[Seamoby] issue-#46: Failure indication in a trusted-anchor sub-option
"James Kempf" <kempf@docomolabs-usa.com> Wed, 05 May 2004 19:45 UTC
Received: from optimus.ietf.org (www.iesg.org [132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA07931 for <seamoby-archive@odin.ietf.org>; Wed, 5 May 2004 15:45:13 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BLSC2-0008OW-0F for seamoby-archive@odin.ietf.org; Wed, 05 May 2004 15:36:34 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id i45JaXc6032268 for seamoby-archive@odin.ietf.org; Wed, 5 May 2004 15:36:33 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BLS6a-0005oN-3P for seamoby-web-archive@optimus.ietf.org; Wed, 05 May 2004 15:30:56 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA07030 for <seamoby-web-archive@ietf.org>; Wed, 5 May 2004 15:30:53 -0400 (EDT)
Received: from ietf-mx.ietf.org ([132.151.6.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.32) id 1BLS6Y-0005jf-7t for seamoby-web-archive@ietf.org; Wed, 05 May 2004 15:30:54 -0400
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1BLS5g-0005Ta-00 for seamoby-web-archive@ietf.org; Wed, 05 May 2004 15:30:00 -0400
Received: from optimus.ietf.org ([132.151.1.19]) by ietf-mx with esmtp (Exim 4.12) id 1BLS4u-0005Cq-00 for seamoby-web-archive@ietf.org; Wed, 05 May 2004 15:29:12 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BLRqG-0006Mo-08; Wed, 05 May 2004 15:14:04 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BLRhU-0007Yk-A4 for seamoby@optimus.ietf.org; Wed, 05 May 2004 15:05:00 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA05164 for <seamoby@ietf.org>; Wed, 5 May 2004 15:04:56 -0400 (EDT)
Received: from ietf-mx.ietf.org ([132.151.6.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.32) id 1BLRhR-0006O2-9b for seamoby@ietf.org; Wed, 05 May 2004 15:04:57 -0400
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1BLRgT-00067N-00 for seamoby@ietf.org; Wed, 05 May 2004 15:03:58 -0400
Received: from key1.docomolabs-usa.com ([216.98.102.225] helo=fridge.docomolabs-usa.com ident=fwuser) by ietf-mx with esmtp (Exim 4.12) id 1BLRfo-0005qa-00 for seamoby@ietf.org; Wed, 05 May 2004 15:03:16 -0400
Message-ID: <017f01c432d3$b596be60$366115ac@dcml.docomolabsusa.com>
From: James Kempf <kempf@docomolabs-usa.com>
To: seamoby@ietf.org
Date: Wed, 05 May 2004 12:03:51 -0700
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
Subject: [Seamoby] issue-#46: Failure indication in a trusted-anchor sub-option
Sender: seamoby-admin@ietf.org
Errors-To: seamoby-admin@ietf.org
X-BeenThere: seamoby@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/seamoby>, <mailto:seamoby-request@ietf.org?subject=unsubscribe>
List-Id: Context Transfer, Handoff Candidate Discovery, and Dormant Mode Host Alerting <seamoby.ietf.org>
List-Post: <mailto:seamoby@ietf.org>
List-Help: <mailto:seamoby-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/seamoby>, <mailto:seamoby-request@ietf.org?subject=subscribe>
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on ietf-mx.ietf.org
X-Spam-Status: No, hits=0.1 required=5.0 tests=AWL autolearn=no version=2.60
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
(Breaking the reply to Marco up into seperate emails for each issue...) The issue is that the RESOLVER_ERROR indication is only meant to apply to the L2-ID resolution, and draft 07 also uses it to indicate that a trusted anchor suboption did not match any anchor certificate. One suggested solution was to return the Trusted Anchor suboption in the reply if there is an error, the other was to set a flag in the CARD Reply header if an error occurs. The suggested resolution is to return the Trusted Anchor suboption. The suggested text changes are the following: Replace the following sentence in Section 4 paragraph 5: "The MN includes in the CARD Request message a list of trusted anchors for which the MN has a certificate and the AR replies with the certificate chain, or with a RESOLOVER ERROR if no match is found for any of the trusted anchors." with: "The MN includes in the CARD Request message a list of trusted anchors for which the MN has a certificate and the AR replies with the certificate chain. If no match is found, the AR returns the trusted anchor in the reply" Replace the following sentence in Section 6.4 paragraph 2: "The AR replies by sending a CARD Reply containing an Address sub-option for itself and the Router Certificate sub-options (Section 5.1.3.7) containing its certificate chain matching one of the requested trust anchors. If the trusted anchor option does not match any certificate, the AR returns the Trusted Anchor option in the reply." jak _______________________________________________ Seamoby mailing list Seamoby@ietf.org https://www1.ietf.org/mailman/listinfo/seamoby