IETF Logo Mail Archive

[SAFE] RE: [tsv-area] BOF request under consideration: SAFE

Black_David@emc.com Mon, 08 October 2007 17:53 UTC

Return-path: <safe-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IewnN-0004dR-G8; Mon, 08 Oct 2007 13:53:33 -0400
Received: from safe by megatron.ietf.org with local (Exim 4.43) id 1Ievqv-0000ic-47 for safe-confirm+ok@megatron.ietf.org; Mon, 08 Oct 2007 12:53:09 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Ievqu-0000XW-Nf; Mon, 08 Oct 2007 12:53:08 -0400
Received: from mexforward.lss.emc.com ([128.222.32.20]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1Ievqe-00082A-TU; Mon, 08 Oct 2007 12:52:53 -0400
Received: from mailhub.lss.emc.com (nirah.lss.emc.com [10.254.144.13]) by mexforward.lss.emc.com (Switch-3.2.5/Switch-3.1.7) with ESMTP id l98Gqm2L003780; Mon, 8 Oct 2007 12:52:48 -0400 (EDT)
Received: from corpussmtp3.corp.emc.com (corpussmtp3.corp.emc.com [10.254.64.53]) by mailhub.lss.emc.com (Switch-3.2.5/Switch-3.1.7) with ESMTP id l98GpwEB024670; Mon, 8 Oct 2007 12:52:46 -0400 (EDT)
From: Black_David@emc.com
Received: from CORPUSMX20A.corp.emc.com ([128.221.62.11]) by corpussmtp3.corp.emc.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 8 Oct 2007 12:52:28 -0400
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Mon, 08 Oct 2007 12:52:16 -0400
Message-ID: <FF29F13E2D78C047B4B79F4E062D0363387938@CORPUSMX20A.corp.emc.com>
In-Reply-To: <470A480C.4040506@ericsson.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [tsv-area] BOF request under consideration: SAFE
thread-index: AcgJvZ0rI60KpXPdQB6jKQIn8+/2ywADLx3Q
References: <470A480C.4040506@ericsson.com>
To: magnus.westerlund@ericsson.com, tsv-area@ietf.org, safe@ietf.org
X-OriginalArrivalTime: 08 Oct 2007 16:52:28.0878 (UTC) FILETIME=[9C8126E0:01C809CB]
X-PMX-Version: 4.7.1.128075, Antispam-Engine: 2.5.1.298604, Antispam-Data: 2007.8.30.51425
X-PerlMx-Spam: Gauge=, SPAM=0%, Reason='EMC_BODY_1+ -3, EMC_FROM_0+ -3, NO_REAL_NAME 0, __C230066_P5 0, __CP_URI_IN_BODY 0, __CT 0, __CTE 0, __CT_TEXT_PLAIN 0, __HAS_MSGID 0, __IMS_MSGID 0, __MIME_TEXT_ONLY 0, __MIME_VERSION 0, __SANE_MSGID 0'
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 1676547e4f33b5e63227e9c02bd359e3
X-Mailman-Approved-At: Mon, 08 Oct 2007 13:53:32 -0400
Cc: Black_David@emc.com
Subject: [SAFE] RE: [tsv-area] BOF request under consideration: SAFE
X-BeenThere: safe@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Self-Address Fixing Evolution <safe.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/safe>, <mailto:safe-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/safe>
List-Post: <mailto:safe@ietf.org>
List-Help: <mailto:safe-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/safe>, <mailto:safe-request@ietf.org?subject=subscribe>
Errors-To: safe-bounces@ietf.org

Magnus,

IKE and IKEv2 NAT Traversal for IPsec (also widely deployed, e.g.,
I believe my VPN client is using it to send this message ;-) ...)
are not on the list of related technologies.  This might be an
omission, but I suspect that the (assumed) problem definition
for SAFE may exclude IPsec (e.g., IKE and IKEv2 have a different
security model for which a server like the STUN server may be
problematic).  This should be clarified.

Thanks,
--David
----------------------------------------------------
David L. Black, Senior Technologist
EMC Corporation, 176 South St., Hopkinton, MA  01748
+1 (508) 293-7953             FAX: +1 (508) 293-7786
black_david@emc.com        Mobile: +1 (978) 394-7754
----------------------------------------------------

> -----Original Message-----
> From: Magnus Westerlund [mailto:magnus.westerlund@ericsson.com] 
> Sent: Monday, October 08, 2007 11:09 AM
> To: TSV Area; Behave WG; mmusic (E-mail)
> Subject: [tsv-area] BOF request under consideration: SAFE
> 
> Hi,
> 
> We ADs have received a request for a BOF in Vancouver: SAFE -
> Self-Address Fixing Evolution. See description below. I would
appreciate
> any feedback on this. For public discussion please use the SAFE
mailing
> list.
> 
> Post: safe@ietf.org
> Subscribe: https://www1.ietf.org/mailman/listinfo/safe
> 
> Draft:
>
http://www.ietf.org/internet-drafts/draft-wing-behave-nat-control-stun-u
sage-03.txt
> 
> 
> SAFE - Self-Address Fixing Evolution
> ------------------------------------
> 
> Chairs:
>   TBD
> 
> 
> ICE and its companion protocol STUN have been successfully deployed on
> the Internet for NAT traversal.  ICE and STUN have several
characteristics
> which contribute to their success:
> 
>   1. incremental deployment.  ICE and STUN are functional without any
>      modifications to existing NATs.
>   2. nested NATs.  ICE and STUN work when there are multiple NATs
>      between a host and the Internet.
>   3. topology unaware.  ICE and STUN are not configured with
>      information about NATs, firewalls, or their locations -- only
>      with the IP address of a server on the Internet.
>   4. simple security model.  If a host behind a NAT is allowed to send
>      a packet across the NAT, it is allowed to receive a response.
>   5. works on routed networks, which allows operation in both
>      enterprise networks and home networks.
> 
> Other NAT traversal protocols do not share these characteristics,
> which hinders their widespread deployment.  Specifically,
> 
>   * incremental deployment is not possible with MIDCOM, NSIS-NSLP,
>     UPnP, or Bonjour.  With all of these protocols, both the NAT
>     and the endpoint have to support the same protocol.
>   * nested NATs are not possible with UPnP or Bonjour.
>   * topology awareness is required of MIDCOM.
>   * security must be established between the controlling entity
>     and the NAT for MIDCOM and NSIS-NSLP.
>   * Both UPnP and Bonjour use broadcast packets which don't work
>     well on routed networks.
> 
> However, a drawback of ICE/STUN is its chatty keepalive traffic,
> which is a result of STUN not knowing the binding lifetime of its
> on-path NATs.  This chattiness causes a burden on servers and
> consumes network bandwidth, which is especially critical on wireless
> networks.  It is desirable to reduce this chattiness while still
> retaining the important characteristics of STUN and ICE.
> 
> This BoF is intended to discuss one proposed technique,
> draft-wing-behave-nat-control-stun-usage, which nearly eliminates
> STUN's keepalive chatter and still preserves the desirable
> characteristics of STUN/ICE.
> 
> The purpose of this BoF is to create a working group for this effort.
> 
> 
> Agenda:
>   Introduction, Agenda ....................................  5
>   Summary of existing NAT traversal techniques ............ 40
>    (UPnP, NAT-PMP/Bonjour, MIDCOM techniques, NSIS-NSLP, ICE)
>   draft-wing-behave-nat-control-stun-usage ................ 40
>   Q&A ..................................................... 25
>                                                     ----------
>                                                     total: 110
> 
> Cheers
> 
> Magnus Westerlund
> 
> IETF Transport Area Director & TSVWG Chair
> ----------------------------------------------------------------------
> Multimedia Technologies, Ericsson Research EAB/TVM/M
> ----------------------------------------------------------------------
> Ericsson AB                | Phone +46 8 4048287
> Torshamsgatan 23           | Fax   +46 8 7575550
> S-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com
> ----------------------------------------------------------------------
> 
> 
> 
> 


_______________________________________________
SAFE mailing list
SAFE@ietf.org
https://www1.ietf.org/mailman/listinfo/safe

v2.23.0 | Report a Bug | By Email