Re: [trill] draft-ietf-trill-o-pw comments

Donald Eastlake <d3e3e3@gmail.com> Tue, 26 November 2013 21:52 UTC

MIME-Version: 1.0
In-Reply-To: <52938AC0.5060901@acm.org>
References: <52938AC0.5060901@acm.org>
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Tue, 26 Nov 2013 16:52:04 -0500
Message-ID: <CAF4+nEGxbc-as6bZ5TNXoLGoYCsZtSxO7f7Ws4=PpohdaVgkBQ@mail.gmail.com>
To: Erik Nordmark <nordmark@acm.org>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: "trill@ietf.org" <trill@ietf.org>
Subject: Re: [trill] draft-ietf-trill-o-pw comments
Precedence: list

Hi Erik,

Replying as an author:

On Mon, Nov 25, 2013 at 12:37 PM, Erik Nordmark <nordmark@acm.org> wrote:
>
> I've reviewed the document before writing up the PROTO.
> A few requests for clarifications.
>
> The two packet formats include a specific bit pattern:
>       |      PPP Header 0x005d        |  2 octets
>
>       |      PPP Header 0x405d        |  2 octets
>
> For the un-initiated it would make sense to add a reference in the text
> below the figures. Something like "The PPP Header (0x005d and 0x405d
> respectively) is the header for data frames and IS-IS packets as specified
> in RFC XXX". (Or something in that vein.)

OK.

> In security considerations we have
>    For security considerations introduced by carrying PPP TRILL links
>    over pseudowires, see [RFC3985].
> I assume RFC 3985 doesn't talk about TRILL - but about PPP in general. Thus
> it would be more clear if we drop "TRILL" from that sentence.

Actually, RFC 3985 is not PPP specific but talks about the risks
generally introduced by sending protocols that previously assumed a
local point-to-point link on a pseudo wire built on a packet switched
network. So I suggest replacing

"For security considerations introduced by carrying PPP TRILL links
over pseudowires, see [RFC3985]."
   with
"For security considerations introduced by carrying PPP TRILL links
over pseudowires, see [RFC3985] which discusses the risks introduced
by sending protocols that previously assumed a point-to-point link on
a pseudo wire built on a packet switched network (PSN)."

> The 3rd paragraph starts with
>    Not all implementations need to include specific security mechanisms
>    at the pseudowire layer ...
> Is this a relaxation of the general PW security requirements? Or merely
> re-stating the stance for security for PW? It would make sense to spell that
> out in the document.

That paragraph is an edit of the following paragraph that appears in
the Security Considerations section of RFC 6361 on TRILL over PPP:

   Not all implementations need to include specific security mechanisms
   at the PPP layer, for example if they are designed to be deployed
   only in cases where the networking environment is trusted or where
   other layers provide adequate security.  A complete enumeration of
   possible deployment scenarios and associated threats and options is
   not possible and is outside the scope of this document.  For
   applications involving sensitive data, end-to-end security should
   always be considered in addition to link security to provide security
   in depth.

I think the paragraph is just talking about the range of security
environments and PWE3 TRILL transport uses, that in some cases you
don't need to worry so much about it while in others you should also
be using end station to end station security no matter how good you
think your PWE3 security is. I also think it would be better if "...
implementations need to include ..." was replaced by "... deployments
need to use ..." or something like that.

Thanks,
Donald
=============================
 Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
 155 Beaver Street, Milford, MA 01757 USA
 d3e3e3@gmail.com

>    Erik

[trill] draft-ietf-trill-o-pw comments Erik Nordmark
Re: [trill] draft-ietf-trill-o-pw comments Donald Eastlake
Re: [trill] draft-ietf-trill-o-pw comments Erik Nordmark
Re: [trill] draft-ietf-trill-o-pw comments Donald Eastlake