Re: [NSIS] I-D Action:draft-ietf-nsis-nslp-auth-00.txt
Xiaoming Fu <fu@cs.uni-goettingen.de> Wed, 17 February 2010 14:14 UTC
Return-Path: <fu@cs.uni-goettingen.de>
X-Original-To: nsis@core3.amsl.com
Delivered-To: nsis@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1FA5A3A7AEE for <nsis@core3.amsl.com>; Wed, 17 Feb 2010 06:14:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.249
X-Spam-Level:
X-Spam-Status: No, score=-2.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xyKBGpgAxVBX for <nsis@core3.amsl.com>; Wed, 17 Feb 2010 06:14:56 -0800 (PST)
Received: from amailer.gwdg.de (amailer.gwdg.de [134.76.10.18]) by core3.amsl.com (Postfix) with ESMTP id 514C33A7B11 for <nsis@ietf.org>; Wed, 17 Feb 2010 06:14:55 -0800 (PST)
Received: from s5.ifi.informatik.uni-goettingen.de ([134.76.81.25] helo=[172.23.0.1]) by mailer.gwdg.de with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <fu@cs.uni-goettingen.de>) id 1NhkhW-000189-38; Wed, 17 Feb 2010 15:16:26 +0100
Message-ID: <4B7BFA3A.60302@cs.uni-goettingen.de>
Date: Wed, 17 Feb 2010 15:16:26 +0100
From: Xiaoming Fu <fu@cs.uni-goettingen.de>
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
MIME-Version: 1.0
To: nsis@ietf.org
References: <20100210151502.4D1C13A7720@core3.amsl.com> <4B73D2C2.9020803@tkk.fi> <001a01caafd6$131dc260$810c5982@dynamic.ewi.utwente.nl>
In-Reply-To: <001a01caafd6$131dc260$810c5982@dynamic.ewi.utwente.nl>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Authenticated: Id:xfu
X-Virus-Scanned: (clean) by exiscan+sophie
Subject: Re: [NSIS] I-D Action:draft-ietf-nsis-nslp-auth-00.txt
X-BeenThere: nsis@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Next Steps in Signaling <nsis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/nsis>, <mailto:nsis-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/nsis>
List-Post: <mailto:nsis@ietf.org>
List-Help: <mailto:nsis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nsis>, <mailto:nsis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Feb 2010 14:14:58 -0000
Hi a few comments to this ID: 1. some text is QoS-NSLP specific: s2: Network elements verify the request and then process the resource reservation message based on admission policy. --> reservation, admission are meaningful in QoS context, not necessarily for FW/NAT or others. s3.1: ... to verify the resource reservation request. --> again, resource reservation 2. AUTH_SESSION, AUTH SESSION --> AUTH_SESSION (only) 3. Furthermore, session ID, MRI, and NSLP ID have to be included into the checksum, too, as specified in Section 3.2.6. --> where is checksum field/calculation defined here? 4. what if a targeted authorizing entity cannot support the requested AUTH_ENT_ID sub-types? s.6 does not talk about this. In multi-hop signaling cases (not just end host - last hop), this might happen. Xiaoming Georgios Karagiannis wrote: > Dear all > > I have read the draft-ietf-nsis-nslp-auth-00.txt and I think that it is in a > good shape! > > The only issue I have found with the document is that its intended status is > "Standards Track", I think that is should be "Experimental". > > I could not find any other issuess associated with this draft! > > Best regards, > Georgios > > >> -----Original Message----- >> From: nsis-bounces@ietf.org [mailto:nsis-bounces@ietf.org] On >> Behalf Of Jukka Manner >> Sent: donderdag 11 februari 2010 10:50 >> To: nsis@ietf.org >> Subject: Re: [NSIS] I-D Action:draft-ietf-nsis-nslp-auth-00.txt >> >> Dear all, >> >> As part of the IESG comments, we decided to advance the >> NSLP-layer authorization theme and write down a technical solution. >> >> Please look at the work and provide input on the document. We >> would like to advance this item because practical use of any >> NSLP actually requires authorization. GISt-layer inter-node >> schemes are not enough. >> >> Regards, >> Jukka >> >> On 10.2.2010 17:15, Internet-Drafts@ietf.org wrote: >>> A New Internet-Draft is available from the on-line >> Internet-Drafts directories. >>> This draft is a work item of the Next Steps in Signaling >> Working Group of the IETF. >>> >>> Title : Authorization for NSIS Signaling >> Layer Protocols >>> Author(s) : J. Manner, et al. >>> Filename : draft-ietf-nsis-nslp-auth-00.txt >>> Pages : 36 >>> Date : 2010-02-09 >>> >>> Signaling layer protocols specified within the NSIS >> framework may rely >>> on the GIST (General Internet Signaling Transport) protocol >> to handle >>> authorization. Still, the signaling layer protocol above >> GIST itself >>> may require separate authorization to be performed when a node >>> receives a request for a certain kind of service or >> resources. This >>> draft presents a generic model and object formats for session >>> authorization within the NSIS Signaling Layer Protocols. >> The goal of >>> session authorization is to allow the exchange of >> information between >>> network elements in order to authorize the use of resources for a >>> service and to coordinate actions between the signaling and >> transport >>> planes. >>> >>> A URL for this Internet-Draft is: >>> http://www.ietf.org/internet-drafts/draft-ietf-nsis-nslp-auth-00.txt >>> >>> Internet-Drafts are also available by anonymous FTP at: >>> ftp://ftp.ietf.org/internet-drafts/ >>> >>> Below is the data which will enable a MIME compliant mail reader >>> implementation to automatically retrieve the ASCII version of the >>> Internet-Draft. >>> >>> >>> >>> _______________________________________________ >>> nsis mailing list >>> nsis@ietf.org >>> https://www.ietf.org/mailman/listinfo/nsis > > > _______________________________________________ > nsis mailing list > nsis@ietf.org > https://www.ietf.org/mailman/listinfo/nsis -- Xiaoming Fu, http://user.informatik.uni-goettingen.de/~fu
- [NSIS] I-D Action:draft-ietf-nsis-nslp-auth-00.txt Internet-Drafts
- Re: [NSIS] I-D Action:draft-ietf-nsis-nslp-auth-0… Jukka Manner
- Re: [NSIS] I-D Action:draft-ietf-nsis-nslp-auth-0… Georgios Karagiannis
- Re: [NSIS] I-D Action:draft-ietf-nsis-nslp-auth-0… Xiaoming Fu