draft-ietf-lisp-crypto-06.txt Document Write-up
As required by RFC 4858, this is the current template for the Document Shepherd Write-Up.
(1) What type of RFC is being requested (BCP, Proposed Standard,
Internet Standard, Informational, Experimental, or Historic)? Why is
this the proper type of RFC? Is this type of RFC indicated in the
title page header?
This draft is targeting publication as an Experimental RFC.
It is the proper type of RFC since it adds encryption to the
Locator/ID Separation Protocol (LISP), whose RFCs have
Experimental status.
The RFC type is clearly marked in the title page header.
(2) The IESG approval announcement includes a Document Announcement
Write-Up. Please provide such a Document Announcement Write-Up. Recent
examples can be found in the "Action" announcements for approved
documents. The approval announcement contains the following sections:
Technical Summary:
This document describes a mechanism for encrypting LISP
encapsulated traffic. The design relies secret shared keys
negotiated between the ITR and the ETR in Map-Request and
Map-Reply messages. The ITR can compute 3 shared-secrets
per ETR the ITR is encapsulating to. When the ITR encrypts
a packet before encapsulation, it will identify, via two bits
LISP-specific header, which key it used for encryption
so the ETR knows which key to use for decrypting the packet
after decapsulation. The use of key-ids nn the LISP header
enables fast rekeying functionality.
Encryption is unidirectional, meaning that bidirectional
communications have separate key exchange on aper direction
basis.
Working Group Summary:
The document filled a gap that the working group felt was
important to address, namely confidentiality in the LISP data
plane. Since the document was created on explicit request of
the working group, it has received a strong support during
its evolution.
The version of the document that was approved during WG Last
Call is -04. As a shepherd I required a few editorial changes
to the document, in particular to the IANA section, which in
-04 was not completely conform to RFC 5226. Then a couple of
idnits needed to be cleared. This, -06 contains all the fixes.
Document Quality:
Are there existing implementations of the protocol? Have a significant
number of vendors indicated their plan to implement the specification?
Are there any reviewers that merit special mention as having done a
thorough review, e.g., one that resulted in important changes or a
conclusion that the document had no substantive issues? If there was a
MIB Doctor, Media Type or other expert review, what was its course
(briefly)? In the case of a Media Type review, on what date was the
request posted?
On explicit request of the chairs, the authors have requested
and obtained review and feedback from the Security Area Advisory
Group (SAAG). There ate least one implementation of the proposed
mechanism.
Personnel:
Who is the Document Shepherd?
Luigi Iannone <ggx@gigix.net>
Who is the Responsible Area Director?
Deborah Brungard <db3546@att.com>.
(3) Briefly describe the review of this document that was performed by
the Document Shepherd. If this version of the document is not ready
for publication, please explain why the document is being forwarded to
the IESG.
I reviewed carefully the document. The text is clear and
understandable.
On the document that past the WG Last Call I had some editorial
changes. In particular the IANA considerations section was not
conform to RFC 5226. Version -05 of the document addressed the
issue. Version -06 was issued to fix some issues with the
references and clear the idnits check.
I have checked the mailinglist and meeting minutes and
publication WG consensus has been reached appropriately.
I checked the ID nits (output provided on point 11)
and everything is clear.
(4) Does the document Shepherd have any concerns about the depth or
breadth of the reviews that have been performed?
As the document shepherd I have no concerns.
(5) Do portions of the document need review from a particular or from
broader perspective, e.g., security, operational complexity, AAA, DNS,
DHCP, XML, or internationalization? If so, describe the review that
took place.
The document has already been reviewed by SAAG, which
was involved as soon as the document was adopted by the WG.
(6) Describe any specific concerns or issues that the Document
Shepherd has with this document that the Responsible Area Director
and/or the IESG should be aware of? For example, perhaps he or she is
uncomfortable with certain parts of the document, or has concerns
whether there really is a need for it. In any event, if the WG has
discussed those issues and has indicated that it still wishes to
advance the document, detail those concerns here.
I have no specific concerns or issues to point out.
(7) Has each author confirmed that any and all appropriate IPR
disclosures required for full conformance with the provisions of BCP
78 and BCP 79 have already been filed. If not, explain why?
All authors have made conforming IPR disclosure.
(8) Has an IPR disclosure been filed that references this document? If
so, summarize any WG discussion and conclusion regarding the IPR
disclosures.
No IPR disclosures have been filed.
(9) How solid is the WG consensus behind this document? Does it
represent the strong concurrence of a few individuals, with others
being silent, or does the WG as a whole understand and agree with it?
There has been clear strong consensus behind this document,
showing that the WG as a whole understand and agree with it.
(10) Has anyone threatened an appeal or otherwise indicated extreme
discontent? If so, please summarise the areas of conflict in separate
email messages to the Responsible Area Director. (It should be in a
separate email because this questionnaire is publicly available.)
Nobody did show discontent nor threatened an appeal.
(11) Identify any ID nits the Document Shepherd has found in this
document. (See http://www.ietf.org/tools/idnits/ and the
Internet-Drafts Checklist). Boilerplate checks are not enough; this
check needs to be thorough.
idnits 2.14.01
tmp/draft-ietf-lisp-crypto-06.txt:
Attempted to download rfc0002 state...
Failure fetching the file, proceeding without it.
Attempted to download rfc0100 state...
Failure fetching the file, proceeding without it.
Checking boilerplate required by RFC 5378 and the IETF Trust (see
http://trustee.ietf.org/license-info):
----------------------------------------------------------------------------
No issues found here.
Checking nits according to http://www.ietf.org/id-info/1id-guidelines.txt:
----------------------------------------------------------------------------
No issues found here.
Checking nits according to http://www.ietf.org/id-info/checklist :
----------------------------------------------------------------------------
No issues found here.
Miscellaneous warnings:
----------------------------------------------------------------------------
-- The document date (June 29, 2016) is 6 days in the past. Is this
intentional?
Checking references for intended status: Experimental
----------------------------------------------------------------------------
No issues found here.
Summary: 0 errors (**), 0 flaws (~~), 0 warnings (==), 1 comment (--).
Run idnits with the --verbose option for more detailed information about
the items above.
--------------------------------------------------------------------------------
(12) Describe how the document meets any required formal review
criteria, such as the MIB Doctor, media type, and URI type reviews.
No formal review is required.
(13) Have all references within this document been identified as
either normative or informative?
Yes.
(14) Are there normative references to documents that are not ready
for advancement or are otherwise in an unclear state? If such
normative references exist, what is the plan for their completion?
There are no normative references in unclear state.
The [LCAF] has past WG Last Call and I am shepherding
as well that document. So they are moving in parallel.
(15) Are there downward normative references references (see RFC
3967)? If so, list these downward references to support the Area
Director in the Last Call procedure.
There are no downward normative references.
(16) Will publication of this document change the status of any
existing RFCs? Are those RFCs listed on the title page header, listed
in the abstract, and discussed in the introduction? If the RFCs are
not listed in the Abstract and Introduction, explain why, and point to
the part of the document where the relationship of this document to
the other RFCs is discussed. If this information is not in the
document, explain why the WG considers it unnecessary.
No existing RFC's status will change due to the publication
of this document.
(17) Describe the Document Shepherd's review of the IANA
considerations section, especially with regard to its consistency with
the body of the document. Confirm that all protocol extensions that
the document makes are associated with the appropriate reservations in
IANA registries. Confirm that any referenced IANA registries have been
clearly identified. Confirm that newly created IANA registries include
a detailed specification of the initial contents for the registry,
that allocations procedures for future registrations are defined, and
a reasonable name for the new registry has been suggested (see RFC
5226).
This document instruct IANA to create a new registry for the
Cipher Suite value transported in the security material fo
Map-Request and Map-Reply messages. The initial content
of the newly created registry is well identified and allocations
procedure is a simple First Come Fist Served policy.
The registry is named “LISP Crypto Cipher Suite”, which
concisely express its content.
(18) List any new IANA registries that require Expert Review for
future allocations. Provide any public guidance that the IESG would
find useful in selecting the IANA Experts for these new registries.
No expert review is required.
(19) Describe reviews and automated checks performed by the Document
Shepherd to validate sections of the document written in a formal
language, such as XML code, BNF rules, MIB definitions, etc.
The document does not contain anything written in a formal
language, hence, no validation and/or check has been
performed.