Jeffrey, all,
(below)
2015-09-25, Jeffrey (Zhaohui) Zhang:
*From:*Alvaro Retana (aretana) [mailto:aret...@cisco.com]
5. Section 4. (Security Considerations) Are there really no security
considerations?
* Section 3.1. (Control State) Says that: "To speed up
convergence…PEy MAY advertise a Leaf A-D route even if does
not choose PEx as its Upstream PE…With that, it will receive
traffic from all PEs, but some will arrive with the label
corresponding to its choice of Upstream PE while some will
arrive with a different label, and the traffic in the latter
case will be discarded.” I’m assuming that all the traffic
(specially the discarded one) belongs to the same VPN, so
there’s no danger of leaking information, right? It might be
worth including something in the Security Consideration so
that it’s easier for the readers (Security Directorate, for
example) to grasp the context.
Zzh> There is indeed no new issues. The quoted text refers to the
possible arrival of duplication for the same flow that the receiving
PEs need to receive, and they will be discarded anyway. There is no
deliver of duplication to CEs, and certainly there is no leaking. I am
not sure if that needs to be called out.
I agree on the analysis.
Refering to both RFC6513 and RFC6514 (instead of RFC6514 alone) is the
only improvement I can think of.
Best,
-Thomas
_________________________________________________________________________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations
confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce
message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages
electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou
falsifie. Merci.
This message and its attachments may contain confidential or privileged
information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete
this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been
modified, changed or falsified.
Thank you.
_______________________________________________
BESS mailing list
BESS@ietf.org
https://www.ietf.org/mailman/listinfo/bess
