Re: [MEXT] review of draft-bajko-mext-sod-01
Julien Laganier <julien.ietf@gmail.com> Wed, 09 February 2011 21:53 UTC
Return-Path: <julien.ietf@gmail.com>
X-Original-To: mext@core3.amsl.com
Delivered-To: mext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix)
with ESMTP id 03D0E3A6A06 for <mext@core3.amsl.com>;
Wed, 9 Feb 2011 13:53:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.475
X-Spam-Level:
X-Spam-Status: No, score=-3.475 tagged_above=-999 required=5 tests=[AWL=0.124,
BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HldpWL98aqWe for
<mext@core3.amsl.com>; Wed, 9 Feb 2011 13:53:26 -0800 (PST)
Received: from mail-ew0-f44.google.com (mail-ew0-f44.google.com
[209.85.215.44]) by core3.amsl.com (Postfix) with ESMTP id 644193A6A10 for
<mext@ietf.org>; Wed, 9 Feb 2011 13:53:16 -0800 (PST)
Received: by ewy8 with SMTP id 8so491860ewy.31 for <mext@ietf.org>;
Wed, 09 Feb 2011 13:53:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
h=domainkey-signature:mime-version:in-reply-to:references:date
:message-id:subject:from:to:cc:content-type :content-transfer-encoding;
bh=sPcz1y32nXj7+eOdi26NgBlcOymY9rJt2red/ZJbe2M=;
b=tWdqVBnBIkUnxZD+sXyQ+/JPcfnMCmt23Nc93s8cXl0JXCiZosOMqm7VYGevMb9InJ
goV5vCE4FQUzoMHx2fmTWaplwFnJ6eMjiA5wq2qby+QhjRjFOnnGgUfsZ/nMKJAqKtE6
TfCTYRYjmBgvZPtc0FFDNK2t5/Fr3iz3z/uI8=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
h=mime-version:in-reply-to:references:date:message-id:subject:from:to
:cc:content-type:content-transfer-encoding;
b=gAddTPsLvgvvliBJFovfuxOhSm0XWugFc7LcdzDLffrMUHKdp5rtIO/hKV/BNrZXCS
PSZ4t587vObu1GQ2rKVmXq25g4duEx/TMQTPGyMPyRYtik+9AYmXyYH7qptXLnHXyQq7
SvSqqqpCKvpT//LSwC4HQ16RQnYZbRddmJn1E=
MIME-Version: 1.0
Received: by 10.103.192.12 with SMTP id u12mr12082622mup.75.1297288405555;
Wed, 09 Feb 2011 13:53:25 -0800 (PST)
Received: by 10.103.221.9 with HTTP; Wed, 9 Feb 2011 13:53:25 -0800 (PST)
In-Reply-To: <5ECC386B-CD36-45AE-943D-01F39264242D@gmail.com>
References: <5ECC386B-CD36-45AE-943D-01F39264242D@gmail.com>
Date: Wed, 9 Feb 2011 13:53:25 -0800
Message-ID: <AANLkTikQsb0xwnrG5qxCJ4RV45_tD6tuy0ndHdnPcnro@mail.gmail.com>
From: Julien Laganier <julien.ietf@gmail.com>
To: jouni korhonen <jouni.nospam@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Cc: draft-bajko-mext-sod@tools.ietf.org, mext@ietf.org
Subject: Re: [MEXT] review of draft-bajko-mext-sod-01
X-BeenThere: mext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Mobile IPv6 EXTensions WG <mext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/mext>,
<mailto:mext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mext>
List-Post: <mailto:mext@ietf.org>
List-Help: <mailto:mext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mext>,
<mailto:mext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Feb 2011 21:53:27 -0000
Jouni - Thanks for the review! Please see some comments below: On Wed, Feb 9, 2011 at 1:19 PM, jouni korhonen <jouni.nospam@gmail.com> wrote: > Hi, > > In Beijing meeting I volunteered to review draft-bajko-mext-sod-01. > > I'll skip the editorials and such. The text would need some editing for sure ;) > > > * Section 1 > > As per the current MIP6 [RFC3775] specification, only the MN has the > ability to enable security for user-plane traffic. The HA has no > ability to force the MN to secure user traffic. > > Strictly based on rfc3775 yes. However, if IKE is used as the key management protocol, then it is possible to have some level of security level negotiation between the MN and the HA. That approach would not be as dynamic as proposed in the I-D but still.. My understanding of IKE is that although it can be used to update the SPD, changing the fundamentals of a bypass or protect rules that applies to user plane traffic wouldn't fall in the scope of IKE -- see quote from RFC 5996: When an RFC4301-compliant IPsec subsystem receives an IP packet that matches a "protect" selector in its Security Policy Database (SPD), the subsystem protects that packet with IPsec. When no SA exists yet, it is the task of IKE to create it. Maintenance of a system's SPD is outside the scope of IKE, although some implementations might update their SPD in connection with the running of IKE (for an example scenario, see Section 1.1.3). Traffic Selector (TS) payloads allow endpoints to communicate some of the information from their SPD to their peers. These must be communicated to IKE from the SPD (for example, the PF_KEY API [PFKEY] uses the SADB_ACQUIRE message). TS payloads specify the selection criteria for packets that will be forwarded over the newly set up SA. This can serve as a consistency check in some scenarios to assure that the SPDs are consistent. In others, it guides the dynamic update of the SPD. Would you disagree? > * Section 2 > > This section would definitely benefit from having more references to the different technologies/elements listed. Also expanding some of the acronyms would not make harm. > > * Section 3 > > response acknowledging the request and setting the flag for user > plane traffic security to Null indicating to the MN that the traffic > on the link between the MN and HA will not be encrypted. > > Setting to "Null"..? Do you rather mean the HA modifies the SPD for HA->MN direction accordingly and makes the MN destined user traffic to bypass IPsec? And a similar action needs to be done on the MN for the MN->HA direction. I think so. > * Section 4.1 > > S When set, this flag indicates HA acknowledges, or strongly > recommends, use of user plane encryption. When clear, HA does not > support or allow use of user plane encryption. > > This also means that the MN has no way of knowing whether the S was unset because a) HA policy said so, or b) HA did not understand the whole thing. In case of b) the MN might want to detach from this particular HA and try to find a HA that supports the feature proposed in this I-D. I see this as an issue that needs to be solved somehow. I agree with Jouni. And actually I've commented many times ;-) that the flag should go away and a new mobility option should be included that carries to flag, an 'I' for integrity protection, and a 'C' for confidentiality protection since these are different capabilities. Also having it in a mobility option would avoid the issue outline since a HA that doesn' t understand the option would not send it back and the MN wouldn't have to guess what happened. > * Section 4.2 > > I understand the introduction of this option but would still consider it not being an essential part of the on-demand security enhancement proposed by this I-D. Agree. > * Section 5 > > This document does not require actions by IANA. > > I kind of disagree ;) I think we need action by IANA to register new mobility option. > As a summary. The proposed solution seems useful. Some work on the I-D is though needed. Agree. --julien
- [MEXT] review of draft-bajko-mext-sod-01 jouni korhonen
- Re: [MEXT] review of draft-bajko-mext-sod-01 Julien Laganier
- Re: [MEXT] review of draft-bajko-mext-sod-01 Basavaraj.Patil
- Re: [MEXT] review of draft-bajko-mext-sod-01 jouni korhonen
- Re: [MEXT] review of draft-bajko-mext-sod-01 Julien Laganier
- [MEXT] review of draft-bajko-mext-sod-01 Stefano Faccin
- Re: [MEXT] review of draft-bajko-mext-sod-01 jouni korhonen
- Re: [MEXT] review of draft-bajko-mext-sod-01 Julien Laganier
- Re: [MEXT] review of draft-bajko-mext-sod-01 Stefano Faccin
- Re: [MEXT] review of draft-bajko-mext-sod-01 Julien Laganier