Re: [sfc] SFC Security
Dirk.von-Hugo@telekom.de Thu, 04 June 2020 09:35 UTC
Return-Path: <Dirk.von-Hugo@telekom.de>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7CEC3A0C37 for <sfc@ietfa.amsl.com>; Thu, 4 Jun 2020 02:35:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=telekom.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MJJJo0DMgxtD for <sfc@ietfa.amsl.com>; Thu, 4 Jun 2020 02:35:10 -0700 (PDT)
Received: from mailout21.telekom.de (mailout21.telekom.de [194.25.225.215]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 000933A0C2D for <sfc@ietf.org>; Thu, 4 Jun 2020 02:34:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telekom.de; i=@telekom.de; q=dns/txt; s=dtag1; t=1591263297; x=1622799297; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=jU13qgcIq8RxRLB+R2DVWkRpDp2f3l1UIZztfpzcVNQ=; b=D0LsmRGkUg75xBROrTZ2M02mP1rNHRwOdV2GhdbnsmGq9qCvOLEIKIt3 YZYELX7VvNOhq10UR48d8/xWQ8iclbaQI2ydLPH7cn1OC1JJl7mG4gE0b yJT5QaVHyuNHCU7Igw8MMOCe29ugIi0gV5oJajVnTh4HJ7lggCCcZsbP8 zCpK6jylTry32yBHOY2Mwq8lgsem9bS4GxAofGAs1u1//kFeWIYpHha+A +nkDkZrajQBMYEgmDT4jtMtYe4vJiv79yOnxHf4xELx93BwRV5qK7sNd1 t25d87rurIWJdoqRgOBYneL8U3BK4Z3Jjy4l5xxL83YBOnw5kKcvSLduc Q==;
IronPort-SDR: CUzMVqIByUT3H/gSSk7pVbdrk+rv5bwBEAppSR0OGADPY9Obp57mm1mGZXjdr0IQGkhHOWxpRr TAHml49CcLig==
Received: from qde8e4.de.t-internal.com ([10.171.255.33]) by MAILOUT21.dmznet.de.t-internal.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Jun 2020 11:34:42 +0200
IronPort-SDR: nuMPXccY4w+i7PazAvmTSvG+hQvPqW5g4yLs+XwSlcrTGCI6CUeiXru2RAQuH2Qi9LyEMIoAE5 hobpEw0M/zS1qa7KIrz76fx/7sf0kDdEQ=
X-IronPort-AV: E=Sophos;i="5.73,471,1583190000"; d="scan'208";a="802170799"
X-MGA-submission: MDESrEJm5d78J60I/Zw2OkK5KcY2LlJydG/Hk42044TED1I5C6KdmIqepK0s/vMNqJmaGDGxW+09wXmB0g17JhjBjLRdIgBrUDqCQ8nuQQfe8yAu5FSmkJAhahEIu0wRVcVthaxV+C9T4MIo8sEAEeucjcyjgLQT/EV4C1b4eQf9yQ==
Received: from he105709.emea1.cds.t-internal.com ([10.169.118.41]) by QDE8PP.de.t-internal.com with ESMTP/TLS/ECDHE-RSA-AES256-SHA384; 04 Jun 2020 11:34:41 +0200
Received: from HE105717.EMEA1.cds.t-internal.com (10.169.118.53) by HE105709.emea1.cds.t-internal.com (10.169.118.41) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 4 Jun 2020 11:34:41 +0200
Received: from HE104160.emea1.cds.t-internal.com (10.171.40.36) by HE105717.EMEA1.cds.t-internal.com (10.169.118.53) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Thu, 4 Jun 2020 11:34:41 +0200
Received: from GER01-LEJ-obe.outbound.protection.outlook.de (51.5.80.20) by O365mail03.telekom.de (172.30.0.232) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 4 Jun 2020 11:34:38 +0200
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GClhjGysFKgxlYsKgnGb68afIDyC5RWcA5E1zR7c5JNuvOYHq2oxvQo9ct48l+nIz9cL85iaRL1ohoWgW0HhCW4zZn1a61u1Z/gDcHa0IWKO8Q3H/4D3tDmQqPwU2keVmAROByszsEZJCbt+sH6wuqNf5P5s4hgXYq05KScDmVL8+aFAWol7+qfm9SaESkhHC/4nlUXkrMrkqB2WITkDokkIvDupIlpBPcM2Y7G0D6dm1CecsFBULp0fvn7V435WjQOTLbC8ier9BYFMRvOFUVzsm53gpk2EMiy9HBQg5YXYM/FGyLr3kkvGmbcljYQ/kCsFhZKKdYBmbwqappjroA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jU13qgcIq8RxRLB+R2DVWkRpDp2f3l1UIZztfpzcVNQ=; b=O4MuaSGTaCd2bN4mV97U6/v0d5ResVKGOHPWpPX6iEzD9v6Q3zmptHNTFrlZdOHAKSTk7Ct18rqeIup37Ny3ZBIrk6fYv/jGuJVSduNH5kb7q21xaxGCX8qPYDOBcgd2GfjLk3+7y7j08Ym4ewKv0316ZKAwHkk/pF8YG8JsUVJtHNLZ3lCDGSjjvsESeIQ40UEmic3TrppzDoiBVAJmrEC6+IHmXmANjBB/mFmNUm0h6t1lZnW+NBB3/gRh98upjXFONNqZWDD9yYkfedpXfLgsJxoLdMLGWcaMUwSnfIC49xRnTnrmyW1wkGuRtiEZyN45Xj1NHm8ITPkVmkceqg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=telekom.de; dmarc=pass action=none header.from=telekom.de; dkim=pass header.d=telekom.de; arc=none
Received: from LEXPR01MB0749.DEUPRD01.PROD.OUTLOOK.DE (2a01:4180:c013:e::18) by LEXPR01MB0096.DEUPRD01.PROD.OUTLOOK.DE (2a01:4180:c013:7::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3021.27; Thu, 4 Jun 2020 09:34:40 +0000
Received: from LEXPR01MB0749.DEUPRD01.PROD.OUTLOOK.DE ([fe80::b00a:a584:bc3e:c3ad]) by LEXPR01MB0749.DEUPRD01.PROD.OUTLOOK.DE ([fe80::b00a:a584:bc3e:c3ad%3]) with mapi id 15.20.3021.030; Thu, 4 Jun 2020 09:34:40 +0000
From: Dirk.von-Hugo@telekom.de
To: jmh@joelhalpern.com, sfc@ietf.org
Thread-Topic: [sfc] SFC Security
Thread-Index: AQHWNDyoREG13RuxV0m9aHMyJgRe3qjIPTzQ
Date: Thu, 04 Jun 2020 09:34:40 +0000
Message-ID: <LEXPR01MB0749EAB531664BA6BC1E5C6AD1890@LEXPR01MB0749.DEUPRD01.PROD.OUTLOOK.DE>
References: <9c712682-75ee-f6ea-3355-af2271fc0d75@joelhalpern.com>
In-Reply-To: <9c712682-75ee-f6ea-3355-af2271fc0d75@joelhalpern.com>
Accept-Language: de-DE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: joelhalpern.com; dkim=none (message not signed) header.d=none; joelhalpern.com; dmarc=none action=none header.from=telekom.de;
x-originating-ip: [212.201.104.11]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 8c17c78f-b9fb-48bb-1510-08d8086a818d
x-ms-traffictypediagnostic: LEXPR01MB0096:
x-microsoft-antispam-prvs: <LEXPR01MB0096F8BB86ECDA3C4D8C6115D1890@LEXPR01MB0096.DEUPRD01.PROD.OUTLOOK.DE>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 04244E0DC5
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 5d7OlyAXLWtKT76YraNLXr8T7f9pd6+Z35zkvMsj2KdDqFRzgmho4mnNoI5o0NPFKWGLmvNZVo2f852+GJD2a27VPoMXDOaiwd7HyXehjyK+IShlYsaGc8wFgf5tic9CIs5JC9PZMaby5So0upM6Xs5Uyw9oji2CsgWqR6mEjwwEmuqK+4Q/+VaD1ycwNtF11FT2uaPBKS4q08MhQH19gyBBH+zk7CpCBogLIEEH+uO5JjYbHwLqkthL/5wf3bwVqbh4/KucSgpvRYXyznSEYh+Xojkx7P1I0wENT2CwhsMbMkvog4RDrjw078ebDLTuqYsPZFiH9Je7qq7se0pCNKgpEhi9p8u6dvhL5GbaWSM=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:LEXPR01MB0749.DEUPRD01.PROD.OUTLOOK.DE; PTR:; CAT:NONE; SFTY:; SFS:(136003)(396003)(39860400002)(346002)(376002)(366004)(66556008)(64756008)(66446008)(26005)(9686003)(110136005)(53546011)(83380400001)(66476007)(15650500001)(55016002)(2906002)(8676002)(66946007)(316002)(86362001)(966005)(7696005)(8936002)(33656002)(71200400001)(186003)(5660300002)(478600001)(76116006); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: QDf7blXs8iK8ueu0B6T9bhxqFrY5P2h24wB5P72ZzFxyc4z0SGa84yvI8WrqA3+L/dTG0t4iteQSFeB4yMtSqoUIpdM2L/t9NsEZMp752Jl2rYYMaS4AI+idckvvCS5U/Qs8a2YV4G1phPllxPyeZXPh8hhqRZKUas/wkq1WBRG8d760P7JoI8959kgHdCE4axfi/RvqMJgm6hEQli4WfMZ9+jvyKes2TpwGRthwaRftbCs4p/4qSJT0WX2xZtleDyYqkC4gMBPeUEndw5AqKYmBTGRJQ4zCWdK7zh705WZ7p5Msq5KOIYDMcggxOoKMPfB3q7y0hw6SXXRqow81Cl6RIVCjnWWL8bRw56k110OFMJDseIeSJFFAyTNrsTbzdpj9RrzUqry99fC8DZjfQpg8ht20zFhmCVYxtlxEOnW0dh/bbLnfxgjpMYPM0aB9LB1M5JDZOev+7My/mAexGh3Fkx+9JKKs7swauO7LLYNmMoUx26InmeOAmfqLocUi
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 8c17c78f-b9fb-48bb-1510-08d8086a818d
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Jun 2020 09:34:40.4838 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bde4dffc-4b60-4cf6-8b04-a5eeb25f5c4f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: EEAjzldkJ4WXD9yVuX7vTRGpCYAsTH+8AEllsUARYxcttY1GMkJhZsEAMlWqAa+SKU4cmL+MMsNkegaNKPXaYqQ5WujHav6VTCjiD1wyleI=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LEXPR01MB0096
X-TM-SNTS-SMTP: 52A42CCACCEEDE76D91FFEC8548F33DE17CBEAB1AD657427633058D69AC97D7D2000:8
X-OriginatorOrg: telekom.de
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/o_ECbx5a0BP1MatqR0i8cxdEHws>
Subject: Re: [sfc] SFC Security
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Jun 2020 09:35:12 -0000
Hi Joel and WG, I agree with others that this is an excellent start to deal with SCF/NSH security and see many improvements in recent updates. I would suggest we should move it to WG draft status ... if that was the question ;-) Thanks to the authors! Kind regards Dirk -----Original Message----- From: sfc <sfc-bounces@ietf.org> On Behalf Of Joel M. Halpern Sent: Mittwoch, 27. Mai 2020 17:36 To: sfc@ietf.org Subject: [sfc] SFC Security We as a working group hava milestone which the IESG felt was important, and which we agreed to work on, to provide security mechanisms for NSH. We have one individual draft that suggests such mechansims: https://datatracker.ietf.org/doc/draft-rebo-sfc-nsh-integrity/ Do folks think this is a good start? A bad start? For those folks who would like to be working on other things, the chairs note that we are very reluctant to engage in new work items until we can prove we can complete out commitments. Yours, Joel _______________________________________________ sfc mailing list sfc@ietf.org https://www.ietf.org/mailman/listinfo/sfc
- [sfc] SFC Security Joel M. Halpern
- Re: [sfc] SFC Security mohamed.boucadair
- Re: [sfc] SFC Security Carlos Pignataro (cpignata)
- Re: [sfc] SFC Security Konda, Tirumaleswar Reddy
- Re: [sfc] SFC Security Daniel Migault
- Re: [sfc] SFC Security Daniel Migault
- Re: [sfc] SFC Security christian.jacquenet
- Re: [sfc] SFC Security Nagendra Kumar Nainar (naikumar)
- Re: [sfc] SFC Security Dirk.von-Hugo
- Re: [sfc] SFC Security Shunsuke Homma
- Re: [sfc] SFC Security Diego R. Lopez
- Re: [sfc] SFC Security mohamed.boucadair
- Re: [sfc] SFC Security Diego R. Lopez
- Re: [sfc] SFC Security mohamed.boucadair
- Re: [sfc] SFC Security Shunsuke Homma
- Re: [sfc] SFC Security Diego R. Lopez
- Re: [sfc] SFC Security mohamed.boucadair