Hi, My view on the draft is that a section is missing.
I suggest adding a section 7 named "end-to-end interdomain OAM" to bridge iOAM and OAM of end-to-end encrypted flows. The content of the section might relies on the following: Fast interdomain troubleshooting requires a minimal interoperability to estimate delay and packet loss. QUIC spinbit approach is an example which supports end-to-end interdomain OAM. The signal exposed is end-to-end protected and not encrypted; its enforcement is under the control of the endpoint; its activation is limited to a small percentage of the flows. Here are other comments on the draft. I read the draft very quickly so several ones might be inappropriate: · Encryption and protection should be clearly separated; o TCPcrypt header protection (part end-to-end encrypted, part end-to-end protected and on-path readable) mechanism ; o QUIC spinbit protection (end-to-end protected and on-path readable); · QUIC spinbit on-path troubleshooting properties : applies to interdomain; · DTLS on-path troubleshooting properties might be described; · Not sure that the draft recall transport proxies usage, like for satco; · Security section should highlight the privacy risk when on-path probes have to do whole packet decryption to get header information ; Regards Emile De : saag [mailto:[email protected]] De la part de Black, David Envoyé : mardi 8 octobre 2019 23:09 À : [email protected]; [email protected] Cc : tsvwg-chairs Objet : [saag] TSVWG WGLC: draft-ietf-tsvwg-transport-encrypt-08, closes 23 October 2019 FYI - some OPS area and SEC area eyes on this TSVWG draft now (during WGLC) would be a good thing ;-). Thanks, --David (TSVWG co-chair) From: Black, David <[email protected]> Sent: Tuesday, October 8, 2019 5:06 PM To: [email protected] Cc: Black, David Subject: WGLC: draft-ietf-tsvwg-transport-encrypt-08, closes 23 October 2019 This email announces a TSVWG Working Group Last Call (WGLC) on: The Impact of Transport Header Confidentiality on Network Operation and Evolution of the Internet draft-ietf-tsvwg-transport-encrypt-08 https://datatracker.ietf.org/doc/draft-ietf-tsvwg-transport-encrypt/ This draft is intended to become an Informational RFC. This WGLC will run through the end of the day on Wednesday, October 23. That should allow time before the Singapore draft submission cutoff for the authors to revise the draft with any changes that result from WGLC. Comments should be sent to the [email protected]<mailto:[email protected]> list, although purely editorial comments may be sent directly to the authors. Please cc: the WG chairs at [email protected]<mailto:[email protected]> if you would like the chairs to track such editorial comments as part of the WGLC process. No IPR disclosures have been submitted directly on this draft. Thanks, David, Gorry and Wes (TSVWG Co-Chairs) _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
_______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
