Re: [sfc] I-D Action: draft-ietf-sfc-nsh-integrity-07.txt
Roman Danyliw <rdd@cert.org> Sat, 18 September 2021 21:19 UTC
Return-Path: <rdd@cert.org>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F3D73A08ED for <sfc@ietfa.amsl.com>; Sat, 18 Sep 2021 14:19:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=seicmu.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EoBsoPFj_LOQ for <sfc@ietfa.amsl.com>; Sat, 18 Sep 2021 14:19:09 -0700 (PDT)
Received: from USG02-CY1-obe.outbound.protection.office365.us (mail-cy1usg02on0124.outbound.protection.office365.us [23.103.209.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 619C93A08EB for <sfc@ietf.org>; Sat, 18 Sep 2021 14:19:09 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=NcARv4BC4N5uFrdnsJbNWAxOuXBtk1vpM8UlZ64YrbphF7cjOXaIs2fo/pxSz/Gd+TN5nQm0z6UGSSpr1Ran4wxLd/JJhdDZsTDwzJba2xsr3WPQw5cIqkPZQq9+AcF3iEsZHhBwxPCchj1c0h0b/3VLL8nVcvJcRPDrCs8f4Yg9AlSAgc7wWQZofW294P/0sZK6TAUkIK5Y2obOWhajvZGqVUy8gjFNehIiqre6yC88VJ1x4VxXxPQI2G4zL/7ORAN5UMtQJU4V28I1N1Ov/bEpdI65sW5DkwRZgUJy49NjeetKQzDBetVftgnPSo/XRBMmnSolLReXdP7OJXV+tQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=xmW6D/tDQyFyskFsnuXsE5MyOxy6yeii2BG16MhKNpw=; b=H9rWcFvqcB3ZgUXyriuOs5jI1efnEIT8wLFXM/jph1kLS1cNPLX5KhiMT8g9eFdifVNYtbtHcen8cShVEkSVByo8zmKA7So/3+fGxJ+X/HUNo+YEoxz7zjxbYWUY7Uwl42L4bU8wsaBu/yalAJ38pvW/UxeYYJtQy0EXkCag16K1/tzvzS1UkzfVtqlkuo6k1hrfas962X7AV2JpyODeDmGZVIUedM9D6bia2enutMtFeJKrxvMvjKQNfk5UgzZQmrEnFfQIoAJugnmu79RZ7l5HwYBIIRL9rNmsvep5607AAPLMQxGf/UqsXSOdXAHKZSjPvIHpdV+0j0kAtyUfUw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seicmu.onmicrosoft.com; s=selector1-seicmu-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xmW6D/tDQyFyskFsnuXsE5MyOxy6yeii2BG16MhKNpw=; b=Z32cI17IwTF38h8OHbX+lEIsVSGdnoQkM7Xe1cDS8eMC+wNo7UlcjB7aVIWYZN92sQQCGAA9U1st4RsdYlJ316toswEvLuq+sHBVjkVpgEp/permrAiWJGtRM76J70/eDE9zxvV92XkzEAQ2PxbIEo7mdY2FBnFM9B2T2ObKkw0=
Received: from BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM (52.145.69.12) by BN1P110MB0034.NAMP110.PROD.OUTLOOK.COM (23.103.17.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4523.14; Sat, 18 Sep 2021 21:19:07 +0000
Received: from BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM ([fe80::93b:40b5:d4b6:9650]) by BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM ([fe80::93b:40b5:d4b6:9650%5]) with mapi id 15.20.4523.018; Sat, 18 Sep 2021 21:19:07 +0000
From: Roman Danyliw <rdd@cert.org>
To: tirumal reddy <kondtir@gmail.com>
CC: "sfc@ietf.org" <sfc@ietf.org>
Thread-Topic: [sfc] I-D Action: draft-ietf-sfc-nsh-integrity-07.txt
Thread-Index: AQHXgfbWdsKmyDLOEESdSXQq8XBxy6uqoSzw
Date: Sat, 18 Sep 2021 21:19:07 +0000
Message-ID: <BN1P110MB0939E6C610DD8ECB7D22228EDCDE9@BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM>
References: <162728452907.21056.3024389978207775673@ietfa.amsl.com> <CAFpG3gcJkCevPj0cjOLesEDRBGT4BMmmUYrQZiVBbE0+Lv329w@mail.gmail.com>
In-Reply-To: <CAFpG3gcJkCevPj0cjOLesEDRBGT4BMmmUYrQZiVBbE0+Lv329w@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: f13bedd4-aded-49df-be8e-08d97ae9f2f0
x-ms-traffictypediagnostic: BN1P110MB0034:
x-microsoft-antispam-prvs: <BN1P110MB00347A80B1F1D52A8ACE4FB3DCDE9@BN1P110MB0034.NAMP110.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:6790;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: TjRtccj8ZNXD3w+vyIkug1ni1q2Lm2+/CTepDFCPP65mq0/4StdeoAGqUKAXx7IF/VvIWO2Jd8C9oQOU51NojtGKkdcneOLWNgqS86+jIn4fl4sKYAiEHS/MGhtyceSw1Stu3vW6lGmOklEcI2Xoet1LmCAViH+Cc0bs0z2vH1RGmIOUFnongT/z9Yf/p4Ey8KYUYAmsAkHSO2p2jPcWx6vBYsTq8H9O2DM/WAu4oQCbDB6UACFmF1EALvhlAGaAOSqk394X8ECWdmd4ao0lo5x3WTsd14iIdfT6jKgQta3WzXhCg4e1kQKMrFDbxCkKZkRM0Eae7YJzHHWSCik3HO/OclsSgaenhhG9KtmI5A7ifCfFeehtfSxoiO3LcCOlpJAzd7GmitiTKANBe86u/1JLYESLDkC7F5dfwxC1XUQ7S0LKb0kz3UDn20Z13YA5T99z3OplwHEr+g4UclD/zqqft6RCih4CxolPkXpHP/WlC3eYc1i7agP2rcPcppBW81Ia+gFXVps3dt51ceC2c/j+gzi7uvMgownMo/ULfyWNuhqdZs2VWaWoz/b1H0MX56Nczb1XuiIXxud765zq4X49mWir4PLWFnESlaAwMdok87HVHPuMOase69cRnrjIQLF5cGx7PJWWHrPV5jxi5veDx07YXwPnkm9yiGJEw5e30TdZs/xfFKCtg6yE7hdIQuSM2mUxlJ23eyFNeHn8nDT2CbG7NpoB0+a0ozdjTyh1cL9lFUtcw/vT7kOck6xaatf7S7XFtEtcTHE0zqyVBQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(39830400003)(366004)(346002)(396003)(136003)(376002)(66946007)(33656002)(86362001)(76116006)(478600001)(64756008)(5660300002)(66446008)(38100700002)(66476007)(66556008)(7696005)(53546011)(38070700005)(6506007)(52536014)(122000001)(2906002)(316002)(9686003)(4326008)(186003)(166002)(55016002)(8676002)(6916009)(26005)(83380400001)(66574015)(71200400001)(966005)(8936002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 09xAsJuWEVuS/9YKBSCgnw40OjgWNgLyKuk58j3vXh40QXHySEDR2rGYZs0TUYYMh8lrJYcYUo9izJIcQPG0PFcQ+8epLb5mQRsR+rme3TlPfgLWCWeXEJf8OvhGG6QVRZTbrAoPh3xLsDsR5asFQl27Kzi8pOj7LONY2A15NhV4tjmUrNBmbOi0og2RcV1sXFkMOh5Lwbvtdt2NLjJXeLx+r2nZqMTIBHe4wVif7vekOmb8dKi9ti4/ENMYW44VfwBF9R3qCbDatuduYmHGHtw+L6OcjuamLnkRRJteA43aqSiAy5Wm2mwlZRgcVZget2cGX0gJ1J7F0zqM8dSVFVzqiULK0FfGfcA9gsTsMAqOHsXYX/1iNTBTmTws7yHRhIvvTHx7uOw/hZ8e6Z7jw0Bw0m22ikJlgXbsvfXkPoeLAL138L79RT9pQLDXt4DU7TlJ12sHFVDp3J0HUa2WxvgvZz8K4JstVBRhitAHW/fxNzZOhVUQIN/al3Oiw8vKa4GdZozGhBhIUKT62vxY4IODaPB9qAazxR8FCDOj98EAQIcO5YsE/+S3IPgQrI5/4ijP2vmjo7YC5AUP9xBEJoC19tRd9BWXTeNnQLUP+aBPnChDtdi3KIKM3yDXfUw4hZ3TI4yBvyNIEjsZjH3+HJgTUK/hdSYKetajpaI8hOAwkXARLUBK81PULCxUATYYRTXv2Ugf4YtpBE0rH1r6vuaMHDXG8v6zni+tqAS6h7PzsnqOnd5BHDAzXQZ9MF9xuv5J59uwua/FUA1IO5iXrBNcMZjP0YbWZRFUbPTwY//jqqgPRZNmuU4TPIluFvb6rThKiUi34Vx4MTVPs3CzT5ihIgwUKId4K1z5h+v+SFfX5HsFMbbU3k0f2FniyEQHr5nK1rhDXg94gLTzNQZZcqKA8YAEiaMACl5lwarytVIioBjhGAaamJCITBEv9GIrrVS20JTLL5N22jTjCo98ExiXU3kV/0W9b9ifU8S8a+4QmqEIfWl/OGrV3Yex9tIbNwmSCjldmYGa+XQk0CmAeiR70+o0gk0D8/K/1CdUgqTLLqb6MJ23FUwqwoyBjKL13H3OPNFNwTYqQFOpoX/E8rdwav/zUknAunCPK9c1B6vbrskxgm4pQFIPKjTKJhGJswwPoH1kC8SYp1CXDNZLhI8qWvNRmYVJSTrSK3sRNmT0APFk4Fs9/Iji8Ev/gzWmaQdwF5745h8uEq+xZRjEHnqMYPplZU3Qdw3MQ1pSm6s=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BN1P110MB0939E6C610DD8ECB7D22228EDCDE9BN1P110MB0939NAMP_"
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: f13bedd4-aded-49df-be8e-08d97ae9f2f0
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Sep 2021 21:19:07.0718 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN1P110MB0034
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/sCyC81XRavFN1eiMrYDjhvzUySI>
Subject: Re: [sfc] I-D Action: draft-ietf-sfc-nsh-integrity-07.txt
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Sep 2021 21:19:15 -0000
Hi Tiru! Thanks for the updates in -07 and -08. They address all of my IESG review comments (or you explained why the text is appropriate as is in a separate thread). I’ve cleared my ballot. Regards, Roman From: tirumal reddy <kondtir@gmail.com> Sent: Monday, July 26, 2021 4:18 AM To: sfc@ietf.org; Benjamin Kaduk <kaduk@mit.edu>; Roman Danyliw <rdd@cert.org>; Éric Vyncke <evyncke@cisco.com>; superuser@gmail.com Subject: Re: [sfc] I-D Action: draft-ietf-sfc-nsh-integrity-07.txt Hi all, This revision https://datatracker.ietf.org/doc/html/draft-ietf-sfc-nsh-integrity-07 addresses comments and DISCUSS from ISEG review. Cheers, -Tiru On Mon, 26 Jul 2021 at 13:00, <internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>> wrote: A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Service Function Chaining WG of the IETF. Title : Integrity Protection for the Network Service Header (NSH) and Encryption of Sensitive Context Headers Authors : Mohamed Boucadair Tirumaleswar Reddy Dan Wing Filename : draft-ietf-sfc-nsh-integrity-07.txt Pages : 29 Date : 2021-07-26 Abstract: This specification presents an optional method to add integrity protection directly to the Network Service Header (NSH) used for Service Function Chaining (SFC). Also, this specification allows for the encryption of sensitive metadata that is carried in the NSH. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-sfc-nsh-integrity/ There is also an htmlized version available at: https://datatracker.ietf.org/doc/html/draft-ietf-sfc-nsh-integrity-07 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-sfc-nsh-integrity-07 Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ sfc mailing list sfc@ietf.org<mailto:sfc@ietf.org> https://www.ietf.org/mailman/listinfo/sfc
- [sfc] I-D Action: draft-ietf-sfc-nsh-integrity-07… internet-drafts
- Re: [sfc] I-D Action: draft-ietf-sfc-nsh-integrit… tirumal reddy
- Re: [sfc] I-D Action: draft-ietf-sfc-nsh-integrit… Roman Danyliw