[hiprg] review of HIP proxies draft

"Henderson, Thomas R" <thomas.r.henderson@boeing.com> Thu, 26 April 2012 04:47 UTC

Return-Path: <thomas.r.henderson@boeing.com>
X-Original-To: hiprg@ietfa.amsl.com
Delivered-To: hiprg@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 9FF5721F883F for <hiprg@ietfa.amsl.com>; Wed, 25 Apr 2012 21:47:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.999
X-Spam-Status: No, score=-106.999 tagged_above=-999 required=5 tests=[AWL=-0.400, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 8UHPvonRXbvd for <hiprg@ietfa.amsl.com>; Wed, 25 Apr 2012 21:47:04 -0700 (PDT)
Received: from blv-smtpout-01.boeing.com (blv-smtpout-01.boeing.com []) by ietfa.amsl.com (Postfix) with ESMTP id C507221F8839 for <hiprg@irtf.org>; Wed, 25 Apr 2012 21:47:04 -0700 (PDT)
Received: from stl-av-01.boeing.com (stl-av-01.boeing.com []) by blv-smtpout-01.ns.cs.boeing.com (8.14.4/8.14.4/8.14.4/SMTPOUT) with ESMTP id q3Q4kusQ025860 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for <hiprg@irtf.org>; Wed, 25 Apr 2012 21:47:01 -0700 (PDT)
Received: from stl-av-01.boeing.com (localhost []) by stl-av-01.boeing.com (8.14.4/8.14.4/DOWNSTREAM_RELAY) with ESMTP id q3Q4kuxT014679 for <hiprg@irtf.org>; Wed, 25 Apr 2012 23:46:56 -0500 (CDT)
Received: from XCH-NWHT-08.nw.nos.boeing.com (xch-nwht-08.nw.nos.boeing.com []) by stl-av-01.boeing.com (8.14.4/8.14.4/UPSTREAM_RELAY) with ESMTP id q3Q4kue5014668 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=OK) for <hiprg@irtf.org>; Wed, 25 Apr 2012 23:46:56 -0500 (CDT)
Received: from XCH-NW-16V.nw.nos.boeing.com ([]) by XCH-NWHT-08.nw.nos.boeing.com ([]) with mapi; Wed, 25 Apr 2012 21:46:55 -0700
From: "Henderson, Thomas R" <thomas.r.henderson@boeing.com>
To: "hiprg@irtf.org" <hiprg@irtf.org>
Date: Wed, 25 Apr 2012 21:46:55 -0700
Thread-Topic: review of HIP proxies draft
Thread-Index: Ac0jZ5sEuWYFUOjiQTe6fRRFXgA+EA==
Message-ID: <758141CC3D829043A8C3164DD3D593EA1BD24C870A@XCH-NW-16V.nw.nos.boeing.com>
Accept-Language: en-US
Content-Language: en-US
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: [hiprg] review of HIP proxies draft
X-BeenThere: hiprg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Host Identity Protocol \(HIP\) Research Group" <hiprg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/hiprg>, <mailto:hiprg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/hiprg>
List-Post: <mailto:hiprg@irtf.org>
List-Help: <mailto:hiprg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/hiprg>, <mailto:hiprg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Apr 2012 04:47:06 -0000

This message is to review the current status of the HIP proxies draft:  http://tools.ietf.org/html/draft-irtf-hiprg-proxies-05

This informational draft is intended as a survey of HIP proxy scenarios, with particular emphasis on DNS-intercepting and load-balancing proxies in front of legacy nodes that may not have HIP awareness.  Some previous work (not fully cited) is the draft by Melen et al (http://tools.ietf.org/html/draft-melen-hip-proxy-02) for hosts that are not HIP-aware but that are moving with the HIP proxy, and the HIP mobile router work for HIP-aware hosts (http://tools.ietf.org/html/draft-melen-hip-mr-02).

I believe that that there are two concerns that will arise in future reviews.  First, there are some security issues regarding the proposal to intercept and modify DNS responses, as well as the unencrypted portion of the end-to-end connection.  HIP is very much about security, and this type of proxy configuration changes the security properties of the end to end path (as well as the DNS interactions), so probably a more careful security considerations section will be needed.  Second, there are potential fragility concerns with locating the proxies multiple hops away from the represented end host, in that, for example routing may change due to the HIP host mobility in the public network.  I think some more text on defining, early in the draft, the scope (use cases supported and not supported) of this draft, would help.  Also, if there is implementation or experimental experience, it would be useful to note.

I would like to ask the RG for some review as to whether this is nearly ready to enter the IRSG review cycle (and suggested editorial improvements, if any), or if not, what issues or concerns must still be addressed.

- Tom

A previous review discussing some security concerns can be found here:  http://www.ietf.org/mail-archive/web/hiprg/current/msg00819.html