Re: [MEXT] Adoption of MIPv6 Operation with Firewalls draft
<Pasi.Eronen@nokia.com> Thu, 04 September 2008 10:27 UTC
Return-Path: <mext-bounces@ietf.org>
X-Original-To: mip6-archive@megatron.ietf.org
Delivered-To: ietfarch-mip6-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C4DB53A6923; Thu, 4 Sep 2008 03:27:59 -0700 (PDT)
X-Original-To: mext@core3.amsl.com
Delivered-To: mext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 652BE3A6923 for <mext@core3.amsl.com>; Thu, 4 Sep 2008 03:27:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.086
X-Spam-Level:
X-Spam-Status: No, score=-6.086 tagged_above=-999 required=5 tests=[AWL=0.513, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v1Hp2wWS5S3C for <mext@core3.amsl.com>; Thu, 4 Sep 2008 03:27:55 -0700 (PDT)
Received: from mgw-mx09.nokia.com (smtp.nokia.com [192.100.105.134]) by core3.amsl.com (Postfix) with ESMTP id 439913A68DA for <mext@ietf.org>; Thu, 4 Sep 2008 03:27:55 -0700 (PDT)
Received: from vaebh105.NOE.Nokia.com (vaebh105.europe.nokia.com [10.160.244.31]) by mgw-mx09.nokia.com (Switch-3.2.6/Switch-3.2.6) with ESMTP id m84ARrlI030040; Thu, 4 Sep 2008 05:27:59 -0500
Received: from vaebh102.NOE.Nokia.com ([10.160.244.23]) by vaebh105.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 4 Sep 2008 13:27:13 +0300
Received: from vaebe104.NOE.Nokia.com ([10.160.244.59]) by vaebh102.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 4 Sep 2008 13:26:57 +0300
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Thu, 04 Sep 2008 13:26:55 +0300
Message-ID: <1696498986EFEC4D9153717DA325CB7201861BA9@vaebe104.NOE.Nokia.com>
In-Reply-To: <200809041109.43877.julien.laganier.IETF@googlemail.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [MEXT] Adoption of MIPv6 Operation with Firewalls draft
Thread-Index: AckObgKowdbrak0pSVqRbRS2P0PrPwACX+FQ
References: <200809041109.43877.julien.laganier.IETF@googlemail.com>
From: Pasi.Eronen@nokia.com
To: julien.laganier.ietf@googlemail.com, mext@ietf.org
X-OriginalArrivalTime: 04 Sep 2008 10:26:57.0710 (UTC) FILETIME=[C26604E0:01C90E78]
X-Nokia-AV: Clean
Subject: Re: [MEXT] Adoption of MIPv6 Operation with Firewalls draft
X-BeenThere: mext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Mobile IPv6 EXTensions WG <mext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/mext>
List-Post: <mailto:mext@ietf.org>
List-Help: <mailto:mext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: mext-bounces@ietf.org
Errors-To: mext-bounces@ietf.org
BTW, the drafts seem to assume that the MIPv6 messages are not encrypted (i.e. either ESP with NULL encryption or RFC 4285 is used), so the firewall can inspect e.g. the MH Type field. (It's even assumed that return routability messages are not encrypted, something that RFC 3776 or 4877 do not permit.) They also require Mobile IPv6 specific deep packet inspection. I guess these assumptions are intentional (but at least the first one isn't very clearly mentioned in the specs), but they do limit the applicability somewhat. Best regards, Pasi > -----Original Message----- > From: Julien Laganier > Sent: 04 September, 2008 12:10 > To: mext@ietf.org > Subject: [MEXT] Adoption of MIPv6 Operation with Firewalls draft > > Folks, > > The MEXT WG charter has a "Mobile IPv6 Operation with Firewalls" > deliverable, but the WG doesn't have a corresponding draft(s). There > are two individual submissions that could be used as basis for the > deliverable: > > <http://tools.ietf.org/id/draft-krishnan-mip6-firewall-admin-04.txt> > <http://tools.ietf.org/id/draft-krishnan-mip6-firewall-vendor-04.txt> > > Hereby we'd like to ask WG participants whether or not we > should adopt > the two drafts above as MEXT WG drafts for the "Mobile IPv6 Operation > with Firewalls" deliverable. > > Please state your opinion on the above before Sep 18th. > > --julien & marcelo, MEXT chairs _______________________________________________ MEXT mailing list MEXT@ietf.org https://www.ietf.org/mailman/listinfo/mext
- [MEXT] Adoption of MIPv6 Operation with Firewalls… Julien Laganier
- Re: [MEXT] Adoption of MIPv6 Operation with Firew… Pasi.Eronen
- Re: [MEXT] Adoption of MIPv6 Operation with Firew… Suresh Krishnan
- Re: [MEXT] Adoption of MIPv6 Operation with Firew… Vijay Devarapalli