Re: [homenet] draft-ietf-homenet-front-end-naming-delegation
"Eric Vyncke (evyncke)" <evyncke@cisco.com> Sun, 11 October 2020 08:21 UTC
Return-Path: <evyncke@cisco.com>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 791533A0F87 for <homenet@ietfa.amsl.com>; Sun, 11 Oct 2020 01:21:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.599
X-Spam-Level:
X-Spam-Status: No, score=-9.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=YHQjyXOv; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=KTvFlS3k
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V9YUgKhB0wSt for <homenet@ietfa.amsl.com>; Sun, 11 Oct 2020 01:21:03 -0700 (PDT)
Received: from alln-iport-8.cisco.com (alln-iport-8.cisco.com [173.37.142.95]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 135193A0F84 for <homenet@ietf.org>; Sun, 11 Oct 2020 01:21:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=13549; q=dns/txt; s=iport; t=1602404463; x=1603614063; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=Oxl1LOhmluHKsiobpXD2H3e4oBTM42DbkiRKx9LX7TM=; b=YHQjyXOvuMq6hWsM73pxEqFYEJUpPTV3AlfjiCVNtH8ybk4VwM2eR5BF nHpWiuFyI0jUgrcl3i4YVM50bTXWJKzV1UBoiatOBtggimJG773Cz2oJp kslIziU937hE5j/rVV7O33SwHOj2mWCsULA5cPMU7b7ntvUBEEZFgP2hS Y=;
IronPort-PHdr: 9a23:g/xPDhbDXeJG5+gBir42W5T/LSx94ef9IxIV55w7irlHbqWk+dH4MVfC4el21QaVD4re4vNAzeHRtvOoVW8B5MOHt3YPONxJWgQegMob1wonHIaeCEL9IfKrCk5yHMlLWFJ/uX3uN09TFZXxYlTTpju56jtBUhn6PBB+c+LyHIOahs+r1ue0rpvUZQgAhDe0bb5oahusqgCEvcgNiowkIaE0mRY=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AbFABtv4Jf/5BdJa1gHQEBPAEFBQECAQkBgWaBIS8jLgdwWS8shD2DRgONKiaKEYl7hG+BQoERA1ULAQEBDQEBJQgCBAEBhEoCF4F8AiU4EwIDAQELAQEFAQEBAgEGBG2FXAyFcgEBAQEDEhEdAQE4DwIBCA4DAwECKwICAh8RHQgCBAESIoMEAYF+TQMuAQ6dTgKBOYhhdoEygwEBAQWBR0FEgjYNC4IQAwaBOAGCcYNugkSEEhuBQT+BEScMEIJNPoIaQgIDAYFBAjgNgmozgi2QFoM0hwacQlIKgmiJAYxdhQsDH4MVigiUHZMigXuIdoJskkgCBAIEBQIOAQEFgWsjKoEtcBVlAYI+UBcCDZIQhRSFQnQ3AgYBCQEBAwl8jUwBAQ
X-IronPort-AV: E=Sophos;i="5.77,362,1596499200"; d="scan'208,217";a="576696254"
Received: from rcdn-core-8.cisco.com ([173.37.93.144]) by alln-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 11 Oct 2020 08:21:01 +0000
Received: from XCH-RCD-005.cisco.com (xch-rcd-005.cisco.com [173.37.102.15]) by rcdn-core-8.cisco.com (8.15.2/8.15.2) with ESMTPS id 09B8L1mt010930 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Sun, 11 Oct 2020 08:21:01 GMT
Received: from xhs-aln-002.cisco.com (173.37.135.119) by XCH-RCD-005.cisco.com (173.37.102.15) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Sun, 11 Oct 2020 03:21:01 -0500
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by xhs-aln-002.cisco.com (173.37.135.119) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Sun, 11 Oct 2020 03:21:00 -0500
Received: from NAM12-BN8-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Sun, 11 Oct 2020 04:21:00 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GGqvQb5bAvn9yWPWme/z44RBea8lgeOHaJcm/8ki9aYRU5ac3Hk2bvc2WrK5aaytJ/4VW3wbAVMxrtkzAHRXI8YhoDNvSkodjhtAuM1CCEJ1nXM/NYRIGKiiDPtV+yDIwOkpVUSEMZ/GpDprveqncRqkjKmX+eYMbyUEOqCKlr33XBxoFswfGUgkJGMhcvG+8MVSGtaacEXU02QpEBwNZ6JsjKLfYQgoMxtU1a5KCzX7ux79S2WuUZJcswivQOXC9CaL17gEnIX/7qrY3pc+hmI9JR/WkViI2r+GmVJ9nsmHcybP7fPUfJZzNlCggmqjGJxxXwKEmm+rZbN3lODEqw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Oxl1LOhmluHKsiobpXD2H3e4oBTM42DbkiRKx9LX7TM=; b=DGc/GpeUENNpu02QnRGzj6q9JcfHhXSrz320Bl6Gwrqv6xJ2OgqW13tXQd1jtoN5Ovixu0Sf3Xp8/P7ixAtN0d1zOg8c9frOAqjWZJpQIc+/aex5t7KsH4xn0sNNWd3DdlWpn2fwWJmVqixHwK5SB6nm5LlvIi7ygAQno+QCfxv70nkQqpOfB8BN3G4CUquNfDB6BM4+tACU9fI9ggztsZyKXVG9kfZoATe40j4QGepdmHf+CCNQjZw7ZlXEXg+1tk2Lk6JNdPL3hVi18UojssSeXViRyJuCHYnloghDuHOnZgoWLaDdIzXG4pYwjqTWjNjBwfiKH9Yzy44gfatD9Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Oxl1LOhmluHKsiobpXD2H3e4oBTM42DbkiRKx9LX7TM=; b=KTvFlS3kiF2X94DJcxheAZEY5N+epEa6Q+ShJOnF01GZsKiBcH+vfaacAEyRWofN6jlysrU7OGWfGu1tsChsvcny2RVyylM30DZQ37YTBgpc8tpfbMNVbVCF3ditc6KcdUGx2xw1UFNbNfRTuE5PzPmvurx0qJ6Vr6dFjp1tv3Q=
Received: from PH0PR11MB4966.namprd11.prod.outlook.com (2603:10b6:510:42::21) by PH0PR11MB4872.namprd11.prod.outlook.com (2603:10b6:510:32::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3455.28; Sun, 11 Oct 2020 08:20:59 +0000
Received: from PH0PR11MB4966.namprd11.prod.outlook.com ([fe80::453b:b2f5:ec29:410d]) by PH0PR11MB4966.namprd11.prod.outlook.com ([fe80::453b:b2f5:ec29:410d%7]) with mapi id 15.20.3455.028; Sun, 11 Oct 2020 08:20:59 +0000
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: Daniel Migault <mglt.ietf@gmail.com>, homenet <homenet@ietf.org>
Thread-Topic: [homenet] draft-ietf-homenet-front-end-naming-delegation
Thread-Index: AQHWnmDEFDTPRJRC80yqVaay1AC6e6mSM6oA
Date: Sun, 11 Oct 2020 08:20:59 +0000
Message-ID: <B7E6533B-CBE0-4D67-9595-CA505CCFC95F@cisco.com>
References: <CADZyTkn_Adc7sPSTJOZiqkT9Vt8Fu+nLQi-U17wmXraKQVvCSA@mail.gmail.com>
In-Reply-To: <CADZyTkn_Adc7sPSTJOZiqkT9Vt8Fu+nLQi-U17wmXraKQVvCSA@mail.gmail.com>
Accept-Language: fr-BE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.41.20091302
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [2001:420:c0c1:36:7c22:15aa:dc54:ead6]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: c123a3b7-ff47-468b-5a97-08d86dbe9593
x-ms-traffictypediagnostic: PH0PR11MB4872:
x-microsoft-antispam-prvs: <PH0PR11MB487279D9C64137F46415AA26A9060@PH0PR11MB4872.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: JPJeWPRU9zsJSjup9N0nMxLdwZucuDt02cdZ3pWkARz4RU3GSEOmtY0wzWkSCwPU5r+rOg5eeXRGiyF6A5qMkNROzv3G/hmwhxpbbah1dgRYftusU5Rf9gsnTB6yMGonCUesipwSdvBRcpgIMTCKSwDU/8u68cvsR6z2ouFeSOaAF+RPuK30M4+APOIQz70cnxMhuk0Qxv2G/5laPbGcopw/SM4XsH9mNPsZ26/OId3I/LrZMZByIN0MWScYc320cmcsNZJJUc/rgb10HJ4yNU9FdRQTsYS7jvErFkMrfNb1+aaZYIGsDf7e1qy23IRAxOurVlmaqJs63nWUs2qfFpZzduqSRjajgcRamKOqdXkLYMtg2Azqtm+GTfqfJ8ZzqCZIOH/QNWokFVDR2BwuHA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR11MB4966.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(346002)(136003)(396003)(366004)(376002)(39860400002)(8676002)(86362001)(71200400001)(2616005)(478600001)(8936002)(6486002)(966005)(5660300002)(53546011)(6506007)(110136005)(6512007)(76116006)(91956017)(66446008)(66476007)(64756008)(66946007)(66556008)(186003)(33656002)(2906002)(316002)(83080400001)(36756003)(83380400001)(166002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: eOnsfxFQeFqA3BsCh2ac8NxSJbKP/CKpy/8EW0oShfgchHvbpIY6pfbpmME84gQJJvy5ScfBuGA/PSfRazH3USJh5FDQd0MjO4vQJvNLEQVFSLBeOPO6BzlWporpUVB8E45qKdhkijkI6aesYrPIUk4+FouXEpAhmSHDiHeG5/KKYGIslBxjXkpHphOWtkHeE6Blhr+K8Yrmr6uB0a4GuDCHPiyEsVIOC7IRUtOL8ZvvjwU4nREr0Vc4aYR3iaimOitJUvL8ZN1Lo8y7Idveaik2CKSKsk9dDeaSl8iiwT2BW5dyUEUnmF0IKuVMEGlBw5BPvhPO2xHj72KaqULDs9/Xcfuug9yUcp9CzRvLDm9PQjbCq1NjCGPmYB3qY4PEHsR9EZtgKNjyUzmCEKcAqw1X2IzmrWgpLFF2hXoQZlgFtzlZ4kPAFDx7KM/X5L/OIHvPChTttMEdZRu/OrYntlERA1ZQBAxdslqXxcapav8kXnkVCSi8Gf/OEkuf/O4E+7uxOeSw0N2SzjZFBFEX9/NSTg2uJ+ghHfZgIVrl4kILq+R1PgLs/j53sgJeLeC7DyQKYr3oJjdNh3track2WaWDJbxnWw8yjuatt10xtCcL/sxLv146INDPDnQ1dh57a9+bKKB5rZUIQFSkVyg/16QLXa/OmXHyVF6cC2zIxuKzQduAi2OxErjkHpsC0LwGaG4qN1dzxR32so+2YCmSMQ==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_B7E6533BCBE04D679595CA505CCFC95Fciscocom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB4966.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: c123a3b7-ff47-468b-5a97-08d86dbe9593
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Oct 2020 08:20:59.2048 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Es6VD7LubMtWAXHDpdaSHS3mThoO98vG7arL6NiNDHdmSIENW7PkM2CpU8Y/gy1H4651wzMQEHTzDA8HockBmg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB4872
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.15, xch-rcd-005.cisco.com
X-Outbound-Node: rcdn-core-8.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet/DvpiOjFc3tXgBcpjcoAIS1k7wCY>
Subject: Re: [homenet] draft-ietf-homenet-front-end-naming-delegation
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 11 Oct 2020 08:21:08 -0000
Daniel, thank you for the update on this draft. May the WG expect a revised I-D (and possibly one for the DHCPv6 draft) in the coming days? Regards -éric From: homenet <homenet-bounces@ietf.org> on behalf of Daniel Migault <mglt.ietf@gmail.com> Date: Friday, 9 October 2020 at 19:22 To: homenet <homenet@ietf.org> Subject: [homenet] draft-ietf-homenet-front-end-naming-delegation Hi, I have reviewed the draft. I have addressed some nits and clarification. I believe the draft is in a good shape and should be ready for WGLC soon. It seems to me that the only thing to do is to document how provisioning the HNA can be done automatically or at least requiring a minimal configuration steps from the end user. I expect this to be set in the next two weeks and a clean version being published. Initially, we wanted to request an authorization token to establish the channel between the HNA and the DM. However, we have not seen any mechanisms that enable to carry this OAUTH token via TLS -only. As a result, we envisioned the end user authenticate to a registrar, provide a token to the HNA. The HNA uses that token to a resource server from where the DM retrieves the certificate used for its authentication by the DM. Please find other comments below: [1] https://datatracker.ietf.org/doc/draft-ietf-homenet-front-end-naming-delegation/ 1. """ The main one is that the Dynamic DNS update would also update the zone's NS records, while the goal is to update the Distribution Master's configuration files. """ We maybe need to clarify why the zone's NS RRset needs to be updated. 2. This specification also assumes the same transport protocol and ports used by the DM to serve the Control Channel and by the HNA to serve the Synchronization Channel are the same. I think the sentence can be clarified. I think what we want to say is that the specification assumes that: * the DM serves both the Control Channel and Synchronization Channel on a single IP address, single port and with a single transport protocol. * the HNA uses a single IP address for both the Control and Synchronization channel by default. However, the HNA MAY use disctinct IP addresses - see section {{sec-sync}} for more details. I would like to add that DNS over TLS SHOULD be supported. 3. Should we replace Outsroucing Infrastructure by OI ? At some point I believe that would ease the reading. Ss most of the document describes interactions between DM and HNA and the DM belongs to the Outsourcing Infratsructure. 4. It seems that the Envisionned deployment scenarios section can be removed or at least merged with hna-provisionning section. 5. section "Example: HNA necessary parameters for outsourcing {#sec-configuration-parameters}" may also be removed / merged with hna-provisionning 6. Maybe hna-provisionning section can be put in the appendix. -- Daniel Migault Ericsson
- [homenet] draft-ietf-homenet-front-end-naming-del… Daniel Migault
- Re: [homenet] draft-ietf-homenet-front-end-naming… Eric Vyncke (evyncke)
- Re: [homenet] draft-ietf-homenet-front-end-naming… Daniel Migault
- Re: [homenet] draft-ietf-homenet-front-end-naming… Michael Richardson
- Re: [homenet] draft-ietf-homenet-front-end-naming… Daniel Migault