On 8/23/13 9:38 AM, Truman Boyes wrote: > Keying for network resources is highly complicated and will likely > have little adoption.
There have been problems with adoption of security technologies for routing, but I'm not sure it's because of difficulty around keying - we see plenty of other instances of key provisioning for things like VPN tunnels, management consoles, etc. Granted that they're almost always done badly. And of course that's not a reason not to try to secure an nvo3 tunnel - if nothing else you've got to protect the control plane from things like spoofing, replays, etc. That almost always requires cryptographic protections (pace people who run everything through an ssh tunnel). > We could do it, but today's trust boundaries typically live on the > NVE/PE/ToR/etc, and are not truly multi-org, but rather multiple > projects that can be authorized at the application level. I think there's a proper middle ground here. The control plane cannot go unprotected, period, and ssh tunnels don't provide the kind of granularity or key management facilities that are needed. I'm always (well, almost always) happy to see group keys being considered but there are some relatively subtle issues that they introduce that need discussion. Melinda _______________________________________________ nvo3 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nvo3
