Hello, I just read through draft-ietf-nvo3-geneve, sorry I am out-of-cycle in the review process, but it looks like it has not started IETF last call yet. I have what's really just a nit and request for a little more text.
Section 4.3.1 The value of the UDP checksum is overstated. The text should note that corruption is still possible as this is a checksum and not a hash with low collision rates. Corruption happens and goes undetected in normal operations today. The security considerations section does address the recommendation to use IPsec, but making the connection on the UDP checksum being inadequate could be helpful. Reality: The way this is written, I suspect there really are no plans to use IPsec with GENEVE, are there? The MUST statements around not altering traffic can only be achieved with IPsec, so if the intent is really to enforce the early MUST statements in the document, sooner mention of IPsec would be good. If this is more for detecting corruption (and not having that be 100% or close) that should be clear up front. I'm just envisioning use cases where the virtual path is set differently to the physical path for expected operations to route through desired security functions, then an attacker alters checksums to avoid detection of these changes. Thanks and sorry for a late review! -- Best regards, Kathleen
_______________________________________________ nvo3 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nvo3
