[pcp] PCP MoM (FRIDAY, November 9, 2012)
"Reinaldo Penno (repenno)" <repenno@cisco.com> Mon, 26 November 2012 14:36 UTC
Return-Path: <repenno@cisco.com>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 77B9B21F84CD for <pcp@ietfa.amsl.com>; Mon, 26 Nov 2012 06:36:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AkCuBnXe4mYg for <pcp@ietfa.amsl.com>; Mon, 26 Nov 2012 06:36:17 -0800 (PST)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) by ietfa.amsl.com (Postfix) with ESMTP id 8EE0621F84B9 for <pcp@ietf.org>; Mon, 26 Nov 2012 06:36:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=6219; q=dns/txt; s=iport; t=1353940577; x=1355150177; h=from:to:subject:date:message-id:in-reply-to:content-id: content-transfer-encoding:mime-version; bh=brEKiCQy9TgSz4DC12ixAy7MuK2XQm4aKKG9N/LTaEs=; b=TI3Phe9qWuyKGcaUECOTvg2t7B7YzqlXTRJ3Aj5wpa2naIb/sGjCNmgk CUTIVi1t9V2DA1aBzoaYa8yGB6xFzTQUpLlnmWRfRTTOoQlWoAxBLjz+T WJfJHXxGhMvyi5HNqwljFAjjUoEen5EJXTdJjuSDt2xufmjIWcuiHy5e/ w=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av4EAOd9s1CtJXG+/2dsb2JhbABEwCMWc4IgAQQdHVEBKhRCJQIEGxOHcp5VoQuMN4NgYQOmRYJvgh0
X-IronPort-AV: E=McAfee;i="5400,1158,6907"; a="146200963"
Received: from rcdn-core2-3.cisco.com ([173.37.113.190]) by rcdn-iport-5.cisco.com with ESMTP; 26 Nov 2012 14:36:17 +0000
Received: from xhc-rcd-x04.cisco.com (xhc-rcd-x04.cisco.com [173.37.183.78]) by rcdn-core2-3.cisco.com (8.14.5/8.14.5) with ESMTP id qAQEaHhr002702 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL) for <pcp@ietf.org>; Mon, 26 Nov 2012 14:36:17 GMT
Received: from xmb-rcd-x04.cisco.com ([169.254.8.66]) by xhc-rcd-x04.cisco.com ([173.37.183.78]) with mapi id 14.02.0318.001; Mon, 26 Nov 2012 08:36:11 -0600
From: "Reinaldo Penno (repenno)" <repenno@cisco.com>
To: "pcp@ietf.org" <pcp@ietf.org>
Thread-Topic: PCP MoM (FRIDAY, November 9, 2012)
Thread-Index: AQHNy+NgJQ6ymYe7QUWcXPDF1+Vorg==
Date: Mon, 26 Nov 2012 14:36:10 +0000
Message-ID: <45A697A8FFD7CF48BCF2BE7E106F06041761F4@xmb-rcd-x04.cisco.com>
In-Reply-To: <CCD911B9.C3CA%repenno@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.13.0.110805
x-originating-ip: [10.21.151.98]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <A6DD283C9A9DD3439CC61037024FB3FD@cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: [pcp] PCP MoM (FRIDAY, November 9, 2012)
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Nov 2012 14:36:18 -0000
FRI 1120-1330 (note new end time) ================================= Welcome, Agenda bashing (5, Chairs) PCP Authentication Open Issues (60) draft-ietf-pcp-authentication (Margaret Wasserman) draft-ohba-pcp-pana (Yoshihiro Ohba) draft-ohba-pcp-pana-encap Margaret Wasserman: Alper said that using PANA gives you a simpler PCP implementation. In reality there are no PANA servers on most networks today, so there's more code to be written, supported, and deployed. Alan Dekok: I agree with Margaret. I've done EAP over multiple protocols, and it's not hard. PANA is rather a lot more work. Alper's statement that RADIUS forces server-initiated re-authentication is incorrect. Alper: COA RFC permits server-initiated re-authentication San Hartman: Yes, COA RFC permits server-initiated messages, but the footnote explains that it's for EAP error reporting, not for re-authentication. There is no way for a RADIUS server to force server-initiated re-authentication. Joe Salowey: EAP authentication can derive keying material. Are we making use of the MSK when using EAP directly? San Hartman: Yes, every packet is integrity-protected. Alper: When using PANA the keys will be exported for PCP to use. At the end of PANA authentication, PANA does a key confirmation. Joe Salowey: As long as messages are integrity-protected, that's good. San Hartman: Would like to hear from PCP implementers about what they want. I believe re-authentication is harmful and unnecessary. We should choose whatever retransmission mechanism is easier for PCP implementers. My opinion is that EAP over PCP is by a large margin, easier to specify, implement, and deploy. Existing PANA implementations are not suitable for use as libraries. There's a lot of work to be done to trim out the parts of PANA that PCP doesn't need. The IETF has lots of experience defining EAP over lower layers. Stuart Cheshire: Strongly agree with everything Sam said. As an implementer, I prefer the minimal approach of using EAP directly. Margaret Wasserman: We don't need to push re-authentication down to the client Sam: Re-auth is harmful because it requires the client to be awake. Hannes Tschofenig: Would like to hear from people that have actually implemented PANA. Re-authentication is not mandatory. There's no harm in having to implement protocol features that are never actually used. Hannes Tschofenig: People should actually implement what they're proposing. Yoshihiro Ohba: PANA is adopted by ETSI M2M. One of the open-source PANA implementations is based on a library, so it's available. Alper Yegin: The server has to send unsolicited messages to the client, so it has to be able to force the client to re-authenticate so that the server can send a message to it. Alper Yegin: PANA is adopted by Zigbee IP. Zigbee IP implementation is plenty small. Alan Dekok: Doing EAP over anything is pretty simple. PANA is, pretty much by definition, more work to implement. Simon Perreault: Authentication of announcements MUST be supported Alistair Woodman: Fixed line operators use RADIUS, mobile operators use DIAMETER. PCP authentication has to work with both. San Hartman: All three proposals do work with both. Yoshihiro Ohba: Carrying EAP over a lower layer is not easy. It needs a transport protocol with a sequence number. Tina Tsou: Would also like to hear from operators about what they want. Alper Yegin: I agree with Yoshihiro Ohba. Carrying EAP over a lower layer is not easy. DHCP tried to carry EAP over DHCP and failed miserably. Stuart Cheshire: Are you saying that DHCP ended up deciding it would have been better to use PANA? Alper Yegin: I didn't say that. Dave Thaler: Show of hands Issue #60: Loosely vs tightly coupled 21 Loosely coupled 0 Tightly coupled Issue #61: Server-Originated Re-Authentication Dave Thaler: Should protocol support server-initiated re-authentication? 10 Yes 5 No Sam to post straw-man solution Issue #62: Retransmissions Answer is not as important as whether we're doing PANA or not. Dave Thaler: Show of hands 12 EAP Direct 6 EAP-in-PANA Dave Thaler: Show of hands (implementers only) 3 EAP Direct 3 EAP-in-PANA Alper Yegin: Why ask what implementers think? PCP Description Option (10, Jaqueline Queiroz) draft-boucadair-pcp-description-option Tiru: This is important work. Reinaldo: This is useful for debugging/testing. Will discuss with AD, because it will require re-chartering. Then call for adoption on the list. Reserving N and N+1 Ports with PCP: Preserving Parity & Contiguity draft-boucadair-pcp-rtp-rtcp (10, Jaqueline Queiroz) Stuart Cheshire: This seems wrong for PCP to take on additional responsibility for the sake of a single legacy protocol Dan Wing: We should ask the SIP WG what they think. Stuart Cheshire: NAT-PMP and IGD don't do this today, so how "essential" can it be? How do even/odd SIP devices work today? Why is it "essential" that PCP give them something new, which they currently manage without? PCP NAT64 Experiments (15, Jaqueline Queiroz) draft-boucadair-pcp-nat64-experiments Jaqueline Queiroz: Do we need to cite RFC 6250? Dave Thaler: As author of 6250, I think no. Radius Extensions for PCP (10, Roberta Maglione) draft-maglione-pcp-radius-ext Paul Selkirk: Have you thought about how you'll represent a list of names in the RADIUS message? Roberta Maglione: It will match how the PCP DHCP option works Using PCP to Update Dynamic DNS draft-deng-pcp-ddns (10, Cathy Zhou) Paul: This is very marginally related to this WG. Stuart: This is important work, that Apple have been working on for a while. Would like more people aware of this, but not PCP-specific. Dave: Suggest socializing this in dnsop. -- END --
- [pcp] PCP MoM (FRIDAY, November 9, 2012) Reinaldo Penno (repenno)
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Alper Yegin
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Sam Hartman
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Alper Yegin
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Alper Yegin
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Alan DeKok
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Sam Hartman
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Yoshihiro Ohba
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Alan DeKok
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Yoshihiro Ohba
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Yoshihiro Ohba
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Alper Yegin
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Alper Yegin
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Alan DeKok
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Sam Hartman
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Alan DeKok
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Alan DeKok
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Yoshihiro Ohba
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Yoshihiro Ohba
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Sam Hartman
- [pcp] PCP for RTP/RTCP (was RE: PCP MoM (FRIDAY, … mohamed.boucadair
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Rafa Marin Lopez
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Yasuyuki Tanaka
- Re: [pcp] PCP for RTP/RTCP (was RE: PCP MoM (FRID… Tom Taylor
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Alan DeKok
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Yoshihiro Ohba
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Alan DeKok
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Rafa Marin Lopez
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Alan DeKok
- Re: [pcp] PCP for RTP/RTCP (was RE: PCP MoM (FRID… Dan Wing
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Rafa Marin Lopez
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Yoshihiro Ohba
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Alan DeKok
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Alan DeKok
- Re: [pcp] PCP for RTP/RTCP (was RE: PCP MoM (FRID… Senthil Sivakumar (ssenthil)
- Re: [pcp] PCP MoM (FRIDAY, November 9, 2012) Yoshihiro Ohba
- Re: [pcp] PCP for RTP/RTCP (was RE: PCP MoM (FRID… mohamed.boucadair
- Re: [pcp] PCP for RTP/RTCP (was RE: PCP MoM (FRID… Simon Perreault
- Re: [pcp] PCP for RTP/RTCP (was RE: PCP MoM (FRID… Dan Wing