[Int-area] Re: notes from the INT meeting in Montreal
Vijay Devarapalli <vijay.devarapalli@azairenet.com> Wed, 02 August 2006 15:46 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G8Iv6-00028H-4U; Wed, 02 Aug 2006 11:46:04 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G8IB4-0004g6-Gi for int-area@ietf.org; Wed, 02 Aug 2006 10:58:30 -0400
Received: from mail1.azairenet.com ([66.92.223.4] helo=bart.corp.azairenet.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G8IB3-0004bb-K6 for int-area@ietf.org; Wed, 02 Aug 2006 10:58:30 -0400
Received: from [10.1.210.19] ([10.1.210.19]) by bart.corp.azairenet.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 2 Aug 2006 07:58:27 -0700
Message-ID: <44D0BD91.1050608@azairenet.com>
Date: Wed, 02 Aug 2006 07:58:25 -0700
From: Vijay Devarapalli <vijay.devarapalli@azairenet.com>
User-Agent: Thunderbird 1.5.0.5 (Windows/20060719)
MIME-Version: 1.0
To: Jari Arkko <jari.arkko@piuha.net>
References: <44D098DA.5020500@piuha.net>
In-Reply-To: <44D098DA.5020500@piuha.net>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 8bit
X-OriginalArrivalTime: 02 Aug 2006 14:58:27.0410 (UTC) FILETIME=[1C37FB20:01C6B644]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 731ea0e9f5725b67e634db1918f3b951
X-Mailman-Approved-At: Wed, 02 Aug 2006 11:46:03 -0400
Cc: Internet Area <int-area@ietf.org>, Stefano Faccin <stefano.faccin@nokia.com>
Subject: [Int-area] Re: notes from the INT meeting in Montreal
X-BeenThere: int-area@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/int-area>
List-Post: <mailto:int-area@lists.ietf.org>
List-Help: <mailto:int-area-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@lists.ietf.org?subject=subscribe>
Errors-To: int-area-bounces@lists.ietf.org
looks good to me. Vijay Jari Arkko wrote: > Thank you Stefano and Vijay for taking notes! If there > are any additions or corrections, please send them to > either me or Mark. > > --- > > Internet Area Meeting > IETF 66, July 2006, Montreal > > Area Directors: Jari Arkko & Mark Townsley > Note takers: Vijay Devaparalli and Stefano Faccin (merged and edited by > Jari Arkko) > > > 1. Area status update (ADs, 20 min) > =================================== > > BOFs: none this time, shared interest with HOKEY BOF and the NEW > BOF. LIES/TERNLI BOF did not happen, but there will a presentation on > this topic later in this meeting. One BOF on anycast was discussed, > but there was some discussion on O&M open area meeting. > > WGs creation, rechartering, and termination: Created ANCP (Access Node > Configuration) and 16ng (IP over 802.16) WGs. Terminated IPOIB (IP > over InfiniBand) due to having finished its main task. MIBs remained > in their charter, but there was not enough progress on them. > > MIPSHOP rechartered after it had finished all of its tasks. MIP4 > being rechartered to add dual stack operations work item. MIP6 being > rechartered to consider progress and align to current interests and > the charter. NEMO and SHIM6 will undergo rechartering before IETF-67. > HIP is rechartering for new items and will close thereafter. IRTF HIP > WG remains. > > 2. Other WG news: > ================= > > 6LOWPAN needs to finish its 2 current deliverables (an is a year > behind) and wants to address new topics. > > IPODVB working on L2 security mechanisms that need to be revisited > based on current charter. > > PANA: explosion on the IETF discussion mailing list based on initial > e-mail from Sam Hartman. This has led to an effort in the WG to reduce > complexity of solution since there is considerable confusion. "Less is > more". > > NETLMM has published its first solution draft from the design team, > and will have interim meeting in September. > > 3. Area documents status > ======================== > > These documents do not have a home in any WG. > > draft-fenner-iana-exp-2780-02.txt: Experimental allocations for > various IP layer numbers. Approved, in RFC Editor’s queue > > draft-bagnulo-cga-ext-01.txt: Extensions for CGA needed for SHIM6 > work. Approved, in RFC Editor’s queue > > draft-bonica-internet-icmp-01.txt: Extensions to add data objects to > certain ICMP messages. Still ongoing discussion, PS vs. EXP and IPv6 > issues. Will be discussed today. > > draft-bagnulo-ipv6-rfc3480-update-00.txt: Updates to RFC 3484 to > support multihoming, plus a few other minor updates. Will be discussed > today. > > draft-laganier-ipv6-khi-01.txt: An allocation from the IPv6 space to > support HIP implementations that depend on unmodified APIs. Main > discussion issue about the size of the allocation is now > resolved. Will go ahead as an AD sponsored Experimental RFC. > > 4. IAB Routing and Addressing Workshop > ====================================== > > Dave Meyer pointed to a mailing list (routing-discussion) for > discussion on routing and addressing. There is going to be an > IAB-organized workshop on operational problems and future challenges. > > The plan is come away from the workshop with a problem statement on > routing operational issues, not to design a solution. Workshop will in > mid-October, time and place to be narrowed down (participation by > invitation). > > 5. Source address selection problem for multi-homed environments > ================================================================ > > http://www.ietf.org/internet-drafts/draft-bagnulo-rfc3484-update-00.txt > > Marcelo Bagnulo presented issues which if need to be solved would > required updating RFC 3484. > > The goal of this presentation was to agree if RFC 3484 needs updating, > and to provide input on Marcelo's multihoming issues. > > A set of issues in RFC 3484 was identified: remove site-locals, > include ULAs, additional tools for policy table handling, handling of > unreachable source addresses (identified in SHIM6 and previously in > MULTI6; needed for multi-addresses nodes and sites, and can help with > ULA cases). Document suggests a set of rules that provide guidance to > the application when it selects the src add, similar to the available > for dst add selection; also, a modification to the src add selection > of the IP layer, so that unreachable source and destination address > pairs are detected and alternative address pairs are tried. > > Dave Thaler - Agrees with working on modification to the source > address selection > > Pekka Savola - Surely we need do the second part, not sure about the > first one. Marcelo: For first part intention is to include very lax > guidance to the application developers. Pekka: No changes in the > implementation? Marcelo: There would be changes in the application. > > Tim chown - Would like to see these changes happen. > > Unidentified - It is complicated currently with socket API to do source > address selection. Are you proposing TCP connect to do source address > selection? Most applications should do it by themselves today. > > Unidentified - In case of UDP it can be even harder to do. Marcelo agrees. > > Pasi Eronen - in Windows Vista there are solutions for this. There is > exposure to the applications. Marcelo points out that there is also > connectbyname call. > > Dave - Confirm that it is true. API changes are better than having > applications deal with multiple addresses and make decisions. > > Hesham - Agrees with the problem. Asks if we have an idea what is > important to solve first? There is a need to prioritize. > > Bob Hinden - the current IPv4 document is a compromise solution. > This can be get complicated very quickly. I would rather with > document solutions that actually work from vendor and deployment > experience rather than trying to develop new solutions. > > Unidentified - Is SHIM6 as solution for this? Marcelo responds that > SHIM6 requires both ends to be updated, but here we are saying that if > you are multihomed and have two prefixes, there is the need to update > a large number of nodes. There should be simpler & more efficient > solutions available. > > Jari concludes by stating that there is interest for this work. But we > should be careful in not doing too much or too radical > solutions. Focus on what implementations already do. > > 6. Making CGAs survive hash algorithm issues > ============================================ > > http://www.ietf.org/internet-drafts/draft-bagnulo-multiple-hash-cga-00.txt > > Goal of the discussion is to note that RFC 3972 had a hard wired hash > algorithm. Should we change that? > > Marcelo Bagnulo notes that there is an issue with recent attacks > against collision free hash functions. These challenge the application > of such hash function for the provision of non-repudiation > capabilities. For SEND, the idea is not to move from SHA1 but to allow > other hash functions. In order to avoid downgrading attacks, encode in > address itself. Use Sec field to encode both current Sec information > and the hash function used, reserve 3 values for existing, and create > new registry CGA SEC for the future > > Iljitcsh - why is it necessary to carry the hash function in the > address? There are other parameters that are needed anyway. Why not > have this information stored there? Marcelo responds that this is to > prevent downgrade attacks > > Pekka Savola - This might be a useful direction to go. But may not be > needed now. The current SHA1 function is quite secure. I would be a > bit hesitant to do it now. Marcelo notes that today there is not much > deployment of CGA. We want to reserve bits today, before deployment > happens. Once it happens, its too late to use the same bits. And there > are no other bits available. > > Gabriel - Supports this. > > Discussion continues about whether other parts of the CGA idea, such > as the used public key algorithm, need to be protected in the same way > at the same time. Tim Shepard notes that with the public key > algorithm, there is no problem with downgrade attacks. But with the > hash algorithms there is a possibility of downgrade attacks and so > should be encoded in the address itself. For public key algorithms > this need not be encoded in the address > > 7. Way forward with ICMP extensions > =================================== > > http://www.ietf.org/internet-drafts/draft-bonica-internet-icmp-02.txt > > Goal is to get a feeling from the group on where we stand on the > problems remaining on this discussion, such as IPv6 support. Jari gave > an update of the history of this proposal. An early version of this is > actually deployed out there. Can we have an effect on that deployment? > Remaining issues are: > > o Standards track or experimental? > > o Given that we are doing for IPv4, should we do for IPv6? One > implementation already exists that does this for IPv6. > > Joe Touch - Does not care if others do some bizarre extensions > to ICMP to support some sub-layer 3 protocols. maybe we shouldn't > do anything. > > Mark - we are re-opening the original debate. we don't want to > go there. > > Joe - but you are trying to justify the work using the deployed > based as the reason. > > Mark - Lets not re-open the earlier discussion. > > Jari - Earlier we did a separation to the base and the application of > this. ICMP traceroute for MPLS is one application. No question about > that. But there has been other proposed applications, so we may need > this for a number of purposes down the road. > > Pekka - there is an Internet layer implication by this change. > Supports proposed standard. > > Rob Austein - IPv4 and IPv6 versions of ICMP should be similar. > What was decided for IPv4 ICMP should be done for IPv6 ICMP too. > > Bob Hinden - This is probably going to show up in other places > (3GPP, Wimax). So not sure doing a special case of MPLS is a > good idea. There should be general solution if at all any. > > Mark - The MPLS objects are themselves advancing in the MPLS > working group. We are doing a more general solution here that > will be useful for more than MPLS. > > Conclusion by Mark - Heard a few people say the solution for IPv4 ICMP > and IPv6 ICMP should be similar. This seems like the way to go. > > Jari - Should this go on standards track or experimental? > > Hum - Mild preference for standards track. > > 8. Comparison of mobility protocols > =================================== > > http://www.ietf.org/internet-drafts/draft-thaler-mobility-comparison-01.txt > > Goal: Increase awareness of where the different schemes are in terms > of their functionality, efficiency, etc. > > Dave Thaler presents his analysis on MIP6, SHIM6 and HIP. The > analysis is based only on WG drafts. > > Vijay Devarapalli - Is network outage part of IP Mobility problem? Dave > - Maybe. > Geoff - It is the rendezvous mechanism that is important to consider. > not network outage. > > Margaret - What would be interesting to compare between MIP and shim6 > is where things happen. In mip6, the knowledge of about HoA and CoA is > on the home agent and in shim6 it is at the end hosts. There are some > architectural differences. Dave - True. But only wanted to see what > problem each protocol solves and what features are easy to compare. > Hesham - There are architectural differences, but there are two modes > in MIP6. route optimization is between the MN and the CN. > > Tim Sheppard - How you fill in the boxes reflects some > architectural assumptions. Want to tease out the assumptions. > IPsec VPNs? > > Pekka - Home Address are as stable as the home link. Subject to > home re-numbering. Vijay - There are extensions to MIPv6 to handle home link > renumbering and home address change. In the event of home address > change the FQDN to HoA mapping is updated. > > Alex - Include reachability from behind a NAT? Dave - Limiting this to > IPv6 only. Assumes no NATs > > George - You should compare MIPv6 route optimization to shim6 > and HIP, since that is end-to-end. Dave - agrees > > Hesham - There are WG documents in MIPSHOP that reduce the number > of MIP messages. Dave - Send me the information. > > Thomas - Puzzled by the connect overhead. with MIPv6 you can send > packets right away if using the tunnel with the home agent. Route > optimization kicks in later. Dave agrees. > > Andre - DoS protection? Dave will consider this > > Vijay - Do you want to consider maturity and deployment experience > of these protocols in your draft? Dave has not considered these. Only > a technical comparison. > > George - Make it clear that you are considering these protocols > end to end. There is a home agent (reverse tunnel mode) that is > very different. Dave agrees > > 9. Transport - network layer interface evolution and mobility > ============================================================= > > Goal is to talk about the challenges related to transport - IP > interaction, particularly related to implications of mobility > technology. Discuss, and gather input for a BOF in this space in > IETF-67. > > Lars Eggert goes over the problem space. > > John Loughney - Traditional transport protocols assume a uniform path > through the network that does not change often and the RTT remains > nearly the same. They have to now deal with rapidly changing paths due > to mobility. Very significant when the RTT for the path changes. > > Geoff Houston - It is important to see how the feedback is handled > rather than how the feedback is given to the transport protocols. The > issue tends to be architectural. What are you trying to do with with > the feedback you receive? > > Lars - agrees. But there is energy in the IETF because we see > people wanting to work on this. Geoff points out that we need > to require not just energy, but also validity of the approach. > > Hesham - Transferring information from one layer to other is > extremely useful. We need to be conservative on the type of > information we transfer, though. > > Thomas - Worries about folks coming with focused on specific link > layers. There is an extension to Mobile IP for the home agent to tell > the other end the path has significantly changed. Have a critical > mass of people to work offline and come back with a problem statement. > > Unidentified - Should not try to do the same thing in many different > layers. We dont want two layer to interact to a change in the path > that conflicts. > _______________________________________________ Int-area mailing list Int-area@lists.ietf.org https://www1.ietf.org/mailman/listinfo/int-area
- [Int-area] notes from the INT meeting in Montreal Jari Arkko
- [Int-area] Re: notes from the INT meeting in Mont… Vijay Devarapalli