IETF Logo Mail Archive

Re: [Mipshop] Gauging interest in official WG adoption of internet drafts

Yoshihiro Ohba <yohba@tari.toshiba.com> Sun, 26 March 2006 06:22 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FNOde-0001HI-KC; Sun, 26 Mar 2006 01:22:10 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FNOdd-0001GJ-Nr for mipshop@ietf.org; Sun, 26 Mar 2006 01:22:09 -0500
Received: from mgw.toshibaamericaresearch.com ([165.254.55.12] helo=toshi17.tari.toshiba.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FNOdc-0004XE-Bb for mipshop@ietf.org; Sun, 26 Mar 2006 01:22:09 -0500
Received: from localhost (toshi17.tari.toshiba.com [172.30.24.10]) by toshi17.tari.toshiba.com (8.13.1/8.13.1) with ESMTP id k2Q6M1oh091717; Sun, 26 Mar 2006 01:22:02 -0500 (EST) (envelope-from yohba@tari.toshiba.com)
Date: Sun, 26 Mar 2006 01:21:52 -0500
To: Lakshminath Dondeti <ldondeti@qualcomm.com>
Subject: Re: [Mipshop] Gauging interest in official WG adoption of internet drafts
Message-ID: <20060326062152.GF17967@steelhead>
References: <20060322074936.65932.qmail@web81910.mail.mud.yahoo.com> <20060326002555.GC17967@steelhead> <6.2.5.6.2.20060325172313.04096678@qualcomm.com> <20060326022201.GD17967@steelhead> <6.2.5.6.2.20060325202804.040b6e20@qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-2022-jp"
Content-Disposition: inline
In-Reply-To: <6.2.5.6.2.20060325202804.040b6e20@qualcomm.com>
User-Agent: Mutt/1.5.11+cvs20060126
From: Yoshihiro Ohba <yohba@tari.toshiba.com>
X-Dispatcher: imput version 20050308(IM148)
Lines: 142
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 8f374d0786b25a451ef87d82c076f593
Cc: mipshop@ietf.org
X-BeenThere: mipshop@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: mipshop.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/mipshop>, <mailto:mipshop-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:mipshop@ietf.org>
List-Help: <mailto:mipshop-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/mipshop>, <mailto:mipshop-request@ietf.org?subject=subscribe>
Errors-To: mipshop-bounces@ietf.org

I had such an impression because Sam used the term "single sing-on"
and he seems to like to see wider aspect of bootstrapping multiple
applications in a separate BOF not just bootstrapping them from EAP or
AAA.  If the intent of the draft is bootstrapping multiple
applications not just FMIPv6 (there is text in Sectionn 1.2: "Although
this document is focused on FMIPv6, it is applicable to other
protocols as well."), then I believe this could be covered by such a
BOF.  On the other hand, if the intent of the draft is bootstrapping
*FMIPv6 only*, it would be OK, but then I don't see much usefulness of
the draft because I don't believe a sceanario where a AAA server needs
to maintain a shared secret for each application.

In any case, earlier contact to security AD would be much better to
avoid the risk of last minute surprise.

Best regards,
Yoshihiro Ohba



On Sat, Mar 25, 2006 at 08:36:06PM -0800, Lakshminath Dondeti wrote:
> Hi,
> 
> I wonder what gave you that impression.  My understanding of Sam's 
> take is (from the HOAKEY BoF and elsewhere going back to ISMS work 
> etc) that EAP applicability statement has something to say about the 
> use of keying material from EAP for things other than access 
> authentication.  (I'll also note that that discussion/debate continues).
> 
> That aside, there is no objection to AAA-assisted keying from him.
> 
> In addition to what I wrote earlier, I suggest to Vidya et. al., to 
> describe desirable properties of the HMK, key length, lifetime, so 
> that any mechanism that bootstraps that key can take those properties 
> into consideration.
> 
> best regards,
> Lakshminath
> 
> At 06:22 PM 3/25/2006, Yoshihiro Ohba wrote:
> >As far as I understand, Sam's concern is not only on application
> >keying using AMSK but also AAA-assisted application keying in general.
> >So I am not sure if your suggested remedy really addresses the
> >concern.  I'd suggest asking Sam's opinon before moving forward.
> >
> >Best regards,
> >Yoshihiro Ohba
> >
> >On Sat, Mar 25, 2006 at 05:36:46PM -0800, Lakshminath Dondeti wrote:
> >> Disclaimer: I work with one of the authors (Vidya) of the
> >> handover-keys-aaa I-D, although didn't contribute to the draft in anyway.
> >>
> >> I just read the parts of the I-D that seem to be contentious and note
> >> that the reference to AMSKs is merely an example and the HMK can be
> >> established through other means, say by preprovisioning.
> >>
> >> That said, I think it is best to remove Appendix A (I am not sure
> >> about A.1, that probably should stay and resolved later) as it
> >> reproduces a key hierarchy and key derivation process that is still
> >> under active discussion.
> >>
> >> regards,
> >> Lakshminath
> >>
> >> At 04:25 PM 3/25/2006, Yoshihiro Ohba wrote:
> >> >I have a reservation on draft-vidya-mipshop-handover-keys-aaa-01.txt.
> >> >
> >> >The draft describes a AAA-assisted key management protocol to generate
> >> >handover keys for protecting signaling between MN and AR.  I am
> >> >viewing the proposal as an application keying for FMIPv6 and possibly
> >> >other protocols.  However, in the IETF65 hoakey BOF, Sam Hartman, a
> >> >Security AD, raised concern on application keying.  As a consequence,
> >> >the hoakey BOF chairs made a decision to exclude application keying
> >> >from the BOF charter, expecting application keying to be discussed in
> >> >a separate BOF.
> >> >
> >> >Thus, it might be wiser to hold this draft until there is a clear
> >> >consensus on how to deal with application keying in the IETF.
> >> >
> >> >Best regards,
> >> >Yoshihiro Ohba
> >> >
> >> >
> >> >On Tue, Mar 21, 2006 at 11:49:36PM -0800, gabriel montenegro wrote:
> >> >> Folks,
> >> >>
> >> >> In today's meeting we talked about 4 potential items up for
> >> >adoption as official working
> >> >> groups. Talking with folks after the meeting, we've decided to
> >> >add two more to the list
> >> >> of items we'll ask the WG whether we should adopt. This is the
> >> >follow-up email to today's
> >> >> discussion, to make sure we ask this on the mailing list.
> >> >>
> >> >> So the question to the WG is: Should we adopt the following
> >> >documents as official WG
> >> >> items (based on the individual drafts as noted below)?:
> >> >>
> >> >> 1. draft-ietf-mipshop-fmipv6-rev-XX.txt
> >> >> based on draft-koodli-mipshop-rfc4068bis-00.txt
> >> >>
> >> >> 2. draft-ietf-mipshop-handover-keys-aaa-XX.txt
> >> >> based on  draft-vidya-mipshop-handover-keys-aaa-01.txt
> >> >>
> >> >> 3. draft-ietf-mipshop-handover-key-send-XX.txt
> >> >> based on draft-kempf-mobopts-handover-key-01.txt (currently expired)
> >> >>
> >> >> 4. draft-ietf-mipshop-fh80216e-XX.txt
> >> >> based on draft-jang-mipshop-fh80216e-02.txt
> >> >>
> >> >> 5. draft-ietf-mipshop-3gfh-XX.txt
> >> >> based on draft-yokota-mipshop-3gfh-02.txt
> >> >>
> >> >> 6. draft-ietf-mipshop-cga-cba-XX.txt
> >> >> based on draft-arkko-mipshop-cga-cba-03.txt
> >> >>
> >> >> Please send comments one way or another through April 4, 2006.
> >> >>
> >> >> Thanks,
> >> >>
> >> >> chairs
> >> >>
> >> >>
> >> >> __________________________________________________
> >> >> Do You Yahoo!?
> >> >> Tired of spam?  Yahoo! Mail has the best spam protection around
> >> >> http://mail.yahoo.com
> >> >>
> >> >> _______________________________________________
> >> >> Mipshop mailing list
> >> >> Mipshop@ietf.org
> >> >> https://www1.ietf.org/mailman/listinfo/mipshop
> >> >>
> >> >
> >> >_______________________________________________
> >> >Mipshop mailing list
> >> >Mipshop@ietf.org
> >> >https://www1.ietf.org/mailman/listinfo/mipshop
> >>
> >>
> 
> 

_______________________________________________
Mipshop mailing list
Mipshop@ietf.org
https://www1.ietf.org/mailman/listinfo/mipshop

v2.23.0 | Report a Bug | By Email