr0xgqoZ2CpJYvYidfM9I9w9kdxWi3dCR3RGw9sOIY+cW1n6WlEHNPXCdX/sQ O53NgN0vJV820SVAsb/WkjCgacGb3nqXiwmXLOQF3SjQTkvLzrYz41HGCcHuc8+S2nux nDKw==
X-Gm-Message-State: AHPjjUhuwkRBdFZNeFTs7d5gdxS8n4yb7sDe21INV2L4ETKFzRqbqj46 IlJk9VHAO7jk748jt946UUcUl2CqUVFqPys=
X-Google-Smtp-Source: ADKCNb6ybK0Kj+8YK7e+wzLOpzk34MmOlgUVV2PgL4ogSx64kQkJHbSvZLIY97BTgiUIb82Mt7KvooFlJcYUycP8Km4=
X-Received: by 10.223.135.155 with SMTP id b27mr286741wrb.10.1504813168639; Thu, 07 Sep 2017 12:39:28 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.223.170.145 with HTTP; Thu, 7 Sep 2017 12:39:27 -0700 (PDT)
From: Alia Atlas <akatlas@gmail.com>
Date: Thu, 07 Sep 2017 15:39:27 -0400
Message-ID: <CAG4d1rdTfPAD38u++W+OysGz7W76iaZQnzea0U7EFOLE9oHh5A@mail.gmail.com>
To: "sfc@ietf.org" <sfc@ietf.org>, draft-ietf-sfc-nsh@ietf.org
Content-Type: multipart/alternative; boundary="001a11461a065ec4f705589e9e37"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/oUcZfaFwmXz8JCCLWFyNxLjrGEI>
Subject: [sfc] Additional AD review comments on draft-ietf-sfc-nsh-20
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Sep 2017 19:39:33 -0000
Carlos, The draft is much improved. Thank you for your hard work. I still see the following three issues. 1) Sec 2.2: "The O bit MUST be set for OAM packets and MUST NOT be set for non-OAM packets. The O bit MUST NOT be modified along the SFP." What happens if the packet is reclassified - potentially to a different SFP? Sec 3 doesn't clarify this."When the logical classifier performs re- classification that results in a change of service path, it MUST replace the existing NSH with a new NSH with the Base Header and Service Path Header reflecting the new service path information and MUST set the initial SI. Metadata MAY be preserved in the new NSH." It would be good to specify the behavior for the unassigned flags as well; that way there will be consistent assumptions for future extensions, if needed. 2) Sec 7.1: "For example, if the metadata conveys tenant information, that information may need to be authenticated and/or encrypted between the originator and the intended recipients (which may include intended SFs only)." A reference to draft-reddy-sfc-nsh-encrypt, which defines how to encrypt the meta-data would be most helpful in making this sound less aspirational; so would having that draft not be 2 years expired and ignored by the WG. 3) Sec 11.2.5: Guidance for the expert review is needed. Regards, Alia
- [sfc] Additional AD review comments on draft-ietf… Alia Atlas
- Re: [sfc] Additional AD review comments on draft-… Carlos Pignataro (cpignata)
- Re: [sfc] Additional AD review comments on draft-… Alia Atlas
- Re: [sfc] Additional AD review comments on draft-… Joel M. Halpern
- Re: [sfc] Additional AD review comments on draft-… Alia Atlas
- Re: [sfc] Additional AD review comments on draft-… Carlos Pignataro (cpignata)
- Re: [sfc] Additional AD review comments on draft-… Carlos Pignataro (cpignata)