Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-12.txt

Miika Komu <miika.komu@ericsson.com> Fri, 01 July 2016 10:58 UTC

Return-Path: <miika.komu@ericsson.com>
X-Original-To: hipsec@ietfa.amsl.com
Delivered-To: hipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3793B12D567 for <hipsec@ietfa.amsl.com>; Fri, 1 Jul 2016 03:58:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1RAOkkFHBV_b for <hipsec@ietfa.amsl.com>; Fri, 1 Jul 2016 03:58:24 -0700 (PDT)
Received: from sessmg22.ericsson.net (sessmg22.ericsson.net [193.180.251.58]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E532112D548 for <hipsec@ietf.org>; Fri, 1 Jul 2016 03:58:23 -0700 (PDT)
X-AuditID: c1b4fb3a-f79386d00000467b-52-57764cce7011
Received: from ESESSHC023.ericsson.se (Unknown_Domain [153.88.183.87]) by sessmg22.ericsson.net (Symantec Mail Security) with SMTP id 0C.44.18043.ECC46775; Fri, 1 Jul 2016 12:58:22 +0200 (CEST)
Received: from [131.160.51.22] (153.88.183.153) by smtp.internal.ericsson.com (153.88.183.89) with Microsoft SMTP Server id 14.3.294.0; Fri, 1 Jul 2016 12:57:38 +0200
To: Jeff Ahrenholz <j.ahrenholz@temperednetworks.com>, "hipsec@ietf.org" <hipsec@ietf.org>
References: <20160623141232.31224.21763.idtracker@ietfa.amsl.com> <576BF266.4040703@ericsson.com> <5C1F7EB9-3B99-47E1-A929-B79E97F56F57@temperednetworks.com> <577543A1.9060507@ericsson.com> <F288D398-C77B-404B-81F9-74028D38FDFC@temperednetworks.com>
From: Miika Komu <miika.komu@ericsson.com>
Organization: Ericsson AB
Message-ID: <57764CA2.6050304@ericsson.com>
Date: Fri, 1 Jul 2016 13:57:38 +0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.8.0
MIME-Version: 1.0
In-Reply-To: <F288D398-C77B-404B-81F9-74028D38FDFC@temperednetworks.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms030102030608090106050001"
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrDLMWRmVeSWpSXmKPExsUyM2J7uO45n7Jwg88t/BZTF01mtmidcpPZ gcljyZKfTB5b93SyBDBFcdmkpOZklqUW6dslcGW0vDzPVrDKsuL5u+nsDYwvTbsYOTkkBEwk /t+4wgxhi0lcuLeeDcQWEjjCKHFhv3YXIxeQvYpRYu254ywgCWEBH4mbvx8xgtgiAjESF+et YYEoamSS6LqwkBUkwSagJbHqznWwqfwCkhIbGnaD2bwC2hK7b+4DG8QioCJxY107E4gtKhAh MWv7DyaIGkGJkzOfgNVwCnhIPPzzA+wiZoFuRol7f3m7GDmAlqlIXDwWPIFRYBaSjllIqiBs M4l5mx8yQ9jaEssWvoayrSVm/DrIBmErSkzpfsgOYZtKvD76kRHCNpZYtu4v2wJGjlWMosWp xcW56UZGeqlFmcnFxfl5enmpJZsYgfFwcMtvqx2MB587HmIU4GBU4uFdcK40XIg1say4MvcQ owrQnEcbVl9glGLJy89LVRLhnedRFi7Em5JYWZValB9fVJqTWnyIUZqDRUmc1/+lYriQQHpi SWp2ampBahFMlomDU6qBsdfl767362q+RezfLp33b5FJ+3FZkR2FD9QvfLLkLVrwm+Orh/FS RVmv1QV+31J0X7KcNUqJ+jmBX2raPsHZueeXRulYX3OdvWFdgbnZRN80K+UqE939/cc5D0px 7yp7IZAxbUG27vmHe3uXKxeYR6rc0zAyui2s9edJ0xZ548mZPp63pM5HK7EUZyQaajEXFScC AOHWF+GPAgAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/hipsec/lfmC_C3rB5UwE8mHRvdJ9I3iEEI>
Subject: Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-12.txt
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hipsec/>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Jul 2016 10:58:27 -0000

Hi Jeff,

On 06/30/2016 07:33 PM, Jeff Ahrenholz wrote:
> On 6/30/16, 9:06 AM, "Miika Komu"<miika.komu@ericsson.com>  wrote:
>>> >>Seems like a good idea. No ESP_TRANSFORM -> no need to establish two-way comms between peers.
>>> >>For example, when performing a registration procedure with a relay server.
>> >
>> >The direct path could be, of course, used for exchange HIP messages
>> >directly (including hiccups v2). Does this make sense?
> yes, makes sense
>
>> >If not, what should happen when both ESP_TRANSFORM and ICE-HIP-UDP are
>> >both negotiated? Or should we just be proactive and state that upon
>> >receiving R1, the Initiator MUST NOT include ICE-HIP-UDP if it is not
>> >going to employ any ESP_TRANSFORM.
 >
> This proposed sentence seems like a good revision.

we need to choose between the two alternatives:

1. Either always set up the direct path with connectivity tests when ICE 
mode negotiated
2. ...or set it up only when both ESP and ICE-HIP-UDP are present

After this discussion, I would actually lean towards the first option 
because this would make the two options independent. And even if you 
don't use ESP, you would still get a direct path for hiccups v2.

So actually no change to the draft :) What say you?