Re: [Hipsec] HIP parameters critical flag
"Ahrenholz, Jeffrey M" <jeffrey.m.ahrenholz@boeing.com> Tue, 12 January 2010 17:25 UTC
Return-Path: <jeffrey.m.ahrenholz@boeing.com>
X-Original-To: hipsec@core3.amsl.com
Delivered-To: hipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 129163A67AB for <hipsec@core3.amsl.com>; Tue, 12 Jan 2010 09:25:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rzghM98+o8np for <hipsec@core3.amsl.com>; Tue, 12 Jan 2010 09:25:39 -0800 (PST)
Received: from slb-smtpout-01.boeing.com (slb-smtpout-01.boeing.com [130.76.64.48]) by core3.amsl.com (Postfix) with ESMTP id 7206B3A6A9D for <hipsec@ietf.org>; Tue, 12 Jan 2010 09:25:05 -0800 (PST)
Received: from stl-av-01.boeing.com (stl-av-01.boeing.com [192.76.190.6]) by slb-smtpout-01.ns.cs.boeing.com (8.14.0/8.14.0/8.14.0/SMTPOUT) with ESMTP id o0CHOkqK007482 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Tue, 12 Jan 2010 09:24:52 -0800 (PST)
Received: from stl-av-01.boeing.com (localhost [127.0.0.1]) by stl-av-01.boeing.com (8.14.0/8.14.0/DOWNSTREAM_RELAY) with ESMTP id o0CHOkQM029914; Tue, 12 Jan 2010 11:24:46 -0600 (CST)
Received: from XCH-NWHT-03.nw.nos.boeing.com (xch-nwht-03.nw.nos.boeing.com [130.247.71.23]) by stl-av-01.boeing.com (8.14.0/8.14.0/UPSTREAM_RELAY) with ESMTP id o0CHOkYA029898 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=OK); Tue, 12 Jan 2010 11:24:46 -0600 (CST)
Received: from XCH-NW-12V.nw.nos.boeing.com ([130.247.25.248]) by XCH-NWHT-03.nw.nos.boeing.com ([130.247.71.23]) with mapi; Tue, 12 Jan 2010 09:24:46 -0800
From: "Ahrenholz, Jeffrey M" <jeffrey.m.ahrenholz@boeing.com>
To: 'Tobias Heer' <heer@cs.rwth-aachen.de>, Robert Moskowitz <rgm@htt-consult.com>
Date: Tue, 12 Jan 2010 09:24:44 -0800
Thread-Topic: [Hipsec] HIP parameters critical flag
Thread-Index: AcqTpWRMoZbonWNwSC6wV/e19TgxxQABOfPg
Message-ID: <FD98F9C3CBABA74E89B5D4B5DE0263B937813030C9@XCH-NW-12V.nw.nos.boeing.com>
References: <4B4C9C1F.7050309@htt-consult.com> <AC120305-F2D2-428D-BFCB-CB12A4114598@cs.rwth-aachen.de>
In-Reply-To: <AC120305-F2D2-428D-BFCB-CB12A4114598@cs.rwth-aachen.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "hipsec@ietf.org" <hipsec@ietf.org>
Subject: Re: [Hipsec] HIP parameters critical flag
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Jan 2010 17:25:41 -0000
> Since I suggested it, it makes sense to vote for it: > > 715 > > Tobias Are you going to include the HIH parameter inside the ENCRYPTED TLV (in the I2 packet)? If so, it keeping HIH next to HOST_ID with the value 715 makes sense to me. Otherwise 63 would work. Have you considered extending the HOST_ID TLV by one field to include HIH (rather than using a separate parameter)? (for example the HI hi_hdr already indicates the RSA/DSA key type, the HIP_SIGNATURE contains SIG algorithm, etc.) -Jeff > > > Am 12.01.2010 um 16:58 schrieb Robert Moskowitz: > > > Tobias and I have been working away on 5201-bis and of > course one new thing is the HIH parameter that needs a number... > > > > -------- Original Message -------- > > Subject: Fwd: HIP parameters critical flag > > Date: Tue, 12 Jan 2010 11:49:51 +0100 > > From: Tobias Heer <tobias.heer@gmx.de> > > To: Robert Moskowitz <rgm@htt-consult.com> > > > > > > > > Hello Bob, > > > >> Am 11.01.2010 um 21:54 schrieb Robert Moskowitz: > >> > >>> So for defining the new HIH parmeter, I am looking at > 5.2.1 and it talks about the critical flag. Oops, of course > HIH is critical. So I search for critical in the other > parameters and NONE mention being critical. > >>> > >>> What am I missing here??? > >>> > >> > >> the C bit is the lowest order bit of the parameter number. > All parameters with odd numbers (e.g. Puzzle, Solution, DH > ...) are critical. > > > > We are going to clearify this in 5201-bis and explicitly > state what is a critical parameter. > > > >>> Also what is the type value for HIH to get it in the > 'right' place in the parameters? > >>> > >> The HIH definitely needs to be in the signed part of the > packet. I would consider it a parameter that is related to > the BEX. The appropriate parameter range would be 0-1023. We > probably need to check the HIP extensions to find a free > number in this range. I'll do this tomorrow. > >> > > > > I looked at the parameter numbers and I would suggest > number 715 because is located behind 705/Host_ID and it is > therefore close to it in the actual HIP control packet. > > > > I checked the following things for all active HIP drafts > and documents that are accessible from the HIP WG status page: > > * There is no mentioning of the parameter number 715 > > * The next parameter higher than 705/HOST_ID is 768/Cert > (RFC5201 and draft-ietf-hip-cert-02.txt) > > - there won't be any parameter between HOST_ID and HIH > > - there is sufficient space between HIH and Cert to > introduce new parameters > > > > I checked the following files: > > > > rfc4423.txt > > rfc5201.txt > > rfc5202.txt > > rfc5203.txt > > rfc5204.txt > > rfc5205.txt > > rfc5206.txt > > rfc5338.txt > > draft-ietf-hip-bone-03.txt > > draft-ietf-hip-cert-02.txt > > draft-ietf-hip-hiccups-00.txt > > draft-ietf-hip-nat-traversal-09.txt > > draft-ietf-hip-native-api-11.txt > > > > Any more to check? HIP RG documents? > > > > > > ================================================================= > > > > And Miika proposes: > > > > I would say that it should be before the ESP_INFO parameter. 63? > > > > > > > > http://www.iana.org/assignments/hip-parameters/hip-parameters.xhtml > > > > > > ==================================================================== > > > > So a hum is requested: > > > > 715? > > 63? > > > > Other? > > > > > > > > _______________________________________________ > > Hipsec mailing list > > Hipsec@ietf.org > > https://www.ietf.org/mailman/listinfo/hipsec > > > > > -- > > Dipl.-Inform. Tobias Heer, Ph.D. Student > Distributed Systems Group > RWTH Aachen University, Germany > tel: +49 241 80 207 76 > web: http://ds.cs.rwth-aachen.de/members/heer > > > > > > > > _______________________________________________ > Hipsec mailing list > Hipsec@ietf.org > https://www.ietf.org/mailman/listinfo/hipsec >
- [Hipsec] HIP parameters critical flag Robert Moskowitz
- Re: [Hipsec] HIP parameters critical flag Tobias Heer
- Re: [Hipsec] HIP parameters critical flag Tobias Heer
- Re: [Hipsec] HIP parameters critical flag Ahrenholz, Jeffrey M
- Re: [Hipsec] HIP parameters critical flag Robert Moskowitz
- Re: [Hipsec] HIP parameters critical flag Ahrenholz, Jeffrey M
- Re: [Hipsec] HIP parameters critical flag Robert Moskowitz
- Re: [Hipsec] HIP parameters critical flag Ahrenholz, Jeffrey M
- Re: [Hipsec] HIP parameters critical flag Ahrenholz, Jeffrey M
- Re: [Hipsec] HIP parameters critical flag Robert Moskowitz
- [Hipsec] HI Parameter (was: HIP parameters critic… Tobias Heer