Re: [spring] WGLC for https://datatracker.ietf.org/doc/draft-ietf-spring-mpls-path-segment/

Dhruv Dhody <dhruv.ietf@gmail.com> Mon, 16 August 2021 05:32 UTC

Return-Path: <dhruv.ietf@gmail.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 92F463A1565; Sun, 15 Aug 2021 22:32:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CTQM1a3Tkyrq; Sun, 15 Aug 2021 22:32:47 -0700 (PDT)
Received: from mail-il1-x12c.google.com (mail-il1-x12c.google.com [IPv6:2607:f8b0:4864:20::12c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D14C03A1563; Sun, 15 Aug 2021 22:32:46 -0700 (PDT)
Received: by mail-il1-x12c.google.com with SMTP id y3so17347713ilm.6; Sun, 15 Aug 2021 22:32:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=rB7ar4XZO68vUpoALJdW3JBOne9zK0cha+RBmquaIUE=; b=jbJc0e4zEM7P2D5x1+oVHmI0BgzD+yE6P3DEKaq2GWI/uT4mHrx+KG5G9dAyvX2zis OatFaGDxOu20NuD03O2fdISOdMdtnXP+J0s2++Mb5Lpf9mD7Z+mP9gRrcq+aW8fx+ujL U0DcOjfGm4ve9fDjg3hZNxEdZj5AvjmT+LYkh78Qrf2lUxSDOpii3pkZLMgv3bGwbfUr IbhHdat81mdjQ01kxROX6kYeG8RI2no1gOP0xRaJCE4/fMYXF+sgwkM/0tLzgKBz1ZBA /KsjP0U1PX84ZWy9+GFdjc/vYT1oGTS+BmsTotgNvkVjdGslru1a0QDYWHLWCBq7VsTK nbpA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=rB7ar4XZO68vUpoALJdW3JBOne9zK0cha+RBmquaIUE=; b=YvP3rgRcGwkz7yZlIucaARTUY1x6FzE+9droFzAS8jZxmEC8VGafcBe5MwY3a2VMzU VEicJPCAZ91c23Rvz5bKysB+g7+LLF6OkhmErlHcYacPmvyE/9B4W/ehkcj2iBU3CbgS aZzWhvMmiIia88Ufebdr2d03o65xcaN53rTinMooQAIZh8lcjDxCByYLg+hrkqIoCIYY 69oKn59dzbKzyqg3lbfHrutSP4g2Zg2W8jougO4dbYFV1v142gAlAcwNtNeiGzSXphdP zj8I/q5bDliHPC0M7G7uqDaNQzEi1R7uZOWsPKcAYCxWRSS0uIsom2Clysl5kzr4QFAo ZWhg==
X-Gm-Message-State: AOAM532Fyp/f18WEAf7ehYVQ4nMfS7oTq6M16sOtYEFXycRuasrYe1dm eXZr5tJgjpDMPljxQMMZYrLjnfKodJmNJz7rOXk=
X-Google-Smtp-Source: ABdhPJzTdjLN8WLwhkoWmD4FdjpTQ28fKTS4XDHvMXumtQf4CUqcdkThNMwbBGYGqfScW7rFSUWKBZBdQKlO/bO8GSo=
X-Received: by 2002:a92:750f:: with SMTP id q15mr10787537ilc.14.1629091964799; Sun, 15 Aug 2021 22:32:44 -0700 (PDT)
MIME-Version: 1.0
References: <MN2PR13MB42062237391D7BE769359D30D21A9@MN2PR13MB4206.namprd13.prod.outlook.com> <CAB75xn5rfrpg5VOprQyOGVaXjbpu-SjxGoQb-XfyYc1LbTwi-w@mail.gmail.com> <053b01d79246$fff5e4f0$ffe1aed0$@com>
In-Reply-To: <053b01d79246$fff5e4f0$ffe1aed0$@com>
From: Dhruv Dhody <dhruv.ietf@gmail.com>
Date: Mon, 16 Aug 2021 11:02:07 +0530
Message-ID: <CAB75xn7_M37AJFueO_Lx1kfUNZ7et6r8uy=xnirxy8Ho_=EoDw@mail.gmail.com>
To: Weiqiang Cheng <chengweiqiang@chinamobile.com>
Cc: James Guichard <james.n.guichard@futurewei.com>, spring@ietf.org, spring-chairs@ietf.org
Content-Type: multipart/alternative; boundary="000000000000de507205c9a6879d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/xJwzEZTCkQM9Qbgb3a9_CFPn4DU>
Subject: Re: [spring] WGLC for https://datatracker.ietf.org/doc/draft-ietf-spring-mpls-path-segment/
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Aug 2021 05:32:54 -0000

Thanks Weiqiang for handling my comments!

Here is the first attempt for enhancing the security consideration section
(for you to consider) -
OLD:

   This document does not introduce additional security requirements and
   mechanisms other than the ones described in [RFC8402].

NEW:

   Path Segment in SR-MPLS does not introduce any new behavior or any
   change in the way the MPLS data plane works. Section 8.1 of [RFC8402]
   describe the security consideration for SR-MPLS.

   Path segment is additional metadata that is added to the packet
   consisting of the SR path. An attacker could exploit path segment to
   manipulate the accounting of SR traffic at the egress. Path segment
   could also be used to monitor traffic patterns for the E2E paths.
   The control protocols used to allocate path segments could also be
   exploited to disseminate incorrect path segment information. Note
   that, the path segment is imposed at the ingress and removed at the
   egress boundary and is not leaked out of the administered domain.

END

Thanks!
Dhruv

On Mon, Aug 16, 2021 at 8:03 AM Weiqiang Cheng <
chengweiqiang@chinamobile.com> wrote:

> Hi Dhruv,
>
> Thanks a lot.
>
> Comments are never late.
>
> Responses are in-line
>
>
>
> B.R.
>
> Weiqiang Cheng
>
>
>
>
>
> *发件人:* spring [mailto:spring-bounces@ietf.org] *代表 *Dhruv Dhody
> *发送时间:* 2021年8月12日 01:56
> *收件人:* James Guichard
> *抄送:* spring@ietf.org; spring-chairs@ietf.org
> *主题:* Re: [spring] WGLC for
> https://datatracker.ietf.org/doc/draft-ietf-spring-mpls-path-segment/
>
>
>
> Hi,
>
> I support the WGLC for draft-ietf-spring-mpls-path-segment. Please find my
> “late” comments. Hope they are still useful.
> Minor
>
>    - Section 2
>
>
>    - The below text requires some more explanation
>
> The Path Segment may be used to identify an SR-MPLS Policy, its
> Candidate-Path (CP), or a SID List (SL)
>
>
>    - The document says Path Segment “uniquely identify an SR path”, so
>       how does that apply to SR policy/CP (which can have multiple paths) needs
>       to be explicit.
>
> [Weiqiang] The term of “SR path” used in this document is a general term
> that can be used to describe a SR policy, a Candidate-Path, or a SID List.
> So how about updating the 2nd paragraph with the following text:
>
> “The term of SR path used in this document is a general term that can be
> used to describe a SR Policy, a Candidate-Path (CP), or a SID List (SL)
> [I-D.ietf-spring-segment-routing-policy]. Therefore, the Path Segment may
> be used to identify an SR Policy, its CP, or a SL terminating on an egress
> node depending on the use-case.”
>
>    - Section 2
>
>
>    - This text
>
> Normally, the intermediate nodes will not see the Path Segment label
> and do not know how to process it. A Path Segment presenting to an
> intermediate node is an error condition.
>
>
>    - Path segment is just another label with no special marking, and
>       since it is from the egress label space it is possible that the same label
>       is used by the transit node for some other purpose. Not sure about “do not
>       know how to process it”, is there a better way to frame this?
>
> [Weiqiang] Maybe the simplest way to fix it is just to remove the “do not
> know how to process it” text, for example as below:
>
> “Normally, the intermediate nodes will not see the Path Segment label. A
> Path Segment presenting to an intermediate node is an error condition.”
>
>    - Section 8
>
>
>    - This needs to be expanded. The path segment does carry a label in
>       the packet that can be used to identify the flows that are using a
>       particular path. The path segment in the control plane could also be
>       exploited for incorrect correlation between paths.
>
> [Weiqiang]
>
> Sure, we will try to expand it a bit.
>
> And if there is some suggestion text, that will be great.
> Nits
>
>    - Add references in the terminology section 1.2
>    - Add references for SRLB/SRGB [RFC8402]
>    - Section 2
>
>
>    - s/SR-MPLS Policy/SR Policy/
>
>
>    - Section 3
>
>
>    - s/Path Computation Element Protocol (PCEP)/Path Computation Element
>       Communication Protocol (PCEP)/
>
>
>    - Section 5
>
>
>    - s/[I-D.gandhi-mpls-ioam-sr]/[I-D.gandhi-mpls-ioam]
>       - s/[I-D.gandhi-spring-stamp-srpm]/[I-D.ietf-spring-stamp-srpm]
>
> [Weiqiang] Will fix the above nits in the revision.
>
>
>
>
>
> Thanks!
> Dhruv
>
>
>
> On Wed, Jul 7, 2021 at 9:19 PM James Guichard <
> james.n.guichard@futurewei.com> wrote:
>
> Dear WG:
>
>
>
> This email starts a 2 week Working Group Last Call for
> draft-ietf-spring-mpls-path-segment [1].
>
>
>
> Please read this document if you haven’t read the most recent version and
> send your comments to the SPRING WG list no later than July 21st 2021.
>
>
>
> If you are raising a point which you expect will be specifically debated
> on the mailing list, consider using a specific email/thread for this point.
>
>
>
> Lastly, if you are an author or contributor please response to indicate
> whether you know of any undisclosed IPR related to this document.
>
>
>
> Thanks!
>
>
>
> Jim, Joel & Bruno
>
>
>
> [1] https://datatracker.ietf.org/doc/draft-ietf-spring-mpls-path-segment/
>
>
>
>
>
>
>
>
>
> _______________________________________________
> spring mailing list
> spring@ietf.org
> https://www.ietf.org/mailman/listinfo/spring
>
> _______________________________________________
> spring mailing list
> spring@ietf.org
> https://www.ietf.org/mailman/listinfo/spring
>