Re: [Tsv-art] [lisp] Tsvart last call review of draft-ietf-lisp-pubsub-10
Joel Halpern <jmh.direct@joelhalpern.com> Wed, 15 February 2023 22:17 UTC
Return-Path: <jmh.direct@joelhalpern.com>
X-Original-To: tsv-art@ietfa.amsl.com
Delivered-To: tsv-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63652C16B5B5; Wed, 15 Feb 2023 14:17:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.086
X-Spam-Level:
X-Spam-Status: No, score=-7.086 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=joelhalpern.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3dpFfD8G2S5Q; Wed, 15 Feb 2023 14:16:58 -0800 (PST)
Received: from mailb2.tigertech.net (mailb2.tigertech.net [208.80.4.154]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 41BD7C14F726; Wed, 15 Feb 2023 14:16:58 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mailb2.tigertech.net (Postfix) with ESMTP id 4PHC9P5scfz1nvgD; Wed, 15 Feb 2023 14:16:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=joelhalpern.com; s=2.tigertech; t=1676499417; bh=DdtaJqu7jCwk9F8HMqAJmFWh6dqKrjBwNyjoXTycvZk=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=FY4oTkwBntLGcaX9++vI7hfOOwTRghjJ2M9JwHYEXa7gmWQxk7SE+fG7HcM8bmXnZ f4qEmhp6PhkS1uvi8bzllKP/jrh2eu6/tVexnERZNwNNgB01rRuznqcphGdkgIbqQa EjUbAIvfmtytCp8A93R6NQZpI5FRg9j3tiXSbpt0=
X-Quarantine-ID: <2Oxv5LSEpuej>
X-Virus-Scanned: Debian amavisd-new at b2.tigertech.net
Received: from [192.168.21.74] (unknown [50.233.136.230]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by mailb2.tigertech.net (Postfix) with ESMTPSA id 4PHC9M07lkz1nsmx; Wed, 15 Feb 2023 14:16:54 -0800 (PST)
Content-Type: multipart/alternative; boundary="------------YYFPU6SYJps0rIYrjLNvk1WA"
Message-ID: <8ab7d325-7a7b-76ac-3079-e51c199a7e28@joelhalpern.com>
Date: Wed, 15 Feb 2023 17:16:52 -0500
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.7.2
Content-Language: en-US
To: Dino Farinacci <farinacci@gmail.com>, Joel Halpern <jmh@joelhalpern.com>
Cc: mohamed.boucadair@orange.com, Magnus Westerlund <magnus.westerlund@ericsson.com>, "Alberto Rodriguez-Natal (natal)" <natal@cisco.com>, tsv-art@ietf.org, draft-ietf-lisp-pubsub.all@ietf.org, last-call@ietf.org, lisp@ietf.org
References: <7287e948-2f10-953a-6c50-e6657cac6542@joelhalpern.com> <A6EF84ED-82C7-4C46-9907-464DA49009C1@gmail.com>
From: Joel Halpern <jmh.direct@joelhalpern.com>
In-Reply-To: <A6EF84ED-82C7-4C46-9907-464DA49009C1@gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsv-art/YJOOdnudmNYd4-vzhVjZfbdsjbE>
Subject: Re: [Tsv-art] [lisp] Tsvart last call review of draft-ietf-lisp-pubsub-10
X-BeenThere: tsv-art@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Transport Area Review Team <tsv-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsv-art>, <mailto:tsv-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsv-art/>
List-Post: <mailto:tsv-art@ietf.org>
List-Help: <mailto:tsv-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsv-art>, <mailto:tsv-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Feb 2023 22:17:02 -0000
Well, the security folks usually want a stateless solution to this sort of problem. The nonce increment requries keeping state per pending correspondent. Yours, Joel On 2/15/2023 4:46 PM, Dino Farinacci wrote: > Tell me what you all think. Can the map-server just store the nonce > and then the next Map-Request have the map-server require nance+1? > > Stops reply attacks at only the cost of storing an additional 64 bits. > Do you think that solves the problem? > > Dino > >> On Feb 15, 2023, at 10:49 AM, Joel Halpern <jmh@joelhalpern.com> wrote: >> >> >> >> Given that a lot of the use cases have a lot of legitimate users, I >> think magnus concern is reasonable, but I am willing to settle for less. >> >> If I am reading things right, the xTR<->Map_Resolver exchanges for >> pub-sub SHOULD use LISP-SEC. >> >> And the Map-Resolver<->Map Server exchanges should magically know >> that the Map Resolvers are doing so? >> >> The SHOULD needs some explanation as to when it is okay not to, or >> else it ought to be upgraded to a MUST. >> >> The Map Server requirement seems like it would benefit from some >> explanation as to how this knowledge would exist. >> >> Yours, >> >> Joel >> >> PS: If LISP Sec can be used along the lines Dino indicated, taht >> would be a nice way to combine some of the protections and better >> address the issues. >> >> On 2/15/2023 1:36 PM, mohamed.boucadair@orange.com wrote: >>> >>> Hi Joel, >>> >>> The proposal is not to restrict the usage of PubSub to “limited >>> domains” as per RFC8799. Please refer to >>> https://github.com/boucadair/draft-ietf-lisp-pubsub/pull/16/files to >>> see the text we are planning to include as applicability scope. >>> >>> I think this is a reasonable suggestion especially that we want to >>> leverage 9301/9303. >>> >>> Thank you. >>> >>> Cheers, >>> >>> Med >>> >>> *De :*Joel Halpern <jmh@joelhalpern.com> >>> *Envoyé :* mercredi 15 février 2023 17:32 >>> *À :* BOUCADAIR Mohamed INNOV/NET <mohamed.boucadair@orange.com>; >>> Magnus Westerlund <magnus.westerlund@ericsson.com>; Alberto >>> Rodriguez-Natal (natal) <natal@cisco.com>; tsv-art@ietf.org >>> *Cc :* draft-ietf-lisp-pubsub.all@ietf.org; last-call@ietf.org; >>> lisp@ietf.org >>> *Objet :* Re: [lisp] Tsvart last call review of >>> draft-ietf-lisp-pubsub-10 >>> >>> Hmmm. >>> >>> Maybe I misunderstood, but a lot of the uses I have seen for the >>> pub-sub mechanism do not seem to be limited enough to qualify for >>> being a limited domain. >>> >>> On the other hand, the general idea of the DDOS prevention mechanism >>> (modeled loosely on the prevention of TCP State attacks) seems >>> valuable and easy to add. If a Map Server serving a broad community >>> gets a pub-sub subscription request, and it is under any significant >>> load, it can >>> >>> 1) craft a security token hashing the request, the current time, and >>> a private key (and whatever else security says is needed >>> >>> 2) Sending the token and time back to the requestor in an error >>> >>> 3) When the requestor sends back the request, it includes the >>> timestamp and token. The server only processes the request if the >>> information validates. >>> >>> This validates that the response actually went to the requestor, and >>> was a real request. Yes, it slightly slows down the pub-sub >>> registration under load. >>> >>> I don't know if I caught all of Magnus' issue, but this would seem a >>> good thing to do. >>> >>> Yours, >>> >>> Joel >>> >>> On 2/15/2023 3:24 AM, mohamed.boucadair@orange.com wrote: >>> >>> Hi Magnus, >>> >>> Thank you for the follow-up. >>> >>> First, your observation on the verification procedure at the >>> Map-Server is fair. We have documented the issue in >>> draft-boucadair-lisp-pubsub-flow-examples-03.html#name-failed-notification-with-ret >>> <https://www.ietf.org/archive/id/draft-boucadair-lisp-pubsub-flow-examples-03.html#name-failed-notification-with-ret> >>> and discussed the alternative to strengthen the verification >>> based on the timestamp but we had also the constraint to >>> navigate in the LISP environment where LISP-SEC messages are not >>> timestamped. We think that the procedure in the draft is a good >>> compromise of what we can achieve given that constraint. FWIW, >>> the full reasoning is available at: timestamp to prevent replay >>> attacks · Issue #1 · boucadair/draft-ietf-lisp-pubsub >>> (github.com) >>> <https://github.com/boucadair/draft-ietf-lisp-pubsub/issues/1>. >>> >>> Second, I support your proposal to add an applicability >>> statement to the document. The content will be basically moving >>> (and adjusting the language) the following text in Section 7 to >>> that section: >>> >>> OLD: >>> >>> It is also RECOMMENDED that the Map-Resolver >>> >>> verifies that the xTR is allowed to use PubSub and to use the >>> xTR-ID >>> >>> and ITR-RLOCs included in the Map-Request. Map-Servers SHOULD be >>> >>> configured to only accept subscription requests from Map-Resolvers >>> >>> that verify Map-Requests as previously described. >>> >>> I let Alberto further comment as appropriate. >>> >>> Cheers, >>> >>> Med >>> >>> *De :*Magnus Westerlund <magnus.westerlund@ericsson.com> >>> <mailto:magnus.westerlund@ericsson.com> >>> *Envoyé :* mercredi 15 février 2023 08:33 >>> *À :* Alberto Rodriguez-Natal (natal) <natal@cisco.com> >>> <mailto:natal@cisco.com>; BOUCADAIR Mohamed INNOV/NET >>> <mohamed.boucadair@orange.com> >>> <mailto:mohamed.boucadair@orange.com>; tsv-art@ietf.org >>> *Cc :* draft-ietf-lisp-pubsub.all@ietf.org; last-call@ietf.org; >>> lisp@ietf.org >>> *Objet :* Re: Tsvart last call review of draft-ietf-lisp-pubsub-10 >>> >>> Hi, >>> >>> Thanks for the many improvements and I think this is likely safe >>> enough for limited deployments when the Map-Server are not open >>> to any xTR to send requests. I don’t think this is safe enough >>> for general Internet usage for two reasons. First, the >>> verification procedure forces the MAP-Server to hold state >>> rather than the requestor and the messages only. Secondly, a lot >>> of the security procedures are only RECOMMEND/SHOULD. For an >>> open Internet I think a more tightly defined security mechanisms >>> and protection profile should be specified. >>> >>> Thus, my recommendation would be to add an applicability >>> statement to the document making clear that this is intended for >>> the deployments with more limited access to Map-Servers than >>> what an open internet deployment provides. >>> >>> Cheers >>> >>> Magnus Westerlund >>> >>> *From: *Alberto Rodriguez-Natal (natal) <natal@cisco.com> >>> *Date: *Monday, 13 February 2023 at 20:26 >>> *To: *mohamed.boucadair@orange.com >>> <mohamed.boucadair@orange.com>, Magnus Westerlund >>> <magnus.westerlund@ericsson.com>, tsv-art@ietf.org >>> <tsv-art@ietf.org> >>> *Cc: *draft-ietf-lisp-pubsub.all@ietf.org >>> <draft-ietf-lisp-pubsub.all@ietf.org>, last-call@ietf.org >>> <last-call@ietf.org>, lisp@ietf.org <lisp@ietf.org> >>> *Subject: *Re: Tsvart last call review of draft-ietf-lisp-pubsub-10 >>> >>> Hi Magnus, >>> >>> Just FYI, we have just published a new revision that further >>> polishes some details. >>> >>> https://datatracker.ietf.org/doc/html/draft-ietf-lisp-pubsub-12 >>> >>> https://author-tools.ietf.org/iddiff?url2=draft-ietf-lisp-pubsub-12 >>> >>> Thanks! >>> >>> Alberto >>> >>> *From: *mohamed.boucadair@orange.com <mohamed.boucadair@orange.com> >>> *Date: *Friday, February 10, 2023 at 3:55 PM >>> *To: *Magnus Westerlund <magnus.westerlund@ericsson.com>, >>> Alberto Rodriguez-Natal (natal) <natal@cisco.com>, >>> tsv-art@ietf.org <tsv-art@ietf.org> >>> *Cc: *draft-ietf-lisp-pubsub.all@ietf.org >>> <draft-ietf-lisp-pubsub.all@ietf.org>, last-call@ietf.org >>> <last-call@ietf.org>, lisp@ietf.org <lisp@ietf.org> >>> *Subject: *RE: Tsvart last call review of draft-ietf-lisp-pubsub-10 >>> >>> Hi Magnus, >>> >>> FWIW, an updated version that implements the changes that were >>> discussed in this thread is now online: >>> >>> https://author-tools.ietf.org/iddiff?url2=draft-ietf-lisp-pubsub-11 >>> <https://author-tools.ietf.org/iddiff?url2=draft-ietf-lisp-pubsub-11> >>> >>> Cheers, >>> >>> Med >>> >>> *De :*BOUCADAIR Mohamed INNOV/NET >>> *Envoyé :* mardi 7 février 2023 13:15 >>> *À :* 'Magnus Westerlund' <magnus.westerlund@ericsson.com>; >>> Alberto Rodriguez-Natal (natal) <natal@cisco.com>; tsv-art@ietf.org >>> *Cc :* draft-ietf-lisp-pubsub.all@ietf.org; last-call@ietf.org; >>> lisp@ietf.org >>> *Objet :* RE: Tsvart last call review of draft-ietf-lisp-pubsub-10 >>> >>> Hi Magnus, >>> >>> Thanks for the follow-up. >>> >>> Please see inline. >>> >>> Cheers, >>> >>> Med >>> >>> *De :*Magnus Westerlund <magnus.westerlund@ericsson.com> >>> *Envoyé :* vendredi 3 février 2023 10:49 >>> *À :* BOUCADAIR Mohamed INNOV/NET >>> <mohamed.boucadair@orange.com>; Alberto Rodriguez-Natal (natal) >>> <natal@cisco.com>; tsv-art@ietf.org >>> *Cc :* draft-ietf-lisp-pubsub.all@ietf.org; last-call@ietf.org; >>> lisp@ietf.org >>> *Objet :* Re: Tsvart last call review of draft-ietf-lisp-pubsub-10 >>> >>> Hi Med, >>> >>> Thanks, so that at least you can have a clear notification of >>> the removal unless the packet loss rate is to high. What, is >>> less ideal is the number of total messages that is going to be >>> sent here towards the source address that sent a Map-Register? >>> >>> */[Med] I guess you meant Map-Request. Yes, there is a balance >>> between the chattiness vs. reverse-routeablity checks and also >>> the constraints imposed by the base spec for retransmission >>> Map-Notifies. Having an explicit indication is superior as it >>> allows an xTR to reinstall the state, otherwise it will be out >>> of sync. /* >>> >>> *//* >>> >>> It would be good to have understanding of the amplification >>> factor here that an attacker gets out it. >>> >>> */[Med] Such attacks assume that a Map-Request passes the >>> authentication checks. This is typically the case of replayed >>> Map-Requests. As you can see in >>> https://datatracker.ietf.org/doc/draft-boucadair-lisp-pubsub-flow-examples/, >>> a check based on the nonce would be sufficient to detect >>> replayed messages: the nonce has to be greater than the local >>> one. The message will be then silently ignored. We will be >>> adding more details about nonce checks to the draft./* >>> >>> *//* >>> >>> Also beyond rate limiting, is there a possibility here to reject >>> the MAP-requests from a source address, without causing a denial >>> of service attack possibility? My shallow review seem to >>> indicate that there exist such a risk. What I am considering is >>> that there is a legit xTR (B) with IP (IP-B). If the attacker >>> sends a MAP-Request with nonce-A, with IP source address IP-B. >>> >>> */[Med] If the nonce checks are in place, this request will be >>> silently discarded./* >>> >>> *//* >>> >>> The Map-Notify will go to B. B can’t map this to a request it >>> made as no Nonce matches what it sends and discards the message. >>> Thus, the map server getting a mix of legit and spoofed requests >>> may decide to band IP-B from asking things, thus enabling a >>> denial of service on B. >>> >>> The above worries me a bit as some mitigation may have really >>> unwanted effects here. >>> >>> Cheers >>> >>> Magnus >>> >>> *From: *mohamed.boucadair@orange.com <mohamed.boucadair@orange.com> >>> *Date: *Monday, 30 January 2023 at 13:45 >>> *To: *Alberto Rodriguez-Natal (natal) <natal@cisco.com>, Magnus >>> Westerlund <magnus.westerlund@ericsson.com>, tsv-art@ietf.org >>> <tsv-art@ietf.org> >>> *Cc: *draft-ietf-lisp-pubsub.all@ietf.org >>> <draft-ietf-lisp-pubsub.all@ietf.org>, last-call@ietf.org >>> <last-call@ietf.org>, lisp@ietf.org <lisp@ietf.org> >>> *Subject: *RE: Tsvart last call review of draft-ietf-lisp-pubsub-10 >>> >>> Re-, >>> >>> Please see inline. >>> >>> Cheers, >>> Med >>> >>> > -----Message d'origine----- >>> > De : Alberto Rodriguez-Natal (natal) <natal@cisco.com> >>> > Envoyé : lundi 30 janvier 2023 12:27 >>> > À : Magnus Westerlund <magnus.westerlund@ericsson.com>; tsv- >>> > art@ietf.org >>> > Cc : draft-ietf-lisp-pubsub.all@ietf.org; last-call@ietf.org; >>> > lisp@ietf.org >>> > Objet : Re: Tsvart last call review of draft-ietf-lisp-pubsub-10 >>> > >>> > Hi Magnus, >>> > >>> > Thanks again, please see inline. >>> > >>> > Alberto >>> > >>> > From: Magnus Westerlund <magnus.westerlund@ericsson.com> >>> > Date: Monday, January 30, 2023 at 9:46 AM >>> > To: Alberto Rodriguez-Natal (natal) <natal@cisco.com>, tsv- >>> > art@ietf.org <tsv-art@ietf.org> >>> > Cc: draft-ietf-lisp-pubsub.all@ietf.org <draft-ietf-lisp- >>> > pubsub.all@ietf.org>, last-call@ietf.org <last-call@ietf.org>, >>> > lisp@ietf.org <lisp@ietf.org> >>> > Subject: Re: Tsvart last call review of draft-ietf-lisp-pubsub-10 >>> > Hi Alberto, >>> > >>> > I think the below maybe works, but I like to point out that the >>> > Map-Server per the below is likely a larger DDoS traffic reflector >>> > than if you require a one-to-one exchange where each subscription >>> > request only results in a single response message. Using Map- >>> > Notify and requiring Ack will result in that at least 3 Map- >>> > Notifies are being sent. >>> > >>> > [AR] Right, but this is required if we want to align with RFC9301, >>> > afaik. >>> >>> [Med] ACK. RFC9301 says the following: >>> >>> A >>> Map-Notify is retransmitted until a Map-Notify-Ack is >>> received by the >>> Map-Server with the same nonce used in the Map-Notify message. >>> >>> > >>> > I am also worried about the state uncertainty here. Because if the >>> > client sends Map-Notify-Ack on a Map-Notify it will think the >>> > subscription has succeeded, but if that ACK is lost and the >>> > MapServer has used up all retransmission it will silently remove >>> > the requested subscription. Is that not an issue? >>> > >>> > [AR] I've been thinking about this as well. Maybe some middle >>> > ground, assuming that xTRs can be authenticated to some extend as >>> > being discussed in the other email, could be as follows. Rather >>> > than wait for the Map-Notify-Ack to mark the subscription state as >>> > completed, we still mark the subscription as complete as soon as >>> > the Map-Notify is sent. We still wait for the Map-Notify-Ack to be >>> > received, and if we exhaust all the retransmissions without >>> > receiving it, we don't remove the subscription, we keep it as >>> > unacknowledged. However, we only allow the xTR to have a single >>> > unacknowledged subscription, subsequent subscription requests from >>> > the same xTR will be denied (i.e. Map-Reply returned) until the >>> > xTR is able to properly subscribe and acknowledge the previous >>> > one. Maybe this could work? >>> > >>> >>> [Med] Rather than keeping the state, the Map-Server can remove >>> the unacknowledged subscription with a Map-Notify with AFI = 0. >>> We may also consider defining a new ACT value so the xTR have a >>> hint about why the subscription was removed. >>> >>> >>> >>> >>> _________________________________________________________________________________________________________________________ >>> >>> >>> >>> Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc >>> >>> pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler >>> >>> a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, >>> >>> Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. >>> >>> >>> >>> This message and its attachments may contain confidential or privileged information that may be protected by law; >>> >>> they should not be distributed, used or copied without authorisation. >>> >>> If you have received this email in error, please notify the sender and delete this message and its attachments. >>> >>> As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. >>> >>> Thank you. >>> >>> _________________________________________________________________________________________________________________________ >>> >>> Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc >>> >>> pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler >>> >>> a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, >>> >>> Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. >>> >>> This message and its attachments may contain confidential or privileged information that may be protected by law; >>> >>> they should not be distributed, used or copied without authorisation. >>> >>> If you have received this email in error, please notify the sender and delete this message and its attachments. >>> >>> As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. >>> >>> Thank you. >>> >>> >>> >>> _________________________________________________________________________________________________________________________ >>> >>> Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc >>> pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler >>> a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, >>> Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. >>> >>> This message and its attachments may contain confidential or privileged information that may be protected by law; >>> they should not be distributed, used or copied without authorisation. >>> If you have received this email in error, please notify the sender and delete this message and its attachments. >>> As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. >>> Thank you. >> _______________________________________________ >> lisp mailing list >> lisp@ietf.org >> https://www.ietf.org/mailman/listinfo/lisp
- [Tsv-art] Tsvart last call review of draft-ietf-l… Magnus Westerlund via Datatracker
- Re: [Tsv-art] [Last-Call] Tsvart last call review… mohamed.boucadair
- Re: [Tsv-art] [Last-Call] Tsvart last call review… Magnus Westerlund
- Re: [Tsv-art] Tsvart last call review of draft-ie… Alberto Rodriguez-Natal (natal)
- Re: [Tsv-art] Tsvart last call review of draft-ie… Magnus Westerlund
- Re: [Tsv-art] [Last-Call] Tsvart last call review… mohamed.boucadair
- Re: [Tsv-art] [Last-Call] Tsvart last call review… Magnus Westerlund
- Re: [Tsv-art] [Last-Call] Tsvart last call review… mohamed.boucadair
- Re: [Tsv-art] Tsvart last call review of draft-ie… Alberto Rodriguez-Natal (natal)
- Re: [Tsv-art] [Last-Call] Tsvart last call review… Magnus Westerlund
- Re: [Tsv-art] Tsvart last call review of draft-ie… Magnus Westerlund
- Re: [Tsv-art] [Last-Call] Tsvart last call review… mohamed.boucadair
- Re: [Tsv-art] [Last-Call] Tsvart last call review… Magnus Westerlund
- Re: [Tsv-art] [Last-Call] Tsvart last call review… Alberto Rodriguez-Natal (natal)
- Re: [Tsv-art] Tsvart last call review of draft-ie… Alberto Rodriguez-Natal (natal)
- Re: [Tsv-art] Tsvart last call review of draft-ie… mohamed.boucadair
- Re: [Tsv-art] Tsvart last call review of draft-ie… Magnus Westerlund
- Re: [Tsv-art] Tsvart last call review of draft-ie… mohamed.boucadair
- Re: [Tsv-art] Tsvart last call review of draft-ie… mohamed.boucadair
- Re: [Tsv-art] Tsvart last call review of draft-ie… Alberto Rodriguez-Natal (natal)
- Re: [Tsv-art] Tsvart last call review of draft-ie… Magnus Westerlund
- Re: [Tsv-art] Tsvart last call review of draft-ie… mohamed.boucadair
- Re: [Tsv-art] Tsvart last call review of draft-ie… Alberto Rodriguez-Natal (natal)
- Re: [Tsv-art] [lisp] Tsvart last call review of d… Joel Halpern
- Re: [Tsv-art] [lisp] Tsvart last call review of d… Dino Farinacci
- Re: [Tsv-art] [lisp] Tsvart last call review of d… Alberto Rodriguez-Natal (natal)
- Re: [Tsv-art] [lisp] Tsvart last call review of d… mohamed.boucadair
- Re: [Tsv-art] [lisp] Tsvart last call review of d… Joel Halpern
- Re: [Tsv-art] [lisp] Tsvart last call review of d… Dino Farinacci
- Re: [Tsv-art] [lisp] Tsvart last call review of d… Joel Halpern
- Re: [Tsv-art] [lisp] Tsvart last call review of d… Dino Farinacci
- Re: [Tsv-art] [lisp] Tsvart last call review of d… Joel Halpern
- Re: [Tsv-art] [lisp] Tsvart last call review of d… Alberto Rodriguez-Natal (natal)
- Re: [Tsv-art] [lisp] Tsvart last call review of d… Alberto Rodriguez-Natal (natal)
- Re: [Tsv-art] [lisp] Tsvart last call review of d… Alberto Rodriguez-Natal (natal)