IETF Logo Mail Archive

Re: [Seamoby] CAR Discovery Requirements

"James Kempf" <kempf@docomolabs-usa.com> Wed, 13 March 2002 18:42 UTC

Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA14674 for <seamoby-archive@odin.ietf.org>; Wed, 13 Mar 2002 13:42:23 -0500 (EST)
Received: from optimus.ietf.org (localhost [127.0.0.1]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id NAA03049; Wed, 13 Mar 2002 13:23:14 -0500 (EST)
Received: from ietf.org (odin [132.151.1.176]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id NAA03018 for <seamoby@ns.ietf.org>; Wed, 13 Mar 2002 13:23:12 -0500 (EST)
Received: from fridge.docomolabs-usa.com (fridge.docomolabs-usa.com [216.98.102.228]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA14007 for <seamoby@ietf.org>; Wed, 13 Mar 2002 13:23:09 -0500 (EST)
Received: from T23KEMPF (dhcp126.docomolabs-usa.com [172.21.96.126]) by fridge.docomolabs-usa.com (8.11.3/8.11.3) with SMTP id g2DIMcI00505; Wed, 13 Mar 2002 10:22:38 -0800 (PST)
Message-ID: <017201c1cabb$d48fbf10$7e6015ac@T23KEMPF>
From: James Kempf <kempf@docomolabs-usa.com>
To: Dirk.Trossen@nokia.com, seamoby@ietf.org
References: <DC504E9C3384054C8506D3E6BB012460382FEB@bsebe001.NOE.Nokia.com>
Subject: Re: [Seamoby] CAR Discovery Requirements
Date: Wed, 13 Mar 2002 10:21:01 -0800
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4522.1200
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Content-Transfer-Encoding: 7bit
Sender: seamoby-admin@ietf.org
Errors-To: seamoby-admin@ietf.org
X-Mailman-Version: 1.0
Precedence: bulk
List-Id: Context Transfer, Handoff Candidate Discovery, and Dormant Mode Host Alerting <seamoby.ietf.org>
X-BeenThere: seamoby@ietf.org
Content-Transfer-Encoding: 7bit

Dirk,

> IMHO, TAR selection includes everything including communication
> of MN requirements. The reason I believe this is because communication
> of the requirements may require functions such as:
>
>     - verifying that the MN is, in fact, authorized to get what it is
> asking.
>
>     - arranging for accounting information so that the owner of the MN
>     can be billed appropriately for what it is asking.
>
>     - authenticating the exchange with the MN so that the AR (or
> whatever
>     other network entity is involved in doing TAR selection) knows
that
>     they come from an authorized MN and not from a freeloader.
>
>     - securing the exchange between the MN and the AR or other
>     entity implementing the MN's selection.
>
> These functions are separate from communicating routing reachability
> and router capability information, even if the MN is involved in
> propagating the reachability and capability information (as, I
believe,
> it may be in CAR discovery). The AAA functions are
> completely orthogonal, as are the security functions.
>
> [DOT] By all due respect, I'm kind of surprised to see these
interpretations
> at this stage of discussion. What I quoted in my previous email is the
> definition of CARs and the fundamental sentence in the problem
statement.
> In addition, here the definition of TAR selection:
> "TAR Selection Algorithm
>
>   The algorithm that determines a unique TAR for MN's handoff from
>   the set of CARs. The exact nature and definition of this algorithm
>   is outside the scope of this document.
> "
> With all this information, available in the issues draft for quite a
while,
> I draw the following line
> - discover GAARs and their capabilities
> - determine set of CARs (i.e., subset of GAARs that fulfil MN's
requirements)
> - select a unique TAR from this set (i.e., TAR selection)
> I don't see that much room for interpretation of the terms, at least
this
> interpretation should have been done at appropriate time of the
discussion.
>

Perhaps I did not state clearly enough what I was trying to say.

The point that I was trying to make is similar to the one the Scott
Bradner brought up at the last Seamoby meeting in SLC. The security/AAA
requirements on a protocol for distributing routing reachability
information are likely to be very different from those involving a MN
expressing its preferences for capabilities. For example, I believe
there is a separate IPsec policy for routing security as opposed to host
security. If the CAR discovery information is coming from a host and the
routing infrastructure is using this policy, then I would presume that
the host must, in some way ensure that the security requirements of the
routing infrastructure, and not for hosts, is followed. Similarly, for
communicating MN capabilities preferences, a host security/AAA policy
needs to be used and not a routing security policy.

Conflating these two is likely to result in problems, IMHO. So I believe
they should be kept separate.

And, in fact, this brings up another issue. The current requirements are
completely lacking *any* mention of security. But I will address that in
another note so as not to confuse the threads.


> [DOT] Further, the requirement to provide means to express MN's
requirements
> to be used for the determination of the set of CARs (as I stated in my
requirement)
> does not imply that we have to invent a new protocol for this part of
CAR discovery.
> If I want to solve the CAR discovery problem (which according to the
issues draft
> include the determination of CARs), I have to have means to express
MN's
> requirements. These 'means' might certainly be existing protocols.
>

Agreed.

> [DOT] More philosophically, the requirements are meant to define a
protocol
> that solves the CAR discovery problem. The design of such protocol
should always
> be done under the constraint to re-use as much existing functionality
as possible.
> However, the first and strongest requirement is to solve the problem.
To do, I do
> think that this requirement is needed.
>

Agreed.

> There is no need to for the AR to know the MN's requirements just to
select GAARs.
>
> [DOT] On what basis do you want to select GAARs? If you plainly
determine
> a subset of GAARs that are reachable by the MN at time of handoff (is
it
> that what you mean?), then you are not determining CARs according to
the
> definition of CARs. You are plainly selecting reachable GAARs.
>
>

I have no objection to including this requirement as long as:

    - The language makes clear that the requirement is not to force the
same protocol to perform CAR discovery and to communicate MN
preferences.

    - The distinction between routing security/AAA requirements for CAR
discovery and MN security/AAA requirements for MN preferences is
maintained.

            jak


_______________________________________________
Seamoby mailing list
Seamoby@ietf.org
https://www1.ietf.org/mailman/listinfo/seamoby

v2.35.0 | Report a Bug | By Email | System Status