Re: [pcp] Revising PANA side-by-side approach
Alper Yegin <alper.yegin@yegin.org> Fri, 05 October 2012 20:36 UTC
Return-Path: <alper.yegin@yegin.org>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB0A221F85EA for <pcp@ietfa.amsl.com>; Fri, 5 Oct 2012 13:36:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.506
X-Spam-Level:
X-Spam-Status: No, score=-102.506 tagged_above=-999 required=5 tests=[AWL=0.092, BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yKel8GkoY+nO for <pcp@ietfa.amsl.com>; Fri, 5 Oct 2012 13:36:57 -0700 (PDT)
Received: from mout.perfora.net (mout.perfora.net [74.208.4.195]) by ietfa.amsl.com (Postfix) with ESMTP id DC13A21F85B1 for <pcp@ietf.org>; Fri, 5 Oct 2012 13:36:56 -0700 (PDT)
Received: from [192.168.2.5] (88.247.135.202.static.ttnet.com.tr [88.247.135.202]) by mrelay.perfora.net (node=mrus3) with ESMTP (Nemesis) id 0LfTRR-1Tmkxl2U9Z-00pQQ6; Fri, 05 Oct 2012 16:36:46 -0400
Mime-Version: 1.0 (Apple Message framework v1278)
Content-Type: multipart/alternative; boundary="Apple-Mail=_ACDC3A60-2121-4659-8FAA-66DB0ABD93B7"
From: Alper Yegin <alper.yegin@yegin.org>
In-Reply-To: <712CABEE-96A2-493A-B2F8-94BC2548E0FD@lilacglade.org>
Date: Fri, 05 Oct 2012 23:36:26 +0300
Message-Id: <CE78EF70-EE7E-4910-A8DD-3E794FB8ED52@yegin.org>
References: <506E5175.3020802@toshiba.co.jp> <712CABEE-96A2-493A-B2F8-94BC2548E0FD@lilacglade.org>
To: Margaret Wasserman <margaretw42@gmail.com>
X-Mailer: Apple Mail (2.1278)
X-Provags-ID: V02:K0:6XfM5Goi2qx9gUtV0TotdyYPRUavYdTuHR6P1qJGlWw 9D6oxV5YrJQBHBZETni28avg3bONDp899WfcjD2J/clm+Z3aD4 nJQG2k7uupogkm2Yy+JLWNDez3er4E70v+oJ4Q0jquAoNwaDG3 aQg4JStZpHvts/ycrD59JcZ0y6/zBaj5P4EYn2PXCiEh4Er9vq VmEmtr1lchRbGRz/DrK/asKfiJ+O9BWhYHcyNlq3mvbhd02ujd yGHdr/wMnn5QZ8woHSowrK+zG8dUnoOIQ+ohZ2qelFqw+I31ve /jvlD1wVfzdukKbhVZzFs4UQipozLmTHY+wydmBz+nzi56C+fG ezppnSmR/jKaysb+8p+tKO6HeNr4iHqOxNA8rRCb8dT9xznQqq 8yYTTd55YxWWg==
Cc: pcp@ietf.org
Subject: Re: [pcp] Revising PANA side-by-side approach
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Oct 2012 20:36:57 -0000
Just to add to few things to what Yoshi said… > > Hi Yoshi, > > The concern that I have with this approach is that it seems short-sited to me... > > If we expect PANA to be used as a generic authentication mechanism, rather than being used specifically for network access authentication, I think we need to do two things: > > 1) Provide a clear explanation of what parts of PANA will be used with PCP. For example, the notion of a network access enforcement point doesn't really make sense in a PCP context. PANA spec recognizes the possibility that the authenticator and the enforcement point may be separate. This is a possible case in access networks. While this possibility is recognized, it does not make any difference on the authentication procedure as you can see from RFC 5191. (and in the case of PCP use, enforcement point and PAA are co-located.) > 2) Describe a clean mechanism that allows PANA to be used for authentication of other protocols. > > Overloading a single bit in the PCP version field, because it happens to coincide with a flag bit in PANA doesn't seem like a method that will work for other protocols, and I am concerned that it doesn't provide a clean basis for moving forward. > This is done here just because folks wanted to share the same port for PANA and PCP. I'm in fact seeking further clarification on this need. I had asked this on the ML http://www.ietf.org/mail-archive/web/pcp/current/msg02395.html (*) but no one answered. So, I'm not sure how necessary this port sharing is. And I don't know if anyone else would require the same for another protocol down the road. So, when we need to do this for other protocols, I don't think we'd need to do port sharing. (*) I had said "I wasn't on the jabber at previous IETF, so maybe I missed some of the discussions." in that email. I made a typo. I meant "I was on the jabber (not in the meeting room), so maybe I missed some of the discussions." Alper > Margaret > > > On Oct 4, 2012, at 11:18 PM, Yoshihiro Ohba wrote: > >> Since PCP Version 0 is used by draft-cheshire-nat-pmp, I plan to >> revise PANA side-by-side approach I-D (draft-ohba-pcp-pana) to use >> Bit 0 instead of Bits 5-6-7. The new logic is that when bit 0 is 1 it's >> PANA, >> otherwise it's PCP and alike. If there is an issue with the new logic, >> please let me know. >> >> I also plan to submit PANA encasulation approach as a separate I-D >> before the next interim meeting. >> >> Regards, >> Yoshihiro Ohba >> >> _______________________________________________ >> pcp mailing list >> pcp@ietf.org >> https://www.ietf.org/mailman/listinfo/pcp > > _______________________________________________ > pcp mailing list > pcp@ietf.org > https://www.ietf.org/mailman/listinfo/pcp
- [pcp] Revising PANA side-by-side approach Yoshihiro Ohba
- Re: [pcp] Revising PANA side-by-side approach Margaret Wasserman
- Re: [pcp] Revising PANA side-by-side approach Yoshihiro Ohba
- Re: [pcp] Revising PANA side-by-side approach Alper Yegin
- Re: [pcp] Revising PANA side-by-side approach Sam Hartman
- Re: [pcp] Revising PANA side-by-side approach Margaret Wasserman
- Re: [pcp] Revising PANA side-by-side approach Yoshihiro Ohba
- Re: [pcp] Revising PANA side-by-side approach Alper Yegin
- Re: [pcp] Revising PANA side-by-side approach Rafa Marin Lopez