Re: [pcp] Review of draft-ietf-pcp-proxy-04
"Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com> Tue, 21 January 2014 09:17 UTC
Return-Path: <tireddy@cisco.com>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2844D1A00AA for <pcp@ietfa.amsl.com>; Tue, 21 Jan 2014 01:17:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.035
X-Spam-Level:
X-Spam-Status: No, score=-15.035 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.535, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5S2Pp3P_ZEHJ for <pcp@ietfa.amsl.com>; Tue, 21 Jan 2014 01:17:49 -0800 (PST)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) by ietfa.amsl.com (Postfix) with ESMTP id 82E6F1A00A9 for <pcp@ietf.org>; Tue, 21 Jan 2014 01:17:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=20141; q=dns/txt; s=iport; t=1390295870; x=1391505470; h=from:to:cc:subject:date:message-id:mime-version; bh=0oMERNRUhID0pM8fS2FBcoNvBN0lL1D3d+sQn1LtKqE=; b=asjsmrvB+NReYIRWLuYeyxzhsfL/ibkoPB05e3SL3XB9FdRG3es/V1+N LcU9PvoJPPvR0UCGTHPtlEkYFBUSz907j+y8tvUG4HB3zKOGxrONxr6eK t2Q8EJDZHH4/Gd3Lj/DnAKr3othA7SBoCHad7J+3p1025tf+1Ww444jkR 0=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AjoHAIk63lKtJV2c/2dsb2JhbABZgkdEOFazCIhUgQ8WdIIlAQEBAgItTBIBCBEEAQELFgc5FAkJAQQOBQgBEodqDcN3F45OMQaDJYEUBIkPkEWQZoFAgW2CKg
X-IronPort-AV: E=Sophos; i="4.95,695,1384300800"; d="scan'208,217"; a="298586874"
Received: from rcdn-core-5.cisco.com ([173.37.93.156]) by rcdn-iport-2.cisco.com with ESMTP; 21 Jan 2014 09:17:49 +0000
Received: from xhc-rcd-x06.cisco.com (xhc-rcd-x06.cisco.com [173.37.183.80]) by rcdn-core-5.cisco.com (8.14.5/8.14.5) with ESMTP id s0L9Hm8s011613 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 21 Jan 2014 09:17:48 GMT
Received: from xmb-rcd-x10.cisco.com ([169.254.15.227]) by xhc-rcd-x06.cisco.com ([173.37.183.80]) with mapi id 14.03.0123.003; Tue, 21 Jan 2014 03:17:48 -0600
From: "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com>
To: "mohamed.boucadair@orange.com" <mohamed.boucadair@orange.com>
Thread-Topic: Review of draft-ietf-pcp-proxy-04
Thread-Index: Ac8WiaNKNMVDkcsfTkSd6nIEWusG1g==
Date: Tue, 21 Jan 2014 09:17:47 +0000
Message-ID: <913383AAA69FF945B8F946018B75898A2428E325@xmb-rcd-x10.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.65.58.147]
Content-Type: multipart/alternative; boundary="_000_913383AAA69FF945B8F946018B75898A2428E325xmbrcdx10ciscoc_"
MIME-Version: 1.0
Cc: "pcp@ietf.org" <pcp@ietf.org>
Subject: Re: [pcp] Review of draft-ietf-pcp-proxy-04
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp/>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jan 2014 09:17:53 -0000
Hi Med, Even I wasn't present in the meeting and could not give feedback :) But would like this topic to be discussed in one of these drafts. -Tiru. From: mohamed.boucadair@orange.com<mailto:mohamed.boucadair@orange.com> [mailto:mohamed.boucadair@orange.com] Sent: Tuesday, January 21, 2014 1:37 PM To: Tirumaleswar Reddy (tireddy) Cc: Dan Wing (dwing); Reinaldo Penno (repenno); pcp@ietf.org<mailto:pcp@ietf.org> Subject: RE: Review of draft-ietf-pcp-proxy-04 Hi Tiru, I wasn't in the meeting, but the minutes do not mention any objection to the proposal made in the prez: see http://tools.ietf.org/wg/pcp/minutes?item=minutes-88-pcp.html. Cheers, Med De : Tirumaleswar Reddy (tireddy) [mailto:tireddy@cisco.com] Envoyé : lundi 20 janvier 2014 17:06 À : BOUCADAIR Mohamed IMT/OLN Cc : Dan Wing (dwing); Reinaldo Penno (repenno); pcp@ietf.org<mailto:pcp@ietf.org> Objet : RE: Review of draft-ietf-pcp-proxy-04 Ok, If that's the case - Is there consensus that PCP auth draft will address the below comments to explain the usage of PCP proxy when auth is used ? Best Regards, -Tiru. From: mohamed.boucadair@orange.com<mailto:mohamed.boucadair@orange.com> [mailto:mohamed.boucadair@orange.com] Sent: Monday, January 20, 2014 6:30 PM To: Tirumaleswar Reddy (tireddy) Cc: Dan Wing (dwing); Reinaldo Penno (repenno); pcp@ietf.org<mailto:pcp@ietf.org> Subject: RE: Review of draft-ietf-pcp-proxy-04 Hi Tiru, Thanks for the comments. Please see inline. Cheers, Med De : Tirumaleswar Reddy (tireddy) [mailto:tireddy@cisco.com] Envoyé : lundi 20 janvier 2014 13:28 À : BOUCADAIR Mohamed IMT/OLN Cc : Dan Wing (dwing); Reinaldo Penno (repenno); pcp@ietf.org<mailto:pcp@ietf.org> Objet : Review of draft-ietf-pcp-proxy-04 Hi Med, Comments: a) If PCP authentication is used, Is there a need to still use THIRD_PARTY option for the use case "No NAT is Co-located with the PCP Proxy" in section 6 of the draft ? [Med] THIRD_PARTY option is needed even if no NAT is co-located with the PCP Proxy (e.g., DS-Lite context). For other contexts than DS-Lite, if the source IP address is not altered by the PCP proxy, the proxy has to inspect all incoming packets to find out pcp ones and therefore enforces the appropriate policies. Altering the source IP address by the pcp proxy is a solution to redirect all the incoming pcp traffic explicitly to the PCP proxy. In addition, as indicated below, proxy implications on authentication are out of scope of this document. The proxy document adopts the same rationale as the base pcp specification. b) Are you planning to update the draft with details about the usage of PCP proxy with PCP auth. [Med] NO. The plan is to follow what have been presented during the Berlin meeting (http://www.ietf.org/proceedings/87/slides/slides-87-pcp-2.pdf): "Proxy implication on authentication are out of scope and should be specified in pcp-authentication document" In addition to the existing use cases this integration will be useful for http://tools.ietf.org/html/draft-wing-pcp-flowdata-00 where the PCP proxy in the Home network receives the flow characteristics signaled by the PCP client and propagates the flow characteristics to the PCP Server in the Access Network. Cheers, -Tiru.
- [pcp] Review of draft-ietf-pcp-proxy-04 Tirumaleswar Reddy (tireddy)
- Re: [pcp] Review of draft-ietf-pcp-proxy-04 mohamed.boucadair
- Re: [pcp] Review of draft-ietf-pcp-proxy-04 Tirumaleswar Reddy (tireddy)
- Re: [pcp] Review of draft-ietf-pcp-proxy-04 mohamed.boucadair
- Re: [pcp] Review of draft-ietf-pcp-proxy-04 Tirumaleswar Reddy (tireddy)