IETF Logo Mail Archive

[Spud] 答复: endpoint control

Youjianjie <youjianjie@huawei.com> Thu, 23 June 2016 08:03 UTC

Return-Path: <youjianjie@huawei.com>
X-Original-To: spud@ietfa.amsl.com
Delivered-To: spud@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 608E212DD03 for <spud@ietfa.amsl.com>; Thu, 23 Jun 2016 01:03:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.647
X-Spam-Level:
X-Spam-Status: No, score=-5.647 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LY29csf2zOix for <spud@ietfa.amsl.com>; Thu, 23 Jun 2016 01:03:30 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2108512D885 for <spud@ietf.org>; Thu, 23 Jun 2016 01:03:13 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml701-cah.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id CRI59777; Thu, 23 Jun 2016 08:03:06 +0000 (GMT)
Received: from NKGEML414-HUB.china.huawei.com (10.98.56.75) by lhreml701-cah.china.huawei.com (10.201.5.93) with Microsoft SMTP Server (TLS) id 14.3.235.1; Thu, 23 Jun 2016 09:03:05 +0100
Received: from NKGEML515-MBX.china.huawei.com ([fe80::a54a:89d2:c471:ff]) by nkgeml414-hub.china.huawei.com ([10.98.56.75]) with mapi id 14.03.0235.001; Thu, 23 Jun 2016 16:03:02 +0800
From: Youjianjie <youjianjie@huawei.com>
To: Brian Trammell <ietf@trammell.ch>
Thread-Topic: [Spud] endpoint control
Thread-Index: AQHRyzwoxDCBxuKTZk6d9wR8LfPe/p/zI/AAgAHtRPD//5oTAIAAjlgQ//+QBoCAAdzVQA==
Date: Thu, 23 Jun 2016 08:03:02 +0000
Message-ID: <F6C28B32DA084644BB6C8D0BD65B669DC0CD4C@NKGEML515-MBX.china.huawei.com>
References: <F797C2D5-3FF6-496F-98FB-0487E5573B2A@gmail.com> <57690A66.3050502@trammell.ch> <F6C28B32DA084644BB6C8D0BD65B669DC0C7D3@NKGEML515-MBX.china.huawei.com> <095C2E5D-D235-4017-91E2-9B437D8DBDD0@trammell.ch> <F6C28B32DA084644BB6C8D0BD65B669DC0C8F5@NKGEML515-MBX.china.huawei.com> <C9C09C19-F620-47BC-91C2-00A351E65C2E@trammell.ch>
In-Reply-To: <C9C09C19-F620-47BC-91C2-00A351E65C2E@trammell.ch>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.136.78.148]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020204.576B97C0.003F, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: 54788bab200ba984077cc06ccd49cc3e
Archived-At: <https://mailarchive.ietf.org/arch/msg/spud/IMlxNsven_Yh9fFysysQl-4xsLw>
Cc: Aaron Falk <aaron.falk@gmail.com>, spud <spud@ietf.org>
Subject: [Spud] 答复: endpoint control
X-BeenThere: spud@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Session Protocol Underneath Datagrams <spud.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spud>, <mailto:spud-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spud/>
List-Post: <mailto:spud@ietf.org>
List-Help: <mailto:spud-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spud>, <mailto:spud-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jun 2016 08:03:33 -0000

Hi Brian,

I'm wondering how the endpoint verifies the information provided by the device on path? Is it also assumed that the key is provided by the superstrate transport between the device on path and the endpoint?

Thanks,
Jianjie

> -----邮件原件-----
> 发件人: Brian Trammell [mailto:ietf@trammell.ch]
> 发送时间: 2016年6月22日 18:45
> 收件人: Youjianjie
> 抄送: Aaron Falk; spud
> 主题: Re: [Spud] endpoint control
> 
> 
> > On 22 Jun 2016, at 11:35, Youjianjie <youjianjie@huawei.com> wrote:
> >
> > Hi Brian,
> >
> > Thanks for your prompt reply. Please see my comments below:
> >
> >> -----邮件原件-----
> >> 发件人: Brian Trammell [mailto:ietf@trammell.ch]
> >> 发送时间: 2016年6月22日 16:56
> >> 收件人: Youjianjie
> >> 抄送: Aaron Falk; spud
> >> 主题: Re: [Spud] endpoint control
> >>
> >> hi Jianjie,
> >>
> >>> On 22 Jun 2016, at 09:09, Youjianjie <youjianjie@huawei.com> wrote:
> >>>
> >>> Hi Brian,
> >>>
> >>> (1) For forward signaling, the sending endpoint must place "scratch
> >>> space" in
> >> the packet with a label on it stating that it's okay to modify; this
> >> okay-to-modify state is enforced by a MAC which only verifies the
> >> length but not the content of the scratch space.
> >>>
> >>> Could you please elaborate how a MAC is used to enforce the
> >>> okay-to-modify
> >> state? Is it only applicable to L2 network?
> >>
> >> Sorry, acronym collision. Here MAC = message authentication code, not
> >> medium access control.
> >>
> >>> Is it a designed field in the PLUS header?
> >>
> >> There isn't a "PLUS header" yet; we're only talking about potential
> >> mechanisms that could be implemented within one. Here, the idea is
> >> that you have some encoding that allows you to place labeled data in
> >> the PLUS header (from the SPUD prototype experience, we like CBOR,
> >> but this is a technical detail).
> >>
> >> Some of the types/keys in this data structure are designated
> >> end-to-end, and some of the types/keys are designated path-modifiable.
> >>
> >> The MAC is generated by the sending endpoint using a secret shared by
> >> both endpoints, and covers:
> >
> > How is the secret shared between both endpoints? The endpoints need to
> establish a connection to exchange keys?
> 
> Yes. This is assumed to be provided by the superstrate transport.
> >
> >> (1) the presence and content of end-to-end PLUS header information
> >
> > Do you mean that this information is encrypted using the shared secret?
> Only both endpoints can know the content?
> 
> No, the MAC is generated using the shared secret, so that it cannot be forged
> by on-path devices. The information itself is in the clear.
> 
> Cheers,
> 
> Brian
> 
> >> (2) the presence and length of path-modifiable PLUS header
> >> information, by treating the content as a length-N byte array of zeroes.
> >
> > How does the middle-box along the path interpret the PLUS header? Does
> the middle-box also need the secret? I used to think middle-box is transparent.
> >
> > Thanks,
> > Jianjie
> >
> >> This MAC is then transmitted from the sender to the receiver in
> >> encrypted form.
> >>
> >> Additional MACs may also protect bits of the IP and UDP header, in
> >> order to detect NAT and other sub-PLUS modifications, but these are
> >> outside the scope of this question.
> >>
> >> Cheers,
> >>
> >> Brian
> >>
> >>
> >>>
> >>> Thanks,
> >>> Jianjie
> >>>
> >>> 发件人: Spud [mailto:spud-bounces@ietf.org] 代表 Brian Trammell
> >>> 发送时间: 2016年6月21日 17:36
> >>> 收件人: Aaron Falk
> >>> 抄送: spud
> >>> 主题: Re: [Spud] endpoint control
> >>>
> >>> hi Aaron,
> >>>
> >>> On 06/20/2016 11:38 PM, Aaron Falk wrote:
> >>> Hi Brian-
> >>>
> >>> In the charter and the draft-trammel-spud-req it says
> >>>
> >>>   Both endpoint-to-path and path-to-endpoint signaling happen
> >>>   completely under endpoint control.
> >>>
> >>> Without additional elaboration, one could conclude that, e.g.,
> >>> permission is
> >> required before a path could signal to an endpoint.  Alternatively,
> >> it could be implying an endpoint has the freedom to ignore any signaling
> from the path.
> >> I have been assuming the latter.  But now I wonder if you are
> >> intentionally attempting to permit the former.  Could you clarify?
> >>>
> >>> Our intention is the former: that permission is required before the
> >>> path can
> >> signal to the endpoint. We have two mechanisms we've been thinking
> >> about for this:
> >>>
> >>> (1) For forward signaling, the sending endpoint must place "scratch
> >>> space" in
> >> the packet with a label on it stating that it's okay to modify; this
> >> okay-to-modify state is enforced by a MAC which only verifies the
> >> length but not the content of the scratch space.
> >>>
> >>> (2) For direct reverse signaling, a path element may not send a
> >>> direct reverse
> >> signaling packet to a sender unless it has also dropped a forward
> >> packet from the sender to receiver. This second mechanism is less
> >> about permission and more about reducing the attractiveness of PLUS
> >> for amplification/reflection attacks.
> >>>
> >>> In any case, endpoints (and path elements) can ignore whatever they
> >>> want to
> >> from the PLUS-exposed information; it's what's in the encrypted
> >> transport layer headers that matters to the transport protocol on the
> endpoint.
> >>>
> >>> Cheers,
> >>>
> >>> Brian
> >>>
> >>>
> >>> Thanks,
> >>>
> >>> —aaron
> >>>
> >>>
> >>>
> >>>
> >>>
> >>> _______________________________________________
> >>> Spud mailing list
> >>> Spud@ietf.org
> >>> https://www.ietf.org/mailman/listinfo/spud
> >>>
> >

v2.23.0 | Report a Bug | By Email