LDP Hello Cryptographic Authentication
draft-ietf-mpls-ldp-hello-crypto-auth-10
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2014-08-08
|
10 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2014-08-06
|
10 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
2014-07-29
|
10 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
2014-06-27
|
10 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2014-06-26
|
10 | (System) | IANA Action state changed to Waiting on RFC Editor from Waiting on Authors |
2014-06-26
|
10 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
2014-06-24
|
10 | Amy Vezza | IESG state changed to RFC Ed Queue from Approved-announcement sent |
2014-06-23
|
10 | (System) | RFC Editor state changed to EDIT |
2014-06-23
|
10 | (System) | Announcement was received by RFC Editor |
2014-06-23
|
10 | (System) | IANA Action state changed to In Progress |
2014-06-23
|
10 | Amy Vezza | IESG state changed to Approved-announcement sent from Approved-announcement to be sent |
2014-06-23
|
10 | Amy Vezza | IESG has approved the document |
2014-06-23
|
10 | Amy Vezza | Closed "Approve" ballot |
2014-06-21
|
10 | Adrian Farrel | Ballot approval text was generated |
2014-06-21
|
10 | Adrian Farrel | Ballot writeup was changed |
2014-06-21
|
10 | Adrian Farrel | IESG state changed to Approved-announcement to be sent from IESG Evaluation::AD Followup |
2014-06-19
|
10 | Alia Atlas | [Ballot comment] Thanks for handling my concerns so quickly. |
2014-06-19
|
10 | Alia Atlas | [Ballot Position Update] Position for Alia Atlas has been changed to Yes from Discuss |
2014-06-19
|
10 | Ted Lemon | [Ballot comment] Thanks for addressing my DISCUSS point (included below FTR): Adrian raised this as a nit, but it's really a DISCUSS: a conforming implementation … [Ballot comment] Thanks for addressing my DISCUSS point (included below FTR): Adrian raised this as a nit, but it's really a DISCUSS: a conforming implementation of this specification could perfectly well accept an unauthenticated hello after it's accepted an authenticated hello, because there's no requirements language forbidding this behavior. One would hope that implementors would be smart and not do this, but given that this is a standard, it SHOULD be mentioned explicitly. :) |
2014-06-19
|
10 | Ted Lemon | [Ballot Position Update] Position for Ted Lemon has been changed to No Objection from Discuss |
2014-06-19
|
10 | Lianshu Zheng | New version available: draft-ietf-mpls-ldp-hello-crypto-auth-10.txt |
2014-06-18
|
09 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
2014-06-18
|
09 | Lianshu Zheng | IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed |
2014-06-18
|
09 | Lianshu Zheng | New version available: draft-ietf-mpls-ldp-hello-crypto-auth-09.txt |
2014-06-12
|
08 | Cindy Morgan | IESG state changed to IESG Evaluation::Revised I-D Needed from IESG Evaluation |
2014-06-12
|
08 | Joel Jaeggli | [Ballot Position Update] New position, No Objection, has been recorded for Joel Jaeggli |
2014-06-11
|
08 | Richard Barnes | [Ballot comment] I agree with Ted's DISCUSS in spirit, even if I disagree with it as stated. What needs to be clear here is that … [Ballot comment] I agree with Ted's DISCUSS in spirit, even if I disagree with it as stated. What needs to be clear here is that the LSR receiving Hello messages needs to have a policy for each neighbor as to whether it requires authentication or does not. If it is configured to require authentication, it MUST NOT accept unauthenticated Hello messages. (Ted's message implies that this policy should be configured based on receipt of authenticated messages, which is a terrible idea.) |
2014-06-11
|
08 | Richard Barnes | [Ballot Position Update] New position, No Objection, has been recorded for Richard Barnes |
2014-06-11
|
08 | Pete Resnick | [Ballot Position Update] New position, No Objection, has been recorded for Pete Resnick |
2014-06-11
|
08 | Amanda Baber | IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed |
2014-06-11
|
08 | Alia Atlas | [Ballot comment] I also support Ted's concerns about when an unauthenticated hello packet should be accepted (see email thread). |
2014-06-11
|
08 | Alia Atlas | Ballot comment text updated for Alia Atlas |
2014-06-11
|
08 | Ted Lemon | [Ballot discuss] Adrian raised this as a nit, but it's really a DISCUSS: a conforming implementation of this specification could perfectly well accept an unauthenticated … [Ballot discuss] Adrian raised this as a nit, but it's really a DISCUSS: a conforming implementation of this specification could perfectly well accept an unauthenticated hello after it's accepted an authenticated hello, because there's no requirements language forbidding this behavior. One would hope that implementors would be smart and not do this, but given that this is a standard, it SHOULD be mentioned explicitly. :) |
2014-06-11
|
08 | Ted Lemon | Ballot discuss text updated for Ted Lemon |
2014-06-11
|
08 | Ted Lemon | [Ballot discuss] Adrian raised this as a nit, but it's really a DISCUSS: a conforming implementation of this specification could perfectly well accept an unauthenticated … [Ballot discuss] Adrian raised this as a nit, but it's really a DISCUSS: a conforming implementation of this specification could perfectly well accept an unauthenticated hello after it's accepted an authenticed hello, because there's no requirements language forbidding this behavior. One would hope that implementors would be smart and not do this, but given that this is a standard, it SHOULD be mentioned explicitly. :) |
2014-06-11
|
08 | Ted Lemon | [Ballot Position Update] New position, Discuss, has been recorded for Ted Lemon |
2014-06-11
|
08 | Gunter Van de Velde | Request for Telechat review by OPSDIR Completed: Ready. Reviewer: Linda Dunbar. |
2014-06-11
|
08 | Gunter Van de Velde | Request for Telechat review by OPSDIR is assigned to Linda Dunbar |
2014-06-11
|
08 | Gunter Van de Velde | Request for Telechat review by OPSDIR is assigned to Linda Dunbar |
2014-06-11
|
08 | Gunter Van de Velde | Closed request for Last Call review by OPSDIR with state 'Withdrawn' |
2014-06-10
|
08 | Benoît Claise | [Ballot Position Update] New position, No Objection, has been recorded for Benoit Claise |
2014-06-10
|
08 | Alia Atlas | [Ballot discuss] I have two simple technical concerns. 1) Hello messages are sent out per interface with the transport address specified either implicitly or explicitly. … [Ballot discuss] I have two simple technical concerns. 1) Hello messages are sent out per interface with the transport address specified either implicitly or explicitly. Different transport addresses can be used for different label spaces or to create different sessions. Can the draft clearly specify that the Cryptographic Sequence Number is a single space per LSR regardless of the used transport address? 2) Given that an LDP session is frequently identified by the transport address, I'm not sure that a receiver can reliably tell "the same neighbor" if that neighbor is using different transport addresses (possibly as the source address as well as via the TLV). The draft specifies: " If the cryptographic sequence number in the LDP packet is less than or equal to the last sequence number received from the same neighbor, the LDP message MUST be discarded, and an error event SHOULD be logged." Can you please clarify that "same neighbor" means "same source IP address", if that is the intent? |
2014-06-10
|
08 | Alia Atlas | [Ballot Position Update] New position, Discuss, has been recorded for Alia Atlas |
2014-06-10
|
08 | Jari Arkko | [Ballot Position Update] New position, No Objection, has been recorded for Jari Arkko |
2014-06-09
|
08 | Spencer Dawkins | [Ballot comment] I'm also curious about Brian's "Is it worth mentioning why DTLS is not sufficient for this UDP-based protocol?" comment, but whatever you decide … [Ballot comment] I'm also curious about Brian's "Is it worth mentioning why DTLS is not sufficient for this UDP-based protocol?" comment, but whatever you decide in conversations with him will be fine with me. |
2014-06-09
|
08 | Spencer Dawkins | [Ballot Position Update] New position, No Objection, has been recorded for Spencer Dawkins |
2014-06-09
|
08 | Alissa Cooper | [Ballot comment] Section 1: "Of the above, implementations MUST include support for at least HMAC-SHA-256 and SHOULD include support for HMAC-SHA-1 and MAY … [Ballot comment] Section 1: "Of the above, implementations MUST include support for at least HMAC-SHA-256 and SHOULD include support for HMAC-SHA-1 and MAY include support for either of HMAC-SHA-384 or HMAC-SHA-512." This makes it sound as if HMAC-SHA-384 and HMAC-SHA-512 support are mutually exclusive. I think the phrasing in Section 3 is better and should be repeated here (or, in any event, the two sections should say the same thing): "Of the above, implementations of this specification MUST include support for at least HMAC-SHA-256 and SHOULD include support for HMAC-SHA-1 and MAY also include support for HMAC-SHA-384 and HMAC- SHA-512." Section 2.2: "This is a 32-bit unsigned integer used to uniquely identify an LDP SA between two LDP peers, as manually configured by the network operator (or, in the future, possibly by some key management protocol specified by the IETF)." It would help to clarify whether you mean (1) a key management protocol that does not already exist may be defined in the future and used for this purpose, or (2) in the future SA IDs may be configured using a key management protocol that already exists. "In order to achieve smooth key transition, KeyStartAccept SHOULD be less than KeyStartGenerate and KeyStopGenerate SHOULD be less than KeyStopAccept." What are the conditions under which these SHOULDs might be violated? |
2014-06-09
|
08 | Alissa Cooper | [Ballot Position Update] New position, No Objection, has been recorded for Alissa Cooper |
2014-06-09
|
08 | Kathleen Moriarty | [Ballot comment] Thank you for addressing the SecDir review. I support Stephen's comments and will watch the responses. I don't have anything else to add. |
2014-06-09
|
08 | Kathleen Moriarty | [Ballot Position Update] New position, No Objection, has been recorded for Kathleen Moriarty |
2014-06-09
|
08 | Stephen Farrell | [Ballot comment] Many thanks to the authors/chairs and the secdir reviewer (Yaron Sheffer) for working hard to significantly improve this document (from the security weeny … [Ballot comment] Many thanks to the authors/chairs and the secdir reviewer (Yaron Sheffer) for working hard to significantly improve this document (from the security weeny point of view:-) abstract: this is really defining a way to use HMAC (with SHA) and not just SHA, it'd be better to put it that way in the abstract. intro says: "The LSRs could be configured to only accept Hello messages from specific peers when authentication is in use." Isn't "could" a little understated there? Presumably you would only ever use this if you have some list of (keys/identifiers) and you don't want messages from outside that set to affect that set of LDPs? I'm not suggesting you add a MUST (unless you want to) but more that you say that this mechanism only makes sense if you are in fact configured to "only accept..." 2.2: The last para here calls for extending the lifetime of the "last" key indefinitely. That's probably justifiable for operational reasons, but would be considered "odd" for crypto devs perhaps. And there could be issues with using a key a really really large number of times even for HMAC, I'd have to go ask someone (that kind of formula is not in my brain-buffer:-) and its probably mainly theoretical here but a crypto API just might insist on that in some cases causing an interesting failure case. Anyway, I think it might be worth making this last para a subsection of its own so its more likely to be noticed by developers. And you might want to consider what happens if a crypto API insists that the application can no longer use that key because its been used too many times. section 5: I think that the AuthTag having the source IP address as input is what prevents reflection attacks. Is that correct? If so, then I think that would be worth calling out specifically either here or in the security considerations. (And whenever we get to the point of running LDP via NATs, then this AuthTag will need to change, but that, I assume, is ok for now.) 6.1: Why the last sentence? section 7: not asking for this to go into the doc (unless you want) but I'd be interested in knowing if there are any interesting residual threats related to the fact that we're not providing confidentiality here. Its ok if you don't want to answer this bit btw, I'm just curious. |
2014-06-09
|
08 | Stephen Farrell | [Ballot Position Update] New position, Yes, has been recorded for Stephen Farrell |
2014-06-09
|
08 | Brian Haberman | [Ballot comment] The definition of the Length field in section 2.3 is nebulous. Does it include the 96 bits of fixed-length fields or just the … [Ballot comment] The definition of the Length field in section 2.3 is nebulous. Does it include the 96 bits of fixed-length fields or just the variable length Authentication Data. It is unclear since the definition says it is the length of the "value field". Is it worth mentioning why DTLS is not sufficient for this UDP-based protocol? |
2014-06-09
|
08 | Brian Haberman | [Ballot Position Update] New position, No Objection, has been recorded for Brian Haberman |
2014-06-07
|
08 | Martin Stiemerling | [Ballot Position Update] New position, No Objection, has been recorded for Martin Stiemerling |
2014-06-05
|
08 | Jean Mahoney | Request for Telechat review by GENART is assigned to Vijay Gurbani |
2014-06-05
|
08 | Jean Mahoney | Request for Telechat review by GENART is assigned to Vijay Gurbani |
2014-06-04
|
08 | Adrian Farrel | [Ballot comment] IANA's questions have been addressed through several revisions and clarifications. This document is ready to progress. --- Please fix the nit raised by … [Ballot comment] IANA's questions have been addressed through several revisions and clarifications. This document is ready to progress. --- Please fix the nit raised by Joel Halpern in his Rtg Dir review... The one nit is that I could not find the text indicating that if a receiver receives an unauthenticated LDP Hello packet, and is expecting authentication to be used (either always, or with the source the packet claims to be from) then the hello packet should be silently discarded. |
2014-06-04
|
08 | Adrian Farrel | Ballot comment text updated for Adrian Farrel |
2014-06-03
|
08 | Adrian Farrel | [Ballot comment] IANA's questions have been addressed through several revisions and clarifications. This document is ready to progress. |
2014-06-03
|
08 | Adrian Farrel | [Ballot Position Update] Position for Adrian Farrel has been changed to Yes from Discuss |
2014-06-02
|
08 | Lianshu Zheng | New version available: draft-ietf-mpls-ldp-hello-crypto-auth-08.txt |
2014-05-29
|
07 | Lianshu Zheng | IANA Review state changed to Version Changed - Review Needed from IANA - Not OK |
2014-05-29
|
07 | Lianshu Zheng | New version available: draft-ietf-mpls-ldp-hello-crypto-auth-07.txt |
2014-05-28
|
06 | Adrian Farrel | [Ballot discuss] Holding a Discuss for the resolution of IANA's questions |
2014-05-28
|
06 | Adrian Farrel | [Ballot Position Update] Position for Adrian Farrel has been changed to Discuss from Yes |
2014-05-28
|
06 | (System) | IANA Review state changed to IANA - Not OK from Version Changed - Review Needed |
2014-05-28
|
06 | Barry Leiba | [Ballot Position Update] New position, No Objection, has been recorded for Barry Leiba |
2014-05-28
|
06 | Adrian Farrel | Ballot has been issued |
2014-05-28
|
06 | Adrian Farrel | [Ballot Position Update] New position, Yes, has been recorded for Adrian Farrel |
2014-05-28
|
06 | Adrian Farrel | Created "Approve" ballot |
2014-05-28
|
06 | Adrian Farrel | Placed on agenda for telechat - 2014-06-12 |
2014-05-28
|
06 | Adrian Farrel | IESG state changed to IESG Evaluation from Waiting for AD Go-Ahead::AD Followup |
2014-05-28
|
06 | Adrian Farrel | Ballot writeup was changed |
2014-05-28
|
06 | Adrian Farrel | Changed consensus to Yes from Unknown |
2014-05-28
|
06 | Adrian Farrel | Ballot writeup was changed |
2014-05-25
|
06 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
2014-05-25
|
06 | Manav Bhatia | IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed |
2014-05-25
|
06 | Manav Bhatia | New version available: draft-ietf-mpls-ldp-hello-crypto-auth-06.txt |
2014-05-22
|
05 | Tero Kivinen | Request for Last Call review by SECDIR Completed: Has Issues. Reviewer: Yaron Sheffer. |
2014-05-22
|
05 | Adrian Farrel | Security Directorate review leads to a plan for a revision. |
2014-05-22
|
05 | Adrian Farrel | IESG state changed to Waiting for AD Go-Ahead::Revised I-D Needed from Waiting for Writeup |
2014-05-21
|
05 | (System) | IESG state changed to Waiting for Writeup from In Last Call |
2014-05-18
|
05 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Linda Dunbar |
2014-05-18
|
05 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Linda Dunbar |
2014-05-12
|
05 | (System) | IANA Review state changed to IANA OK - Actions Needed from IANA - Review Needed |
2014-05-12
|
05 | Amanda Baber | IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-mpls-ldp-hello-crypto-auth-05. Authors should review the comments and/or questions below. Please report any inaccuracies and respond to any questions as soon … IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-mpls-ldp-hello-crypto-auth-05. Authors should review the comments and/or questions below. Please report any inaccuracies and respond to any questions as soon as possible. IANA's reviewer has the following comments/questions: IANA understands that, upon approval of this document, there are two actions which IANA must complete. In the TLV subregistry of the Multi-Protocol Label Switching (MPLS) Label Switched Paths (LSPs) Ping Parameters registry located at: http://www.iana.org/assignments/mpls-lsp-ping-parameters/ a new TLV is to be registered as follows: Type: [ TBD-at-registration ] TLV Name: Cryptographic Authentication TLV Reference: [ RFC-to-be ] Sub-TLV Registry: No Sub-TLVs Second, in the Cryptographic Protocol ID subregistry of the Authentication Cryptographic Protocol ID registry located at: http://www.iana.org/assignments/authentication-cryptographic-protocol-id/ a new ID is to be registered at follows: Value: [ TBD-at-registration ] Description: LDP Cryptographic Protocol Reference: [ RFC-to-be ] IANA understands that these are the only actions required to be completed upon approval of this document. Note: The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is only to confirm what actions will be performed. |
2014-05-09
|
05 | Vijay Gurbani | Request for Last Call review by GENART Completed: Ready. Reviewer: Vijay Gurbani. |
2014-05-08
|
05 | Jean Mahoney | Request for Last Call review by GENART is assigned to Vijay Gurbani |
2014-05-08
|
05 | Jean Mahoney | Request for Last Call review by GENART is assigned to Vijay Gurbani |
2014-05-08
|
05 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Yaron Sheffer |
2014-05-08
|
05 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Yaron Sheffer |
2014-05-07
|
05 | Amy Vezza | IANA Review state changed to IANA - Review Needed |
2014-05-07
|
05 | Amy Vezza | The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Sender: Subject: Last Call: (LDP Hello Cryptographic Authentication) to … The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Sender: Subject: Last Call: (LDP Hello Cryptographic Authentication) to Proposed Standard The IESG has received a request from the Multiprotocol Label Switching WG (mpls) to consider the following document: - 'LDP Hello Cryptographic Authentication' as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2014-05-21. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document introduces a new optional Cryptographic Authentication TLV that LDP can use to secure its Hello messages. It secures the Hello messages against spoofing attacks and some well known attacks against the IP header. This document describes a mechanism to secure the LDP Hello messages using National Institute of Standards and Technology (NIST) Secure Hash Standard family of algorithms. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-mpls-ldp-hello-crypto-auth/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-mpls-ldp-hello-crypto-auth/ballot/ No IPR declarations have been submitted directly on this I-D. |
2014-05-07
|
05 | Amy Vezza | IESG state changed to In Last Call from Last Call Requested |
2014-05-07
|
05 | Adrian Farrel | Last call was requested |
2014-05-07
|
05 | Adrian Farrel | Ballot approval text was generated |
2014-05-07
|
05 | Adrian Farrel | Ballot writeup was generated |
2014-05-07
|
05 | Adrian Farrel | IESG state changed to Last Call Requested from AD Evaluation::AD Followup |
2014-05-07
|
05 | Adrian Farrel | Last call announcement was changed |
2014-05-07
|
05 | Adrian Farrel | Last call announcement was generated |
2014-05-06
|
05 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
2014-05-06
|
05 | Lianshu Zheng | New version available: draft-ietf-mpls-ldp-hello-crypto-auth-05.txt |
2014-04-13
|
04 | Adrian Farrel | Hi authors, Thanks for progressing with this document. It is good to see security being taken seriously by the WG. I have done my usual … Hi authors, Thanks for progressing with this document. It is good to see security being taken seriously by the WG. I have done my usual AD review after receiving the publication request. This has led me to a small number of issues and questions, below. It would be nice to see these addressed, but I am open to discussion including the authors and WG saying that I am wrong or that the additions are out of scope. Thanks for your work, Adrian === I think that the threat analysis is a bit thin. As with all interior routing protocols, there seem to be two possibilities. The first is that a bad LDP message is admitted (directly or through a tunnel) into the network. The second is that there is a bad actor in the network. It would help if the document was a little clearer about which attacks it is defending against and why normal protection at the edge of the network is not considered enough for the former, and why a bad actor within the network would waste its time attacking LDP when there is so much else it can do! --- IANA stuff... Section 2.1 should use "TBD1" and Section 2..3 and 8 should be similarly updated to identify the new Cryptographic Authentication TLV. The back reference in section 8 should presumably say "2.3" not "3.2". --- Section 2.1 has The Cryptographic Authentication TLV Encoding is described in section 2.2. I think this should read 2.3. --- Section 2.2. o Security Association Identifier (SA ID) This is a 32-bit unsigned integer used to uniquely identify an LDP SA, as manually configured by the network operator. "Unique" in what scope? Presumably "globally unique" is not needed. I am also concerned by the requirement for manual configuration because that is open to error and attack. Each LDP speaker will have an SA with each of its peers and each peer must have the same SA ID for communication to work. If you are going to go to this extent, it seems like you don't actually need Hellos to do discovery and you will only use them for "keepalive" in which case, it might be better to replace that second aspect of the Hello with something like a KeepAlive message! It is perhaps ironic that part of the reasoning you apply against access lists is the resources they take up on each LSR, yet you are requesting that each peer that is allowed to communicate has an SA configured which seems to me to be more resources than a simple access list. Is there no way to generate the AD ID value from other known information or the LDP session? Perhaps this concern is best addressed by writing a Management Considerations section to describe: - what needs to be configurable in an implementation - what needs to be configured per SA - what needs to be made available for inspection - what logging takes place --- There is a small alignment error in the figure in Section 2.3 --- Section 4 is a little odd. The implication of the wording is that this document sets requirements on all implementations of all other protocols that use cryptographic authentication. I would suggest deleting the whole section and updating Section 5 as follows... OLD Ks is a Protocol Specific Authentication Key obtained by appending Authentication Key (K) with the two-octet LDP Cryptographic Protocol ID appended. NEW Ks is a Protocol Specific Authentication Key obtained by appending Authentication Key (K) with the two-octet LDP Cryptographic Protocol ID TBD2 (to be defined by IANA) from the "Authentication Cryptographic Protocol ID" registry. Ks is used to mitigate cross- protocol attacks when multiple protocols share a common key. END --- Section 6.2 if the locally computed Hash is not equal to the received value of the Authentication Data field, the received packet MUST be discarded, and an error event SHOULD be logged. It is customary to give some warning about rate limiting logging because logging usually takes more resources than receiving packets, so if you are subject to a storm of bad Hellos you could die trying to log them. |
2014-04-13
|
04 | Adrian Farrel | IESG state changed to AD Evaluation::Revised I-D Needed from AD Evaluation |
2014-04-11
|
04 | Adrian Farrel | IESG state changed to AD Evaluation from Publication Requested |
2014-04-08
|
04 | Loa Andersson | As required by RFC 4858, this is the current template for the Document Shepherd Write-Up. Changes are expected over time. This version is dated … As required by RFC 4858, this is the current template for the Document Shepherd Write-Up. Changes are expected over time. This version is dated 24 February 2012. The MPLS working group requests that LDP Hello Cryptographic Authentication draft-ietf-mpls-ldp-hello-crypto-auth-04.txt Is published as a RFC on the Standards Track. (1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the proper type of RFC? Is this type of RFC indicated in the title page header? The document should be published as a Proposed Standard, the document header says "Standards Track" This document need to be on the standards track since it specifies protocol, procedures and mechanisms, a TLV and ab ID to go with the TLV for LDP which is a standard track protocol. (2) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up. Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections: Technical Summary This document introduces a new optional Cryptographic Authentication TLV that LDP can use to secure its Hello messages. It secures the Hello messages against spoofing attacks and some well known attacks against the IP header. This document describes a mechanism to secure the LDP Hello messages using National Institute of Standards and Technology (NIST) Secure Hash Standard family of algorithms. Relevant content can frequently be found in the abstract and/or introduction of the document. If not, this may be an indication that there are deficiencies in the abstract or introduction. Working Group Summary Was there anything in WG process that is worth noting? For example, was there controversy about particular points or were there decisions where the consensus was particularly rough? Taking a mostly security document through a working group like MPLS is a bit tricky. Most of the participants do not have there focus on security issues. While a large majority agree that the security work has a huge value, it is often not highest on the priority list for the avarage MPLS participant. Securing routing protocols, like LDP, started with a analysis done by the KARP working group. KARP pointed to the UDP based Hello messages as a potential risk. The current draft has been developed by the MPLS working group and reviewed by KARP during wglc. The comments from people active in KARP hs been very valuable. Document Quality Are there existing implementations of the protocol? Have a significant number of vendors indicated their plan to implement the specification? Are there any reviewers that merit special mention as having done a thorough review, e.g., one that resulted in important changes or a conclusion that the document had no substantive issues? If there was a MIB Doctor, Media Type or other expert review, what was its course (briefly)? In the case of a Media Type review, on what date was the request posted? Currently we do not know of existing implementations of this draft, but a mail has been sent to the mpls and karp mailing list requesting information. The write-up will be updated as soon as new information is received. Personnel Who is the Document Shepherd? Who is the Responsible Area Director? Adrian Farrel is the Responsible AD Loa Andersson is the Document Shepherd. (3) Briefly describe the review of this document that was performed by the Document Shepherd. If this version of the document is not ready for publication, please explain why the document is being forwarded to the IESG. The document reviewed the document before starting the poll t if there were consensus to make it a wg document. A second time while preparing the working group last call, this also includes a review of the updates made as a result of the wglc. The third time while preparing the Shepherd Write-up. In addition the document was through an early RTG Area Directorate review on the Shepherd's request. (4) Does the document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? It has been a bit hard for the shepherd to follow the comments that came out of the review by participants of the KARP working group, but seeing the resolution of the comments made it much easier to follow. The review in the MPLS working group have been quite good, and the draft was reviewed by the RTG Area Directorate in parallel to the wglc. (5) Do portions of the document need review from a particular or from broader perspective, e.g., security, operational complexity, AAA, DNS, DHCP, XML, or internationalization? If so, describe the review that took place. No such reviews other than the security reviews done by participants in the KARP working group. (6) Describe any specific concerns or issues that the Document Shepherd has with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. No such concerns. (7) Has each author confirmed that any and all appropriate IPR disclosures required for full conformance with the provisions of BCP 78 and BCP 79 have already been filed. If not, explain why. All the authors have stated on the working group mailing list that they are unaware of any IPR related to this document. (8) Has an IPR disclosure been filed that references this document? If so, summarize any WG discussion and conclusion regarding the IPR disclosures. No IPR disclosures against this document. (9) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? As discussed earlier the security issues, though recognized as important, are not at the working group focus. However the discussion around resolution of the of the wglc comments has been constructive. (10) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summaries the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is publicly available.) No such threats. (11) Identify any ID nits the Document Shepherd has found in this document. (See http://www.ietf.org/tools/idnits/ and the Internet-Drafts Checklist). Boilerplate checks are not enough; this check needs to be thorough. The document passes the nits-tool, with the exeception of: " -- Possible downref: Non-RFC (?) normative reference: ref. 'FIPS-180-3' -- Possible downref: Non-RFC (?) normative reference: ref. 'FIPS-198' " This were discussed when the document was accepted as a working group document. The "FIPS" references are not considered to be down references. (12) Describe how the document meets any required formal review criteria, such as the MIB Doctor, media type, and URI type reviews. No such formal reviews necessary. (13) Have all references within this document been identified as either normative or informative? Yes - all the references have correctly been identified as normative or informative. (14) Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the plan for their completion? All the references, including the informative, are to existing RFCs or FIPS-references. (15) Are there downward normative references references (see RFC 3967)? If so, list these downward references to support the Area Director in the Last Call procedure. No normative references. (16) Will publication of this document change the status of any existing RFCs? Are those RFCs listed on the title page header, listed in the abstract, and discussed in the introduction? If the RFCs are not listed in the Abstract and Introduction, explain why, and point to the part of the document where the relationship of this document to the other RFCs is discussed. If this information is not in the document, explain why the WG considers it unnecessary. The publication of this document will not change the status of any other document. (17) Describe the Document Shepherd's review of the IANA considerations section, especially with regard to its consistency with the body of the document. Confirm that all protocol extensions that the document makes are associated with the appropriate reservations in IANA registries. Confirm that any referenced IANA registries have been clearly identified. Confirm that newly created IANA registries include a detailed specification of the initial contents for the registry, that allocations procedures for future registrations are defined, and a reasonable name for the new registry has been suggested (see RFC 5226). The document requests allocation of a "Cryptographic Authentication TLV" and a "LDP Cryptographic Protocol ID". The IANA section is well and clearly written. (18) List any new IANA registries that require Expert Review for future allocations. Provide any public guidance that the IESG would find useful in selecting the IANA Experts for these new registries. No new registries that requires expert review. (19) Describe reviews and automated checks performed by the Document Shepherd to validate sections of the document written in a formal language, such as XML code, BNF rules, MIB definitions, etc. No such reviews necessary. |
2014-04-08
|
04 | Loa Andersson | State Change Notice email list changed to mpls-chairs@tools.ietf.org, draft-ietf-mpls-ldp-hello-crypto-auth@tools.ietf.org |
2014-04-08
|
04 | Loa Andersson | Responsible AD changed to Adrian Farrel |
2014-04-08
|
04 | Loa Andersson | IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up |
2014-04-08
|
04 | Loa Andersson | IESG state changed to Publication Requested |
2014-04-08
|
04 | Loa Andersson | IESG process started in state Publication Requested |
2014-04-08
|
04 | Loa Andersson | Changed document writeup |
2014-04-08
|
04 | Loa Andersson | Intended Status changed to Proposed Standard from None |
2014-04-04
|
04 | Loa Andersson | Changed document writeup |
2014-04-03
|
04 | Loa Andersson | Changed document writeup |
2014-04-03
|
04 | Loa Andersson | Changed document writeup |
2014-04-03
|
04 | Loa Andersson | Tag Revised I-D Needed - Issue raised by WGLC cleared. |
2014-04-03
|
04 | Loa Andersson | IETF WG state changed to WG Consensus: Waiting for Write-Up from Waiting for WG Chair Go-Ahead |
2014-03-31
|
04 | Loa Andersson | Changed document writeup |
2014-03-29
|
04 | Manav Bhatia | New version available: draft-ietf-mpls-ldp-hello-crypto-auth-04.txt |
2014-03-19
|
03 | Manav Bhatia | New version available: draft-ietf-mpls-ldp-hello-crypto-auth-03.txt |
2013-09-23
|
02 | Loa Andersson | IETF WG state changed to Waiting for WG Chair Go-Ahead from In WG Last Call |
2013-09-23
|
02 | Loa Andersson | Annotation tag Revised I-D Needed - Issue raised by WGLC set. |
2013-09-07
|
02 | Loa Andersson | Document shepherd changed to Loa Andersson |
2013-09-07
|
02 | Loa Andersson | Document shepherd changed to Loa Andersson |
2013-09-05
|
02 | Loa Andersson | IETF WG state changed to In WG Last Call from WG Document |
2013-08-28
|
02 | Manav Bhatia | New version available: draft-ietf-mpls-ldp-hello-crypto-auth-02.txt |
2013-01-21
|
01 | Mach Chen | New version available: draft-ietf-mpls-ldp-hello-crypto-auth-01.txt |
2012-08-01
|
00 | Lianshu Zheng | New version available: draft-ietf-mpls-ldp-hello-crypto-auth-00.txt |