Re: [Pana] IESG discussions on draft-ohba-pana-relay
Yoshihiro Ohba <yoshihiro.ohba@toshiba.co.jp> Thu, 23 June 2011 22:44 UTC
Return-Path: <yoshihiro.ohba@toshiba.co.jp>
X-Original-To: pana@ietfa.amsl.com
Delivered-To: pana@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 76C3711E8084 for <pana@ietfa.amsl.com>; Thu, 23 Jun 2011 15:44:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.089
X-Spam-Level:
X-Spam-Status: No, score=-4.089 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265, RCVD_IN_DNSWL_MED=-4, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nMba3uBv6p8g for <pana@ietfa.amsl.com>; Thu, 23 Jun 2011 15:44:47 -0700 (PDT)
Received: from imx12.toshiba.co.jp (imx12.toshiba.co.jp [61.202.160.132]) by ietfa.amsl.com (Postfix) with ESMTP id AED5E11E8078 for <pana@ietf.org>; Thu, 23 Jun 2011 15:44:46 -0700 (PDT)
Received: from arc11.toshiba.co.jp ([133.199.90.127]) by imx12.toshiba.co.jp with ESMTP id p5NMiSWQ008261; Fri, 24 Jun 2011 07:44:28 +0900 (JST)
Received: (from root@localhost) by arc11.toshiba.co.jp id p5NMiSmF017927; Fri, 24 Jun 2011 07:44:28 +0900 (JST)
Received: from ovp11.toshiba.co.jp [133.199.90.148] by arc11.toshiba.co.jp with ESMTP id HAA17925; Fri, 24 Jun 2011 07:44:28 +0900
Received: from mx2.toshiba.co.jp (localhost [127.0.0.1]) by ovp11.toshiba.co.jp with ESMTP id p5NMiRFs002581; Fri, 24 Jun 2011 07:44:28 +0900 (JST)
Received: from tsbpoa.po.toshiba.co.jp by toshiba.co.jp id p5NMiR5S020440; Fri, 24 Jun 2011 07:44:27 +0900 (JST)
Received: from [133.196.17.93] by mail.po.toshiba.co.jp (Sun Java System Messaging Server 6.1 HotFix 0.05 (built Oct 21 2004)) with ESMTPA id <0LN900AP9LU36XG0@mail.po.toshiba.co.jp>; Fri, 24 Jun 2011 07:44:27 +0900 (JST)
Date: Fri, 24 Jun 2011 07:44:17 +0900
From: Yoshihiro Ohba <yoshihiro.ohba@toshiba.co.jp>
In-reply-to: <4E0381D0.9090605@gridmerge.com>
To: robert.cragie@gridmerge.com
Message-id: <4E03C1C1.3060701@toshiba.co.jp>
MIME-version: 1.0
Content-type: text/plain; charset="ISO-2022-JP"
Content-transfer-encoding: 7bit
References: <4DF04217.3080304@toshiba.co.jp> <6491375641982933760@unknownmsgid> <BANLkTinVZ2Bvd6A+znQTiB7X-P6XXh3Cow@mail.gmail.com> <4E037743.2060602@gridmerge.com> <4E037A9D.8080200@piuha.net> <16D60F43CA0B724F8052D7E9323565D71E66160BE8@EUSAACMS0715.eamcs.ericsson.se> <4E0381D0.9090605@gridmerge.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; ja; rv:1.9.2.18) Gecko/20110616 Thunderbird/3.1.11
Cc: "draft-ohba-pana-relay@tools.ietf.org" <draft-ohba-pana-relay@tools.ietf.org>, Samita Chakrabarti <samita.chakrabarti@ericsson.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>, "pana@ietf.org" <pana@ietf.org>
Subject: Re: [Pana] IESG discussions on draft-ohba-pana-relay
X-BeenThere: pana@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Protocol for carrying Authentication for Network Access <pana.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pana>, <mailto:pana-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pana>
List-Post: <mailto:pana@ietf.org>
List-Help: <mailto:pana-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pana>, <mailto:pana-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jun 2011 22:44:47 -0000
+1. Yoshihiro Ohba (2011/06/24 3:11), Robert Cragie wrote: > I have no objection to either the text below or what was agreed with > Stephen earlier. On balance, I think the text below is preferable. > > Robert > > On 23/06/2011 6:47 PM, Samita Chakrabarti wrote: >> As a co-author of the document, I am fine with the suggested text >> below. >> >> -Samita >> >> -----Original Message----- >> From: Jari Arkko [mailto:jari.arkko@piuha.net] >> Sent: Thursday, June 23, 2011 10:41 AM >> To: Yoshihiro Ohba; pana@ietf.org >> Cc: Stephen Farrell; draft-ohba-pana-relay@tools.ietf.org >> Subject: IESG discussions on draft-ohba-pana-relay >> >> We discussed this draft today. The remaining Discuss was about how >> mandatory we should make IPsec. You had discussed about a SHOULD >> with Stephen. I suggested that while interoperability is useful and >> mandatory-to-implement mechanisms are good for it, we also have to >> talk about how much value we bring with a security mechanism. In >> this case there are some issues like MITMs able to block PANA >> packets. However, some of these vulnerabilities are not helped by >> relay - PAA security, as the relay can still do bad things, and >> because ARP/ND vulnerabilities between the client and relay in any >> case make it possible to become a MITM. Stephen had some suggested >> text that I agree with: >> >> "PRE/PAA security is OPTIONAL since PANA messages are designed to be >> used in untrusted networks, but if cryptographic mechanism is >> supported, it SHOULD be IPsec." >> >> Jari >> >> >
- [Pana] Fwd: [IANA #454490] Last Call: <draft-ohba… Yoshihiro Ohba
- Re: [Pana] Fwd: [IANA #454490] Last Call: <draft-… Alper Yegin
- Re: [Pana] Fwd: [IANA #454490] Last Call: <draft-… Yoshihiro Ohba
- Re: [Pana] Fwd: [IANA #454490] Last Call: <draft-… Ralph Droms
- Re: [Pana] Fwd: [IANA #454490] Last Call: <draft-… Yoshihiro Ohba
- [Pana] IESG discussions on draft-ohba-pana-relay Jari Arkko
- Re: [Pana] IESG discussions on draft-ohba-pana-re… Yoshihiro Ohba
- Re: [Pana] Fwd: [IANA #454490] Last Call: <draft-… Yoshihiro Ohba
- Re: [Pana] IESG discussions on draft-ohba-pana-re… Glen Zorn
- Re: [Pana] Fwd: [IANA #454490] Last Call: <draft-… Alper Yegin
- Re: [Pana] IESG discussions on draft-ohba-pana-re… Alper Yegin
- Re: [Pana] IESG discussions on draft-ohba-pana-re… Alper Yegin
- Re: [Pana] IESG discussions on draft-ohba-pana-re… Jari Arkko
- Re: [Pana] IESG discussions on draft-ohba-pana-re… Jari Arkko