IETF Logo Mail Archive

Re: [Int-area] New Version Notification for draft-bi-intarea-savi-wlan-00.txt

Bob Hinden <bob.hinden@gmail.com> Thu, 01 June 2023 17:23 UTC

Return-Path: <bob.hinden@gmail.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C48EDC1522AA for <int-area@ietfa.amsl.com>; Thu, 1 Jun 2023 10:23:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 84b5hXO581eu for <int-area@ietfa.amsl.com>; Thu, 1 Jun 2023 10:23:23 -0700 (PDT)
Received: from mail-oa1-x32.google.com (mail-oa1-x32.google.com [IPv6:2001:4860:4864:20::32]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A63EDC15155C for <int-area@ietf.org>; Thu, 1 Jun 2023 10:23:23 -0700 (PDT)
Received: by mail-oa1-x32.google.com with SMTP id 586e51a60fabf-19eb96bffd4so1315353fac.3 for <int-area@ietf.org>; Thu, 01 Jun 2023 10:23:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1685640202; x=1688232202; h=to:references:message-id:cc:date:in-reply-to:from:subject :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=p3heDm7ZnPqmwUXAPKTY8ZDxHt9MxtuAX/32sQ7uy8o=; b=q2ZGo+n0kPEGILe9OrXxlmTOPZOlqB4pbiBM6tDgNySxJTga0qaawG2bFL3MCl7a+Z /LAttgepkyiwJDUBu+PATM7CON7c6bB55GS/7RQtR3QeSFn3ea6oz+nvh9UGg5BWP6bx 98sv6I8vxj8UKvF+xr9Mnzhah7Dr8isu3SurGXfjA35uIiC6RfWVSzfqDTYPdLO+gWS0 yo1mCM6+5M4Hz8n0gSptIDObfmif7djjPkmotiFOPfxc2gOegjSRUQrpJXOMRMBFGaDu 3eqhhsutoENFV1h+m1r48eXkeHLXk9ZZqyQGbfCXZEBc3vI51kH7G7mty4qDE3qDxdSL tS3w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685640202; x=1688232202; h=to:references:message-id:cc:date:in-reply-to:from:subject :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=p3heDm7ZnPqmwUXAPKTY8ZDxHt9MxtuAX/32sQ7uy8o=; b=j3A3RKocfl+HkjRGrVHeuqHS6haTqRr437rwH2oB4E0tS90DI6dylMsA6drPreHLFu 1Ct3XNycZ5HfXfD1DKKBp/ZTvfy7z7JJmhdi5gQLclThORC9CJ4GyXcoQzTgW0LMTkQZ 8pLfwRZNmwZFzHzr5+B9u0qy8U1oF1dIktGiKx+wOv2EZcRNxBQoI6SRaSQe7AVAiSmj gh0R4bv0bgXQ2r/SAyG7Iarkna4139dpY5DX67l0WshJRI1frMA0Bfh4KbaIDM5rZz70 u0dBEOJI9fQfVVZuW+dPSQOymJZe74qTJ50HuBA+68lHXBWa0bfclBszi2Z38WJPrKnh 7Tyg==
X-Gm-Message-State: AC+VfDxc2w25HK140pHm3gB1TrAqPzUuUfRM59R/pQ33gOVDSEnLx5rO kQtQglMXTJSceasb2M3lfOU=
X-Google-Smtp-Source: ACHHUZ6SiocdY9SzVD9DL673/qGEZifXUlkaJfJWA2BVtB0oYpGYPV+ph2hPZ6TIlvleFZDdpXz3fQ==
X-Received: by 2002:a05:6870:c345:b0:19f:1b43:5840 with SMTP id e5-20020a056870c34500b0019f1b435840mr7172457oak.37.1685640201977; Thu, 01 Jun 2023 10:23:21 -0700 (PDT)
Received: from smtpclient.apple ([2600:1700:4383:c05f:ec9c:e995:4093:869a]) by smtp.gmail.com with ESMTPSA id t12-20020a4ae9ac000000b005555797999dsm7422258ood.17.2023.06.01.10.23.21 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 01 Jun 2023 10:23:21 -0700 (PDT)
Content-Type: multipart/signed; boundary="Apple-Mail=_24102162-CD0A-49B8-A666-71F25A8EC11A"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.3\))
From: Bob Hinden <bob.hinden@gmail.com>
X-Priority: 3
In-Reply-To: <c7866f3.6a01.188760bf5d8.Coremail.he-lin@tsinghua.edu.cn>
Date: Thu, 01 Jun 2023 10:23:20 -0700
Cc: Bob Hinden <bob.hinden@gmail.com>, int-area@ietf.org
Message-Id: <D9FBC158-B288-44F1-8AA7-D49A90994F70@gmail.com>
References: <c7866f3.6a01.188760bf5d8.Coremail.he-lin@tsinghua.edu.cn>
To: Lin He <he-lin@tsinghua.edu.cn>
X-Mailer: Apple Mail (2.3696.120.41.1.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/nNYDL5jlLs_s8egf1tBHEC32cmA>
Subject: Re: [Int-area] New Version Notification for draft-bi-intarea-savi-wlan-00.txt
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF Internet Area WG Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Jun 2023 17:23:25 -0000

Lin,

I did a quick read of this draft.    It doesn’t appear to discuss several important issues related to MAC address and IP address binding.  These includes:

Random Mac address assignments (there is an IETF w.g. MADINAS working in this area)
IPv6 Interface ID assignments (see RFC7217 , RFC 8064, etc.)
IPv6 interfaces may have many IPv6 addresses
Section 5.1.1.4 has no mention of SLACC IPv6 addresses

Bob


> On Jun 1, 2023, at 1:21 AM, Lin He <he-lin@tsinghua.edu.cn> wrote:
> 
> Hi, all.
> 
> We submitted an individual draft to the intarea working group a few days ago. This draft mainly describes a source address validation solution for wireless LANs.
> 
> We warmly welcome your valuable feedback and comments.
> 
> Thanks in advance.
> 
> --
> Lin He
> 
> -----Original Messages-----
> From: internet-drafts@ietf.org
> Sent Time: 2023-05-27 20:03:34 (Saturday)
> To: "Jianping Wu" <jianping@cernet.edu.cn>, "Jun Bi" <junbi@cernet.edu.cn>, "Lin He" <he-lin@tsinghua.edu.cn>, "Tao Lin" <lintao@h3c.com>, "You Wang" <you@opennetworking.org>
> Cc:
> Subject: New Version Notification for draft-bi-intarea-savi-wlan-00.txt
> 
> 
> A new version of I-D, draft-bi-intarea-savi-wlan-00.txt
> has been successfully submitted by Lin He and posted to the
> IETF repository.
> 
> Name:		draft-bi-intarea-savi-wlan
> Revision:	00
> Title:		A SAVI Solution for WLAN
> Document date:	2023-05-27
> Group:		Individual Submission
> Pages:		16
> URL:            https://www.ietf.org/archive/id/draft-bi-intarea-savi-wlan-00.txt
> Status:         https://datatracker.ietf.org/doc/draft-bi-intarea-savi-wlan/
> Htmlized:       https://datatracker.ietf.org/doc/html/draft-bi-intarea-savi-wlan
> 
> 
> Abstract:
>   This document describes a source address validation solution for
>   WLANs where 802.11i or other security mechanisms are enabled to
>   secure MAC addresses.  This mechanism snoops NDP and DHCP packets to
>   bind IP addresses to MAC addresses, and relies on the security of MAC
>   addresses guaranteed by 802.11i or other mechanisms to filter IP
>   spoofing packets.  It can work in the special situations described in
>   the charter of SAVI (Source Address Validation Improvements)
>   workgroup, such as multiple MAC addresses on one interface.  This
>   document describes three different deployment scenarios, with
>   solutions for migration of binding entries when hosts move from one
>   access point to another.
> 
> 
> 
> 
> The IETF Secretariat
> 
> </you@opennetworking.org></lintao@h3c.com></he-lin@tsinghua.edu.cn></junbi@cernet.edu.cn></jianping@cernet.edu.cn>
> 
> _______________________________________________
> Int-area mailing list
> Int-area@ietf.org
> https://www.ietf.org/mailman/listinfo/int-area

v2.23.0 | Report a Bug | By Email