Re: [Int-area] WG Adoption Call: Discovering Provisioning Domain Names and Data

As a co-author, I also support adoption of this PvD work in intarea. Thanks, Tommy > On Sep 2, 2017, at 12:47 AM, Erik Kline wrote: > > +1 > > I think we'll be finding many more uses for this work going forward. > >> On 2 September 2017 at 09:11, Ted Lemon wrote: >> I would like to see this

Re: [Int-area] Comments on current MPvD draft.

> On Nov 15, 2017, at 7:33 PM, Tim Chown wrote: > >> On 15 Nov 2017, at 11:00, Mikael Abrahamsson wrote: >> >> On Wed, 15 Nov 2017, Ted Lemon wrote: >> >>> The assumption that each PvD will have its own router >> >> I don't think this is the case? It's just that each PVD is in its own RA, i

[Int-area] Proposed updates for draft-ietf-intarea-provisioning-domains

Hello INTAREA, Thanks to everyone for their feedback yesterday on the various proposals for the -06 version of draft-ietf-intarea-provisioning-domains. I've made several updates to the Pull Request (https://github.com/IPv6-mPvD/mpvd-ietf-drafts/pull/11) based on the feedback we received. Plea

Re: [Int-area] I-D Action: draft-ietf-intarea-provisioning-domains-06.txt

Working Group WG of the IETF. > >Title : Discovering Provisioning Domain Names and Data >Authors : Pierre Pfister > Eric Vyncke > Tommy Pauly > David Schinazi >

Re: [Int-area] AD Evaluation : draft-ietf-intarea-provisioning-domains-08

Hi Suresh, Thanks very much for the review! We've posted a new -09 version to incorporate your feedback: URL: https://www.ietf.org/internet-drafts/draft-ietf-intarea-provisioning-domains-09.txt St

Re: [Int-area] [Last-Call] Opsdir last call review of draft-ietf-intarea-provisioning-domains-09

Hi Tim, Happy New Year! Thanks very much for your thorough review. We've just posted a -10 version (https://tools.ietf.org/html/draft-ietf-intarea-provisioning-domains-10) that addresses your comments. > On Dec 26, 2019, at 2:26 AM, Tim Chown via Datatracker > wrote: > > Reviewer: Tim Chown

Re: [Int-area] RtgDir review: draft-ietf-intarea-provisioning-domains-09

Hi Russ, Thanks for your review! We've posted a new -10 version (https://tools.ietf.org/html/draft-ietf-intarea-provisioning-domains-10) that should address your comments. > On Dec 16, 2019, at 5:43 PM, 7ri...@gmail.com wrote: > > Hello, > > I have been selected as the Routing Directorate re

Re: [Int-area] Adam Roach's Discuss on draft-ietf-intarea-provisioning-domains-10: (with DISCUSS and COMMENT)

> On Jan 22, 2020, at 6:54 AM, Warren Kumari wrote: > > On Wed, Jan 22, 2020 at 12:26 AM Adam Roach via Datatracker > wrote: >> >> Adam Roach has entered the following ballot position for >> draft-ietf-intarea-provisioning-domains-10: Discuss >> >> When responding, please keep the subject li

Re: [Int-area] Adam Roach's Discuss on draft-ietf-intarea-provisioning-domains-10: (with DISCUSS and COMMENT)

e: > > On Jan 22, 2020, at 10:53, Tommy Pauly > wrote: >> Network operators SHOULD restrict access to PvD Additional >> Information to only expose it to hosts that are connected to the local >> network... [this] can be implemented by >> whitelisting access from th

Re: [Int-area] Barry Leiba's No Objection on draft-ietf-intarea-provisioning-domains-10: (with COMMENT)

Hi Barry, Thanks very much for the review! I'm keeping pending changes available here, to be published after the telechat: https://github.com/IPv6-mPvD/mpvd-ietf-drafts/pull/25 I've fixed the typo in section 6, and added "Fragment identifier considerations" to the media type registration (as

Re: [Int-area] Alexey Melnikov's No Objection on draft-ietf-intarea-provisioning-domains-10: (with COMMENT)

Hi Alexey, Thanks very much for the review! I'm keeping pending changes available here, to be published after the telechat: https://github.com/IPv6-mPvD/mpvd-ietf-drafts/pull/25 I've updated the text to reference a DNS-ID in the cert, and not imply that there is only one such name: (e.g.

Re: [Int-area] Mirja Kühlewind's Yes on draft-ietf-intarea-provisioning-domains-10: (with COMMENT)

Hi Mirja, Thanks very much for the review! The restriction to only use one PvD option per RA is present so that clients can be explicit about which PvD is intended to be used when sending packets. The PvD's associated prefix, and thus the client local address, should be unique for any explicit

Re: [Int-area] Alissa Cooper's Discuss on draft-ietf-intarea-provisioning-domains-10: (with DISCUSS and COMMENT)

Hi Alissa, Thanks very much for the review! I'm keeping pending changes available here, to be published after the telechat: https://github.com/IPv6-mPvD/mpvd-ietf-drafts/pull/25 I've updated the URN reference to specify the correct URL; that was due to my errors in filling out the RFC markdown

Re: [Int-area] Adam Roach's Discuss on draft-ietf-intarea-provisioning-domains-10: (with DISCUSS and COMMENT)

Hi Adam, As we discuss the main DDoS attack case, I did want to also reply to the other comments (see inline). I'm keeping pending changes available here, to be published after the telechat: https://github.com/IPv6-mPvD/mpvd-ietf-drafts/pull/25

Re: [Int-area] Roman Danyliw's Discuss on draft-ietf-intarea-provisioning-domains-10: (with DISCUSS and COMMENT)

Hi Roman, Thanks for the review! > > -- > DISCUSS: > -- > > Section 4.4. Per “When a host retrieves the PvD Additional Information, it > MUST verify that the T

Re: [Int-area] Adam Roach's Discuss on draft-ietf-intarea-provisioning-domains-10: (with DISCUSS and COMMENT)

Hi Adam, Thanks again for bringing this up! I've updated our text to include mitigations for this attack. It can be found here (https://github.com/IPv6-mPvD/mpvd-ietf-drafts/pull/25), but here's an overview of the proposed text: In Section 4.1, I've added two new paragraphs. The first describe

Re: [Int-area] Alissa Cooper's Discuss on draft-ietf-intarea-provisioning-domains-10: (with DISCUSS and COMMENT)

22, 2020, at 1:57 PM, Alissa Cooper wrote: > > Thanks Tommy. So why would, e.g., BBF or OASIS be using PvDs? Sorry if this > is obvious. > > Alissa > >> On Jan 22, 2020, at 12:02 PM, Tommy Pauly wrote: >> >> Hi Alissa, >> >> Thanks very much fo

Re: [Int-area] Adam Roach's Discuss on draft-ietf-intarea-provisioning-domains-10: (with DISCUSS and COMMENT)

affic can be > orchestrated. > The more I think about it, the more I believe the TXT-based opt-in solution I > proposed in my earlier email is a reasonable approach to protect > general-purpose web servers from PvD-client-based attacks. > > One further comment inline below. >

Re: [Int-area] Adam Roach's Discuss on draft-ietf-intarea-provisioning-domains-10: (with DISCUSS and COMMENT)

Hi Adam, Thanks for the feedback! The updated paragraph in the retrieval section, to indicate a maximum failure count per attachment, is: If the request for PvD Additional Information fails due to a TLS error, an HTTP error, or because the retrieved file does not contain valid PvD JSON, hosts MU

Re: [Int-area] Adam Roach's Discuss on draft-ietf-intarea-provisioning-domains-10: (with DISCUSS and COMMENT)

> the draft comes out (I would propose that you wait for instructions from your > AD about when to do so). Thanks! Yes, I'll wait for the go-ahead from Suresh. I appreciate your helping to work through these important details! Best, Tommy > > /a > > On 1/22/20 17:51

Re: [Int-area] Benjamin Kaduk's Discuss on draft-ietf-intarea-provisioning-domains-10: (with DISCUSS and COMMENT)

Hi Ben, Thanks very much for your thorough review! I've pushed changes to address these comments. I'm keeping pending changes available here, to be published after the telechat: https://github.com/IPv6-mPvD/mpvd-ietf-drafts/pull/25 Respo

Re: [Int-area] Adam Roach's Discuss on draft-ietf-intarea-provisioning-domains-10: (with DISCUSS and COMMENT)

; (which still seems excessive, although not quite as much as the previous > upper bound). > > Assuming the additional mitigation you propose below (10 maximum failures per > attachment) as well as some means of achieving a lower-bound for "Delay" on > the or

Re: [Int-area] Benjamin Kaduk's Discuss on draft-ietf-intarea-provisioning-domains-10: (with DISCUSS and COMMENT)

Hi Ben, Thanks for your responses! Comments inline for the points that needed replies. Best, Tommy > On Jan 23, 2020, at 10:20 AM, Benjamin Kaduk wrote: > > Hi Tommy, > > Also inline. > > On Wed, Jan 22, 2020 at 12:42:59PM -0800, Tommy Pauly wrote: >> >&g

[Int-area] Per-Application Networking Considerations

internet-dra...@ietf.org > Subject: New Version Notification for > draft-per-app-networking-considerations-00.txt > Date: November 15, 2020 at 8:02:12 PM PST > To: Lorenzo Colitti , Tommy Pauly > > > A new version of I-D, draft-per-app-networking-considerations-00.txt > has

Re: [Int-area] Call for WG adoption of draft-templin-intarea-parcels-10

I agree with the points being raised by Tom and Joel. I don’t think this is something intarea should adopt at this point. If there’s going to be further discussion on this, I’d want to see more explanation of who would intend to support and deploy this solution to the problem. If this is a matt

[Int-area] draft-pauly-intarea-proxy-config-pvd-00

both the INTAREA and MASQUE groups, if possible. Please take a read; your comments are appreciated! Best, Tommy > Begin forwarded message: > > > A new version of I-D, draft-pauly-intarea-proxy-config-pvd-00.txt > has been successfully submitted by Tommy Pauly and posted to the &g

Re: [Int-area] draft-pauly-intarea-proxy-config-pvd-00

; Looks like an interesting proposal, and it raised an interesting point: that > proxies can be provisioning domains unto themselves (this hadn't exactly > occurred to me before, but makes sense). > > Looking forward to more discussion. > > Thanks, > -ek > > On Wed, Jun 28

Re: [Int-area] [Masque] draft-pauly-intarea-proxy-config-pvd

Hi Marc, To start — I have no objection to there being some mechanism to discover a proxy using dns-sd / bonjour! If someone has a good use case for that, that certainly is a possibility. I do think it would be a different use case than the one for this network-provided proxy provisioning, how

Re: [Int-area] [Masque] draft-pauly-intarea-proxy-config-pvd

gt; = > > Cheers, > Med > >> -Message d'origine- >> De : Int-area mailto:int-area-boun...@ietf.org>> >> De la part de Tommy >> Pauly >> Envoyé : mardi 25 juillet 2023 23:34 >> À : Marc Blanchet > <mailto:marc.blanc...@via

[Int-area] New version: draft-pauly-intarea-proxy-config-pvd-01

Hello INTAREA, As a note, we’ve published an update to the document presented at IETF 117 on discovering proxy configurations using PvD info. This now focuses on how to bootstrap learning about other proxy protocols and Split DNS configurations given a known proxy name, while still allowing the

[Int-area] New version: draft-pauly-intarea-proxy-config-pvd-02

Hello INTAREA, At IETF 118, we presented our draft on discovering proxies with PvD information files. We got good support for working on this, along with some feedback for how to improve the format to support more details for the proxies, and more explicit indications of proxy protocols. We’ve

Re: [Int-area] New version: draft-pauly-intarea-proxy-config-pvd-02

thora of Arduino libraries to parse JSON. > > WPAD OG was designed 20 years ago in Web dinosaur times. We now have an > opportunity to have IoT and other devices start off with a more modern, > efficient and secure format, which hopefully will last us the next 20 years. &g

[Int-area] Re: New version of WPADNG

For the enterprise case, I think the problem is the need for a root of trust. The model I would expect on modern systems would be that you have an enterprise-installed configuration on your enterprise-provisioned device that says “use this proxy on this network”, or “use this VPN on these networ

[Int-area] Re: Call for WG adoption of draft-chroboczek-intarea-v4-via-v6

I support adoption of this draft. It is a good idea, is well explained, and fits into this group’s remit. Tommy > On May 17, 2025, at 4:19 AM, Tobias Fiebig > wrote: > > Moin, > i read the draft and already provided feedback. I am in favor of > adoption. > > With best regards, > Tobias >

[Int-area] Updates in draft-ietf-intarea-proxy-config-06

Hi INTAREA, We’ve recently published a significant update to "Communicating Proxy Configurations in Provisioning Domains”, reflecting changes that were proposed and discussed at the IETF 122 meeting, and came up in the GitHub since then. The latest version can be seen here: https://www.ietf.org

[Int-area] Re: Call for Adoption: draft-karstens-intarea-multicast-application-port-02 (End 07/17/2025)

I also support adoption. Best, Tommy > On Jul 7, 2025, at 9:49 PM, Erik Kline wrote: > > +1 > > On Thu, Jul 3, 2025 at 9:27 AM Bob Hinden > wrote: >> I have read the draft and support it’s adoption in the Int Area w.g. >> >> Bob >> >> >>> On Jul 2, 2025, at 8

[Int-area] Update: draft-ietf-intarea-proxy-config-07

a work item of the Internet Area Working Group (INTAREA) WG of the IETF. > > Title: Communicating Proxy Configurations in Provisioning Domains > Authors: Tommy Pauly >Dragana Damjanovic >Yaroslav Rosomakho > Name:draft-ietf-intarea-proxy