IETF Logo Mail Archive

Re: [Teas] Stephen Farrell's Discuss on draft-ietf-teas-fast-lsps-requirements-01: (with DISCUSS)

"Andrew G. Malis" <agmalis@gmail.com> Thu, 01 October 2015 10:22 UTC

Return-Path: <agmalis@gmail.com>
X-Original-To: teas@ietfa.amsl.com
Delivered-To: teas@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B2C091A1B1D; Thu, 1 Oct 2015 03:22:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s6hInsN-1B_M; Thu, 1 Oct 2015 03:22:26 -0700 (PDT)
Received: from mail-wi0-x234.google.com (mail-wi0-x234.google.com [IPv6:2a00:1450:400c:c05::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B1F621A1B17; Thu, 1 Oct 2015 03:22:25 -0700 (PDT)
Received: by wicfx3 with SMTP id fx3so25746259wic.1; Thu, 01 Oct 2015 03:22:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=8Zc0ttl9cGXjHm0rVTDtbSKhdK78qhpDry6wJRQ/+2E=; b=mC5hjDUWRrRO15/Bl+cVAlvhsuEjIYN+1nBRHkKSUFcKzEOIQqu2Hgk3FrwL+AIxbh nB4L3mfMtl05DeTlbvullEgnJXEBAkPos19SGu8frnlSzB2CedSt5QabWsL3LBFkC3Y2 qS8tkrvi20wMr67FLmh7DvJB6OVMCPDcziKUwmTLkiTbuLpqzvL6kUdG3j7tJ+rZF0vI sBZx1e0CoR4I2kIER20kRkTrX9B3Y2qLd0yylfRU/7esLMwrkT3V8P5j5m7yu7nMJLtP j2rOa/tg0/o4btci1ZhlTN+vpHfbdxBkXyD3vkXMBUgL1g4PR9kQ+VgtKLSpY6emjcF0 b+Uw==
X-Received: by 10.180.81.199 with SMTP id c7mr2327613wiy.87.1443694944226; Thu, 01 Oct 2015 03:22:24 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.28.9.212 with HTTP; Thu, 1 Oct 2015 03:22:04 -0700 (PDT)
In-Reply-To: <560CFFA6.1080404@cs.tcd.ie>
References: <20150930222916.7128.57472.idtracker@ietfa.amsl.com> <CAA=duU2QYnv-Sn2Exk7vUvRL8K=wWU0Mdb2rY9QzCn-oRgCeXQ@mail.gmail.com> <560C6C00.4010508@cs.tcd.ie> <CAA=duU2UqeVvMfJwM9GiNc_TJkAsMP0m47i-DYDfRVa--_RARw@mail.gmail.com> <560CFFA6.1080404@cs.tcd.ie>
From: "Andrew G. Malis" <agmalis@gmail.com>
Date: Thu, 01 Oct 2015 06:22:04 -0400
Message-ID: <CAA=duU37ShB133bPKWum+_fohPStXyD=xD9ptYhADW0RYCALmQ@mail.gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Content-Type: multipart/alternative; boundary="f46d0444029250b1e20521086c94"
Archived-At: <http://mailarchive.ietf.org/arch/msg/teas/A_zQ8m2CIB93iOlDCOmPYmTTsdo>
Cc: draft-ietf-teas-fast-lsps-requirements.shepherd@ietf.org, teas-chairs@ietf.org, "teas@ietf.org" <teas@ietf.org>, vbeeram@juniper.net, draft-ietf-teas-fast-lsps-requirements.ad@ietf.org, The IESG <iesg@ietf.org>, draft-ietf-teas-fast-lsps-requirements@ietf.org
Subject: Re: [Teas] Stephen Farrell's Discuss on draft-ietf-teas-fast-lsps-requirements-01: (with DISCUSS)
X-BeenThere: teas@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Traffic Engineering Architecture and Signaling working group discussion list <teas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teas>, <mailto:teas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teas/>
List-Post: <mailto:teas@ietf.org>
List-Help: <mailto:teas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teas>, <mailto:teas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Oct 2015 10:22:28 -0000

Stephen,

I'll make the change as soon as I get the go-ahead from Deborah.

Thanks,
Andy

On Thu, Oct 1, 2015 at 5:40 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie>
wrote:

>
> Hiya,
>
> On 01/10/15 01:33, Andrew G. Malis wrote:
> > Stephen,
> >
> > OK, thanks, that makes your comment clearer for me.
> >
> > How about a short sentence in the Security Considerations like: "If
> > encryption that requires key exchange is intended to be used on the
> > signaled LSPs, then this requirement should be included as a part of the
>
> s/should/needs to/ is correct I think
>
> > protocol design process, as the usual extra round trip time for key
> > exchange may have an effect on the setup and churn rate of the GMPLS
> LSPs".
>
> s/may/will/
>
> I'd add a mention of 0RTT mechanisms just in case too, e.g. "It
> is possible to amortize the costs of key exchange over multiple
> exchanges (if those occur between the same peers) so that some
> exchanges need not cost a full RTT and operate in so-called
> zero-RTT mode."
>
> Note though that the above are non-blocking. If you make your
> originally suggested change I'd clear the DISCUSS.
>
> Cheers,
> S.
>
>
> >
> > Thanks again,
> > Andy
> >
> >
> > On Wed, Sep 30, 2015 at 7:10 PM, Stephen Farrell <
> stephen.farrell@cs.tcd.ie>
> > wrote:
> >
> >>
> >>
> >> On 30/09/15 23:52, Andrew G. Malis wrote:
> >>> Stephen,
> >>>
> >>> Note that this draft discusses GMPLS-based signaling for wavelengths
> and
> >>> TDM circuits, not layer 3 MPLS-based LSPs that are covered by your
> draft.
> >>> Layer 3 encryption cannot be used,
> >>
> >> Aside: Ours is not an L3 encryption, or else we're not using the same
> >> terms.
> >>
> >>> since the payload is arbitrary bit
> >>> streams typically at optical wavelength speeds.
> >>>
> >>> Does this address your comment?
> >>
> >> I don't believe so. Our draft isn't the point, but rather that any
> >> key exchange requires 1RTT and you can only do better if you remember
> >> things between peers for the next one. That does have impact on
> >> protocol design, esp. when an 1RTT is a significant duration. The
> >> only way to not have this impact on protocol design (that I can think
> >> of) is to not have any key exchange, which is also an impact on
> >> protocol design (in that case the impact is probably "confidentiality
> >> is not possible").
> >>
> >> Seems to me either is important enough to be noteworthy.
> >>
> >> S.
> >>
> >>
> >>>
> >>> Thanks,
> >>> Andy
> >>>
> >>>
> >>> On Wed, Sep 30, 2015 at 6:29 PM, Stephen Farrell <
> >> stephen.farrell@cs.tcd.ie>
> >>> wrote:
> >>>
> >>>> Stephen Farrell has entered the following ballot position for
> >>>> draft-ietf-teas-fast-lsps-requirements-01: Discuss
> >>>>
> >>>> When responding, please keep the subject line intact and reply to all
> >>>> email addresses included in the To and CC lines. (Feel free to cut
> this
> >>>> introductory paragraph, however.)
> >>>>
> >>>>
> >>>> Please refer to
> >> https://www.ietf.org/iesg/statement/discuss-criteria.html
> >>>> for more information about IESG DISCUSS and COMMENT positions.
> >>>>
> >>>>
> >>>> The document, along with other ballot positions, can be found here:
> >>>>
> >>
> https://datatracker.ietf.org/doc/draft-ietf-teas-fast-lsps-requirements/
> >>>>
> >>>>
> >>>>
> >>>> ----------------------------------------------------------------------
> >>>> DISCUSS:
> >>>> ----------------------------------------------------------------------
> >>>>
> >>>>
> >>>> Are these reqs consistent with an additional RTT for key exchange?
> >>>> If not, why is that ok? 100 setups/second implies a real need for a
> >>>> 0RTT model for any key exchange. That has significant protocol
> >>>> design implications. I think you only need to note that, but that
> >>>> noting that is really needed. (This could for example affect the
> >>>> details of [1] or of later work similar to or built on [1]. Full
> >>>> disclosure: I'm a co-author of [1].)
> >>>>
> >>>>    [1]
> >> https://tools.ietf.org/html/draft-ietf-mpls-opportunistic-encrypt
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>
> >>
> >
>

v2.23.0 | Report a Bug | By Email