Re: [trill] Kathleen Moriarty's Discuss on draft-ietf-trill-transport-over-mpls-07: (with DISCUSS)
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Wed, 14 March 2018 18:29 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: trill@ietfa.amsl.com
Delivered-To: trill@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B2820126C19; Wed, 14 Mar 2018 11:29:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.9
X-Spam-Level:
X-Spam-Status: No, score=0.9 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lMP5vEDqRQFH; Wed, 14 Mar 2018 11:29:31 -0700 (PDT)
Received: from mail-io0-x229.google.com (mail-io0-x229.google.com [IPv6:2607:f8b0:4001:c06::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1BF961200B9; Wed, 14 Mar 2018 11:29:31 -0700 (PDT)
Received: by mail-io0-x229.google.com with SMTP id v10so5509998iob.6; Wed, 14 Mar 2018 11:29:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=sQOVfoCcX5nNpHC6qGKJUI8uDWc2jTF61mg7j1N7d/Y=; b=WHZ3APcvh4eCuspb8IeoqxaMI5bfEHdgEFLY0AtHKWE1H9ck1hGm3aOUxIXP4tSGo6 FZmkviRO4IB9AK7293NK+BVUBaHOFNtlpIOihLyVktTp2nts9/147U4NzJYqtHy1gk2K Pv2e1Oh8/L2/eeLs/+3pli3fWpXVm2jJzM70flsgMwhNQqftTtd0cOO5BjuKGlSuJp/C FWxwjH2PonP0qW1NNtzz4qGQfIk3ATgkEL3MRUey+zjHUsrO9kDKr7AD0EU5j15L63td hDl22mSZ1I9brPW7+wPLazcRQdWU0PzpGohGzZAwMhlOqMGNy9KP2QMdunv6z4zr5J1b lgyQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=sQOVfoCcX5nNpHC6qGKJUI8uDWc2jTF61mg7j1N7d/Y=; b=VxfE77iUuuSvuQiPM3KpHcI9l0BYX0tjTPe97+hh5sSnSDIZt79Nb+gSf0URJhdCeH RXsmlE+2/RXgyLQ6FUe8UYL0m9bKLXOwFPkh1POnTMGrxxZr5f9yQraIzE8EZcLagoM5 jJPI9sW9L02GUSJNpu5Dv9Wbu7OoBAxT/fD58fxFd2v1ZL8Fw3SklIjY3AUeVh9N/TLa jKP8kFRdVZ+Fvc2j55VpaIpAL3wU95f/Hu8DSk+CxYjGdcQxsLOJ07n9Q7TinSk6aE9T ILQpmh/9GZMu79ywBJvkgxKQnjHwFZ8MrEdxawJV44cUDyQaXw6ItSTJQS7gxupZAaiv oSeA==
X-Gm-Message-State: AElRT7GQ74yb+NgQehgNkrieAa3QIx1q6ikZeN0vhjoRUhtlCXJkhvmy DiHq8Z8WaLxSeQl10oLZPmgWUu8ZxKz86RvZJlc=
X-Google-Smtp-Source: AG47ELtHRs1rARWfLx2M85vdKUbLnemeVhMeyTWcZsR4LNHLbeZ8bfcvUvmtue9w8dcrX/egQCkm5UgjVliWmEsdNcc=
X-Received: by 10.107.82.8 with SMTP id g8mr5745354iob.163.1521052170341; Wed, 14 Mar 2018 11:29:30 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.192.156.137 with HTTP; Wed, 14 Mar 2018 11:28:50 -0700 (PDT)
In-Reply-To: <CAF4+nEGo7hYUBbh4FzaOtt2=ufnNKXA7ybARP7yp4H3_AaXTrw@mail.gmail.com>
References: <152046007311.21264.6753387370948470401.idtracker@ietfa.amsl.com> <CAA=duU1oeLWddg=ewEvB=uG+kD45Hg4HvAVkLsHA1xhTRi2-VA@mail.gmail.com> <CAF4+nEGo7hYUBbh4FzaOtt2=ufnNKXA7ybARP7yp4H3_AaXTrw@mail.gmail.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Wed, 14 Mar 2018 14:28:50 -0400
Message-ID: <CAHbuEH6Ces1aGJMb=_TGfAs8gLYpaPq6AoyeLwo-CumrrYCLZA@mail.gmail.com>
To: Donald Eastlake <d3e3e3@gmail.com>
Cc: The IESG <iesg@ietf.org>, draft-ietf-trill-transport-over-mpls@ietf.org, trill-chairs@ietf.org, Susan Hares <shares@ndzh.com>, trill IETF mailing list <trill@ietf.org>, "Andrew G. Malis" <agmalis@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/trill/wRecg1cOniWopP_4lUDb_HSuHhc>
Subject: Re: [trill] Kathleen Moriarty's Discuss on draft-ietf-trill-transport-over-mpls-07: (with DISCUSS)
X-BeenThere: trill@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Developing a hybrid router/bridge." <trill.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trill>, <mailto:trill-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trill/>
List-Post: <mailto:trill@ietf.org>
List-Help: <mailto:trill-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trill>, <mailto:trill-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2018 18:29:33 -0000
Hi Donald, Thanks for the proposed text. Please see inline. On Mon, Mar 12, 2018 at 10:01 PM, Donald Eastlake <d3e3e3@gmail.com> wrote: > Hi Kathleen, > > Would the following replacement Security Considerations section for > draft-ietf-trill-transport-over-mpls be adequate? > > > This document specifies methods using existing standards and > facilities in ways that do not create new security problems. > > For general VPLS security considerations, including discussion of > isolating customers from each other, see [RFC4761] and [RFC4762]. > > For transport of TRILL by Pseudowires security consideration, see > [RFC7173]. In particular, since pseudowires are support by MPLS or IP > which are in turn supported by a link layer, that document recommends > using IP security or the lower link layer security. > > For added security against the compromise of data end-to-end > encryption and authentication should be considered; that is, > encryption and authentication from source end station to destination > end station. Would this be accomplished through IPsec? If encryption and authentication are not employed, what are the risks to tenant isolation since this draft joins TRILL campuses? I think there should be text that explains this risk in addition to the text already proposed. Thanks, Kathleen > > For general TRILL security considerations, see [RFC6325]. > > > Thanks, > Donald > =============================== > Donald E. Eastlake 3rd +1-508-333-2270 (cell) > 155 Beaver Street, Milford, MA 01757 USA > d3e3e3@gmail.com > > On Wed, Mar 7, 2018 at 5:35 PM, Andrew G. Malis <agmalis@gmail.com> wrote: >> >> Kathleen, >> >> I don’t want to speak for the authors. However, I did contribute to this >> draft (although not this specific section). So that said, here’s my two >> cents …. >> >> I agree that first sentence could have been worded better, but the bottom >> line is that depending on the model used, the security considerations for >> RFC 7173, 4761, or 4762 applies, including the discussions in those RFCs on >> issues such as isolation and end-to-end security. Those RFCs are referenced >> in the security section. So the substance is already there, perhaps the >> draft just needs better pointers to it. >> >> Cheers, >> Andy >> >> >> On Wed, Mar 7, 2018 at 5:01 PM, Kathleen Moriarty >> <Kathleen.Moriarty.ietf@gmail.com> wrote: >>> >>> Kathleen Moriarty has entered the following ballot position for >>> draft-ietf-trill-transport-over-mpls-07: Discuss >>> >>> When responding, please keep the subject line intact and reply to all >>> email addresses included in the To and CC lines. (Feel free to cut this >>> introductory paragraph, however.) >>> >>> >>> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html >>> for more information about IESG DISCUSS and COMMENT positions. >>> >>> >>> The document, along with other ballot positions, can be found here: >>> https://datatracker.ietf.org/doc/draft-ietf-trill-transport-over-mpls/ >>> >>> >>> >>> ---------------------------------------------------------------------- >>> DISCUSS: >>> ---------------------------------------------------------------------- >>> >>> I was very surprised to see the following in the security considerations >>> section and would like to work with you on improvements. >>> As an informational document specifying methods that use only >>> existing standards and facilities, this document has no effect on >>> security. >>> >>> Having watched many TRILL documents go by in the last 4 years, we didn't >>> push >>> too hard on security in some cases as a result of the restriction to a >>> campus >>> network. This particular document extends into multi-tenancy where there >>> are >>> certainly security considerations introduced to be able to provide >>> isolation >>> properties. MPLS offers no security and it is being used to join TRILL >>> campuses as described int his draft. This is done without any >>> requirement of >>> an overlay protocol to provide security - why is that the case? >>> Minimally, the >>> considerations need to be explained. Ideally, a solution should be >>> offered to >>> protect tenants when TRILL campuses are joined. >>> >>> >>> >>> >>> _______________________________________________ >>> trill mailing list >>> trill@ietf.org >>> https://www.ietf.org/mailman/listinfo/trill >> >> > -- Best regards, Kathleen
- [trill] Kathleen Moriarty's Discuss on draft-ietf… Kathleen Moriarty
- Re: [trill] Kathleen Moriarty's Discuss on draft-… Andrew G. Malis
- Re: [trill] Kathleen Moriarty's Discuss on draft-… Donald Eastlake
- Re: [trill] Kathleen Moriarty's Discuss on draft-… Kathleen Moriarty
- Re: [trill] Kathleen Moriarty's Discuss on draft-… Donald Eastlake
- Re: [trill] Kathleen Moriarty's Discuss on draft-… Kathleen Moriarty