Re: [MEXT] draft-bajko-mext-sod-01
<Basavaraj.Patil@nokia.com> Wed, 12 October 2011 19:57 UTC
Return-Path: <Basavaraj.Patil@nokia.com>
X-Original-To: mext@ietfa.amsl.com
Delivered-To: mext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 106CA21F8B1C for <mext@ietfa.amsl.com>; Wed, 12 Oct 2011 12:57:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.465
X-Spam-Level:
X-Spam-Status: No, score=-102.465 tagged_above=-999 required=5 tests=[AWL=-0.467, BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_21=0.6, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r4btXvDkNYX7 for <mext@ietfa.amsl.com>; Wed, 12 Oct 2011 12:56:59 -0700 (PDT)
Received: from mgw-sa01.nokia.com (smtp.nokia.com [147.243.1.47]) by ietfa.amsl.com (Postfix) with ESMTP id CE20E21F8B04 for <mext@ietf.org>; Wed, 12 Oct 2011 12:56:58 -0700 (PDT)
Received: from vaebh102.NOE.Nokia.com (vaebh102.europe.nokia.com [10.160.244.23]) by mgw-sa01.nokia.com (Switch-3.4.4/Switch-3.4.3) with ESMTP id p9CJuktK029843; Wed, 12 Oct 2011 22:56:55 +0300
Received: from smtp.mgd.nokia.com ([65.54.30.7]) by vaebh102.NOE.Nokia.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.4675); Wed, 12 Oct 2011 22:56:53 +0300
Received: from 008-AM1MMR1-001.mgdnok.nokia.com (65.54.30.56) by NOK-AM1MHUB-03.mgdnok.nokia.com (65.54.30.7) with Microsoft SMTP Server (TLS) id 8.2.255.0; Wed, 12 Oct 2011 21:56:53 +0200
Received: from 008-AM1MPN1-053.mgdnok.nokia.com ([169.254.3.208]) by 008-AM1MMR1-001.mgdnok.nokia.com ([65.54.30.56]) with mapi id 14.01.0339.002; Wed, 12 Oct 2011 21:56:53 +0200
From: Basavaraj.Patil@nokia.com
To: kleung@cisco.com, mext@ietf.org
Thread-Topic: [MEXT] draft-bajko-mext-sod-01
Thread-Index: AQHMiRkVlVQRKLdns0uH4MLVYDBvZg==
Date: Wed, 12 Oct 2011 19:56:52 +0000
Message-ID: <CABB5B24.120BC%basavaraj.patil@nokia.com>
In-Reply-To: <2979E38DD6FC6544B789C8DAD7BAFC520E0A8085@xmb-sjc-235.amer.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.12.0.110505
x-originating-ip: [173.74.219.186]
Content-Type: multipart/alternative; boundary="_000_CABB5B24120BCbasavarajpatilnokiacom_"
MIME-Version: 1.0
X-OriginalArrivalTime: 12 Oct 2011 19:56:53.0531 (UTC) FILETIME=[16B8F6B0:01CC8919]
X-Nokia-AV: Clean
Subject: Re: [MEXT] draft-bajko-mext-sod-01
X-BeenThere: mext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Mobile IPv6 EXTensions WG <mext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mext>, <mailto:mext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mext>
List-Post: <mailto:mext@ietf.org>
List-Help: <mailto:mext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Oct 2011 19:57:00 -0000
Hi Kent, Its been a while since you did the review. Finally getting back to updating the I-D and responding to your comments: >In the last IETF meeting, I signed up to review this draft and >provide my comments to the WG. Some may already be discussed. > >1) Sect. 1: s/cellular accesses/cellular access networks/ Okay. >2) Sect. 1: "that would unnecessarily consume resources on the HA >and radio resources on the access network" Okay. >3) Sect. 1: HA control is mentioned in "Furthermore, the operator >of HA may have policies .. security is to be used". But later "HA has >no ability to force the MN to secure user traffic". Clarify if SoD is >designed to include HA control in addition to MN control. Correct. MIP6 signaling today is primarily MN initiated. As a result it is straightforward for the MN to request the establishment of security for the user plane as needed by sending a binding update message to the HA. From the HA perspective, we only have the binding revocation message today which can be sent to an MN. This is the only unsolicited message that can be used by the HA to send a notification to the MN. SoD is indeed designed to allow user plane security to be initiated either by the MN or the HA. >4) Sect. 2: s/wifi_SSID/WiFi SSID/ Okay. >5) Sect. 2: Why MAC_address of the wifi network? Generally, it's >the WIFI SSID. Probably better to cover general logic and not get >into specific features. SSIDs can be spoofed quite easily. Of course so can MAC addresses. However an HA/Policy store may maintain SSID->MAC address mappings that help determining if the network to which an MN is attached secure and this information can trigger security to be enabled/disabled for the user plane traffic. That is the reason why MAC address is included here. >6) Sect. 2: "MN has either a stored policy ~ or it may be >provided with such information from policy stores such as ANDSF >[23.402] or AAA server ~" There is no interface between MN and AAA >server. So not clear how MN is able to obtain info stored on AAA >server. Also, PCRF may be another policy store. Right.. The MN does not have an interface with the AAA server. What we intended to say is that these policies are delivered to the MN at the time of access authentication. But its a good point and we need to provide more details of how the AAA provides the policies to the MN. One example of course is the use of ANDSF in 3GPP networks. The ANDSF can deliver policies to the MN using OMA-DM. >7) Sect. 2: "HA may require that the user plane traffic be >encrypted on the MN-HA link". No description of how this can be >accomplished. We intend to reuse the binding revocation message with a different semantic to enable this. Details about how this is done will be included in the next rev of the I-D. >8) Sect. 3: 'S' bit indicates encryption for user traffic. But >it~s not clear how encryption can be applied? First of all we are getting rid of the "S" bit and instead specifying a mobility option that enables multiple capabilities w.r.t security for the user plane traffic. The mobility option will indicate whether traffic needs to be ciphered or simply integrity protected. This is achieved by using the applicable type of SA. >9) Sect. 3: What happens if MN does not encrypt after HA >overwrites with S bit set to one? The HA drops the traffic. It could also send an error message to the MN. >10) Sect. 3: What happens if MN encrypt when HA does not want that? Same as above (9). >11) Sect. 3: There is no description of HA triggered SoD, though HA >control was implied in Sect. 1. Right. Please see response to (3) above. >12) Sect 4.2: What this option is in the draft? Location >information can be used for many types of operation, not specific to >SoD The location information can assist the policy store in the network in determining of security for the user plane traffic is required. Hence the option being included in the BU. >13) Sect. 5.: Hmm, Type value reservation needs IANA. Yes. >14) Sect. 6: It~s not clear if there is no impact to the security >model until further explanation provided on how the encryption is >applied. Encryption is applied by using an IPsec SA which is of type ESP tunneled. > >Overall, the I-D is a good start on the idea of SoD. It needs more >clarification on how the S bit interact with the mechanism that >actually provides the encryption/decryption function. Also, how does >SoD work when IKE/IPSec is providing the encryption/decryption. Thanks for your comments. Further clarifications in the next rev should address the shortcomings. Will appreciate your feedback once we post the new rev. -Raj > >Kent
- [MEXT] draft-bajko-mext-sod-01 Kent Leung (kleung)
- Re: [MEXT] draft-bajko-mext-sod-01 Basavaraj.Patil