Hello Kathleen, Thanks for your review of draft-ietf-nvo3-geneve-14. We are fine with your suggestion for comment #1 and we suggest a revised text for comment #2 to provide better clarity. Please see our responses in-line below, enclosed in <Response> </Response>.
Regards, Ilango Ganga Geneve Editor From: nvo3 <[email protected]> On Behalf Of Kathleen Moriarty Sent: Thursday, October 24, 2019 4:23 AM To: [email protected]; NVO3 <[email protected]> Cc: [email protected]; [email protected] Subject: [nvo3] Comments on draft-ietf-nvo3-geneve Hello, Thank you for a well written document! I know I am late to be offering comments, but with a quick read, I think calling out the ability to tamper with or alter packets should be made in the second sentence of the security considerations section. You do have the relevant text on integrity protections later in the section, but this should be considered an important enough problem to be in the sentence on possible problems due to no security mechanisms. OLD: As a result, an attacker with access to the underlay network transporting the IP packets has the ability to snoop or inject packets. NEW: As a result, an attacker with access to the underlay network transporting the IP packets has the ability to snoop, alter, or inject packets. <Response> Yes, this looks fine. </Response> And in the section on Data Integrity, it should be noted that the measures in this sentence would have no bearing on the integrity of GENEVE: OLD: A data center operator may choose to deploy any other data integrity mechanisms as applicable and supported in their underlay networks. NEW: A data center operator may choose to deploy any other data integrity mechanisms as applicable and supported in their underlay networks, although this will not protect the GENEVE portion of the packet from tampering. <Response> We propose the revised text below to provide better clarity. NEW REVISED: A data center operator may choose to deploy any other data integrity mechanisms as applicable and supported in their underlay networks, although non-cryptographic mechanisms may not protect the Geneve portion of the packet from tampering. </Response> Thank you! The document is well written and I was glad to see these considerations already in the document. I do think this will help anyone deploying multi-tenant environments to think about the importance of integrity protection and not learn the hard way. -- Best regards, Kathleen
_______________________________________________ nvo3 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nvo3
