version of shepherd's write-up document [2/24/2012]
Date of shepherd's report: 2/19/2018
===============
TRILL Status:
(1) What type of RFC is being requested (BCP, Proposed Standard,
Internet Standard, Informational, Experimental, or Historic)? Why
is this the proper type of RFC? Is this type of RFC indicated in the
title page header?
RFC type: Proposed standard.
Why: It proposes changes to the TRILL encapsulation methodology when using
smart endnodes volunteer to do endnode learning encapsulation/decapsulation of
TRILL packetsw.
(2) The IESG approval announcement includes a Document Announcement
Write-Up.
Technical Summary
This draft addresses the problem of the size and freshness of the
endnode learning table in edge RBridges, by allowing endnodes to
volunteer for endnode learning and encapsulation/decapsulation. Such
an endnode is known as a "Smart Endnode". Only the attached edge
RBridge can distinguish a "Smart Endnode" from a "normal endnode".
The smart endnode uses the nickname of the attached edge RBridge, so
this solution does not consume extra nicknames. The solution also
enables Fine Grained Label aware endnodes.
Working Group Summary:
1) 1st WG LC: 8/26 to 9/9/2016, extended to (10/4 to 10/18/2016)
Problem/Resolution pots:
https://mailarchive.ietf.org/arch/msg/trill/lnaBIR2dToAH8imcKYHWAsgHVN4
Resolution:
https://mailarchive.ietf.org/arch/search/?email_list=trill&q=smart+end+nodes
2) Shepherd's comments caused a version-05
Posting of -05.txt:
https://mailarchive.ietf.org/arch/msg/trill/82tCkCxuOnHRdRqP_YMKb6RCVfI
[Shepherd Ack:]
3) July 2017 problem posting: (Donald Eastlakre)
https://mailarchive.ietf.org/arch/msg/trill/PX-oOfyyksgc4yPSYnAhQrrJtjc
[posting of -06.txt] to fix Donald comments
https://mailarchive.ietf.org/arch/search/?email_list=trill&q=endnodes
4) Version 06 of the TRILL smart nodes
Fixes the the issues in 2017 posting, and the hybrid "endnodes" complexity
issue. The security considerations section provides the necessary security, but
a query has been raised to the AD whether a summary of how this end node fits
in other drafts.
If the security ADs, are concerned with the group keying.
the TRILL WG has a group keying solution
(draft-ietf-trill-group-keying-01), and a specific adaptation of this
to the draft-ietf-trill-link-gk-profiles-00.txt.
If the security ADs feel this is important, they could adopt the
draft-ietf-trill-group-keying-01 into the security dispatch area.
Alia Atlas (AD) has spoken to the rtgwg area about taking on
the trill-link-gk-profiles-00l.txt into the rtgwg for a parallel review.
(Note this issue comes after the 1/19/2018 discussion with the
Security ADs on routing security in routing drafts.]
Document Quality
a) Are there existing implementations of the protocol?
This draft is part of the TRILL WG directory service work item.
The lack of directory services was one of the major challenges deployments
of TRILL have encounter in the field. This solution has prototype
implementations in a few of the vendors.
Protocol standards
1) RFC7978 - RBridge Channel Header Extension (secure tunnel method allows
encapsulation of address information) 2) RFC 7961 - reporting of addresses for
TRILL interfaces in ISIS application sub-TLV (replaces ARP/ND) 3) RFC8302 -
mechanism to optimize ARP and ND traffic on TRILL campus 4) RFC 8171 - Edge
Directory Assistance Mechanisms 5) Smart end nodes - reducing size of end-node
table in rbridges by allowing "smart" endnodes to volunteer
for ending node learning.
6) draft-ietf-trill-directory-assisted-encap-04 - encapsulation modification
for data centers
(passed WG LC)
b) Have a significant number of vendors indicated their plan to
implement the specification?
Directory service mechanism are currently implemented as proprietary
fashions by every vendor that does some variant of TRILL (cisco, brocade,
Huawei and others). Until we get a full standard solution approved, the
existing vendors with "early TRILL" implementations have little reason to
switch.
Huawei is planning implementation for deployment. Other TRILL
standard implementations may incorporate the directory services
if standardized (E.g. IP Infusion)
Personnel
Document shepherd: Susan Hares
AD: Alia Atlas
1st RTG-DIR QA-reviewer: Julien Meuric
https://www.ietf.org/mail-archive/web/rtg-dir/current/msg02740.html
The TRILL WG have not gotten a response regarding his review of the -06.txt
version.
Due to the time delays, I have resent the request this morning.
It would be important for you to review his message and my response.
(3) Briefly describe the review of this document that was performed by
the Document Shepherd. If this version of the document is not ready
for publication, please explain why the document is being forwarded to
the IESG.
1. 3+ [final review]
2. 2 rounds of AD review
3. 2 RTG-DIR AD reviews
4. IPR review
5. NITs revew
6. 4th and 5th reviews of the document
7. Reviews of the comments from the RTG-DIR
8. Discussion with security ADS on routing drafts - to determine approach
(4) Does the document Shepherd have any concerns about the depth or
breadth of the reviews that have been performed?
We did not 2nd RTG-QA review or a reponse to the -06.txt fixes for
the reviews. I personally believe the problem is fixed.
It would be good to get a security AD to review this early in the process to
answer the following 4 questions. The WG answered "no" to all of
these questions (a) - (d).
a) Does this security section need to explain the risks of an
end-node participating with secured hellos using
authentication TLVs [RFC5310], TRILL ES-IS Security [RFC8171],
ISIS general cryptographic security, and TRILL's general
security considerations?
The WG thought was to not repeat
the thought and comments presented in these other drafts.
TRILL vendors have been informed that the directory service
solution takes the BGP approach of being a group of independent drafts.
The WG believes that with TRILL security and authentication
this end node is as secure as the main TRILL infrastructure and
any IS-IS infrastructure.
b) Does the draft need a summary of these mechanisms in the draft?
If so this could be added in section 7. Otherwise, section 7 is very brief.
If a security AD has a firm opinion, then the author will adapt.
c) Should possible attack vectors for remote dual homed nodes be added
to section 7?
These attack vectors are similar for any stub ISIS/OSPF node.
As you will note in the IESG review draft-ietf-ospf-link-overload-12, the
potential attacks for stub ISIS/OSPF nodes or smart-end nodes may be slightly
different than core nodes. However, this is a general case of problems.
In general, I think this general attack vector belongs in a routing-area
related draft relating to all IGPs (OSPF, ISIS, Babel) or IGP that support
L2 forwarding (E.g. TRILL).
d) Do you think this solution should be accompanies by a group keying
protocol that works with TRILL?
If os
(5) Do portions of the document need review from a particular or from
broader perspective, e.g., security, operational complexity, AAA, DNS,
DHCP, XML, or internationalization? If so, describe the review that
took place.
Review of the ISIS registries was requested by 1st RTG-DIR.
AD should review these comments in the initial review, and
determine if the AD agrees with the shepherd that these issues have been closed
off.
Review of the security considerations section by the security ADs and/or
security directorate is requested early. As the shepherd, I feel the solution
is adequate, but in our last conversation with the security ADs (1/19/2018) - I
became aware that 1 paragraph summary of this security plus a short description
of risks might be appropriate. The shepherd has requested feedback from
Routing AD and from the security ADs to follow-up on this point.
(6) Describe any specific concerns or issues that the Document Shepherd
has with this document that the Responsible Area Director and/or the
IESG should be aware of? For example, perhaps he or she is uncomfortable
with certain parts of the document, or has concerns whether there really
is a need for it. In any event, if the WG has discussed those issues and
has indicated that it still wishes to advance the document, detail those
concerns here.
No. All discussions have been covered above.
(7) Has each author confirmed that any and all appropriate IPR
disclosures required for full conformance with the provisions of BCP 78
and BCP 79 have already been filed. If not, explain why.
We have 2 IPR disclosures
https://datatracker.ietf.org/ipr/search/?submit=draft&id=draft-ietf-trill-smart-endnodes
These disclosures have made since the individual drafts.
The WG approved this draft through all the steps (adoption to WG LC) with these
IPR disclosures.
(8) Has an IPR disclosure been filed that references this document?
If so, summarize any WG discussion and conclusion regarding the IPR
disclosures.
Yes - IPR was disclosed prior to any WG LC and the WG has agreed to utilize
this work.
Individual IPR disclosures:
Radia Perlman
https://mailarchive.ietf.org/arch/msg/trill/SZl1BijtPRW-DxmA3XGdQD7jCOQ
Fangwei Hu
https://mailarchive.ietf.org/arch/msg/trill/P-xOpr11pYWyMKChQeqdYY4XNfA
Donald Eastlake:
https://mailarchive.ietf.org/arch/msg/trill/lnaBIR2dToAH8imcKYHWAsgHVN4
Ting Liao
https://mailarchive.ietf.org/arch/msg/trill/jX5WC9eRExs3NUwG8UtV5XasaVg
(Kesava Vijaya Krupakaran - moved to contributor due to lack of IPR stastement,
but will be added here.)
(9) How solid is the WG consensus behind this document? Does it
represent the strong concurrence of a few individuals, with others
being silent, or does the WG as a whole understand and agree with it?
WG total solution is supported. The discusion of the 6 drafts related
to the directory service solution has gone on for 4+ years so at this
time the responses are minimal. Authors are still strongly engaged.
(10) Has anyone threatened an appeal or otherwise indicated extreme
discontent? If so, please summarise the areas of conflict in separate
email messages to the Responsible Area Director. (It should be in a
separate email because this questionnaire is publicly available.)
No. See comments in #9.
(11) Identify any ID nits the Document Shepherd has found in this
document. (See https://www.ietf.org/tools/idnits/ and the Internet-Drafts
Checklist). Boilerplate checks are not enough; this check needs to be
thorough.
NO nits. Yeah!
(12) Describe how the document meets any required formal review
criteria, such as the MIB Doctor, media type, and URI type reviews.
No formal review outside
(13) Have all references within this document been identified as
either normative or informative?
Yes .
(14) Are there normative references to documents that are not ready for
advancement or are otherwise in an unclear state? If such normative
references exist, what is the plan for their completion?
All normative references have been published.
(15) Are there downward normative references references (see RFC 3967)?
If so, list these downward references to support the Area Director in
the Last Call procedure.
None
(16) Will publication of this document change the status of any
existing RFCs? Are those RFCs listed on the title page header, listed
in the abstract, and discussed in the introduction? If the RFCs are not
listed in the Abstract and Introduction, explain why, and point to the
part of the document where the relationship of this document to the
other RFCs is discussed. If this information is not in the document,
explain why the WG considers it unnecessary.
No changes to other document.
(17) Describe the Document Shepherd's review of the IANA considerations
section, especially with regard to its consistency with the body of the
document. Confirm that all protocol extensions that the document makes
are associated with the appropriate reservations in IANA registries.
Confirm that any referenced IANA registries have been clearly
identified. Confirm that newly created IANA registries include a
detailed specification of the initial contents for the registry, that
allocations procedures for future registrations are defined, and a
reasonable name for the new registry has been suggested (see RFC 5226).
IANA Registries look reasonable. I recall sending these to IANA 1 year ago, but
I could not find their approval email.
(18) List any new IANA registries that require Expert Review for future
allocations. Provide any public guidance that the IESG would find
useful in selecting the IANA Experts for these new registries.
All registries are standard and have been previously created.
IANA is asked to provide values within existing standard TRILL registries.
(19) Describe reviews and automated checks performed by the Document
Shepherd to validate sections of the document written in a formal
language, such as XML code, BNF rules, MIB definitions, etc.
Not needed.