[Seamoby] issue-#46: Failure indication in a trusted-anchor sub-option

"James Kempf" <kempf@docomolabs-usa.com> Wed, 05 May 2004 19:45 UTC

Received: from optimus.ietf.org (www.iesg.org [132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA07931 for <seamoby-archive@odin.ietf.org>; Wed, 5 May 2004 15:45:13 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BLSC2-0008OW-0F for seamoby-archive@odin.ietf.org; Wed, 05 May 2004 15:36:34 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id i45JaXc6032268 for seamoby-archive@odin.ietf.org; Wed, 5 May 2004 15:36:33 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BLS6a-0005oN-3P for seamoby-web-archive@optimus.ietf.org; Wed, 05 May 2004 15:30:56 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA07030 for <seamoby-web-archive@ietf.org>; Wed, 5 May 2004 15:30:53 -0400 (EDT)
Received: from ietf-mx.ietf.org ([132.151.6.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.32) id 1BLS6Y-0005jf-7t for seamoby-web-archive@ietf.org; Wed, 05 May 2004 15:30:54 -0400
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1BLS5g-0005Ta-00 for seamoby-web-archive@ietf.org; Wed, 05 May 2004 15:30:00 -0400
Received: from optimus.ietf.org ([132.151.1.19]) by ietf-mx with esmtp (Exim 4.12) id 1BLS4u-0005Cq-00 for seamoby-web-archive@ietf.org; Wed, 05 May 2004 15:29:12 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BLRqG-0006Mo-08; Wed, 05 May 2004 15:14:04 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BLRhU-0007Yk-A4 for seamoby@optimus.ietf.org; Wed, 05 May 2004 15:05:00 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA05164 for <seamoby@ietf.org>; Wed, 5 May 2004 15:04:56 -0400 (EDT)
Received: from ietf-mx.ietf.org ([132.151.6.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.32) id 1BLRhR-0006O2-9b for seamoby@ietf.org; Wed, 05 May 2004 15:04:57 -0400
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1BLRgT-00067N-00 for seamoby@ietf.org; Wed, 05 May 2004 15:03:58 -0400
Received: from key1.docomolabs-usa.com ([216.98.102.225] helo=fridge.docomolabs-usa.com ident=fwuser) by ietf-mx with esmtp (Exim 4.12) id 1BLRfo-0005qa-00 for seamoby@ietf.org; Wed, 05 May 2004 15:03:16 -0400
Message-ID: <017f01c432d3$b596be60$366115ac@dcml.docomolabsusa.com>
From: James Kempf <kempf@docomolabs-usa.com>
To: seamoby@ietf.org
Date: Wed, 05 May 2004 12:03:51 -0700
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
Subject: [Seamoby] issue-#46: Failure indication in a trusted-anchor sub-option
Sender: seamoby-admin@ietf.org
Errors-To: seamoby-admin@ietf.org
X-BeenThere: seamoby@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/seamoby>, <mailto:seamoby-request@ietf.org?subject=unsubscribe>
List-Id: Context Transfer, Handoff Candidate Discovery, and Dormant Mode Host Alerting <seamoby.ietf.org>
List-Post: <mailto:seamoby@ietf.org>
List-Help: <mailto:seamoby-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/seamoby>, <mailto:seamoby-request@ietf.org?subject=subscribe>
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on ietf-mx.ietf.org
X-Spam-Status: No, hits=0.1 required=5.0 tests=AWL autolearn=no version=2.60
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit

(Breaking the reply to Marco up into seperate emails for each issue...)

The issue is that the RESOLVER_ERROR indication is only meant to apply to
the L2-ID resolution, and draft 07 also uses it to indicate that a trusted
anchor suboption did not match any anchor certificate.

One suggested solution was to return the Trusted Anchor suboption in the
reply if there is an error, the other was to set a flag in the CARD Reply
header if an error occurs.

The suggested resolution is to return the Trusted Anchor suboption.

The suggested text changes are the following:

Replace the following sentence in Section 4 paragraph 5:

"The MN includes in the CARD Request message a list of trusted anchors for
which the MN has a certificate and the AR replies with the certificate
chain, or with a RESOLOVER ERROR if no match is found for any of the trusted
anchors."

with:

"The MN includes in the CARD Request message a list of trusted anchors for
which the MN has a certificate and the AR replies with the certificate
chain. If no match is found, the AR returns the trusted anchor in the reply"

Replace the following sentence in Section 6.4 paragraph 2:

"The AR replies by sending a CARD Reply containing an Address sub-option for
itself and the Router Certificate sub-options (Section 5.1.3.7) containing
its certificate chain matching one of the requested trust anchors. If the
trusted anchor option does not match any certificate, the AR returns the
Trusted Anchor option in the reply."

            jak



_______________________________________________
Seamoby mailing list
Seamoby@ietf.org
https://www1.ietf.org/mailman/listinfo/seamoby