Hi Greg,
Your questions in the IETF-98 meeting seemed to stem from the challenges of authentication in fast BFD sessions at high scale. I'll address the issue in two parts - "Is there a need for authenticated BFD sessions?" - I believe we can all agree that there is a clear market need for BFD authentication. So we should direct the conversation to the way in which we can address this requirement.. "How can authentication work at scale?" - BFD authentication puts significant stress on the system and a non-meticulous method alleviates this computation pressure. That's the premise of this draft as it presents a way to relieve the BFD authentication requirement based on the capability of the system to handle the additional stress which maintaining the session scale. There are some BFD systems in the market, which are not conducive to authentication (even the optimized method), where the impediment to authentication is due to the implementation details specific to that vendor or system. I believe all these issues were address during the meeting. Are there any specific questions that I missed or any recommendations for the method in which the requirements can be addressed? Thanks, Ashesh ________________________________ From: Rtg-bfd <rtg-bfd-boun...@ietf.org> on behalf of Greg Mirsky <gregimir...@gmail.com> Sent: Thursday, March 29, 2018 4:09:32 AM To: Jeffrey Haas Cc: rtg-bfd@ietf.org Subject: Re: WGLC BFD Authentication Drafts Dear WG Chairs, et. al, I cannot support WG LC for draft-ietf-bfd-optimizing-authentication as my comments at BFD WG meeting dating back to IETF-98<https://datatracker.ietf.org/meeting/98/materials/minutes-98-bfd-00> still not have been addressed nor even there was an attempt to address. As I've asked to clarify impact of the proposed mechanism, particularly periodic authentication, on the BFD State Machine, I'd point that the proposed mechanism directly affects BFD security as discussed in RFC 5880 and the section Security Considerations in the document, in my view, does not adequately reflects that and doesn't explain how the security of the BFD session maintained when the periodic authentication is in use. Regards, Greg On Wed, Mar 28, 2018 at 7:38 PM, Jeffrey Haas <jh...@pfrc.org<mailto:jh...@pfrc.org>> wrote: Working Group, The authors of the following Working Group drafts have requested Working Group Last Call on the following documents: https://tools.ietf.org/html/draft-ietf-bfd-secure-sequence-numbers-01 https://tools.ietf.org/html/draft-ietf-bfd-optimizing-authentication-04 https://tools.ietf.org/html/draft-ietf-bfd-stability-01 Given the overlap of functionality, WGLC will conclude for the bundle simultaneously. Authors, please positively acknowledge whether or not you know about any IPR for your documents. Progression of the document will not be done without that statement. Last call will complete on April 20. -- Jeff
