Re: 6MAN Agenda for IETF86
Nalini Elkins <nalini.elkins@insidethestack.com> Tue, 05 March 2013 13:58 UTC
Return-Path: <nalini.elkins@insidethestack.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C1A621F8984 for <ipv6@ietfa.amsl.com>; Tue, 5 Mar 2013 05:58:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.572
X-Spam-Level:
X-Spam-Status: No, score=-1.572 tagged_above=-999 required=5 tests=[AWL=-0.174, BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_13=0.6, J_CHICKENPOX_21=0.6]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v6Wv0nv4Xkqf for <ipv6@ietfa.amsl.com>; Tue, 5 Mar 2013 05:58:30 -0800 (PST)
Received: from nm15.access.bullet.mail.mud.yahoo.com (nm15.access.bullet.mail.mud.yahoo.com [66.94.237.216]) by ietfa.amsl.com (Postfix) with ESMTP id 2097421F897A for <ipv6@ietf.org>; Tue, 5 Mar 2013 05:58:30 -0800 (PST)
Received: from [66.94.237.198] by nm15.access.bullet.mail.mud.yahoo.com with NNFMP; 05 Mar 2013 13:58:29 -0000
Received: from [66.94.237.115] by tm9.access.bullet.mail.mud.yahoo.com with NNFMP; 05 Mar 2013 13:58:29 -0000
Received: from [127.0.0.1] by omp1020.access.mail.mud.yahoo.com with NNFMP; 05 Mar 2013 13:58:29 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 844685.22850.bm@omp1020.access.mail.mud.yahoo.com
Received: (qmail 95490 invoked by uid 60001); 5 Mar 2013 13:58:29 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1362491909; bh=90iGKvluJ/+jMonmJirVXAfwehNI0QDLohuYRnMdDpk=; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=TUnwkCdJctbpBeS8F1GgRPzlSCuiuZR8jbIttWoEe0F3fA+Y757uNDh10YcONEDXSuzZ20AjtGz9oqfaO+d2YTIfp6wT8YNt1+tp3gVcPLidvK5BaO5Hp2yZe5ZmN9f1tjgJiqgrpdGfA4DfvGP51pTEhAzy7DI9lq8t9tV8z2Q=
X-YMail-OSG: _FD2hbQVM1kIpELZZCWyioO0WV6Y7eRkGmEYiD7QR8sgex3 95yOhXH9EQUkVQFiqZOI17hzol54NerMcvqpXazaJ6N34p7G48WWirTHiyqL OeKzxKl4cqb5Raqw9.TuYdjFensFSmVTn2MOaMK9mp1aRwVrUqTopZTnbBc4 brFEOrKS6f3FoOeYY0nP.ei0rEzH97ta3yLQKYivai5mZRsZjIql_qyRvzw7 hxdQdknuu3HdrUaxfLWONUUNexwUR42W2cQfP_soBPE9OSWzanMzK.yvKTWV mExV7Tge1o1SfVqF3nyC6anvpFwNZvhqmPnWQNwcKHw4ooDHkZGUXbAKlfIe zhO6AQqbZVkXoVPfrQc9CPuFbXluB8e7lbrbrNbWifPSGRCvusP3cQLndKMK SkbZ8Wd7GRzHhiO1yc0Qc8tOCjwD2uvhPVlPdRkoTY5q8dWIlwyKP.IL00Su MmUCbTKBsCrXrUXx6FllrocArT3R4pAgzIWNb5NOHhBWqxlrNzIQeO1coH4U eKb_YIfvOOf9eAxp93jpXD.mv6Dhy_9Zr39t5DU9ORNDmpmgfm6sKWqQrWbO TQZmaqpe.qBpSgbjAxPypaYnIZoz7VUMK5k2xG_j8oQ--
Received: from [24.130.37.147] by web2802.biz.mail.ne1.yahoo.com via HTTP; Tue, 05 Mar 2013 05:58:29 PST
X-Rocket-MIMEInfo: 001.001, SG9zbmllaCwKCkkgd2lsbCByZWFkIGFuZCByZXNwb25kLiDCoCBUaGFuayB5b3UgZm9yIHdvcmtpbmcgb24gYSBzb2x1dGlvbiB0byB0aGlzIGltcG9ydGFudCBwcm9ibGVtLgrCoApUaGFua3MsCgoKTmFsaW5pIEVsa2lucwpJbnNpZGUgUHJvZHVjdHMsIEluYy4KKDgzMSkgNjU5LTgzNjAKd3d3Lmluc2lkZXRoZXN0YWNrLmNvbQoKCgpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXwogRnJvbTogSG9zbmllaCBSYWZpZWUgPGlldGZAcm96YW5hay5jb20.ClRvOiAnTmFsaW5pIEVsa2lucycgPG5hbGkBMAEBAQE-
X-Mailer: YahooMailWebService/0.8.135.514
References: <7EE61AD6-2E54-4F17-BBFD-30BE77F7E782@gmail.com> <1362476231.3387.278.camel@karl> <1362490400.37136.YahooMailNeo@web2805.biz.mail.ne1.yahoo.com> <005d01ce19a7$b603ac90$220b05b0$@com>
Message-ID: <1362491909.93507.YahooMailNeo@web2802.biz.mail.ne1.yahoo.com>
Date: Tue, 05 Mar 2013 05:58:29 -0800
From: Nalini Elkins <nalini.elkins@insidethestack.com>
Subject: Re: 6MAN Agenda for IETF86
To: Hosnieh Rafiee <ietf@rozanak.com>
In-Reply-To: <005d01ce19a7$b603ac90$220b05b0$@com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="-153701192-44958192-1362491909=:93507"
Cc: "ipv6@ietf.org" <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Nalini Elkins <nalini.elkins@insidethestack.com>
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Mar 2013 13:58:31 -0000
Hosnieh, I will read and respond. Thank you for working on a solution to this important problem. Thanks, Nalini Elkins Inside Products, Inc. (831) 659-8360 www.insidethestack.com ________________________________ From: Hosnieh Rafiee <ietf@rozanak.com> To: 'Nalini Elkins' <nalini.elkins@insidethestack.com> Cc: ipv6@ietf.org; 'Karl Auer' <kauer@biplane.com.au> Sent: Tuesday, March 5, 2013 5:45 AM Subject: RE: 6MAN Agenda for IETF86 Dear Nalini, Our draft http://tools.ietf.org/html/draft-rafiee-6man-ssas-02 talks about a solution for securing ND while also considering privacy. You can read this version, however, I will be uploading the latest version on 11 March when IETF is again open for submissions. If after reading it, if you have any comments I would appreciate your input so that I can add them to this latest draft. Thanks, Hosnieh From:ipv6-bounces@ietf.org [mailto:ipv6-bounces@ietf.org] On Behalf Of Nalini Elkins Sent: Dienstag, 5. März 2013 14:33 To: Karl Auer; ipv6@ietf.org Subject: Re: 6MAN Agenda for IETF86 Karl, I definitely agree that ND needs to be secured. Also agree that neither IPSec nor SEND are viable solutions. I do not know if I am missing something but I have not seen a comprehensive document with these problems detailed. I certainly don't have a solution but I have been trying to at least catalog such problems. If there is such a document, would appreciate anyone letting me know. If there isn't, if you would like, we can collaborate on such a document and create a draft for the IETF meeting in Berlin. Maybe v6Ops is a place to discuss this topic. Once many at IETF agree that indeed there is a problem, then we can discuss a potential solution. Thanks, Nalini Elkins Inside Products, Inc. (831) 659-8360 www.insidethestack.com ________________________________ From:Karl Auer <kauer@biplane.com.au> To: ipv6@ietf.org Sent: Tuesday, March 5, 2013 1:37 AM Subject: Re: 6MAN Agenda for IETF86 On Mon, 2013-03-04 at 16:02 -0800, Bob Hinden wrote: > A Simple Secure Addressing Generation Scheme for IPv6 > AutoConfiguration > draft-rafiee-6man-ssas-01.txt > [...] > DHCPv6/SLAAC Address Configuration Interaction Problem Statement > draft-liu-bonica-dhcpv6-slaac-problem-01.txt > > We did not think there had been enough discussion or interest on the > w.g. list to guarantee a speaking slot. We allocated short slots at > the end of the session if there is time before the meeting ends. If > anyone (other than the authors) think one of these should be given > more time, please speak up. For what it's worth it seems to me that there is a gaping hole around securing ND. IPSec is obviously ridiculous, SEND is only marginally less ridiculous. Maybe SSAS is a way forward? Or maybe noone else thinks ND needs to be secured? Maybe the meeting could attempt to gauge whether this is actually a real problem. I think it is, and I urge others to speak up if they too think this should be pursued. If there is a priority to these things, then sorting out the perceived and actual discrepancies\ and ambiguities in the meaning of the RA M and O flags would seem pretty important. Otherwise they will end up cemented into even more implementations than they are now. The way Windows handles them is just plain broken, and if the RFCs support that way of handling them, then the RFCs are broken. At very least this topic needs some impetus. Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer@biplane.com.au) http://www.biplane.com.au/kauer http://www.biplane.com.au/blog GPG fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A Old fingerprint: AE1D 4868 6420 AD9A A698 5251 1699 7B78 4EEE 6017 -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
- Re: 6MAN Agenda for IETF86 Brian E Carpenter
- 6MAN Agenda for IETF86 Bob Hinden
- Re: 6MAN Agenda for IETF86 Brian E Carpenter
- RE: 6MAN Agenda for IETF86 Hosnieh Rafiee
- Re: 6MAN Agenda for IETF86 Karl Auer
- Re: 6MAN Agenda for IETF86 Ole Troan
- RE: 6MAN Agenda for IETF86 Hosnieh Rafiee
- RE: 6MAN Agenda for IETF86 Hosnieh Rafiee
- Re: 6MAN Agenda for IETF86 Nalini Elkins
- Re: 6MAN Agenda for IETF86 Alexandru Petrescu
- RE: 6MAN Agenda for IETF86 Hosnieh Rafiee
- RE: 6MAN Agenda for IETF86 Hosnieh Rafiee
- Re: 6MAN Agenda for IETF86 Nalini Elkins
- Re: 6MAN Agenda for IETF86 Alexandru Petrescu
- Re: 6MAN Agenda for IETF86 Nalini Elkins
- RE: 6MAN Agenda for IETF86 Hosnieh Rafiee
- Re: 6MAN Agenda for IETF86 Nalini Elkins
- Re: 6MAN Agenda for IETF86 Michael Richardson
- RE: 6MAN Agenda for IETF86 Hosnieh Rafiee
- Re: 6MAN Agenda for IETF86 Mark Smith
- Re: 6MAN Agenda for IETF86 Carsten Bormann
- RE: 6MAN Agenda for IETF86 Hosnieh Rafiee
- Re: 6MAN Agenda for IETF86 Bob Hinden
- Re: 6MAN Agenda for IETF86 Bob Hinden
- RE: 6MAN Agenda for IETF86 Samita Chakrabarti
- RE: 6MAN Agenda for IETF86 Hosnieh Rafiee
- Re: 6MAN Agenda for IETF86 Bob Hinden
- Re: 6MAN Agenda for IETF86 Michael Richardson
- RE: 6MAN Agenda for IETF86 Hosnieh Rafiee
- Re: 6MAN Agenda for IETF86 Fernando Gont
- Re: 6MAN Agenda for IETF86 Fernando Gont
- Re: 6MAN Agenda for IETF86 Doug Barton