IETF Logo Mail Archive

Re: [pcp] Review of draft-ietf-pcp-proxy-04

"Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com> Mon, 20 January 2014 16:05 UTC

Return-Path: <tireddy@cisco.com>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 66B2D1A01B9 for <pcp@ietfa.amsl.com>; Mon, 20 Jan 2014 08:05:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.035
X-Spam-Level:
X-Spam-Status: No, score=-15.035 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.535, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pfCLpywxLbDI for <pcp@ietfa.amsl.com>; Mon, 20 Jan 2014 08:05:48 -0800 (PST)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) by ietfa.amsl.com (Postfix) with ESMTP id 40D111A01B5 for <pcp@ietf.org>; Mon, 20 Jan 2014 08:05:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=13401; q=dns/txt; s=iport; t=1390233948; x=1391443548; h=from:to:cc:subject:date:message-id:mime-version; bh=GljGoAFsM7EShDHqWyujyWNo/rWlUT19dViciFyrvk4=; b=JqnFRsGHdy0KYLFbQwMDrEr5fKlXGz/7dVG2GXUWv+Hjj0lL5nlqxnLz ZR2LF8rtXFIGM5/+73v6N9aTrH3rTFG7BI9rPZERV5Gk459WSyurYQGdX ANCsbjPjiy9S2IOxZMXht+9g5YZZfdP9eg/Gu0dAa4TJUTfcSebaLJVHC 0=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AucHAMVI3VKtJV2b/2dsb2JhbABZgkdEOFaybIhRgQ8WdIIlAQEBAgItTBIBCBEEAQELHTkUCQkBBA4FCAESh2oNw14Xjk4xBoMlgRQEiQ+QRZBmgUCBbYIq
X-IronPort-AV: E=Sophos; i="4.95,691,1384300800"; d="scan'208,217"; a="298292923"
Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by rcdn-iport-1.cisco.com with ESMTP; 20 Jan 2014 16:05:48 +0000
Received: from xhc-rcd-x07.cisco.com (xhc-rcd-x07.cisco.com [173.37.183.81]) by rcdn-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id s0KG5lfP016709 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Mon, 20 Jan 2014 16:05:47 GMT
Received: from xmb-rcd-x10.cisco.com ([169.254.15.227]) by xhc-rcd-x07.cisco.com ([173.37.183.81]) with mapi id 14.03.0123.003; Mon, 20 Jan 2014 10:05:47 -0600
From: "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com>
To: "mohamed.boucadair@orange.com" <mohamed.boucadair@orange.com>
Thread-Topic: Review of draft-ietf-pcp-proxy-04
Thread-Index: Ac8V+XYFwCZwUiErRFWZJpB8oQYf6A==
Date: Mon, 20 Jan 2014 16:05:46 +0000
Message-ID: <913383AAA69FF945B8F946018B75898A2428DACF@xmb-rcd-x10.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.65.66.147]
Content-Type: multipart/alternative; boundary="_000_913383AAA69FF945B8F946018B75898A2428DACFxmbrcdx10ciscoc_"
MIME-Version: 1.0
Cc: "pcp@ietf.org" <pcp@ietf.org>
Subject: Re: [pcp] Review of draft-ietf-pcp-proxy-04
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp/>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jan 2014 16:05:51 -0000

Ok, If that's the case - Is there consensus that PCP auth draft will address the below comments to explain the usage of PCP proxy when auth is used ?

Best Regards,
-Tiru.
From: mohamed.boucadair@orange.com<mailto:mohamed.boucadair@orange.com> [mailto:mohamed.boucadair@orange.com]
Sent: Monday, January 20, 2014 6:30 PM
To: Tirumaleswar Reddy (tireddy)
Cc: Dan Wing (dwing); Reinaldo Penno (repenno); pcp@ietf.org<mailto:pcp@ietf.org>
Subject: RE: Review of draft-ietf-pcp-proxy-04

Hi Tiru,

Thanks for the comments.

Please see inline.
Cheers,
Med

De : Tirumaleswar Reddy (tireddy) [mailto:tireddy@cisco.com]
Envoyé : lundi 20 janvier 2014 13:28
À : BOUCADAIR Mohamed IMT/OLN
Cc : Dan Wing (dwing); Reinaldo Penno (repenno); pcp@ietf.org<mailto:pcp@ietf.org>
Objet : Review of draft-ietf-pcp-proxy-04

Hi Med,

Comments:

a)
If PCP authentication is used, Is there a need to still use THIRD_PARTY option for the use case "No NAT is Co-located with the PCP Proxy"  in section 6 of the draft ?
[Med] THIRD_PARTY option is needed even if no NAT is co-located with the PCP Proxy (e.g., DS-Lite context). For other contexts than DS-Lite, if the source IP address is not altered by the PCP proxy, the proxy has to inspect all incoming packets to find out pcp ones and therefore enforces the appropriate policies. Altering the source IP address by the pcp proxy is a solution to redirect all the incoming  pcp traffic explicitly to the PCP proxy. In addition, as indicated below, proxy implications on authentication are out of scope of this document. The proxy document adopts the same rationale as the base pcp specification.

b)
Are you planning to update the draft  with details about the usage of PCP proxy with PCP auth.
[Med] NO. The plan is to follow what have been presented during the Berlin meeting (http://www.ietf.org/proceedings/87/slides/slides-87-pcp-2.pdf): "Proxy implication on authentication are out of scope and should be specified in pcp-authentication document"

In addition to the existing use cases this integration will be useful for http://tools.ietf.org/html/draft-wing-pcp-flowdata-00 where the PCP proxy in the Home network receives the flow characteristics signaled by the PCP client and propagates the flow characteristics to the PCP Server in the Access Network.

Cheers,
-Tiru.

v2.23.0 | Report a Bug | By Email