Directory-Assisted Transparent Interconnection of Lots of Links (TRILL) Encapsulation
draft-ietf-trill-directory-assisted-encap-11
Yes
(Alia Atlas)
No Objection
(Alissa Cooper)
(Spencer Dawkins)
(Suresh Krishnan)
Note: This ballot was opened for revision 09 and is now closed.
Alia Atlas Former IESG member
Yes
Yes
(for -09)
Unknown
Alexey Melnikov Former IESG member
No Objection
No Objection
(2018-03-07 for -10)
Unknown
Agreeing with Alvaro's DISCUSS.
Alissa Cooper Former IESG member
No Objection
No Objection
(for -10)
Unknown
Alvaro Retana Former IESG member
(was Discuss)
No Objection
No Objection
(2018-03-08)
Unknown
[Thank you for addressing my DISCUSS!]
Ben Campbell Former IESG member
No Objection
No Objection
(2018-03-07 for -10)
Unknown
I support Alvaro's DISCUSS and Kathleen's comments
Deborah Brungard Former IESG member
No Objection
No Objection
(2018-03-06 for -10)
Unknown
Support comments by Alvaro and Kathleen on security aspects.
Eric Rescorla Former IESG member
No Objection
No Objection
(2018-03-07 for -10)
Unknown
I support Alvaro's DISCUSS and Kathleen's comment I also think it would be useful to emphasize the need for some security on the links between the egress and ingress nodes, although presumably that's a standard TRILL consideration. Finally nodes. Such spoofing cannot cause looping traffic because TRILL has a hop count in the TRILL header [RFC6325] so that, should there be a loop, a TRILL packet caught in that loop (i.e., an encapsulated frame) will be discarded. Is it in fact the case that it cannot cause looping or merely that the loop is contained by the hop count? Perhaps this is just a terminology issue and in routing loop just means infinite loop?
Kathleen Moriarty Former IESG member
No Objection
No Objection
(2018-03-03 for -09)
Unknown
Thanks for your work on this document. I'd like to see stronger language used in the security considerations section. I'll propose edits for you to consider: OLD: Therefore, there could be a potential security risk when the TRILL-ENs are not trusted. In addition, if the path between the directory and the TRILL-ENs are attacked, false mappings can be sent to the TRILL-EN causing packets from the TRILL-EN to be sent to wrong destinations, possibly violating security policy. Therefore, a combination of authentication and encryption should be used between the Directory and TRILL-EN. The entities involved will need to properly authenticate with each other to protect sensitive information. NEW: Therefore, there could be a potential security risk when the TRILL-ENs are not trusted or are compromised. In addition, if the path between the directory and the TRILL-ENs are attacked, false mappings can be sent to the TRILL-EN causing packets from the TRILL-EN to be sent to wrong destinations, possibly violating security policy. Therefore, a combination of authentication and encryption is RECOMMENDED between the Directory and TRILL-EN. The entities involved will need to properly authenticate with each other, provide session encryption, maintain security patch levels, and configure their systems to allow minimal access and running processes to protect sensitive information.
Spencer Dawkins Former IESG member
No Objection
No Objection
(for -10)
Unknown
Suresh Krishnan Former IESG member
No Objection
No Objection
()
Unknown