Re: [pcp] Comparison of PCP authentication
Yoshihiro Ohba <yoshihiro.ohba@toshiba.co.jp> Tue, 07 August 2012 23:39 UTC
Return-Path: <yoshihiro.ohba@toshiba.co.jp>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A2ED11E8105 for <pcp@ietfa.amsl.com>; Tue, 7 Aug 2012 16:39:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.16
X-Spam-Level:
X-Spam-Status: No, score=-3.16 tagged_above=-999 required=5 tests=[AWL=0.930, BAYES_00=-2.599, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265, RCVD_IN_DNSWL_MED=-4, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fOtZaEJMQF5C for <pcp@ietfa.amsl.com>; Tue, 7 Aug 2012 16:39:42 -0700 (PDT)
Received: from imx2.toshiba.co.jp (inet-tsb5.toshiba.co.jp [202.33.96.24]) by ietfa.amsl.com (Postfix) with ESMTP id 51CC911E8100 for <pcp@ietf.org>; Tue, 7 Aug 2012 16:39:41 -0700 (PDT)
Received: from arc1.toshiba.co.jp ([133.199.194.235]) by imx2.toshiba.co.jp with ESMTP id q77Ndfde022243; Wed, 8 Aug 2012 08:39:41 +0900 (JST)
Received: (from root@localhost) by arc1.toshiba.co.jp id q77Nderv004593; Wed, 8 Aug 2012 08:39:40 +0900 (JST)
Received: from unknown [133.199.192.144] by arc1.toshiba.co.jp with ESMTP id JAA04592; Wed, 8 Aug 2012 08:39:40 +0900
Received: from mx.toshiba.co.jp (localhost [127.0.0.1]) by ovp2.toshiba.co.jp with ESMTP id q77Ndeg1015659; Wed, 8 Aug 2012 08:39:40 +0900 (JST)
Received: from tsbpoa.po.toshiba.co.jp by toshiba.co.jp id q77NdesJ022912; Wed, 8 Aug 2012 08:39:40 +0900 (JST)
Received: from [133.196.16.80] by mail.po.toshiba.co.jp (Sun Java System Messaging Server 6.1 HotFix 0.05 (built Oct 21 2004)) with ESMTPA id <0M8E00M3QSE3U1D0@mail.po.toshiba.co.jp>; Wed, 08 Aug 2012 08:39:40 +0900 (JST)
Date: Wed, 08 Aug 2012 08:39:40 +0900
From: Yoshihiro Ohba <yoshihiro.ohba@toshiba.co.jp>
In-reply-to: <2C42D4BA-608E-4A1F-8955-117E64E892FC@yegin.org>
To: Alper Yegin <alper.yegin@yegin.org>
Message-id: <5021A73C.1020407@toshiba.co.jp>
MIME-version: 1.0
Content-type: text/plain; charset="ISO-2022-JP"
Content-transfer-encoding: 7bit
References: <9B57C850BB53634CACEC56EF4853FF653B6EC381@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com> <7FE144CF-00E3-4451-8CBE-A6A684DB7CC4@yegin.org> <067d01cd73fd$765a6c50$630f44f0$@com> <D6D2DEED-C35A-45AB-8B72-96195C308DB9@yegin.org> <57FF0F8E-1B86-410F-8B6B-C4893A28222F@lilacglade.org> <075301cd7419$19557dd0$4c007970$@com> <5020688F.4060004@toshiba.co.jp> <955DC538-A1D9-4B19-B1A5-A7741EA7FB35@yegin.org> <50212516.5080902@toshiba.co.jp> <2C42D4BA-608E-4A1F-8955-117E64E892FC@yegin.org>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:14.0) Gecko/20120713 Thunderbird/14.0
Cc: pcp@ietf.org
Subject: Re: [pcp] Comparison of PCP authentication
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Aug 2012 23:39:43 -0000
Alper, (2012/08/08 1:16), Alper Yegin wrote: > Hi Yoshi, > >>>> >>>> If we specify a new use of PANA "Reserved" field, it cannot be an >>>> Errata because it is not a specification error. It needs to be a new >>>> RFC that updates RFC 5191. >>> >>> >>> Those bits are reserved for "future." >>> And because of this demux design, "now" we want to make sure no one will ever set bit#7. >> >> I think "no one will ever set bit#7" is too much restricted. >> >> Because of in-band key management, a bit in the PANA "Reserved" field >> to be used for demultiplexing "over PCP port" can be meaningful only >> when PANA message is carried "over the PCP port". The bit could also >> be used for demultiplexing other application carried over another port >> if the other application allows to use the bit for demultiplexing >> purpose as well. > > > We can either say: > > Bit#7 is reserved for use with PCP. (And it's always set to 0). This is over-specified as I explained above. > > Or, > > When used over PCP port, Bit#7 is always set to 0. > When used over other ports, its reserved for future use (as it currently is). > > > Latter one is more conservative about bit usage, but a bit more cumbersome. Not sure which way to go. > The latter one does not work. Once we define some PANA bits for in-band key management (for whatever application protocol), the same bits cannot be used for future new PANA extensions commonly applicable to both plain PANA and in-band PANA. Therefore, the bits won't be able to be marked as reserved any more once we give out. This is what I think: - Decide on how many bits (4 bits?) are needed from the 16-bit PANA "Reserved" field for in-band key management. - Write a new PANA I-D to allocate the in-band bits that are not bound to any specific application protocol in the I-D. Perhaps you and I can work on this. - Describe PCP-specific usage of the in-band bits in draft-ietf-pcp-authentication. > >> >> From PANA perspective, we can now allocate the whole 16-bit "Reserved" >> PANA field for "in-band key management usage", and let each >> application including PCP define how to demultiplex using the 16-bit. >> I think this is a cleaner and extensible approach. >> > > We may not want to give up on the 16-bit space for encoding one type of usage (in-band). Let's think about this….. > I agree with you that we don't need to give up on the whole 16-bit space. I think the top 4 bits should be sufficient as Margaret mentioned. Yoshihiro Ohba > Alper > > > > >> Yoshihiro Ohba >> >> >>> What we need is to allocate that bit and state it's always set to 0. I don't think we need a separate RFC for this, this'd be the RFC that defines how PANA and PCP are used together. >>> >>> Alper >>> >>> >>> >>> >>> >> > >
- [pcp] Reminder: submit IETF 84 PCP agenda requests Dave Thaler
- Re: [pcp] Reminder: submit IETF 84 PCP agenda req… Xiaohong Deng
- [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] Comparison of PCP authentication james woodyatt
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] Comparison of PCP authentication Zhangdacheng (Dacheng)
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] Comparison of PCP authentication Zhangdacheng (Dacheng)
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] Comparison of PCP authentication Zhangdacheng (Dacheng)
- [pcp] single port PANA+PCP Alper Yegin
- Re: [pcp] single port PANA+PCP Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] single port PANA+PCP Alper Yegin
- Re: [pcp] single port PANA+PCP Dan Wing
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] single port PANA+PCP Dan Wing
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] single port PANA+PCP Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] Comparison of PCP authentication Zhangdacheng (Dacheng)
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] Comparison of PCP authentication Zhangdacheng (Dacheng)
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- [pcp] channel binding (was Re: Comparison of PCP … Alper Yegin
- [pcp] PANA and PCP port sharing (was Re: Comparis… Alper Yegin
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] channel binding Sam Hartman
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] channel binding Alper Yegin
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Zhangdacheng (Dacheng)
- [pcp] Fwd: Comparison of PCP authentication Subir Das
- Re: [pcp] Fwd: Comparison of PCP authentication Dan Wing
- Re: [pcp] Fwd: Comparison of PCP authentication Subir Das
- Re: [pcp] Fwd: Comparison of PCP authentication Sam Hartman