Hi,Diego: Very interesting draft. TLS seems to bring more benefit for key management.
Would it be good to discuss securing PCEP by TCP-AO as well since TCP-MD5 has been obsoleted by TCP-AO? Also it is better to discuss how TLS/TCP can be used to deal with Vulnerabilities concerns raised in RFC5440. Another comment is when both PCC and PCE support both TLS/TCP and TCP, how does PCC select transport protocol? TCP is mandatory or both are mandatory? Does it rely on manual configuration or dynamic discovery? Regards! -Qin (sorry for duplicate message if you received before since It looks this email was sent before and unfortunately filtered out) -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Diego R. Lopez Sent: Saturday, July 13, 2013 7:55 PM To: [email protected] Cc: [email protected] Subject: [Pce] Proposal on securing PCEP by means of TLS Hi, Oscar and I have prepared a draft on applying TLS to PCEP security: 8<--- Filename: draft-lopez-pcp-pceps Revision: 00 Title: Secure Transport for PCEP Creation date: 2013-07-10 Group: Individual Submission Number of pages: 8 URL: http://www.ietf.org/internet-drafts/draft-lopez-pcp-pceps-00.txt Status: http://datatracker.ietf.org/doc/draft-lopez-pcp-pceps Htmlized: http://tools.ietf.org/html/draft-lopez-pcp-pceps-00 Abstract: The Path Computation Element Communication Protocol (PCEP) defines the mechanisms for the communication between a client and a PCE, or among PCEs. This document describe the usage of Transport Layer Security to enhance PCEP security, hence the PCEPS acronym proposed for it. The additional security mechanisms are provided by the transport protocol supporting PCEP, and therefore they do not affect its flexibility and extensibility. 8<--- Comments and contributions will be extremely welcome. As you can expect, we'd like to have the opportunity to present and discuss it in Berlin. Be goode -- "Esta vez no fallaremos, Doctor Infierno" Dr Diego R. Lopez Telefonica I+D http://people.tid.es/diego.lopez/ e-mail: [email protected] Tel: +34 913 129 041 Mobile: +34 682 051 091 ----------------------------------------- ________________________________ Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra política de envío y recepción de correo electrónico en el enlace situado más abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at: http://www.tid.es/ES/PAGINAS/disclaimer.aspx _______________________________________________ Pce mailing list [email protected] https://www.ietf.org/mailman/listinfo/pce _______________________________________________ Pce mailing list [email protected] https://www.ietf.org/mailman/listinfo/pce
