Hi Ilango, I would appreciate that you go through the requirements mostly the SEC-GEN of the latest version and let us know your concerns. I believe that would be also helpful to understand what it seems I am missing regarding the transit devices. If I remember correctly, the need to protect Geneve Options for transit devices has been stated to the mike.
Yours, Daniel On Mon, Mar 11, 2019 at 2:42 AM Daniel Migault <[email protected]> wrote: > Hi Illango, > > Though we would appreciate your comment on the new version. We would also > appreciate you go through the issues [1] we opened and answered based on > your previous comments. More specifically, in case the issue has not been > addressed, we would be able to keep the discussion based on the provided > responses rather than re-opening parallel issues. We believe that would be > beneficial to reach consensus. > > Yours, > Daniel > > > [1] https://github.com/mglt/draft-mglt-nvo3-geneve-security-requirements > /issues > > > On Sat, Mar 2, 2019 at 10:29 PM Ganga, Ilango S <[email protected]> > wrote: > >> Hi Daniel, >> >> I quickly glanced through the document, the draft still makes assumptions >> and imposes requirements that is unsupported by Geneve architecture. We had >> provided this input on the previous draft version. However this is still >> maintained in this version. The new draft was posted 2 days ago, I will >> review the document in detail and provide my feedback. >> >> Regards, >> Ilango >> >> >> >> -----Original Message----- >> From: nvo3 [mailto:[email protected]] On Behalf Of Daniel Migault >> Sent: Thursday, February 28, 2019 6:48 PM >> To: [email protected] >> Subject: [nvo3] FW: New Version Notification for >> draft-mglt-nvo3-geneve-security-requirements-06.txt >> >> Hi, >> >> Please find an update of the draft. We considered the feed back received >> during the meeting in Bangkok as well as the comments from Magnus. >> >> So far no issue has been raised that could prevent the draft from being >> adopted, and we believe the draft can be adopted. >> >> Yours, >> Daniel >> >> -----Original Message----- >> From: [email protected] <[email protected]> >> Sent: Thursday, February 28, 2019 9:43 PM >> To: Sami Boutros <[email protected]>; Dan Wings <[email protected]>; Dan >> Wing <[email protected]>; Daniel Migault <[email protected]>; >> Suresh Krishnan <[email protected]> >> Subject: New Version Notification for >> draft-mglt-nvo3-geneve-security-requirements-06.txt >> >> >> A new version of I-D, draft-mglt-nvo3-geneve-security-requirements-06.txt >> has been successfully submitted by Daniel Migault and posted to the IETF >> repository. >> >> Name: draft-mglt-nvo3-geneve-security-requirements >> Revision: 06 >> Title: Geneve Security Requirements >> Document date: 2019-02-28 >> Group: Individual Submission >> Pages: 26 >> URL: >> https://www.ietf.org/internet-drafts/draft-mglt-nvo3-geneve-security-requirements-06.txt >> Status: >> https://datatracker.ietf.org/doc/draft-mglt-nvo3-geneve-security-requirements/ >> Htmlized: >> https://tools.ietf.org/html/draft-mglt-nvo3-geneve-security-requirements-06 >> Htmlized: >> https://datatracker.ietf.org/doc/html/draft-mglt-nvo3-geneve-security-requirements >> Diff: >> https://www.ietf.org/rfcdiff?url2=draft-mglt-nvo3-geneve-security-requirements-06 >> >> Abstract: >> The document defines the security requirements to protect tenants >> overlay traffic against security threats from the NVO3 network >> components that are interconnected with tunnels implemented using >> Generic Network Virtualization Encapsulation (Geneve). >> >> The document provides two sets of security requirements: 1. >> requirements to evaluate the data plane security of a given >> deployment of Geneve overlay. Such requirements are intended to >> Geneve overlay provider to evaluate a given deployment. >> 2. requirement a security mechanism need to fulfill to secure any >> deployment of Geneve overlay deployment >> >> >> >> >> Please note that it may take a couple of minutes from the time of >> submission until the htmlized version and diff are available at >> tools.ietf.org. >> >> The IETF Secretariat >> >> _______________________________________________ >> nvo3 mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/nvo3 >> >> _______________________________________________ >> nvo3 mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/nvo3 >> >
_______________________________________________ nvo3 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nvo3
