Re: [smartpowerdir] Draft for PAP 1
Fred Baker <fred@cisco.com> Thu, 17 June 2010 21:25 UTC
Return-Path: <fred@cisco.com>
X-Original-To: smartpowerdir@core3.amsl.com
Delivered-To: smartpowerdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix)
with ESMTP id EF7CF3A697F for <smartpowerdir@core3.amsl.com>;
Thu, 17 Jun 2010 14:25:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -109.074
X-Spam-Level:
X-Spam-Status: No, score=-109.074 tagged_above=-999 required=5 tests=[AWL=0.035,
BAYES_05=-1.11, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8,
USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 84SzJKavH9jZ for
<smartpowerdir@core3.amsl.com>; Thu, 17 Jun 2010 14:25:21 -0700 (PDT)
Received: from sj-iport-5.cisco.com (sj-iport-5.cisco.com [171.68.10.87]) by
core3.amsl.com (Postfix) with ESMTP id 050593A68A7 for
<smartpowerdir@ietf.org>; Thu, 17 Jun 2010 14:25:21 -0700 (PDT)
Authentication-Results: sj-iport-5.cisco.com;
dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AvsEAMcvGkyrR7Ht/2dsb2JhbACee3GnfJozhRoEg1I
X-IronPort-AV: E=Sophos; i="4.53,434,1272844800"; d="scan'208,217";
a="214029692"
Received: from sj-core-1.cisco.com ([171.71.177.237]) by sj-iport-5.cisco.com
with ESMTP; 17 Jun 2010 21:25:23 +0000
Received: from stealth-10-32-244-220.cisco.com
(stealth-10-32-244-220.cisco.com [10.32.244.220]) by sj-core-1.cisco.com
(8.13.8/8.14.3) with ESMTP id o5HLPFS5029493; Thu, 17 Jun 2010 21:25:16 GMT
Received: from [127.0.0.1] by stealth-10-32-244-220.cisco.com (PGP Universal
service); Thu, 17 Jun 2010 14:25:22 -0700
X-PGP-Universal: processed;
by stealth-10-32-244-220.cisco.com on Thu, 17 Jun 2010
14:25:22 -0700
Mime-Version: 1.0 (Apple Message framework v1081)
From: Fred Baker <fred@cisco.com>
In-Reply-To: <AANLkTilmVgtgJMTXiZUoH-ovPclMmo11-fti7NxWnS0R@mail.gmail.com>
Date: Thu, 17 Jun 2010 14:25:09 -0700
Message-Id: <F1DFD13E-C94B-4549-A8AE-37415C32F493@cisco.com>
References: <FE623618-6660-4CE6-9651-B122B4F04929@cisco.com>
<AANLkTilmVgtgJMTXiZUoH-ovPclMmo11-fti7NxWnS0R@mail.gmail.com>
To: Vint Cerf <vint@google.com>
X-Mailer: Apple Mail (2.1081)
Content-Type: multipart/alternative; boundary=Apple-Mail-390-2483063
Cc: "David H. Su" <david.su@nist.gov>,
IETF SmartPower Directorate <smartpowerdir@ietf.org>
Subject: Re: [smartpowerdir] Draft for PAP 1
X-BeenThere: smartpowerdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Members of the Smart Power Directorate <smartpowerdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/smartpowerdir>,
<mailto:smartpowerdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/smartpowerdir>
List-Post: <mailto:smartpowerdir@ietf.org>
List-Help: <mailto:smartpowerdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/smartpowerdir>,
<mailto:smartpowerdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Jun 2010 21:25:23 -0000
thanks On Jun 17, 2010, at 4:24 AM, Vint Cerf wrote: > see attached edits/suggestions on Fred's excellent draft > > vint > > > > On Sat, Jun 12, 2010 at 3:39 PM, Fred Baker <fred@cisco.com> wrote: > Folks: George Arnold and David Su asked me the other day fo a draft to put into NIST's Priority Action Plan #1, which is intended to produce a recommendation regarding the role of IP in the Smart Grid. The requested draft specifies the minimal structure recommended for the use of IP in a secure network. > > David: I started to write a new draft, and found myself in part generating new graphics and text, and in part cribbing a lot from http://tools.ietf.org/html/draft-baker-ietf-core. I wonder, what stops us from using an updated version of http://tools.ietf.org/html/draft-baker-ietf-core as this draft? > > What needs to be covered, I think, is a relatively simple set of four pictures outlining four basic uses of the IP Protocol Suite: > > +-------------------------+ > | Application | > +-----+------+-----+------+ > | TCP | SCTP | UDP | NORM | Basic IP stack > +-----+------+-----+------+ > | Internet Layer | > +-------------------------+ > | Link Layer | > +-------------------------+ > | Physical Layer | > +-------------------------+ > > +-------------------------+ > | Application | > +-----+------+-----+------+ > | TCP | SCTP | UDP | NORM | IP Stack with IPsec in Transport Mode > +-----+------+-----+------+ (eg, HIP-like connectivity between two systems) > | IP Security Layer | > +-------------------------+ > | Internet Layer | > +-------------------------+ > | Link Layer | > +-------------------------+ > | Physical Layer | > +-------------------------+ > > +-------------------------+ > | Application | > +-----+------+-----+------+ > | TCP | SCTP | UDP | NORM | IP Stack with IPsec in Tunnel Mode > +-----+------+-----+------+ (IPsec VPN) > | Internet Layer | > +-------------------------+ > | IP Security Layer | > +-------------------------+ > | Internet Layer | > +-------------------------+ > | Link Layer | > +-------------------------+ > | Physical Layer | > +-------------------------+ > > +-------------------------+ > | Application | > +------------+------------+ > | TLS | DTLS | IP Stack with TLS in the application > +-----+------+-----+------+ (Secured applications) > | TCP | SCTP | UDP | NORM | > +-----+------+-----+------+ > | Internet Layer | > +-------------------------+ > | Link Layer | > +-------------------------+ > | Physical Layer | > +-------------------------+ > > and then some discussion of the use of the stack, which I think is mostly there, along with the use of DNS and DHCP. > > I have asked and have not gotten any takers... I would really prefer that the security comments in this document were written by a security person. The comments I got from the security directorate told me what they thought was wrong, but didn't suggest what the right way to say it was, and we want to say it in the right way. > > In any event, if draft-baker-ietf-core-protocols were cut down to that content, it seems to me that it pretty much fills the bill and is a reasonable IETF output that in fact could be pulled as text into the SGAC's Conceptual Model. > > Directorate, would you agree with that? David? > > <Baker-Internet-suite-draft-vc-comments.rtf> http://www.ipinc.net/IPv4.GIF
- [smartpowerdir] Draft for PAP 1 Fred Baker
- Re: [smartpowerdir] Draft for PAP 1 Zach Shelby
- Re: [smartpowerdir] Draft for PAP 1 Ralph Droms
- Re: [smartpowerdir] Draft for PAP 1 JP Vasseur
- Re: [smartpowerdir] Draft for PAP 1 Vint Cerf
- Re: [smartpowerdir] Draft for PAP 1 Fred Baker