[HOKEY] Comments on draft-ietf-hokey-arch-design
Qin Wu <bill.wu@huawei.com> Mon, 11 July 2011 04:14 UTC
Return-Path: <bill.wu@huawei.com>
X-Original-To: hokey@ietfa.amsl.com
Delivered-To: hokey@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix)
with ESMTP id BD6CF21F8640 for <hokey@ietfa.amsl.com>;
Sun, 10 Jul 2011 21:14:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.612
X-Spam-Level:
X-Spam-Status: No, score=-4.612 tagged_above=-999 required=5 tests=[AWL=0.233,
BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_BASE64_TEXT=1.753,
RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n0aXNAMd0S31 for
<hokey@ietfa.amsl.com>; Sun, 10 Jul 2011 21:14:23 -0700 (PDT)
Received: from szxga04-in.huawei.com (szxga04-in.huawei.com [119.145.14.67])
by ietfa.amsl.com (Postfix) with ESMTP id B834221F8637 for <hokey@ietf.org>;
Sun, 10 Jul 2011 21:14:22 -0700 (PDT)
Received: from huawei.com (szxga04-in [172.24.2.12]) by szxga04-in.huawei.com
(iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id
<0LO500IG4IF18A@szxga04-in.huawei.com> for hokey@ietf.org;
Mon, 11 Jul 2011 12:13:50 +0800 (CST)
Received: from szxrg01-dlp.huawei.com ([172.24.2.119]) by
szxga04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8
2006)) with ESMTP id <0LO5009QFIF1V0@szxga04-in.huawei.com> for
hokey@ietf.org; Mon, 11 Jul 2011 12:13:49 +0800 (CST)
Received: from 172.24.2.119 (EHLO szxeml203-edg.china.huawei.com)
([172.24.2.119]) by szxrg01-dlp.huawei.com (MOS 4.1.9-GA FastPath queued)
with ESMTP id ACO14558; Mon, 11 Jul 2011 12:13:49 +0800 (CST)
Received: from SZXEML411-HUB.china.huawei.com (10.82.67.138) by
szxeml203-edg.china.huawei.com (172.24.2.55) with Microsoft SMTP Server (TLS)
id 14.1.270.1; Mon, 11 Jul 2011 12:13:48 +0800
Received: from SZXEML523-MBX.china.huawei.com ([169.254.3.146]) by
szxeml411-hub.china.huawei.com ([10.82.67.138]) with mapi id 14.01.0270.001;
Mon, 11 Jul 2011 12:13:44 +0800
Date: Mon, 11 Jul 2011 04:13:43 +0000
From: Qin Wu <bill.wu@huawei.com>
X-Originating-IP: [10.138.41.76]
To: "hokey@ietf.org" <hokey@ietf.org>
Message-id: <B8F9A780D330094D99AF023C5877DABA2BCA49@szxeml523-mbx.china.huawei.com>
MIME-version: 1.0
Content-type: multipart/alternative;
boundary="Boundary_(ID_Sh7WqN9yeM1Wp050n31nMw)"
Content-language: zh-CN
Accept-Language: zh-CN, en-US
Thread-topic: Comments on draft-ietf-hokey-arch-design
Thread-index: Acw/gOwQmDYgpiiLTkuc+iTf896X4g==
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
X-CFilter-Loop: Reflected
Subject: [HOKEY] Comments on draft-ietf-hokey-arch-design
X-BeenThere: hokey@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: HOKEY WG Mailing List <hokey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hokey>,
<mailto:hokey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hokey>
List-Post: <mailto:hokey@ietf.org>
List-Help: <mailto:hokey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hokey>,
<mailto:hokey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Jul 2011 04:14:23 -0000
Hi, Yoav:
Good comments. Please see my reply inline.
----- Original Message -----
From: Yoav Nir<mailto:ynir@checkpoint.com>
To: Qin Wu<mailto:bill.wu@huawei.com>
Sent: Sunday, July 10, 2011 6:36 PM
Subject: Re: Next step of draft-ietf-hokey-arch-design
Hi Qin.
Here are my other comments:
* The title of section 3.1.1 talks about minimizing communications with home servers. Then the body talks about the peer communicating with its own home server. I agree that this should be minimized, but I'm missing discussion of communications between the visited network and the home servers. I would guess that the local AAA servers communicating with the home AAA servers would introduce as much delay, no? Section 3.1.2 does address this in passing, but it's about LDN discovery, so I think the "implicit is preferable" sentence should move to 3.1.1.
[Qin]: Yes, I realize there some overlapping between section 3.1.1 and section 3.1.2 and section 3.1.3 when we introduce new section 3.1.2 to discuss "minimized user interaction" You are right, commmunication between local server and home server also needs to be minimized. I will put some text to clarify this. As regarding moving "implicit preferable", If you read into section 3.1.3, you will find they are focuing on local domain name integration,talking about the different thing. in order to eleminate these overlapping, I would suggest to change the title of section 3.1.2 into "minimized user interaction for authorization".
* Section 3.1.2 says " [RFC5296<http://tools.ietf.org/html/rfc5296>] does not specify such a domain name discovery mechanism and suggests that the peer may learn the domain name through the EAP- Initiate/Re-auth-Start message or via lower layer announcements. To allow more efficient handovers…" It doesn't say why this suggestion is not efficient. After all, it's data that's included in a field in a message that has to be sent anyway, no?
[Qin]:Yes, it depends on whether you use these method described in RFC5296 in implicit bootstrapping or in the explicit bootstrapping.
In the implicit bootstapping, local domain name discovery happens after the whole implicit bootstrapping completes while in the explicit boostrapping, the local domain name discovery is part of explicit bootstapping and happen during the explicit boostraping, i.e., carry local domain name TLV in the EAP-Finish message. That is the difference. That is why we say we need to integrate local domain name into implicit bootstrapping. Hope it clarifies. But thanks, I will put some text to clarify this.