RE: [Mipshop] Gauging interest in official WG adoption of internetdrafts

Hi Yoshi,

sorry for my late reply on this. I really had the same impression Vidya
had and not only because I'm co-author of the draft :)

As you know I have been proposing bootstrapping solutions based on EAP,
I am one of the author of HOAKEY BOF drafts and I followed the
discussion from the beginning: my understanding is that Sam's concerns
are related to the reuse of cryptogrpahic material from network access
authentication for other purposes than network access. This does not
imply that an AAA-based mechanism cannot be used to request and
authorize services: there are several drafts that propose it. As an
example both mip6 bootstrapping documents (split and integrated
scenarios) involve deeply the AAA infrastructure, also to deliver
configuration information to the DHCP server in the network access.
Therefore, I really don't think this is an architectural issue of this
draft.

OTOH, I agree to remove appendix A in order to remove any reference to
AMSK that need to be deeply studied in other WGs/BOFs.

Regards,
--Gerardo  

> -----Original Message-----
> From: Yoshihiro Ohba [mailto:yohba@tari.toshiba.com] 
> Sent: domenica 26 marzo 2006 4.22
> To: Lakshminath Dondeti
> Cc: mipshop@ietf.org
> Subject: Re: [Mipshop] Gauging interest in official WG 
> adoption of internetdrafts
> 
> As far as I understand, Sam's concern is not only on application
> keying using AMSK but also AAA-assisted application keying in general.
> So I am not sure if your suggested remedy really addresses the
> concern.  I'd suggest asking Sam's opinon before moving forward.
> 
> Best regards,
> Yoshihiro Ohba
> 
> On Sat, Mar 25, 2006 at 05:36:46PM -0800, Lakshminath Dondeti wrote:
> > Disclaimer: I work with one of the authors (Vidya) of the 
> > handover-keys-aaa I-D, although didn't contribute to the 
> draft in anyway.
> > 
> > I just read the parts of the I-D that seem to be 
> contentious and note 
> > that the reference to AMSKs is merely an example and the HMK can be 
> > established through other means, say by preprovisioning.
> > 
> > That said, I think it is best to remove Appendix A (I am not sure 
> > about A.1, that probably should stay and resolved later) as it 
> > reproduces a key hierarchy and key derivation process that is still 
> > under active discussion.
> > 
> > regards,
> > Lakshminath
> > 
> > At 04:25 PM 3/25/2006, Yoshihiro Ohba wrote:
> > >I have a reservation on 
> draft-vidya-mipshop-handover-keys-aaa-01.txt.
> > >
> > >The draft describes a AAA-assisted key management protocol 
> to generate
> > >handover keys for protecting signaling between MN and AR.  I am
> > >viewing the proposal as an application keying for FMIPv6 
> and possibly
> > >other protocols.  However, in the IETF65 hoakey BOF, Sam Hartman, a
> > >Security AD, raised concern on application keying.  As a 
> consequence,
> > >the hoakey BOF chairs made a decision to exclude application keying
> > >from the BOF charter, expecting application keying to be 
> discussed in
> > >a separate BOF.
> > >
> > >Thus, it might be wiser to hold this draft until there is a clear
> > >consensus on how to deal with application keying in the IETF.
> > >
> > >Best regards,
> > >Yoshihiro Ohba
> > >
> > >
> > >On Tue, Mar 21, 2006 at 11:49:36PM -0800, gabriel montenegro wrote:
> > >> Folks,
> > >>
> > >> In today's meeting we talked about 4 potential items up for 
> > >adoption as official working
> > >> groups. Talking with folks after the meeting, we've decided to 
> > >add two more to the list
> > >> of items we'll ask the WG whether we should adopt. This is the 
> > >follow-up email to today's
> > >> discussion, to make sure we ask this on the mailing list.
> > >>
> > >> So the question to the WG is: Should we adopt the following 
> > >documents as official WG
> > >> items (based on the individual drafts as noted below)?:
> > >>
> > >> 1. draft-ietf-mipshop-fmipv6-rev-XX.txt
> > >> based on draft-koodli-mipshop-rfc4068bis-00.txt
> > >>
> > >> 2. draft-ietf-mipshop-handover-keys-aaa-XX.txt
> > >> based on  draft-vidya-mipshop-handover-keys-aaa-01.txt
> > >>
> > >> 3. draft-ietf-mipshop-handover-key-send-XX.txt
> > >> based on draft-kempf-mobopts-handover-key-01.txt 
> (currently expired)
> > >>
> > >> 4. draft-ietf-mipshop-fh80216e-XX.txt
> > >> based on draft-jang-mipshop-fh80216e-02.txt
> > >>
> > >> 5. draft-ietf-mipshop-3gfh-XX.txt
> > >> based on draft-yokota-mipshop-3gfh-02.txt
> > >>
> > >> 6. draft-ietf-mipshop-cga-cba-XX.txt
> > >> based on draft-arkko-mipshop-cga-cba-03.txt
> > >>
> > >> Please send comments one way or another through April 4, 2006.
> > >>
> > >> Thanks,
> > >>
> > >> chairs
> > >>
> > >>
> > >> __________________________________________________
> > >> Do You Yahoo!?
> > >> Tired of spam?  Yahoo! Mail has the best spam protection around
> > >> http://mail.yahoo.com
> > >>
> > >> _______________________________________________
> > >> Mipshop mailing list
> > >> Mipshop@ietf.org
> > >> https://www1.ietf.org/mailman/listinfo/mipshop
> > >>
> > >
> > >_______________________________________________
> > >Mipshop mailing list
> > >Mipshop@ietf.org
> > >https://www1.ietf.org/mailman/listinfo/mipshop
> > 
> > 
> 
> _______________________________________________
> Mipshop mailing list
> Mipshop@ietf.org
> https://www1.ietf.org/mailman/listinfo/mipshop
> 
--------------------------------------------------------------------

CONFIDENTIALITY NOTICE

This message and its attachments are addressed solely to the persons above and may contain confidential information. If you have received the message in error, be informed that any use of the content hereof is prohibited. Please return it immediately to the sender and delete the message. Should you have any questions, please contact us by replying to webmaster@telecomitalia.it.

        Thank you

                                        www.telecomitalia.it

--------------------------------------------------------------------