Re: [P2PSIP] P2PSIP and HIP Joint Meeting on the Boeing VOIPHIPImplementation
Spencer Dawkins <spencer@mcsr-labs.org> Tue, 08 January 2008 17:41 UTC
Return-path: <p2psip-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1JCISc-0000D7-N1; Tue, 08 Jan 2008 12:41:58 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1JCISb-0000Cm-Aa; Tue, 08 Jan 2008 12:41:57 -0500
Received: from usaga01-in.huawei.com ([206.16.17.211]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1JCISa-0000rO-61; Tue, 08 Jan 2008 12:41:57 -0500
Received: from huawei.com (usaga01-in [172.18.4.6]) by usaga01-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0JUC000SA6HUPX@usaga01-in.huawei.com>; Tue, 08 Jan 2008 09:41:55 -0800 (PST)
Received: from s73602 (cpe-72-190-0-23.tx.res.rr.com [72.190.0.23]) by usaga01-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTPA id <0JUC00H4E6HQ40@usaga01-in.huawei.com>; Tue, 08 Jan 2008 09:41:54 -0800 (PST)
Date: Tue, 08 Jan 2008 11:41:23 -0600
From: Spencer Dawkins <spencer@mcsr-labs.org>
Subject: Re: [P2PSIP] P2PSIP and HIP Joint Meeting on the Boeing VOIPHIPImplementation
To: "Paine, Richard H" <richard.h.paine@boeing.com>
Message-id: <042701c8521d$b01b2f80$6601a8c0@china.huawei.com>
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
X-Mailer: Microsoft Outlook Express 6.00.2900.3138
Content-type: text/plain; format="flowed"; charset="iso-8859-1"; reply-type="original"
Content-transfer-encoding: 7bit
X-Priority: 3
X-MSMail-priority: Normal
References: <0C549DAFE1A8004D8EB57ACDD108646D070BA68B@XCH-NW-2V2.nw.nos.boeing.com>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 1e467ff145ef391eb7b594ef62b8301f
Cc: "Venema, Steve A" <Steve.A.Venema@boeing.com>, "Brewer, Orlie T" <brewer@thumper.rt.cs.boeing.com>, "Mattes, David" <david.mattes@boeing.com>, p2psip@ietf.org, hipsec@ietf.org
X-BeenThere: p2psip@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Peer-to-Peer SIP working group discussion list <p2psip.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/p2psip>
List-Post: <mailto:p2psip@ietf.org>
List-Help: <mailto:p2psip-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=subscribe>
Errors-To: p2psip-bounces@ietf.org
Richard, These are the notes I took during the telechat - I hope you find them helpful. It would be really good for people to see how badly they were misquoted - please send corrections to me privately, and I can provide a bulk update to Richard. I'm almost sure I attributed several Dan York statements randomly to other people... Thanks again for setting up this call - very helpful. Spencer We started with a review of "Note Well" (we're under IETF IPR rules for this meeting). - Agenda bashing... Planned agenda is to review the VoWLAN paper and then do Q&A. No bashing to this agenda. - Paper review... This paper was distributed to P2PSIP mailing list on December 21 (also downloadable from http://www.opengroup.org/bookstore/catalog/e041.htm). Using Open Group's Secure Mobile Architecture for both wireless and wireline secure communication, including voice, for factory operations. Mechanism described is currently in production on the Boeing 777 assembly line robots, but is much more broadly applicable. Overlay network, using HIP ("SCADANET Plane" in the paper). Tunnel looks like IPsec, with a cryptographic identifier. Wireless devices are Nokia 770s with Linux and LinPhone. SIP provides call management services, while HIP provides security associations. Some infrastructure is involved - "virtual directory" (identity, IP address, location of a device), DNS proxy for directory, certificate download-to-device management, location service. Need to know who someone is, and where they are, to do security well. Using HIP UPDATE packets for subnet mobility. Provide crytographic security for every packet (also protects infrastructure). Does rely on enterprise PKI in this demonstration. - Questions and answers ... Did this require mods to Linux IP stack? Used HIP from Helsinki, did have some kernel patches that added a new transform. Does this use Orchid? Tom said all HIP implementations use Orchids (Orchids are a particular form of IPv6 addresses, allocated experimentally). Would this also require changes to a Windows TCP/IP stack? Tom said that Boeing uses an OpenVPN "shim" with all modifications in user space, so no kernel mods are required. There's no way for an application to know that it's talking to an overlay - how does the application know it's using a secure overlay? This is security by configuration - the application "just knows" the interface is magically secure. Do we want applications to know about these security characteristics? Big design question (using ORCHIDs with legacy APIs tells you nothing about these characteristics). What about a secure SIP security indicator? Applications don't get any indication of security from IPsec, this is no different from any other IPsec operation. Dean said that there are mechanisms to make applications aware of HIP-IP mapping, if you build an application to be aware - this demo is using opportunistic mode, which does not, but there are 5 other modes. Lots of discussions about HIP security on VOIP-SEC/VOIP-SA mailing list (voipsec@voipsa.org), but not in about a year. The question here is whether we can use modified applications with unmodified stacks. Ted thinks the real question is whether you get something easy for the application writer to use without awareness of an underlying overlay or not. Anything - OpenVPN, kernel mod, etc. are just creating another interface that is exposed to anything that uses normal mechanisms for discovery - applications would not know the difference between IDs and LOCs. Ted thinks we need to know this difference - need to have a design discussion about this. This is a tradeoff between easy deployment and application awareness of unique characteristics - we need to talk. Spencer- There are a lot of other reasons to dork with an API - multihoming, route selection. Is API enhancement bounded? Dean - we went with TLS 10 years ago because we could do it without dorking with stacks. We might make a different decision now, if we were reconsidering. Henry - the IPsec mechanism secures all applications, not just SIP. Ted - but applications that don't know IPsec is there will run TLS over IPsec happily if they care about security. Maybe we could know that we're using an ORCHID that must be HIP-ergo-IPsec. There are questions about the layering model we need to talk about. Steve - not sure what approach we want - transparency for legacy applications or application awareness. Ted - we're using P2P anyway, HIP or not. If applications understand characteristics, you want to have the same answer for P2P and HIP awareness. Steve - both mechanisms available? and application writer chooses? Dave Bryan - transparency isn't going to make SIP phones P2P, right? built-in free resource location, etc. doesn't happen by magic. Still work to do on both SIP and P2P to make this work. Question (sorry, missed name) - if HIP is providing overlay routing, there is also a coupling with resource location, etc. Dave Bryan - but think about service, voice mail, etc. We still have work to do before we can remove all the servers. Spencer - seeing people talking about HIP over P2P and P2P over HIP - need to nail down an architecture early in this discussion. Tom - HIP is doing security for media streams, and there is separate work about extending the architecture to do routing. Could be different ways to go here (media streams only, or entire overlay on architecture). Gonzalo - WithHIP proposal started discussion using HIP in naive way, but this was too simple an approach to use. We would modify the architecture, use ORCHIDs (or derivation) as identifiers, etc. Sherry - has anyone done competitive analysis about performance, operational scenarios, etc. Richard - not an alternative that met our requirements (in the broader context). We did what we did to meet our requirements. We're going through a competitive analysis now, for another reason (and it's not obvious we would release that analysis externally). - Next Steps? ... Ted would like to resolve design decision about application awareness - write this up early in the process. If HIP is only transport-mode security, it's low-handing but not very valuable fruit. P2PSIP needs to be clear about API expectations about underlying overlay. If we don't get that right, we'll be headed in the wrong direction. David Bryan - consensus on that issue would help a lot. A lot of people in P2PSIP don't understand how this would work and would benefit from one clear statement. Henry - a lot of confusion about protocol stack, what's on top. Could Boeing team identify architectural choices in a separate paper, perhaps working with Gonzalo? It would help the P2PSIP folks a lot. Should come from authoritative source, right now that looks like Boeing and Finland. Gonzalo - three proposals, but thought HIP-HOP was abandoned and no one is working on WithHIP, we're working on HIP-BONE. We need to communicate better with P2PSIP working group. We've been having conversations within HIP, with P2PSIP guys, clearer than before IETF 70. Tom - still needs to be discussion. Eric Cooper is still interested in HIP-HOP, Philip is interested in IP-LOC. Thought we agreed to talk on HIP-RG mailing list and then HIP-BONE came out and things got quiet. Gonzalo - don't see HIP-HOP and HIP-BONE as different proposals - saying similar things. Published new draft because I didn't think there was interest in revising HIP-HOP. Henry - new draft with tutorial and framework? Gonzalo - has some tutorial but did draft in a few hours. Need to add historical statements, etc. Henry - how to represent Boeing contribution to IETF? don't have to decide now, but would like to see Boeing work better understood in IETF. Extremely interesting for entire HIP community. Gonzalo - choices have to be explained further. Richard - Sherry was talking about "competitive analysis" beyond architecture - MEXT, MIP, etc? Sherry - think more practical to decide architecture and educate people. Start with this. Eventually have to give analysis answer - P2PSIP and conventional SIP. Dave Bryan - need to focus on HIP and non-HIP discussion. Is there an interest in HIP within industry? This is what Richard hopes to finish by February. Henry - believe working working group is not proper place for economic analysis, but need to think about wquestions like balkanized security for different applications, etc. Dan York - if we're going to do a comparison, I'd like to understand how widely HIP might be endorsed. Spencer - need to ask about interest in architecture, not interest in specific protocols. Henry - dialup IP is a good model - a way to get started, and then applications that manage connectivity can move into OS code. ANOTHER TELECHAT? Gonzalo - yes, but everyone prepare. Don't discuss on abstract level because we won't make progress. Richard - have to deliver comparison between technologies in February. If I can get that approved for release, it could be a basis for top-down discussion, then talk about protocol stack, architecture, etc. If Gonzalo adds tutorial material that would also help. Gonzalo - sure, what tutorial do people need? Trying to do tutorial in three pages so people will it read it. Henry - had to read 10 references anyway... Having read through HIP-BONE, Gonzalo and team did this well and unfortunate we truncated discussion during the holidays. Let's not keep starting out "what would this architecture look like" - keep going from where we are. Richard - want me to set up another joint meeting? (No objections!) Stopping at 1:35 minutes... will go from there. Much gratitude to Boeing for throwing these ideas out for thought! _______________________________________________ P2PSIP mailing list P2PSIP@ietf.org https://www1.ietf.org/mailman/listinfo/p2psip
- [P2PSIP] P2PSIP and HIP Joint Meeting on the Boei… Paine, Richard H
- Re: [P2PSIP] P2PSIP and HIP Joint Meeting on the … David A. Bryan
- Re: [P2PSIP] P2PSIP and HIP Joint Meeting on the … David A. Bryan
- Re: [P2PSIP] P2PSIP and HIP Joint Meeting on the … Spencer Dawkins