Re: [v6ops] [EXTERNAL] Re: Improving ND security
"Templin (US), Fred L" <Fred.L.Templin@boeing.com> Mon, 03 August 2020 19:56 UTC
Return-Path: <Fred.L.Templin@boeing.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A3EC53A10E0; Mon, 3 Aug 2020 12:56:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.2
X-Spam-Level:
X-Spam-Status: No, score=-0.2 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=boeing.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B440-o5tucAo; Mon, 3 Aug 2020 12:56:07 -0700 (PDT)
Received: from clt-mbsout-01.mbs.boeing.net (clt-mbsout-01.mbs.boeing.net [130.76.144.162]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 39F863A10DF; Mon, 3 Aug 2020 12:56:06 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by clt-mbsout-01.mbs.boeing.net (8.15.2/8.15.2/DOWNSTREAM_MBSOUT) with SMTP id 073Ju27F001848; Mon, 3 Aug 2020 15:56:04 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=boeing.com; s=boeing-s1912; t=1596484564; bh=NTn2uRHs7o1a5RnGEQ5dwuotx1TGVZxjjomztNIA5cY=; h=From:To:CC:Subject:Date:References:In-Reply-To:From; b=Ad3I/7dVBBjD0nbDZ1yzHInIR0IrKVGLO0kBo0HPzPdU+N9NhBU6xysyyXMLSNuWe 2Zt7eor0JBgeoI6q2jHAHUTlPOCgtzJ4rJbFs4M/muwHyTx1MSybchIIX/lTm3gwCp wW9Ymx/R06ag3LgdU93FTNoe4w8VH+0L4u+J8GgiDr3Zfmo1itrg0S8rtke96OHiuD ubPfZurQ+9UpolvBsHiYJvOSIxkEYwJU8CG9HrW9UDALvg69iUtZJ4lIQxIvyOXD7x 7ycb1xrf9MA+Gi3ue8L++EYupYtXVABOj+fyQFuIGFUMNuNfP2bnk7vSm2f2zHuUkO spZWr2Bz7VB2w==
Received: from XCH16-07-09.nos.boeing.com (xch16-07-09.nos.boeing.com [144.115.66.111]) by clt-mbsout-01.mbs.boeing.net (8.15.2/8.15.2/8.15.2/UPSTREAM_MBSOUT) with ESMTPS id 073Jtn78031867 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=OK); Mon, 3 Aug 2020 15:55:49 -0400
Received: from XCH16-07-10.nos.boeing.com (144.115.66.112) by XCH16-07-09.nos.boeing.com (144.115.66.111) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1979.3; Mon, 3 Aug 2020 12:55:48 -0700
Received: from XCH16-07-10.nos.boeing.com ([fe80::1522:f068:5766:53b5]) by XCH16-07-10.nos.boeing.com ([fe80::1522:f068:5766:53b5%2]) with mapi id 15.01.1979.003; Mon, 3 Aug 2020 12:55:48 -0700
From: "Templin (US), Fred L" <Fred.L.Templin@boeing.com>
To: Fernando Gont <fernando@gont.com.ar>, "Pascal Thubert (pthubert)" <pthubert@cisco.com>
CC: v6ops list <v6ops@ietf.org>, 6man <ipv6@ietf.org>
Thread-Topic: [v6ops] [EXTERNAL] Re: Improving ND security
Thread-Index: AdZnYGykJNK1kk2zSneWe05yLDtm6gAO/XoAAA6T6+D//9BAgIAAcUNg//yt9vCABzh8AIAAbPyQ///Bg4CAAGxUwA==
Date: Mon, 03 Aug 2020 19:55:47 +0000
Message-ID: <da17a88b1886451796e45331a2fd75d4@boeing.com>
References: <d5c245f216c3409f826f8132e532a882@boeing.com> <860E06E2-2650-4AAE-AD33-D4D12B0290DC@fugue.com> <b66ce3d9c75d4a39b5336dcdf9929411@boeing.com> <0DDEBA6C-3933-40FC-BB9C-33FA59DC9D76@cisco.com> <4907a159683346789bef5c495f03f95d@boeing.com> <b5043a5446914cb5b12ed76401359c7e@boeing.com> <3978163f-8815-1bd4-0fda-d84df9cbe684@gont.com.ar> <6b0d6c0a790b46c893b0ff3051599fb4@boeing.com> <85d89256-a495-d779-2c7c-2573bfae36c5@gont.com.ar>
In-Reply-To: <85d89256-a495-d779-2c7c-2573bfae36c5@gont.com.ar>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [137.137.12.6]
x-tm-snts-smtp: 6BB4A154522EF7C36A5ED9A512ED8A920B9F421BFB65F56EFB48A59A744B565D2000:8
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-TM-AS-GCONF: 00
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/Lr-ywd8JKOlBoYWBgN9cjfIBstI>
Subject: Re: [v6ops] [EXTERNAL] Re: Improving ND security
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Aug 2020 19:56:10 -0000
Hi Fernando, > -----Original Message----- > From: Fernando Gont [mailto:fernando@gont.com.ar] > Sent: Monday, August 03, 2020 11:53 AM > To: Templin (US), Fred L <Fred.L.Templin@boeing.com>; Pascal Thubert (pthubert) <pthubert@cisco.com> > Cc: v6ops list <v6ops@ietf.org>; 6man <ipv6@ietf.org> > Subject: Re: [v6ops] [EXTERNAL] Re: Improving ND security > > This message was sent from outside of Boeing. Please do not click links or open attachments unless you recognize the sender and > know that the content is safe. > Hi, Fred, > > On 3/8/20 13:45, Templin (US), Fred L wrote: > [....] > >> This message was sent from outside of Boeing. Please do not click links or open attachments unless you recognize the sender and > >> know that the content is safe. > >> On 3/8/20 11:22, Templin (US), Fred L wrote: > >>> Here’s another think about SEND. RFC3971 SEND says that it works in > >>> conjunction with Cryptographically Generated addresses (CGA) per RFC3972. But, CGAs are > >>> cumbersome to work with as the source and destination addresses of IPv6 packets, > >>> and SEND hints that it can be used without CGA but does not tell how to do so. > >> > >> Of the top of my head, CGAs are a core part of send. > > > > That is fine; we can accommodate CGAs in OMNI, cumbersome as they are. > > I have this on my TODO list for after the adoption call. > > Why "cumbersome"? I realize the addresses are cryptographically-generated, which implies a security property which is good. But, they would not be the primary link-local addresses that neighbor nodes will know each other by - the CGAs will be found in the IPv6 ND message source and destination addresses, while the primary addresses will be carried in an additional IPv6 encapsulation header and would be the addresses that the NCEs are indexed by. So, all the CGAs really are is placeholders in the IPv6 header to run security checks over. They need not even be checked for uniqueness on the link, because it is the primary addresses and not the CGAs which need to be maintained as unique. > >>> But then, RFC4380 offers a “poor-man’s” alternative to SEND/CGA. It > >>> places a message authentication code in the encapsulation headers of IPv6 ND messages so > >>> that the messages can pass a rudimentary authentication check. > >> > >> You mean the Teredo spec? If so, I don't think it includes any sort of > >> poor-man's SEND-CGA. > > > > It provides for message authentication, > > But what's special about SEND/CGAs is that they tie the address to a key... OK, that sounds good. So, we like that property but AFAICT that is about all the CGA is good for in my application. > > and it is widely-deployed which suggests > > to me that the vendors who support it believe it is secure. > > I'm sure others probably know better, but... I think Teredo is mostly MS > + Miredo. (when it comes to implementation) > > And Re: deployment, IIRC Teredo has been phased out. > > > > > So, if it is secure enough for RFC4380, then shouldn't it also be secure enough for OMNI? > > I believe Auth in Teredo is a totally different thing from SEND/CGAs. > > Regarding OMIN, I Haven read the draft/spec, yet... The usage we have for OMNI is that of an Internet-based Client sending an authenticated, encapsulated, unicast RS message to an Internet-based Server which then must authenticate the message. (The "link" in this case is the Internet itself.) The encapsulation format is based on RFC4380 encapsulation but with a different UDP port number than specified for RFC4380. A second level of encapsulation is also added per RFC2473. The CGA of the Client is in the IPv6 ND source address, "All-Routers" is in the IPv6 ND destination address, the OMNI ULA of the Client is in the RFC2473 source address, and either the OMNI ULA of the Server or Subnet Router Anycast is in the RFC2473 destination address. The outer UDP/IP header has the Internet source address of the Client and the Internet destination address of the Server. That is a lot of addresses to carry around in a single packet, but if we must use CGAs then we do what we have to do. In the reverse direction, the Server must also include its CGA as the source of the RA message, the CGA of the Client as the destination address, and with the RFC2473 header having the Server's OMNI ULA as the source and the OMNI ULA of the Client as the destination. The UDP/IP header has the Internet addresses as before. Again, lots of addresses to juggle around due to the need to include CGAs. > >>> So someone with > >>> security experience please help me out here – is RFC4380 authentication an acceptably > >>> secure replacement for SEND/CGA that might be easier to work with and less > >>> cumbersome? > >> > >> Nope. Tee point of CGAs is that they allow you to prove address > >> ownership. There's nothing in RFC4380 that provides the same or similar > >> functionality. > > > > Why do we have to prove address ownership > > Well, that's one of the goals of SEND/CGAs. :-) > > > > and use a whacky address format like CGA? > > The *address format* is not really whacky. At the end of the day, it's a > random number, with the specific property that it's part of the hash of > a public key. > > looking at a CGA, you probably wouldn't be able to tell CGA from RFC7217. I think if you look inside the IPv6 ND message and find a CG option you can infer that the address in the IPv6 header is a CGA. > > There is nothing in the OMNI spec that needs or wants CGAs in any fashion > > unless they are absolutely required for security. Isn't it enough to prove message > > authentication using the mechanisms of RFC4380 without having to accommodate > > the excess baggage of CGAs?? > > Both are different things. > > One thing is to authenticate the contents of a message. And a different > one is to be able to tell that one specific host is "authorized" to use > one specific address... The only reason I am hesitant is that it just seems that the usage of CGAs envisioned for OMNI is just as a cryptographically-generated "bag of bits". They are not used as indexes into the neighbor cache. They are not examined by routers, bridges or switches, etc. They are simply payload bits carried in a special place known as the IPv6 source and destination address. Is that good enough? Thanks - Fred > -- > Fernando Gont > e-mail: fernando@gont.com.ar || fgont@si6networks.com > PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1 > >
- [v6ops] I-D Action: draft-ietf-6man-grand-01 - ad… Vasilenko Eduard
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Jen Linkova
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Vasilenko Eduard
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Jen Linkova
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Lorenzo Colitti
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Nick Hilliard
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Lorenzo Colitti
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Nick Hilliard
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Mark Smith
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … joel jaeggli
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Vasilenko Eduard
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Mark Smith
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Pascal Thubert (pthubert)
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Templin (US), Fred L
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Ted Lemon
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Owen DeLong
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Ted Lemon
- Re: [v6ops] [EXTERNAL] Re: I-D Action: draft-ietf… Templin (US), Fred L
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Bob Hinden
- [v6ops] Improving ND security Ted Lemon
- Re: [v6ops] [EXTERNAL] Improving ND security Templin (US), Fred L
- Re: [v6ops] [EXTERNAL] Improving ND security Ted Lemon
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Tony Finch
- [v6ops] draft-ietf-6man-grand : saving lookups Pascal Thubert (pthubert)
- Re: [v6ops] [EXTERNAL] Improving ND security Templin (US), Fred L
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Vasilenko Eduard
- Re: [v6ops] [EXTERNAL] Improving ND security Ted Lemon
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Ted Lemon
- Re: [v6ops] Improving ND security Templin (US), Fred L
- Re: [v6ops] Improving ND security Ted Lemon
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Templin (US), Fred L
- Re: [v6ops] [EXTERNAL] Improving ND security Fernando Gont
- Re: [v6ops] [EXTERNAL] Improving ND security Bjoern A. Zeeb
- Re: [v6ops] [EXTERNAL] Improving ND security Templin (US), Fred L
- Re: [v6ops] Improving ND security Templin (US), Fred L
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Vasilenko Eduard
- Re: [v6ops] [EXTERNAL] Improving ND security Fernando Gont
- Re: [v6ops] [EXTERNAL] Improving ND security Templin (US), Fred L
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Owen DeLong
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Pascal Thubert (pthubert)
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Templin (US), Fred L
- Re: [v6ops] Improving ND security Templin (US), Fred L
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Templin (US), Fred L
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Vasilenko Eduard
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Templin (US), Fred L
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Philip Homburg
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Fernando Gont
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Templin (US), Fred L
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Christian Huitema
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Templin (US), Fred L
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Vasilenko Eduard
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Fernando Gont
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Templin (US), Fred L
- [v6ops] Off topic: Teredo sunset -- Re: [EXTERNAL… Lencse Gábor
- Re: [v6ops] Off topic: Teredo sunset -- Re: [EXTE… Templin (US), Fred L
- Re: [v6ops] Off topic: Teredo sunset -- Re: [EXTE… Joseph Touch
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Michael Richardson
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Michael Richardson
- Re: [v6ops] [EXTERNAL] Re: I-D Action: draft-ietf… Michael Richardson
- Re: [v6ops] [EXTERNAL] Improving ND security Michael Richardson
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Vasilenko Eduard
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Pascal Thubert (pthubert)
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Vasilenko Eduard
- Re: [v6ops] I-D Action: draft-ietf-6man-grand-01 … Mark Smith
- Re: [v6ops] [EXTERNAL] Improving ND security Templin (US), Fred L
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Fernando Gont
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Pascal Thubert (pthubert)
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Vasilenko Eduard
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Vasilenko Eduard
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Pascal Thubert (pthubert)
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Pascal Thubert (pthubert)
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Vasilenko Eduard
- Re: [v6ops] [EXTERNAL] Re: Improving ND security Vasilenko Eduard
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Jen Linkova
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Pascal Thubert (pthubert)
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Pascal Thubert (pthubert)
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Vasilenko Eduard
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Vasilenko Eduard
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Jen Linkova
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Pascal Thubert (pthubert)
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Jen Linkova
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Mark Smith
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Pascal Thubert (pthubert)
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Philip Homburg
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Ted Lemon
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Pascal Thubert (pthubert)
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Pascal Thubert (pthubert)
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Bob Hinden
- [v6ops] distributed vs centralized approaches to … Michael Richardson
- Re: [v6ops] distributed vs centralized approaches… Nick Hilliard
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Pascal Thubert (pthubert)
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Mark Smith
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Jen Linkova
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Bob Hinden
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Vasilenko Eduard
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Pascal Thubert (pthubert)
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Jen Linkova
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Vasilenko Eduard
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Nick Hilliard
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Pascal Thubert (pthubert)
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Bob Hinden
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Michael Richardson
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Philip Homburg
- Re: [v6ops] [EXTERNAL] Re: draft-ietf-6man-grand … Templin (US), Fred L
- Re: [v6ops] [EXTERNAL] draft-ietf-6man-grand : sa… Ted Lemon
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Templin (US), Fred L
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Ted Lemon
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Templin (US), Fred L
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Ted Lemon
- Re: [v6ops] [EXTERNAL] Re: draft-ietf-6man-grand … Templin (US), Fred L
- Re: [v6ops] [EXTERNAL] draft-ietf-6man-grand : sa… Ted Lemon
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Warren Kumari
- Re: [v6ops] [EXTERNAL] draft-ietf-6man-grand : sa… Templin (US), Fred L
- Re: [v6ops] [EXTERNAL] draft-ietf-6man-grand : sa… Manfredi (US), Albert E
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Fred Baker
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Ted Lemon
- Re: [v6ops] [EXTERNAL] draft-ietf-6man-grand : sa… Templin (US), Fred L
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Pascal Thubert (pthubert)
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Ted Lemon
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Pascal Thubert (pthubert)
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Templin (US), Fred L
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Jen Linkova
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Philip Homburg
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Philip Homburg
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Templin (US), Fred L
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Lorenzo Colitti
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Pascal Thubert (pthubert)
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Gyan Mishra
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Pascal Thubert (pthubert)
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Templin (US), Fred L
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Pascal Thubert (pthubert)
- Re: [v6ops] draft-ietf-6man-grand : saving lookups Templin (US), Fred L