[Dime] Relationship between draft-sarikaya-dimeradext-prefix-auth-ps-00.txt and draft-sarikaya-dime-prefix-delegation-ps-01.txt
Hannes Tschofenig <Hannes.Tschofenig@gmx.net> Wed, 23 July 2008 12:40 UTC
Return-Path: <dime-bounces@ietf.org>
X-Original-To: dime-archive@megatron.ietf.org
Delivered-To: ietfarch-dime-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2BB4828C12B; Wed, 23 Jul 2008 05:40:37 -0700 (PDT)
X-Original-To: dime@core3.amsl.com
Delivered-To: dime@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5B3DA28C12B for <dime@core3.amsl.com>; Wed, 23 Jul 2008 05:40:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id icj34ztNUFWu for <dime@core3.amsl.com>; Wed, 23 Jul 2008 05:40:34 -0700 (PDT)
Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by core3.amsl.com (Postfix) with SMTP id 009693A6817 for <dime@ietf.org>; Wed, 23 Jul 2008 05:40:33 -0700 (PDT)
Received: (qmail invoked by alias); 23 Jul 2008 12:41:15 -0000
Received: from unknown (EHLO [10.183.180.149]) [192.100.124.156] by mail.gmx.net (mp030) with SMTP; 23 Jul 2008 14:41:15 +0200
X-Authenticated: #29516787
X-Provags-ID: V01U2FsdGVkX1/mq51CBkDmr2hOC+yHY2qqm+nz7cN0CwQfiW8yxF x7mStRN9w1My5I
Message-ID: <488726EC.6030207@gmx.net>
Date: Wed, 23 Jul 2008 15:41:16 +0300
From: Hannes Tschofenig <Hannes.Tschofenig@gmx.net>
User-Agent: Thunderbird 2.0.0.14 (Windows/20080421)
MIME-Version: 1.0
To: dime@ietf.org
X-Y-GMX-Trusted: 0
X-FuHaFi: 0.53
Subject: [Dime] Relationship between draft-sarikaya-dimeradext-prefix-auth-ps-00.txt and draft-sarikaya-dime-prefix-delegation-ps-01.txt
X-BeenThere: dime@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Diameter Maintanence and Extentions Working Group <dime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/dime>
List-Post: <mailto:dime@ietf.org>
List-Help: <mailto:dime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Sender: dime-bounces@ietf.org
Errors-To: dime-bounces@ietf.org
I have sent my rechartering questions around regarding these two documents. I took a brief look at them and I wonder what the relationship between the two documents is. Why are there 2 documents on almost the same subject? When I browse through http://www.ietf.org/internet-drafts/draft-sarikaya-dimeradext-prefix-auth-ps-00.txt then I sometimes get the impression that you would like to later standardize a Diameter application. I wasn't sure why additional AVPs aren't sufficient, in case existing AVPs cannot be re-used? Let me also comment on a few selected items: AAA-based prefix authorization (PA) application MUST run between a NAS, located on AR, LMA, MR, etc. and an AAA server. [hannes] This requirement does not say a lot. The AAA protocol is always run between a client and a server. AAA-based PA application MUST support the AAA client to request prefixes from an AAA server. AAA-based PA application MUST support the client to give back the prefixes to the AAA server. [hannes] With the last sentence you mean that you need to have a way to indicate that the AAA session is terminated? If Secure Neighbor Discovery (SEND) [RFC3971] is used by the devices on the network, the certificate or the information needed to obtain a certificate SHOULD also be sent by the AAA server to NAS. [hannes] What information do you exactly want to carry towards the AAA client? In point-to-point link operation, the NAS MUST identify the interface of MN in its request. The NAS MAY provide a prefix hint, e.g. of length /48 to which the AAA server MUST reply with one or more prefixes, e.g. of length /64. [hannes] how would such an interface identifier look like? In point-to-point operation, the AAA server MAY assign the prefix(es) and related parameters such as the lifetime and the certificates to MN from MN's profile. [hannes] I am not sure what this means. You mean that the AAA server should keep state to make sure that it does not forget what it has provided to the MN? For some reason the problem is not well described. In Section 3 of draft-sarikaya-dimeradext-prefix-auth-ps-00.txt you refer to RFC 4818 but I do not quite understand what you would like to see happening instead. AAA-based prefix authorization application SHOULD support prefix release procedures. [hannes] isn't this the same as mentioned in the previous requirement "AAA-based PA application MUST support the client to give back the prefixes to the AAA server. " The NAS is responsible for renewing the prefixes when the lifetime expires. The NAS SHOULD be able to extend the lifetime of the prefixes using messages designed for this purpose. [hannes] Why wouldn't we tie the lifetime of the prefix to the lifetime of the AAA session itself? Makes things much easier. The same applies a bit to this requirement: "It SHOULD be possible to renumber the prefixes authorized by AAA server. The AAA server SHOULD initiate prefix renumbering process. " RFC2119 seems to be a bit randomly used in the document. Ciao Hannes _______________________________________________ DiME mailing list DiME@ietf.org https://www.ietf.org/mailman/listinfo/dime
- [Dime] Relationship between draft-sarikaya-dimera… Hannes Tschofenig
- Re: [Dime] Relationship between draft-sarikaya-di… Frank Xia
- Re: [Dime] Relationship between draft-sarikaya-di… Hannes Tschofenig
- Re: [Dime] Relationship between draft-sarikaya-di… Frank Xia
- Re: [Dime] Relationship between draft-sarikaya-di… Hannes Tschofenig
- Re: [Dime] Relationship between draft-sarikaya-di… Frank Xia