Luigi, I believe we can plan a slot for this?
Yours,
Joel
On 4/7/2020 11:09 PM, Prakash Jain (prakjain) wrote:
Hi Joel,
Sorry, missed this earlier. I have earlier asked a slot in Vancouver to present
lisp-site-external-connectivity draft
(https://tools.ietf.org/html/draft-jain-lisp-site-extern
Hi Joel,
Sorry, missed this earlier. I have earlier asked a slot in Vancouver to present
lisp-site-external-connectivity draft
(https://tools.ietf.org/html/draft-jain-lisp-site-external-connectivity-00).
If slots are still available in virtual session, we would like to have 10 min
slot to discu
> I like it. This is actually something that Fabio and I discussed some time
> ago as a possible option but we never really closed on it.
So both the Map-Request AD and Map-Reply AD need changes to include the wrapped
pubsub key (I referred to this key in the last email as the “new key-material”
Yep, that fills in the details nicely. I started from "we should be
able to bootstrap the security through lisp-sec".
Yours,
Joel
On 3/31/2020 8:27 PM, Dino Farinacci wrote:
Sorry, yes, it is the MS, not the MR, who provides the information to construct
the key, since it is the MS who is gen
> Sorry, yes, it is the MS, not the MR, who provides the information to
> construct the key, since it is the MS who is generating the notifies. Sorry I
> still cross them up.
Oh good. That is more clear now. So if you are saying this:
(1) Use LISP-sec as defined today.
(2) Have the MS wrap some
Sorry, yes, it is the MS, not the MR, who provides the information to
construct the key, since it is the MS who is generating the notifies.
Sorry I still cross them up.
Yours,
Joel
On 3/31/2020 8:01 PM, Dino Farinacci wrote:
Yes, but that’s a new precedent requiring the MR to store state. We
Yes, but that’s a new precedent requiring the MR to store state. We should try
to make it lighter weight. And you can’t do what you want on the MR, because
its the MS’s OTK as spec’ed today that is passed to the ETR.
Dino
> On Mar 31, 2020, at 4:58 PM, Joel M. Halpern wrote:
>
> We could reus
We could reuse the OTK directly. My actual inclination would be for the
MR to send back (via the ETR) some data which, when combined with the
OTK, produced a separate key for use with the notify messages. Clearly,
the MR would have to store whatever security key we want it to use as
long as t
> I may have missed something, but I think that in the case of the first
> notify, it does actually start at the Itr.
> Specifically, it starts with an ItR sending a subscribe request. The MS
> responds to that with a notify. What I am suggesting is that (when security
> is desired) the Itr
I may have missed something, but I think that in the case of the first
notify, it does actually start at the Itr. Specifically, it starts with
an ItR sending a subscribe request. The MS responds to that with a
notify. What I am suggesting is that (when security is desired) the Itr
includes t
> thinking about Alberto's request, and reading the document, I wondered if the
> security could be improved by sending the first notify back via the ETR, and
> coupling it to LISP-SEC to protect the information and provide needed keys
> for further messages? It seems like we do need a way to pr
thinking about Alberto's request, and reading the document, I wondered
if the security could be improved by sending the first notify back via
the ETR, and coupling it to LISP-SEC to protect the information and
provide needed keys for further messages? It seems like we do need a
way to protect
Thanks Joel, I've tried to summarize my line of thought below. There may be
other aspects I'm missing.
In traditional LISP, there is some shared state between a Map-Server and an ETR
in order to validate Map-Notifies. First, for integrity protection Map-Notifies
include some authentication data
Another topic that I’ve been holding off on (in favor of finalizing publication
of the RFC bis documents) is the federation of control planes. We’ve come
across this requirement in many cross-organizational environments (the ones for
which we started working on Uberlay). I’ll send a separate not
Thank you Alberto. To see if folks want to engage on the topic, could
you write a short email describing the question and, if you can, some of
the things that you would like to discuss?
Folks, let's be clear. I do expect we will have a virtual interim.
Maybe even more than one. I would real
I think a great topic to discuss. And an important problem to solve of course.
;-)
Dino
> On Mar 16, 2020, at 11:15 AM, Alberto Rodriguez Natal (natal)
> wrote:
>
> Joel, all,
>
> I'm in favor of having a virtual interim meeting. One of the points that I
> have on my personal list of "thing
Joel, all,
I'm in favor of having a virtual interim meeting. One of the points that I have
on my personal list of "things to discuss when we have time" is the aspect of
(unsolicited) Map-Notifies on PubSub. I think it can benefit from some deeper
discussion with the WG regarding, nonces, securi
No, fundamentally, WG sessions are not supposed to be opportunities to
present. They are supposed to be opportunities to use higher bandwidth
to resolve issues. Even virtual meetings are supposed to be for that goal.
Of the several presentations at the last meeting, most had no comments,
som
> Many of the things that I believe folks would like to discuss are in charter.
> Dino, I think you misunderstood my point.
I understood the point. But if people don’t get the opportunity to present,
then there isn’t much to discuss. If members want to discuss anything they feel
is important, th
Many of the things that I believe folks would like to discuss are in
charter.
Dino, I think you misunderstood my point.
I am looking to see discussion on the list to give me confidence that a
virtual session will be useful. I have been disappointed in the one-way
nature of the last several wor
> I understand that folks want to present their work.
> But what I am looking for if we are going to get folks together is actual
> engagement on the list. Indication that there are things worth discussing.
There are things worth discussing if we can discuss non-RFCbis material. There
are many
Vancouver has been cancelled.
We have several ways we can hold a virtual interim. (The chairs have a
webex available, and Fabio has offered one.)
I understand that folks want to present their work.
But what I am looking for if we are going to get folks together is
actual engagement on the lis
22 matches
Mail list logo