[Mipshop] Re: Comments on draft-ietf-mipshop-handover-key-01.txt
"James Kempf" <kempf@docomolabs-usa.com> Tue, 18 September 2007 22:38 UTC
Return-path: <mipshop-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IXlhj-0002S5-2e; Tue, 18 Sep 2007 18:38:03 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IXlhh-0002DI-95 for mipshop@ietf.org; Tue, 18 Sep 2007 18:38:01 -0400
Received: from key1.docomolabs-usa.com ([216.98.102.225] helo=fridge.docomolabs-usa.com) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IXlhJ-0002Zt-3O for mipshop@ietf.org; Tue, 18 Sep 2007 18:37:38 -0400
Message-ID: <059901c7fa44$832bbbb0$576115ac@dcml.docomolabsusa.com>
From: James Kempf <kempf@docomolabs-usa.com>
To: Rajeev Koodli <rajeev.koodli@nokia.com>, ext Vijay Devarapalli <vijay.devarapalli@AzaireNet.com>
References: <C3159956.181E4%rajeev.koodli@nokia.com>
Date: Tue, 18 Sep 2007 15:37:36 -0700
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="iso-8859-1"; reply-type="original"
Content-Transfer-Encoding: 7bit
X-Spam-Score: -97.2 (---------------------------------------------------)
X-Scan-Signature: 97c820c82c68af374c4e382a80dc5017
Cc: mipshop@ietf.org, "Koodli Rajeev (NSN - US/Palo Alto)" <rajeev.koodli@nsn.com>
Subject: [Mipshop] Re: Comments on draft-ietf-mipshop-handover-key-01.txt
X-BeenThere: mipshop@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: mipshop.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/mipshop>, <mailto:mipshop-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:mipshop@ietf.org>
List-Help: <mailto:mipshop-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/mipshop>, <mailto:mipshop-request@ietf.org?subject=subscribe>
Errors-To: mipshop-bounces@ietf.org
In that case, there's no need for the RS/RA protocol in draft-ietf-mipshop-handover-key. I had thought FMIPv6 could be supported w.o. PrRtSol. I think we should keep the text like it is. Otherwise, we need some way for the PAR to indicate whether or not it supports FMIPv6 using standard ND signaling (RS/RA). I think leaving it the way it is makes things simpler. I'll take the text out of the SEND keys draft. jak ----- Original Message ----- From: "Rajeev Koodli" <rajeev.koodli@nokia.com> To: "ext Vijay Devarapalli" <vijay.devarapalli@AzaireNet.com> Cc: "James Kempf" <kempf@docomolabs-usa.com>; <mipshop@ietf.org>; "Koodli Rajeev (NSN - US/Palo Alto)" <rajeev.koodli@nsn.com> Sent: Tuesday, September 18, 2007 3:03 PM Subject: Re: Comments on draft-ietf-mipshop-handover-key-01.txt On 9/18/07 2:45 PM, "ext Vijay Devarapalli" <vijay.devarapalli@AzaireNet.com> wrote: > Rajeev, > > Section 5.1 in 4068bis says something different. > >> The MN expects a PrRtAdv in response to its RtSolPr message. >> If the MN does not receive a PrRtAdv message even after >> RTSOLPR|RETRIES, it must assume that PAR does not support the fast >> handover protocol and stop sending any more RtSolPr messages. > > This paragraph seems to say that the MN concludes that the PAR does not > support FMIPv6 Right. We could re-word it slightly differently. Or, we could just say that the specific access network indicates that MN should not engage in RtSolPr. -Rajeev > > Vijay > > Rajeev Koodli wrote: >> RtSolPr/PrRtAdv are MUST for MNs and ARs that support FMIP. If that >> functionality is provided by an access network by some other means, they >> may >> not be used. In such a case, a MN sends RtSolPr RTSOL_RETRIES times, and >> the >> PAR does not reply with PrRtAdv. This is described in Handover Capability >> Exchange Section. >> >> Perhaps we should assume that having the RtSolPr/PrRtAdv is a typical use >> case. >> >> -Rajeev >> >> >> On 9/18/07 1:24 PM, "ext James Kempf" <kempf@docomolabs-usa.com> wrote: >> >>> Hi Vijay, >>> >>> Responses below (jak>>). >>> >>> There is some confusion in the document about two different options, >>> "Handover Key Encryption public key option" and "Handover Key Request >>> Option". Both are used in the text. But in section 4, there is only the >>> Handover Key Request Option defined. >>> >>> jak>> Ah, right, I forgot to change the text everywhere. >>> >>> In section 4.1, you should have a field that tells what the length of >>> the key is rather than what how much padding has been added. Since the >>> "Length" field is a multiple of 8 octets, you know how much padding has >>> been added based on the length of other fields. If the key length is >>> fixed, then again you know much padding has been added. So in both >>> cases, you don't need the "Pad Length" field. >>> >>> jak>> This is how it was done with SEND. The advantage of this is >>> that the field can be only 8 bits instead of 16 and thereby allow an >>> arbitrary sized key. >>> >>> In section 4.2, the field "Key Hash" is not shown as a 128-bit field in >>> the figure. Suggested change >>> >>> 0 1 2 3 >>> 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 >>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ >>> | Type | Length | Pad Length | AT |Resrvd.| >>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ >>> | | >>> + + >>> | | >>> + Key Hash + >>> | | >>> + + >>> | | >>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ >>> | | >>> | | >>> . . >>> . Encrypted Handover Key . >>> . . >>> | | >>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ >>> | | >>> . . >>> . Padding . >>> . . >>> | | >>> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ >>> >>> Again, I don't think you need the "Pad Length" field. >>> >>> jak>> Per the discussion with Julian, the Key Hash is unnecessary if the >>> SEND nonce is included, which it must be for anti-replay protection. So >>> I've dropped the Key Hash. >>> >>> In section 1, replace >>> >>>> The message exchange between the MN and AR >>>> to provision the key is required to be protected by SEND; >>> with >>> >>> The message exchange between the MN and AR >>> to provision the handover key is required to be protected by SEND; >>> >>> jak>> OK. >>> >>> I am confused by the following text >>> >>>> If the AR does not respond to the PrRtSol, as would be the case if >>>> the proxy router functionality is not deployed, the MN MAY include >>>> the Handover Key Request option in a standard IPv6 SEND-protected >>>> Router Solicitation (RS) instead [RFC2461]. >>> If the AR does not respond to PrRtSol, is it compliant to 4068bis? I saw >>> the exchange with Julien. I agree that exchanging the neighborhood >>> information is optional, but responding to a Proxy Router Solicitation >>> for a mobile node is not option. The access router must respond with >>> whatever information it has, right? >>> >>> jak>> Right, I believe that PrRtSol/PrRtAdv is optional to deploy. If it >>> not >>> deployed, there will be no PrRtAdv response if the MN deploys it and >>> sends >>> the PrRtSol but the AR does not. If neither do, then the MN would just >>> use >>> the RS/RA from the start. >>> >>> jak>> Dunno about this. The FMIP spec says nothing about how this >>> optionality should be handled. There is no recommendation of a >>> configuration >>> variable or anything on the MN to indicate whether it is deployed, nor >>> any >>> indication from the router if it deploys the PrRt methods which would >>> let >>> the MN decide which to send. So there is not much we can do in this spec >>> with respect to providing guidance about how to do the key exchange if >>> the >>> PrRtSol/PrRtAdv is not deployed, except to say that if the MN doesn't >>> get a >>> response, it should try something different. >>> >>> jak>> Any suggestions about how to fix this? >>> >>> In section 3.7 >>> >>>> HKEPK-HANDOVERS: The maximum number of handovers for which the >>>> handover key encryption public key should be >>>> reused. Default is 10. >>> Just curious, why 10? >>> >>> jak>> I did not do an extensive analysis on probability of cracking the >>> RSA >>> key to come up with the number. Is there another number you think would >>> be >>> more appropriate? >>> >>> jak >>> >>> >> > -- _______________________________________________ Mipshop mailing list Mipshop@ietf.org https://www1.ietf.org/mailman/listinfo/mipshop
- [Mipshop] Comments on draft-ietf-mipshop-handover… Vijay Devarapalli
- [Mipshop] Re: Comments on draft-ietf-mipshop-hand… James Kempf
- [Mipshop] Re: Comments on draft-ietf-mipshop-hand… Rajeev Koodli
- [Mipshop] Re: Comments on draft-ietf-mipshop-hand… James Kempf
- [Mipshop] Re: Comments on draft-ietf-mipshop-hand… Vijay Devarapalli
- [Mipshop] Re: Comments on draft-ietf-mipshop-hand… Vijay Devarapalli
- [Mipshop] Re: Comments on draft-ietf-mipshop-hand… Rajeev Koodli
- [Mipshop] Re: Comments on draft-ietf-mipshop-hand… James Kempf