IETF Logo Mail Archive

Re: [Teas] Murray Kucherawy's No Objection on draft-ietf-lsr-isis-rfc5316bis-04: (with COMMENT)

John Scudder <jgs@juniper.net> Tue, 27 September 2022 20:41 UTC

Return-Path: <jgs@juniper.net>
X-Original-To: teas@ietfa.amsl.com
Delivered-To: teas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E1D8DC159A1D; Tue, 27 Sep 2022 13:41:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.378
X-Spam-Level:
X-Spam-Status: No, score=-3.378 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.571, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=aywtg2II; dkim=pass (1024-bit key) header.d=juniper.net header.b=fk2L/y2t
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dv26XHUVv006; Tue, 27 Sep 2022 13:41:43 -0700 (PDT)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B508C14CE27; Tue, 27 Sep 2022 13:41:37 -0700 (PDT)
Received: from pps.filterd (m0108159.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 28RDTsPH029154; Tue, 27 Sep 2022 13:41:35 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=PPS1017; bh=wCH3PlWkFH0NQR5wNIFwFHq1tYYUkUSxU34OfxCi10Q=; b=aywtg2IIUUOKYeyzZnhGsoccRhQd7mIauIyfpdw6cHpiyF/EystgaEuQKAJnWjccQpBB 6ovpuM8O+3mhUMhiGthLBGjKiFSYD25ynnYQQay1l2N/D/UGErOCWaHZIMIw3vaXD3E5 XZc9KxUIc8oBDDDS+MTQgDg6y5krQ9LEPpFqIa3rJXjnRI65ZsPQFAQe3YFTSGTPVhN5 a0Wh678A4atpD6rQO4d8FEVMtYmKSWLbjampZ0EJ/IjzJf+BIWZKHeqmw805KiCxYiG4 QNwBH7rtCn4NgD0SyZGZWe4I9X8G/MJpK6eDUHBSaaS1JjkxqFpoYEOuOLeGqNIGqE0o 8Q==
Received: from na01-obe.outbound.protection.outlook.com (mail-eastusazlp17011018.outbound.protection.outlook.com [40.93.11.18]) by mx0a-00273201.pphosted.com (PPS) with ESMTPS id 3jv2438unw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 27 Sep 2022 13:41:35 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=G4e4FU1k0e5wjWYCof2N7K1HeMMrJLa24JCSUpQ17nL71/2fkSKv8pI/M0j1nii3LrYXhZBxSuUD8VA7SDT5WLqx2wFEAKVkkBYl9iDkqaICu+BaBaZ+vTIFWTP/+gMrYQJMG6ZI+BiJuYHnwSpcF0K7vesCgcDuvGpf2KtlJ/UuDAApD42mEnzFzDC6BYWTNmwj6iLsAbvbOY3qzpfsNu33+9jQKJjIcaVY64UWXxTw+YnKUMj3rntBXZKtlbgIybj/tEFE38l57JnhgVkfOLJhvfSESGjVjqnA0Mg3G7GgkgTS2jlnpnplvkCkjWolZCTWrwEhnaKH1US8aCiamA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=wCH3PlWkFH0NQR5wNIFwFHq1tYYUkUSxU34OfxCi10Q=; b=MdRCnbEbppf8VgFvHLFvhRUiEl6OTqUKQ10aIVpAImbF9ZG1eg1INhQj8ENzSjtoiQZwXKGr9MzYv4jIbF9PplQRRNyUUFIj/4VoECHwMELuH0XqMQeGQnnDgmM5ussiG6fqeJZZHg6I8LIPu3wnYMHLEqlpwWyDPL/FHXfJ+ARQup7o9XMOXLVeuPSaon2O7EcKSfsFdolk81V34WcWAPty454QS4L8CaqcJ3p6IkMjKDsWJqRTp00yoBY0K4omCq2/PlRNtvWVxwC1oNkJ923X1W2cZI0PONrsKFPkvoFjIXN++2/YmFXY/arxftSBMoWQ5Xxgh9SFe+DBmNQfrA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wCH3PlWkFH0NQR5wNIFwFHq1tYYUkUSxU34OfxCi10Q=; b=fk2L/y2tyhRka2GE7uhvLuM8cBZjruqYr60zw1ypVVx7jAhkszEbrY13QllL8Ol5C66hk4OjlObEEfZpYyc6oc1S0APSzVMJNPyGqk71WPbWur1eZWeZ3eUXGadxnzKh7ctffGbYoIutQHPQqBJFEueZSCOX72nlYziy4ptCTT0=
Received: from MN2PR05MB6109.namprd05.prod.outlook.com (2603:10b6:208:c4::20) by PH0PR05MB7798.namprd05.prod.outlook.com (2603:10b6:510:3::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5676.9; Tue, 27 Sep 2022 20:41:32 +0000
Received: from MN2PR05MB6109.namprd05.prod.outlook.com ([fe80::915f:ef9b:a308:d50d]) by MN2PR05MB6109.namprd05.prod.outlook.com ([fe80::915f:ef9b:a308:d50d%3]) with mapi id 15.20.5676.011; Tue, 27 Sep 2022 20:41:32 +0000
From: John Scudder <jgs@juniper.net>
To: Murray Kucherawy <superuser@gmail.com>, "draft-ietf-lsr-isis-rfc5316bis@ietf.org" <draft-ietf-lsr-isis-rfc5316bis@ietf.org>
CC: The IESG <iesg@ietf.org>, "lsr-chairs@ietf.org" <lsr-chairs@ietf.org>, lsr <lsr@ietf.org>, Christian Hopps <chopps@chopps.org>, "teas@ietf.org" <teas@ietf.org>
Thread-Topic: [Teas] Murray Kucherawy's No Objection on draft-ietf-lsr-isis-rfc5316bis-04: (with COMMENT)
Thread-Index: AQHYzksJr9SkukN98029PR4tCz/MXa3zxnUA
Date: Tue, 27 Sep 2022 20:41:31 +0000
Message-ID: <C76298A9-8369-4D32-B91E-99E70CE4A78E@juniper.net>
References: <166382744579.12168.9250850794860251135@ietfa.amsl.com>
In-Reply-To: <166382744579.12168.9250850794860251135@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3696.120.41.1.1)
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MN2PR05MB6109:EE_|PH0PR05MB7798:EE_
x-ms-office365-filtering-correlation-id: d532be0a-121f-47c3-4ffb-08daa0c8a92a
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: melLm/tZGFOTHiw8vFQJdb+fXBUuJ3cW2YMHE1EIRNtFUYnpYZVJFpzoVcRnJ+AQEofqkM4kW3GMTIUly9QcGK/UyJaI2oeDLPfbbKZrVgp3IpZ4tk6W48vkd/euzuD1fZBNjbD6Gag20ygySrV8YEpqxy5MvzN9FYqd+lhjo1kc/kcIeNxU/F6xf2JxZvwefz/NYnczxYt3cdFrkrw39asaG0wUrjVcAuhMuqf+2A3SJe+x3piGkBaBr3yEJjSPadbUEA8EdGfQnmDqUAWgMziG/kLhyFG0vI1DaJvOqn+Ldj0H9alyX5PX0SB/35yyIW7Lwt26QfEA5CRHDAI7xY/6lGUZCeEOx67rBGU1gk2CO9WinqMwG7SqlgzWmtGLE43xhUQg0Otq2dsZDC/X1lcT9dMhCCMG8m0q0wwCzyGPvXK3vZgC4RKW9ylQ6iqQLdQGtKNJeawJx/UenDuYqHLr+UgRGUxHlyorsg3+lZVvxngZFBAleoWW5MA+xjriQsHLm0ScQrGicG9W1dOfQX0RIOVBec6/eV0ZSO63OFjXnVCLL3c/N7KtOOSMDegC51gSDc16sOHnmhTVyKJPm0nUEGU7cwTsHzmm8loLnK6Ox357CgSdjmdzv/+wCTedPgpEibDlYbSen2HcBP1LmBW3OHYx4SYafXplca268pn7NnCrWXx3w0U6IL4w6hUuW/bRcOgQQykamW1EpbfSJNTAdHReHesKolEWNCa0CsNRKoKurjVQ6ZrQApQlhsF7P7wAQEDu2zp2ME86Zj9HjF8sNu2H5bOqrvtLrG/T7vD60JyhMd3mfk+ok2HJE6B7XB1UnyjQEHZK5bSvAMGM+AVEq5XXb6cq7iY9v3yGNB18/m5umCYlhyPupWcoYpQinrxaA2UZgdWOp6M097VzD6+eB5Jx1i8wYyEjqeAsYT4=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR05MB6109.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(346002)(366004)(39860400002)(396003)(136003)(376002)(451199015)(4326008)(966005)(91956017)(66946007)(66556008)(66446008)(478600001)(76116006)(64756008)(33656002)(66476007)(2616005)(6486002)(110136005)(54906003)(186003)(36756003)(316002)(86362001)(5660300002)(26005)(8676002)(83380400001)(6512007)(53546011)(41300700001)(38100700002)(71200400001)(8936002)(6506007)(2906002)(38070700005)(122000001)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 1Iq0M10ZfhBG0HSLXEEppuby4yGRwSC7g3hbn2e9vbtnwUvTl2Zj3bRSC8QgzUkOapu2/eBGdwoz6CZuTIqQeT9MtvXxbvGe+/2wnErh3vJNLvypAgHSvmrDyMIUQfWzbGNH0EqG6KlXgf8GLcyZj6BSQUdxaP3hIuJ5eOgEQUTtuuCaDeCGEtOhKm+E8OiOO3jOkhKkN9SQRjqWiSeELL6TsnIdyCMdpBqx1AVbxOgeg1+gd5Myf6ETvGUW48ZfLMpEjmQBbApWe/0DY9N6lEdBcmwYFtdA90fR6eG3lstBufSDTDu9L6ZyGogEyxgo7ResmNE763hiSwQ9eZWVY4yKi4z9vUj0l7Od+1hoMQqrnPv8yimUJ1c2mp0KmyOOTUuxIUvC+XHtWxJ4K7wGUgzpJUESVUKH6dvZlLigZ1IZd6vVeJkoxWq9mtBwEiSZ5+qr+0fa9v52Y1z9t/PK78WG/NUuTD9o0q2RmrK42/UXI18XmMqtgaLZf6WleOY0m7e3/2SoxQpwosgoDMnOs8PzXSSdolf+OkOPbRwBWG113OrROvy7X3hgL49HhE7QXO/c/PEDVXZSXj7tOOdcZJnRlCNEDzJQ4iZQfXSQW3+UQONkPgHpkfnth19/zxqFkBgqvMyXFlVMzQLQ3aif9ev7iD3H/dSZg9vkI6zjrh9KDYwkjha9AanWrPaISqm2YZpGHr00Pre3pFuCZ8rLlXOOJn+AH6qiRVIlCaG+qo5yn0CaX8xuRY8TrHNeG1ZXH+CsqfSsf9hb8UJ0RfVcrVA6uXjD/bT1Qn9olKeITPAOcGlSmM+DqEjYcMJt5hTNtIA/aUq1EeVbq9NWZf4WmysCMV5lcBzeTVZBbWtcFs1och8ln3rCU++7Zu28vSopDxU+EPMSfMguecu92NnfPKQAkjL7RMGWgaKzWUh8NfNaQpr6WJnIFOvDFigtXPTjm5g4rzKiuXIbK4vZxruj+hEvlPL7CX9H1UdpPdOX58gN6qppKaBCnLo33moqasFY5qfRO577a6yCESkkfj8lUxo/p0uCyvjmKKDx2+I/H5tvPLvzqR4dsLpZJENAUn7WwLp/QJ7PsZ2jGrtRjkJ+onbiAAiT4DeY7sHZVUW2aDu4AiGcCocuOWEIgutTZ600nDK4zm80KMVsmhyuUtz/ZG94CY+PpNMzj+Umo2sgRRGNZnmxb5JkHo06LWvLMWg+1TMWxUFDcg3HZQUuAkdmhNPbsFLwPeMMmFDuNQiZJLpP/A/V38z7RDRvM/d5FtXc4chBG31rSZCblSO4+o1NfR0zasL67E6+DexecHGz/QDFZHw1jrQpi63pnPpuFuWlNrPOyjkbn6osONaGE86rllH+U4GQVJRhhNbd/0RERHUU41GETstO/ORlvSNJUiuxdCkh6rj8yv+AbG9r+umvoJ6HpwlIsm9japdLDPESq/g71NxH1YDhp6oPRsjUCk967uI3e0hwvBl4+cofFWj937TEkmPfzwQ0yTGEZhpAXWnfqRB84LrmzvDH7T9T+VSLiV9EZh0IBMvH817xrgORRqLNh2GK+aMAZDtLCp0vneiEePnxrZT5oMAoGpOwS7Nc
Content-Type: text/plain; charset="utf-8"
Content-ID: <2441A316084C85419449B643932D754F@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR05MB6109.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: d532be0a-121f-47c3-4ffb-08daa0c8a92a
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Sep 2022 20:41:31.7903 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: i7UjLZWB+EEk/fvUQGs8a84bX5kdPk+6/V0Ktuo46iuNznWMfq1X9TEDKB6CkbT2
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR05MB7798
X-Proofpoint-ORIG-GUID: s4GN8SqKtEu_u8sAKOT29R5JyuvfvLXK
X-Proofpoint-GUID: s4GN8SqKtEu_u8sAKOT29R5JyuvfvLXK
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-09-27_10,2022-09-27_01,2022-06-22_01
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 lowpriorityscore=0 clxscore=1015 phishscore=0 impostorscore=0 mlxlogscore=999 spamscore=0 bulkscore=0 suspectscore=0 malwarescore=0 mlxscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2209270126
Archived-At: <https://mailarchive.ietf.org/arch/msg/teas/kIUDXajzJqFrE4LExysTAqtDYCI>
Subject: Re: [Teas] Murray Kucherawy's No Objection on draft-ietf-lsr-isis-rfc5316bis-04: (with COMMENT)
X-BeenThere: teas@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Traffic Engineering Architecture and Signaling working group discussion list <teas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teas>, <mailto:teas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teas/>
List-Post: <mailto:teas@ietf.org>
List-Help: <mailto:teas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teas>, <mailto:teas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Sep 2022 20:41:48 -0000

Hi Les and other authors,

I didn’t see a reply to Murray’s comment. It’s not a DISCUSS so not mandatory for you to reply but it would be appreciated.

Of Murray’s comments, I personally don’t think RFC 7981 needs to be normative, the test being that if you never looked at 7981 you’d still know how to update the registry as Section 6.3 requests.

On looking at the RFC 4271 references, in looking at the second reference to it:

   Note further that if BGP is used to exchange TE
   information as described in Section 4.1, the inter-AS BGP session
   SHOULD be secured using mechanisms as described in [RFC4271] to
   provide authentication and integrity checks.

I noticed a more serious concern of my own; I’m not sure how I missed this. To wit, RFC 4271 specifies use of TCP-MD5 [RFC 2385] for authentication/integrity. But 2385 was obsoleted by TCP-AO [RFC 5925]. Probably it would be better to say something like

   Note further that if BGP is used to exchange TE
   information as described in Section 4.1, the inter-AS BGP session
   SHOULD be secured using mechanisms such as those described in [RFC5925] to
   provide authentication and integrity checks.

And then add 5925 as, I suppose, a normative reference. Although I did sneak “such as” in there, since there are other ways to secure BGP as well (for example it’s been known to run it over IPSec, or people do use TCP-MD5 despite it being obsoleted). 

I apologize for not noticing this sooner!

Regarding Murray’s comments on SHOULDs, it looks as though the ones regarding Section 3 (all subsections) are overtaken by events (Murray, check if you like; most of the SHOULDs are gone and IMO the ones in §3.1 are sufficiently qualified). The points about Section 4 are unchanged but I’d like to point out that Section 4 itself is unchanged vs. the base RFC 5316 so I had chosen to let sleeping dogs lie. 

—John

> On Sep 22, 2022, at 2:17 AM, Murray Kucherawy via Datatracker <noreply@ietf.org> wrote:
> 
> Murray Kucherawy has entered the following ballot position for
> draft-ietf-lsr-isis-rfc5316bis-04: No Objection
> 
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
> 
> 
> Please refer to https://urldefense.com/v3/__https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/__;!!NEt6yMaO-gk!HB2wVApMPYK0lcGJi-MJje2u_7UwRYvbgYV8xUgKlMyST3sMGh33yhvlbOGfQcFEZ2AE-vijj-SY$
> for more information about how to handle DISCUSS and COMMENT positions.
> 
> 
> The document, along with other ballot positions, can be found here:
> https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-ietf-lsr-isis-rfc5316bis/__;!!NEt6yMaO-gk!HB2wVApMPYK0lcGJi-MJje2u_7UwRYvbgYV8xUgKlMyST3sMGh33yhvlbOGfQcFEZ2AE-sFQ5Tno$
> 
> 
> 
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
> 
> I support Alvaro's DISCUSS, and add my own comments related to his first point:
> 
> The first two SHOULDs in Section 3.1 would benefit from some guidance about
> when an implementer might opt to deviate from that advice.  This occurs again
> Sections 3.3.4, 3.4.1, 3.4.2, the top of Section 4 (two SHOULDs) and the bottom
> of Section 4 (two SHOULD NOTs).
> 
> Given Section 6.3, I think RFC7981 should be a normative reference rather than
> an informative one.
> 
> I think RFC4271 also needs to be normative since it's referenced by a SHOULD.
> 
> 
> 
> _______________________________________________
> Teas mailing list
> Teas@ietf.org
> https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/teas__;!!NEt6yMaO-gk!HB2wVApMPYK0lcGJi-MJje2u_7UwRYvbgYV8xUgKlMyST3sMGh33yhvlbOGfQcFEZ2AE-i-Sv7mQ$

v2.23.0 | Report a Bug | By Email