Re: [netext] Stephen Farrell's Discuss on draft-ietf-netext-update-notifications-08: (with DISCUSS and COMMENT)
"Sri Gundavelli (sgundave)" <sgundave@cisco.com> Tue, 24 September 2013 12:53 UTC
Return-Path: <sgundave@cisco.com>
X-Original-To: netext@ietfa.amsl.com
Delivered-To: netext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 964BD11E811F; Tue, 24 Sep 2013 05:53:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zvaTZ5+nwDsS; Tue, 24 Sep 2013 05:53:08 -0700 (PDT)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) by ietfa.amsl.com (Postfix) with ESMTP id 9883B11E8120; Tue, 24 Sep 2013 05:53:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3132; q=dns/txt; s=iport; t=1380027188; x=1381236788; h=from:to:cc:subject:date:message-id:in-reply-to: content-id:content-transfer-encoding:mime-version; bh=kawV55WWh0n+EhsO8coSqYzHfHNPDLD+mIV8Pl3J1Xs=; b=fPs21/v8hGvMSLvYDhB/+XFUbBbdKh4eoLAy4HZfo7b7p4yq7eh/ld6v MGOKESBjGSK8rKIDhTxmQebKkJ821rjxzB7xI1Ac+V/N6RupZOH+7ve6j YkrXWtj1hmUdELJGdn11Ijbqa9oMfLjtYpT2szzrwSqLW1F7MU0HOaUlx c=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AggFAIqKQVKtJV2b/2dsb2JhbABagwc4UsBQgR8WdIIlAQEBAwE6PQIFDQEIIhQFPSUCBAENBQgBh3YGDLx5jgiBGDECBYMdgQADmSuQSIFmgT6BagcXBhw
X-IronPort-AV: E=Sophos;i="4.90,970,1371081600"; d="scan'208";a="263788651"
Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by rcdn-iport-6.cisco.com with ESMTP; 24 Sep 2013 12:53:08 +0000
Received: from xhc-aln-x06.cisco.com (xhc-aln-x06.cisco.com [173.36.12.80]) by rcdn-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id r8OCr79S001092 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 24 Sep 2013 12:53:07 GMT
Received: from xmb-aln-x03.cisco.com ([169.254.6.174]) by xhc-aln-x06.cisco.com ([173.36.12.80]) with mapi id 14.02.0318.004; Tue, 24 Sep 2013 07:53:07 -0500
From: "Sri Gundavelli (sgundave)" <sgundave@cisco.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, The IESG <iesg@ietf.org>
Thread-Topic: Stephen Farrell's Discuss on draft-ietf-netext-update-notifications-08: (with DISCUSS and COMMENT)
Thread-Index: AQHOuSUD72u2CSfM6UK8YmdDgylKOA==
Date: Tue, 24 Sep 2013 12:53:06 +0000
Message-ID: <24C0F3E22276D9438D6F366EB89FAEA81172A0AA@xmb-aln-x03.cisco.com>
In-Reply-To: <20130924103819.29616.21400.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.2.3.120616
x-originating-ip: [10.32.246.213]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <673D4B2E9CF68641884B0DD4B08DC390@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "netext@ietf.org" <netext@ietf.org>, "draft-ietf-netext-update-notifications@tools.ietf.org" <draft-ietf-netext-update-notifications@tools.ietf.org>, "netext-chairs@tools.ietf.org" <netext-chairs@tools.ietf.org>
Subject: Re: [netext] Stephen Farrell's Discuss on draft-ietf-netext-update-notifications-08: (with DISCUSS and COMMENT)
X-BeenThere: netext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Mailing list for discusion of extensions to network mobility protocol, i.e PMIP6. " <netext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netext>, <mailto:netext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/netext>
List-Post: <mailto:netext@ietf.org>
List-Help: <mailto:netext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netext>, <mailto:netext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Sep 2013 12:53:13 -0000
Hi Stephen,
Thanks for the reviews.
> 5.2: What happens if the IPsec SA is re-negotiated
Renegotiation of IPSec SA should result in updated SPD and PAD entries at
both the peers. Wondering, if MAG/LMA entities need to be aware of this,
or assume IKEv2/IPsec layer is handling that. SA Renegotiation could
potentially occur in the base protocol without this extension as well. I'm
thinking, as long as the SPD entries cover the new MH type, the
handling/validation is happening at the correct layers and no new checks
are needed.
> - 4.1: What does "ANI-PARAMS-REQUESTED" mean? Probably all these reasons
>need an explanation and/or (forward) reference.
This is a request for updated Access Network Identifier parameters.
Section 6.1 has some text for each of the NR codes.
* If the Notification Reason is set to a value of (4) "ANI-
PARAMS-REQUESTED", then the mobile access gateway MUST send a
Proxy Binding Update message to the local mobility anchor with
the Access Network Identifier Option [RFC6757
<http://tools.ietf.org/html/rfc6757>]. The Access
Network Identifier option MUST reflect the current access
network parameters for that mobility session as known to the
mobile access gateway at the time of sending the Proxy Binding
Update message.
Regards
Sri
On 9/24/13 3:38 AM, "Stephen Farrell" <stephen.farrell@cs.tcd.ie> wrote:
>Stephen Farrell has entered the following ballot position for
>draft-ietf-netext-update-notifications-08: Discuss
>
>When responding, please keep the subject line intact and reply to all
>email addresses included in the To and CC lines. (Feel free to cut this
>introductory paragraph, however.)
>
>
>Please refer to http://www.ietf.org/iesg/statement/discuss-criteria.html
>for more information about IESG DISCUSS and COMMENT positions.
>
>
>The document, along with other ballot positions, can be found here:
>http://datatracker.ietf.org/doc/draft-ietf-netext-update-notifications/
>
>
>
>----------------------------------------------------------------------
>DISCUSS:
>----------------------------------------------------------------------
>
>
>5.2: What happens if the IPsec SA is re-negotiated
>automatically? Isn't there a potential layering/sync problem
>so that these notifications couldn't ever be verified since a
>new SA would be in use? I think you just need to say the same
>or an automatically renegotiated SA (not sure what's the
>right terminology, sorry). I think 6.1 has the same issue and
>maybe other bits too. That kind of check also seems to
>imply that the interface between the MAG or LMA and the
>IPsec code needs to know that the right SA is being used
>which could be tricky. What's really done here?
>
>
>----------------------------------------------------------------------
>COMMENT:
>----------------------------------------------------------------------
>
>
>- 4.1: What does "ANI-PARAMS-REQUESTED" mean? Probably all
>these reasons need an explanation and/or (forward) reference.
>
>
- [netext] Stephen Farrell's Discuss on draft-ietf-… Stephen Farrell
- Re: [netext] Stephen Farrell's Discuss on draft-i… Sri Gundavelli (sgundave)
- Re: [netext] Stephen Farrell's Discuss on draft-i… Stephen Farrell
- Re: [netext] Stephen Farrell's Discuss on draft-i… Sri Gundavelli (sgundave)
- Re: [netext] Stephen Farrell's Discuss on draft-i… Jouni Korhonen