Re: [Teas] Stephen Farrell's Discuss on draft-ietf-teas-fast-lsps-requirements-01: (with DISCUSS)
"BRUNGARD, DEBORAH A" <db3546@att.com> Thu, 01 October 2015 11:28 UTC
Return-Path: <db3546@att.com>
X-Original-To: teas@ietfa.amsl.com
Delivered-To: teas@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 61D1C1A1F16; Thu, 1 Oct 2015 04:28:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.265
X-Spam-Level:
X-Spam-Status: No, score=-2.265 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M6c4LKuso-VJ; Thu, 1 Oct 2015 04:27:59 -0700 (PDT)
Received: from mx0a-00191d01.pphosted.com (mx0a-00191d01.pphosted.com [67.231.149.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F1F2C1A1BEF; Thu, 1 Oct 2015 04:27:58 -0700 (PDT)
Received: from pps.filterd (m0049295.ppops.net [127.0.0.1]) by m0049295.ppops.net-00191d01. (8.15.0.59/8.15.0.59) with SMTP id t91BO72S005331; Thu, 1 Oct 2015 07:27:50 -0400
Received: from alpi155.enaf.aldc.att.com (sbcsmtp7.sbc.com [144.160.229.24]) by m0049295.ppops.net-00191d01. with ESMTP id 1x5qb51fxh-1 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 01 Oct 2015 07:27:50 -0400
Received: from enaf.aldc.att.com (localhost [127.0.0.1]) by alpi155.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id t91BRmj2029946; Thu, 1 Oct 2015 07:27:49 -0400
Received: from mlpi409.sfdc.sbc.com (mlpi409.sfdc.sbc.com [130.9.128.241]) by alpi155.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id t91BRe5Z029868 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 1 Oct 2015 07:27:43 -0400
Received: from MISOUT7MSGHUBAE.ITServices.sbc.com (MISOUT7MSGHUBAE.itservices.sbc.com [130.9.129.149]) by mlpi409.sfdc.sbc.com (RSA Interceptor); Thu, 1 Oct 2015 11:27:27 GMT
Received: from MISOUT7MSGUSRDE.ITServices.sbc.com ([169.254.5.138]) by MISOUT7MSGHUBAE.ITServices.sbc.com ([130.9.129.149]) with mapi id 14.03.0248.002; Thu, 1 Oct 2015 07:27:27 -0400
From: "BRUNGARD, DEBORAH A" <db3546@att.com>
To: "Andrew G. Malis" <agmalis@gmail.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Thread-Topic: Stephen Farrell's Discuss on draft-ietf-teas-fast-lsps-requirements-01: (with DISCUSS)
Thread-Index: AQHQ+8968H2CmcS9NUqKfVRz+0sLGp5V8LEAgAAFQwCAABcfgIAAmOQAgAALgAD//837MA==
Date: Thu, 01 Oct 2015 11:27:26 +0000
Message-ID: <F64C10EAA68C8044B33656FA214632C8527368AB@MISOUT7MSGUSRDE.ITServices.sbc.com>
References: <20150930222916.7128.57472.idtracker@ietfa.amsl.com> <CAA=duU2QYnv-Sn2Exk7vUvRL8K=wWU0Mdb2rY9QzCn-oRgCeXQ@mail.gmail.com> <560C6C00.4010508@cs.tcd.ie> <CAA=duU2UqeVvMfJwM9GiNc_TJkAsMP0m47i-DYDfRVa--_RARw@mail.gmail.com> <560CFFA6.1080404@cs.tcd.ie> <CAA=duU37ShB133bPKWum+_fohPStXyD=xD9ptYhADW0RYCALmQ@mail.gmail.com>
In-Reply-To: <CAA=duU37ShB133bPKWum+_fohPStXyD=xD9ptYhADW0RYCALmQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [135.70.54.128]
Content-Type: multipart/alternative; boundary="_000_F64C10EAA68C8044B33656FA214632C8527368ABMISOUT7MSGUSRDE_"
MIME-Version: 1.0
X-RSA-Inspected: yes
X-RSA-Classifications: public
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2015-10-01_04:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_policy_notspam policy=outbound_policy score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1507310000 definitions=main-1510010174
Archived-At: <http://mailarchive.ietf.org/arch/msg/teas/AODQgizcXmhrAyVaDqdVCJYltJs>
Cc: "draft-ietf-teas-fast-lsps-requirements.shepherd@ietf.org" <draft-ietf-teas-fast-lsps-requirements.shepherd@ietf.org>, "teas-chairs@ietf.org" <teas-chairs@ietf.org>, "teas@ietf.org" <teas@ietf.org>, "vbeeram@juniper.net" <vbeeram@juniper.net>, "draft-ietf-teas-fast-lsps-requirements.ad@ietf.org" <draft-ietf-teas-fast-lsps-requirements.ad@ietf.org>, The IESG <iesg@ietf.org>, "draft-ietf-teas-fast-lsps-requirements@ietf.org" <draft-ietf-teas-fast-lsps-requirements@ietf.org>
Subject: Re: [Teas] Stephen Farrell's Discuss on draft-ietf-teas-fast-lsps-requirements-01: (with DISCUSS)
X-BeenThere: teas@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Traffic Engineering Architecture and Signaling working group discussion list <teas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teas>, <mailto:teas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teas/>
List-Post: <mailto:teas@ietf.org>
List-Help: <mailto:teas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teas>, <mailto:teas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Oct 2015 11:28:01 -0000
Hi, I think the suggested sentence looks good. I’d prefer not to add the additional sentence on 0RTT as it seems too much in the context of the other requirements. Definitely it should be in the more detailed solution documents to come later. Thanks Steven- Deborah From: Andrew G. Malis [mailto:agmalis@gmail.com] Sent: Thursday, October 01, 2015 6:22 AM To: Stephen Farrell Cc: The IESG; draft-ietf-teas-fast-lsps-requirements@ietf.org; teas-chairs@ietf.org; draft-ietf-teas-fast-lsps-requirements.ad@ietf.org; draft-ietf-teas-fast-lsps-requirements.shepherd@ietf.org; vbeeram@juniper.net; teas@ietf.org Subject: Re: Stephen Farrell's Discuss on draft-ietf-teas-fast-lsps-requirements-01: (with DISCUSS) Stephen, I'll make the change as soon as I get the go-ahead from Deborah. Thanks, Andy On Thu, Oct 1, 2015 at 5:40 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie<mailto:stephen.farrell@cs.tcd.ie>> wrote: Hiya, On 01/10/15 01:33, Andrew G. Malis wrote: > Stephen, > > OK, thanks, that makes your comment clearer for me. > > How about a short sentence in the Security Considerations like: "If > encryption that requires key exchange is intended to be used on the > signaled LSPs, then this requirement should be included as a part of the s/should/needs to/ is correct I think > protocol design process, as the usual extra round trip time for key > exchange may have an effect on the setup and churn rate of the GMPLS LSPs". s/may/will/ I'd add a mention of 0RTT mechanisms just in case too, e.g. "It is possible to amortize the costs of key exchange over multiple exchanges (if those occur between the same peers) so that some exchanges need not cost a full RTT and operate in so-called zero-RTT mode." Note though that the above are non-blocking. If you make your originally suggested change I'd clear the DISCUSS. Cheers, S. > > Thanks again, > Andy > > > On Wed, Sep 30, 2015 at 7:10 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie<mailto:stephen.farrell@cs.tcd.ie>> > wrote: > >> >> >> On 30/09/15 23:52, Andrew G. Malis wrote: >>> Stephen, >>> >>> Note that this draft discusses GMPLS-based signaling for wavelengths and >>> TDM circuits, not layer 3 MPLS-based LSPs that are covered by your draft. >>> Layer 3 encryption cannot be used, >> >> Aside: Ours is not an L3 encryption, or else we're not using the same >> terms. >> >>> since the payload is arbitrary bit >>> streams typically at optical wavelength speeds. >>> >>> Does this address your comment? >> >> I don't believe so. Our draft isn't the point, but rather that any >> key exchange requires 1RTT and you can only do better if you remember >> things between peers for the next one. That does have impact on >> protocol design, esp. when an 1RTT is a significant duration. The >> only way to not have this impact on protocol design (that I can think >> of) is to not have any key exchange, which is also an impact on >> protocol design (in that case the impact is probably "confidentiality >> is not possible"). >> >> Seems to me either is important enough to be noteworthy. >> >> S. >> >> >>> >>> Thanks, >>> Andy >>> >>> >>> On Wed, Sep 30, 2015 at 6:29 PM, Stephen Farrell < >> stephen.farrell@cs.tcd.ie<mailto:stephen.farrell@cs.tcd.ie>> >>> wrote: >>> >>>> Stephen Farrell has entered the following ballot position for >>>> draft-ietf-teas-fast-lsps-requirements-01: Discuss >>>> >>>> When responding, please keep the subject line intact and reply to all >>>> email addresses included in the To and CC lines. (Feel free to cut this >>>> introductory paragraph, however.) >>>> >>>> >>>> Please refer to >> https://www.ietf.org/iesg/statement/discuss-criteria.html >>>> for more information about IESG DISCUSS and COMMENT positions. >>>> >>>> >>>> The document, along with other ballot positions, can be found here: >>>> >> https://datatracker.ietf.org/doc/draft-ietf-teas-fast-lsps-requirements/ >>>> >>>> >>>> >>>> ---------------------------------------------------------------------- >>>> DISCUSS: >>>> ---------------------------------------------------------------------- >>>> >>>> >>>> Are these reqs consistent with an additional RTT for key exchange? >>>> If not, why is that ok? 100 setups/second implies a real need for a >>>> 0RTT model for any key exchange. That has significant protocol >>>> design implications. I think you only need to note that, but that >>>> noting that is really needed. (This could for example affect the >>>> details of [1] or of later work similar to or built on [1]. Full >>>> disclosure: I'm a co-author of [1].) >>>> >>>> [1] >> https://tools.ietf.org/html/draft-ietf-mpls-opportunistic-encrypt >>>> >>>> >>>> >>>> >>>> >>> >> >
- Re: [Teas] Stephen Farrell's Discuss on draft-iet… Andrew G. Malis
- Re: [Teas] Stephen Farrell's Discuss on draft-iet… Andrew G. Malis
- Re: [Teas] Stephen Farrell's Discuss on draft-iet… Andrew G. Malis
- Re: [Teas] Stephen Farrell's Discuss on draft-iet… BRUNGARD, DEBORAH A
- Re: [Teas] Stephen Farrell's Discuss on draft-iet… BRUNGARD, DEBORAH A