IETF Logo Mail Archive

RE: [NSIS] Re: Session in NSIS

Tschofenig Hannes <hannes.tschofenig@siemens.com> Fri, 20 February 2004 12:11 UTC

Received: from optimus.ietf.org (optimus.ietf.org [132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA17623 for <nsis-archive@odin.ietf.org>; Fri, 20 Feb 2004 07:11:31 -0500 (EST)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1Au9Um-0003Rk-KY for nsis-archive@odin.ietf.org; Fri, 20 Feb 2004 07:11:04 -0500
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id i1KCB4oW013213 for nsis-archive@odin.ietf.org; Fri, 20 Feb 2004 07:11:04 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1Au9Um-0003Qw-5I; Fri, 20 Feb 2004 07:11:04 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1Au9Ug-0003Py-1Z for nsis@optimus.ietf.org; Fri, 20 Feb 2004 07:10:58 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA17589 for <nsis@ietf.org>; Fri, 20 Feb 2004 07:10:54 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1Au9Ub-0001HD-00 for nsis@ietf.org; Fri, 20 Feb 2004 07:10:53 -0500
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1Au9Tl-0001DN-00 for nsis@ietf.org; Fri, 20 Feb 2004 07:10:02 -0500
Received: from david.siemens.de ([192.35.17.14]) by ietf-mx with esmtp (Exim 4.12) id 1Au9Ss-00019p-00 for nsis@ietf.org; Fri, 20 Feb 2004 07:09:06 -0500
Received: from mail3.siemens.de (mail3.siemens.de [139.25.208.14]) by david.siemens.de (8.11.7/8.11.7) with ESMTP id i1KC97N19589; Fri, 20 Feb 2004 13:09:07 +0100 (MET)
Received: from mchp9daa.mch.sbs.de (mchp9daa.mch.sbs.de [139.25.137.99]) by mail3.siemens.de (8.11.7/8.11.7) with ESMTP id i1KC97T02882; Fri, 20 Feb 2004 13:09:07 +0100 (MET)
Received: by mchp9daa.mch.sbs.de with Internet Mail Service (5.5.2657.72) id <FF52D57D>; Fri, 20 Feb 2004 13:08:29 +0100
Message-ID: <2A8DB02E3018D411901B009027FD3A3F04685DC7@mchp905a.mch.sbs.de>
From: Tschofenig Hannes <hannes.tschofenig@siemens.com>
To: 'Thanh Tra LUU' <luu@enst.fr>, Cheng Hong <hcheng@psl.com.sg>
Cc: 'nsis' <nsis@ietf.org>
Subject: RE: [NSIS] Re: Session in NSIS
Date: Fri, 20 Feb 2004 13:08:48 +0100
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2657.72)
Content-Type: text/plain; charset="iso-8859-1"
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on ietf-mx.ietf.org
X-Spam-Status: No, hits=0.0 required=5.0 tests=AWL autolearn=no version=2.60
Sender: nsis-admin@ietf.org
Errors-To: nsis-admin@ietf.org
X-BeenThere: nsis@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/nsis>, <mailto:nsis-request@ietf.org?subject=unsubscribe>
List-Id: Next Steps in Signaling <nsis.ietf.org>
List-Post: <mailto:nsis@ietf.org>
List-Help: <mailto:nsis-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/nsis>, <mailto:nsis-request@ietf.org?subject=subscribe>

hi all, 

a small comment: the session ownership problem does not only appear in a
mobility environment. based on a discussion with ruediger we got the
impression that the same problem can actually appear with rsvp as well.
maybe i should send a summary of our discussions. 

what could be a motivation for the nr to create the session id? 

i am very much in favor of separating nslp authorization decisions from the
session id. in the past peopled had the tendency to mix, for example qos
authorization, with session ownership. michael richardson commented our
threats draft and he also made the comment that the user could authenticate
to all intermediate nsis nodes. this would solve the session ownership
problem even if most intermediate nodes do not need (or are even unable) to
authorize the end host. the solution would, however, raise some further
issues (but that's another story).

ciao
hannes

> -----Original Message-----
> From: Thanh Tra LUU [mailto:luu@enst.fr]
> Sent: Friday, February 20, 2004 11:39 AM
> To: Cheng Hong
> Cc: 'nsis'
> Subject: Re: [NSIS] Re: Session in NSIS
> 
> 
> hi Cheng Hong,
> 
> > It is not necessary that the NI always be the mobile. Also, 
> wouldn't the
> > computation cost just an implementation issue? If it is 
> that computational
> > intensive, could it be placed into certain hardware, e.g. 
> some smart card?
> >
> > Another issue for NR generating the id would mean that the 
> first message
> > sent from NI would not carry the SID information. Does this have any
> impact
> > on the design of the protocls?
> 
> i think it maybe a problem. Seeing NAT/FW, NI and NR can 
> initiate its own
> session
> 
>  NI ---> NAT/FW_I ----> Internet---->NAT/FW_R---->NR.
> 
> NR can initiate the signaling session and some states are 
> established on
> NAT/FW_R to permit NI can send signaling message to it. This 
> session-id is
> sent by SIP or other means.
> 
> Nary Tra,
> ENST, Paris.
> 
> 
> 
> _______________________________________________
> nsis mailing list
> nsis@ietf.org
> https://www1.ietf.org/mailman/listinfo/nsis
> 

_______________________________________________
nsis mailing list
nsis@ietf.org
https://www1.ietf.org/mailman/listinfo/nsis

v2.23.0 | Report a Bug | By Email