IETF Logo Mail Archive

Re: [Int-area] Discovering a Location Server in the Access Network

Hannes Tschofenig <Hannes.Tschofenig@gmx.net> Sat, 15 September 2007 08:24 UTC

Return-path: <int-area-bounces@lists.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IWSx5-00012Q-96; Sat, 15 Sep 2007 04:24:31 -0400
Received: from int-area by megatron.ietf.org with local (Exim 4.43) id 1IWSx3-00012A-QX for int-area-confirm+ok@megatron.ietf.org; Sat, 15 Sep 2007 04:24:29 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IWSx3-00011z-FA for int-area@ietf.org; Sat, 15 Sep 2007 04:24:29 -0400
Received: from mail.gmx.net ([213.165.64.20]) by chiedprmail1.ietf.org with smtp (Exim 4.43) id 1IWSx2-0003q9-I7 for int-area@ietf.org; Sat, 15 Sep 2007 04:24:29 -0400
Received: (qmail invoked by alias); 15 Sep 2007 08:24:26 -0000
Received: from p54987CAB.dip.t-dialin.net (EHLO [192.168.1.4]) [84.152.124.171] by mail.gmx.net (mp052) with SMTP; 15 Sep 2007 10:24:26 +0200
X-Authenticated: #29516787
X-Provags-ID: V01U2FsdGVkX18Yc4MBYVEYZ5dVPDVaVkNslEdDiIzok1zdVqNqMJ l6wHI4vx6CKNgY
Message-ID: <46EB96BA.7030608@gmx.net>
Date: Sat, 15 Sep 2007 10:24:26 +0200
From: Hannes Tschofenig <Hannes.Tschofenig@gmx.net>
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Alexandru Petrescu <alexandru.petrescu@gmail.com>
Subject: Re: [Int-area] Discovering a Location Server in the Access Network
References: <46EA4B08.1060307@gmx.net> <46EA956B.1030700@gmail.com> <46EAA1AF.2000000@gmx.net> <46EAAACD.4000603@gmail.com>
In-Reply-To: <46EAAACD.4000603@gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Y-GMX-Trusted: 0
X-Spam-Score: 0.0 (/)
X-Scan-Signature: b280b4db656c3ca28dd62e5e0b03daa8
Cc: int-area@ietf.org
X-BeenThere: int-area@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/int-area>
List-Post: <mailto:int-area@lists.ietf.org>
List-Help: <mailto:int-area-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@lists.ietf.org?subject=subscribe>
Errors-To: int-area-bounces@lists.ietf.org

Hi Alex,

Alexandru Petrescu wrote:
> Hannes Tschofenig wrote:
>>>>
>>>>  In short, the current proposal (see 
>>>> http://tools.ietf.org/html/draft-thomson-geopriv-lis-discovery-02.txt;
>>>>  ignoring Section 2 which defines the DHCP portion) essentially 
>>>> does the following:
>>>>
>>>> * Discover the public IP address of the end point
>>>
>>> I think it should say 'Discover ... address of the LIS', right?   And
>>> not 'of the end point'(?)
>>>
>> No; it really means that you learn your own public IP address. That's 
>> no problem if you already have one but you might also be behind a NAT 
>> (which is extremely common in a DSL network). Hence, knowing your 
>> private IP address is not very useful for the discovery of the LIS 
>> since you will not find a LIS in your own home network.
>
> But you're sure that it's necessary to discover my IP address when I'm 
> behind NAT?  Does the LIS need to contact me without me needing to 
> contact it first?
>
Yes, you have to find the LIS first. In order to find the LIS in that 
scenario you need to learn the domain name of the access network (in 
this case the DSL operator's access network).When you know your own 
public IP address then you are able to find the domain name of the DSL 
operator's LIS in that network.

>>> [...]
>>>> We have investigated other solutions as well (see Section 4 of 
>>>> http://www.ietf.org/internet-drafts/draft-ietf-geopriv-l7-lcp-ps-05.txt) 
>>>>
>>>>  but the group (or at least a few folks) believes that this is a 
>>>> "good" approach.
>>>
>>> Section4:
>>>> DHCP-based discovery, DNS-based discovery, Redirect [HTTP or AAA] 
>>>> rule, multicast DNS queries, anycast and Teredo discovery.
>>>
>>> That's fine it covers all I could think of, but there's (1) the
>>> EXPERIMENTAL IPv6 Node Information Queries RFC4620 as well.  It's
>>> limited to link-local multicast but I think that would be an advantage
>>> (and not an inconvenient) because one would want that LIS server to be
>>> as close to the querier, for geographical precision, I think.
>> I can certainly list it as an option but the fact that it is 
>> restricted to a link-local multicast does not make it very attractive 
>> for our usage environment.
>
> Ok.  I thought the reverse but anyways.
>
>>> Some IKEv2 extension possibility for discovering parameters too, and
>>> BOOTP and last but not least Service Location Protocol RFC2165.
>> Yep. I could also mention these.
>>
>> I have to refresh my memory about SLP but IKEv2 is certainly not very 
>> useful in our environment.
>
> Well, at some point you talk using DNS in a secure manner (in the 
> security section)...
>
Providing channel security between the end host and the LIS is an 
orthogonal issue.
Current requirements indicate that only server-side authentication is 
realistic to mandate. IKEv2 does not provide a way to execute 
server-side only authentication; TLS would just be doing a fine job and 
it is a more natural choice for an application layer protocol  (with 
HELD XML is carried on top of HTTP)

Ciao
Hannes
> Anyways, thanks.
>
> Alex
>
> ______________________________________________________________________
> This email has been scanned by the MessageLabs Email Security System.
> For more information please visit http://www.messagelabs.com/email 
> ______________________________________________________________________



_______________________________________________
Int-area mailing list
Int-area@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/int-area

v2.23.0 | Report a Bug | By Email