Re: [lisp] Virtual meeting

Tue, 17 Mar 2020 21:00:40 -0700 

Thanks Joel, I've tried to summarize my line of thought below. There may be 
other aspects I'm missing.

In traditional LISP, there is some shared state between a Map-Server and an ETR 
in order to validate Map-Notifies. First, for integrity protection Map-Notifies 
include some authentication data generated using a shared key between the 
Map-Server and the ETR. Second, to protect against replay attacks the nonce 
used in the Map-Register/Map-Notify exchange is incremented over time. This 
requires that both the Map-Server and the ETR are in synch regarding the shared 
key and incremental nonce.

PubSub introduces a new protocol operation where a Map-Server can send 
Map-Notify messages to ITRs. This departs from the traditional ETR-MS 
relationship stated above and introduces a few questions. How to keep a shared 
key at scale between ITRs and a Map-Server? The ratio of ITRs-to-MS is 
potentially orders of magnitude bigger than the ratio of ETRs-to-MS, are shared 
keys even feasible? Besides, how to handle the nonce increment when the ITR is 
also an ETR? Do we need to keep track of two Map-Notify nonces, one for the 
Map-Register exchange and another for PubSub operation?

Thanks,
Alberto

On 3/16/20, 11:24 AM, "Joel Halpern Direct" <jmh.dir...@joelhalpern.com> wrote:

    Thank you Alberto.  To see if folks want to engage on the topic, could 
    you write a short email describing the question and, if you can, some of 
    the things that you would like to discuss?
    
    Folks, let's be clear.  I do expect we will have a virtual interim. 
    Maybe even more than one.  I would really like to see groundwork on the 
    email list so that any request by the chairs for folks to make time is 
    for more than just some presentations.
    
    Thank you,
    Joel
    
    On 3/16/2020 2:15 PM, Alberto Rodriguez Natal (natal) wrote:
    > Joel, all,
    > 
    > I'm in favor of having a virtual interim meeting. One of the points that 
I have on my personal list of "things to discuss when we have time" is the 
aspect of (unsolicited) Map-Notifies on PubSub. I think it can benefit from 
some deeper discussion with the WG regarding, nonces, security associations, 
ITR-MS relationship, etc. If the WG is up to it, I can bring the topic for 
discussion and get some opinions on an interim.
    > 
    > Thanks,
    > Alberto
    >      
    > 
    

_______________________________________________
lisp mailing list
lisp@ietf.org
https://www.ietf.org/mailman/listinfo/lisp

Reply via email to