Re: [Teas] Stephen Farrell's Discuss on draft-ietf-teas-fast-lsps-requirements-01: (with DISCUSS)
"Andrew G. Malis" <agmalis@gmail.com> Thu, 01 October 2015 00:34 UTC
Return-Path: <agmalis@gmail.com>
X-Original-To: teas@ietfa.amsl.com
Delivered-To: teas@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 756861A03AB; Wed, 30 Sep 2015 17:34:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qYBZVrX-w4Un; Wed, 30 Sep 2015 17:34:04 -0700 (PDT)
Received: from mail-wi0-x22c.google.com (mail-wi0-x22c.google.com [IPv6:2a00:1450:400c:c05::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B65011ACD90; Wed, 30 Sep 2015 17:34:02 -0700 (PDT)
Received: by wiclk2 with SMTP id lk2so10001945wic.0; Wed, 30 Sep 2015 17:34:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=emf2Ks+dJCOH4I7jW2KCmOQM46GARu4lg7GktE2HZVs=; b=XRkngnVvSXNKVwolOrjRH7neVDzSAIFIl0ReEdPbIEy8V5IRCN3srFi/YjrQBjOEe8 DUK0BsOtkdsXK61L9CpWLeeswf0gqyB70L3mNsXJwNLt4KsoV0IjeCcc29pV/ttgZXxy OIyf3toQ9Tqlz9fpOWiAdATpN0ftx2dhDOqkDEoZDGThKCcFcNtdcxkmD8ImjULD5u7A OQcz4cyfc++VPM/JfXisCtZwRuovlnJHaqwhspeLHY1TovIxI85624uPnqGxARfd/X8i Xrp/LIt9u6uJD5LoCnlfWqMJ8K1EN8mG3qb0qmBwzVzJK5INVnKTHsXCMTuk7y2FZlAi 98mw==
X-Received: by 10.180.81.199 with SMTP id c7mr183089wiy.87.1443659641436; Wed, 30 Sep 2015 17:34:01 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.28.9.212 with HTTP; Wed, 30 Sep 2015 17:33:41 -0700 (PDT)
In-Reply-To: <560C6C00.4010508@cs.tcd.ie>
References: <20150930222916.7128.57472.idtracker@ietfa.amsl.com> <CAA=duU2QYnv-Sn2Exk7vUvRL8K=wWU0Mdb2rY9QzCn-oRgCeXQ@mail.gmail.com> <560C6C00.4010508@cs.tcd.ie>
From: "Andrew G. Malis" <agmalis@gmail.com>
Date: Wed, 30 Sep 2015 20:33:41 -0400
Message-ID: <CAA=duU2UqeVvMfJwM9GiNc_TJkAsMP0m47i-DYDfRVa--_RARw@mail.gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Content-Type: multipart/alternative; boundary="f46d044402921ac2a40521003429"
Archived-At: <http://mailarchive.ietf.org/arch/msg/teas/79-MgxoGShl-0QLk0pQNq6moqNs>
Cc: draft-ietf-teas-fast-lsps-requirements.shepherd@ietf.org, teas-chairs@ietf.org, "teas@ietf.org" <teas@ietf.org>, vbeeram@juniper.net, draft-ietf-teas-fast-lsps-requirements.ad@ietf.org, The IESG <iesg@ietf.org>, draft-ietf-teas-fast-lsps-requirements@ietf.org
Subject: Re: [Teas] Stephen Farrell's Discuss on draft-ietf-teas-fast-lsps-requirements-01: (with DISCUSS)
X-BeenThere: teas@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Traffic Engineering Architecture and Signaling working group discussion list <teas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teas>, <mailto:teas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teas/>
List-Post: <mailto:teas@ietf.org>
List-Help: <mailto:teas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teas>, <mailto:teas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Oct 2015 00:34:06 -0000
Stephen, OK, thanks, that makes your comment clearer for me. How about a short sentence in the Security Considerations like: "If encryption that requires key exchange is intended to be used on the signaled LSPs, then this requirement should be included as a part of the protocol design process, as the usual extra round trip time for key exchange may have an effect on the setup and churn rate of the GMPLS LSPs". Thanks again, Andy On Wed, Sep 30, 2015 at 7:10 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote: > > > On 30/09/15 23:52, Andrew G. Malis wrote: > > Stephen, > > > > Note that this draft discusses GMPLS-based signaling for wavelengths and > > TDM circuits, not layer 3 MPLS-based LSPs that are covered by your draft. > > Layer 3 encryption cannot be used, > > Aside: Ours is not an L3 encryption, or else we're not using the same > terms. > > > since the payload is arbitrary bit > > streams typically at optical wavelength speeds. > > > > Does this address your comment? > > I don't believe so. Our draft isn't the point, but rather that any > key exchange requires 1RTT and you can only do better if you remember > things between peers for the next one. That does have impact on > protocol design, esp. when an 1RTT is a significant duration. The > only way to not have this impact on protocol design (that I can think > of) is to not have any key exchange, which is also an impact on > protocol design (in that case the impact is probably "confidentiality > is not possible"). > > Seems to me either is important enough to be noteworthy. > > S. > > > > > > Thanks, > > Andy > > > > > > On Wed, Sep 30, 2015 at 6:29 PM, Stephen Farrell < > stephen.farrell@cs.tcd.ie> > > wrote: > > > >> Stephen Farrell has entered the following ballot position for > >> draft-ietf-teas-fast-lsps-requirements-01: Discuss > >> > >> When responding, please keep the subject line intact and reply to all > >> email addresses included in the To and CC lines. (Feel free to cut this > >> introductory paragraph, however.) > >> > >> > >> Please refer to > https://www.ietf.org/iesg/statement/discuss-criteria.html > >> for more information about IESG DISCUSS and COMMENT positions. > >> > >> > >> The document, along with other ballot positions, can be found here: > >> > https://datatracker.ietf.org/doc/draft-ietf-teas-fast-lsps-requirements/ > >> > >> > >> > >> ---------------------------------------------------------------------- > >> DISCUSS: > >> ---------------------------------------------------------------------- > >> > >> > >> Are these reqs consistent with an additional RTT for key exchange? > >> If not, why is that ok? 100 setups/second implies a real need for a > >> 0RTT model for any key exchange. That has significant protocol > >> design implications. I think you only need to note that, but that > >> noting that is really needed. (This could for example affect the > >> details of [1] or of later work similar to or built on [1]. Full > >> disclosure: I'm a co-author of [1].) > >> > >> [1] > https://tools.ietf.org/html/draft-ietf-mpls-opportunistic-encrypt > >> > >> > >> > >> > >> > > >
- Re: [Teas] Stephen Farrell's Discuss on draft-iet… Andrew G. Malis
- Re: [Teas] Stephen Farrell's Discuss on draft-iet… Andrew G. Malis
- Re: [Teas] Stephen Farrell's Discuss on draft-iet… Andrew G. Malis
- Re: [Teas] Stephen Farrell's Discuss on draft-iet… BRUNGARD, DEBORAH A
- Re: [Teas] Stephen Farrell's Discuss on draft-iet… BRUNGARD, DEBORAH A