Re: [Tsvwg] Adopting draft-behringer-tsvwg-rsvp-security-groupkeying as WG item?

[Francois Le Faucheur IMAP <flefauch@cisco.com>]

On 29 Jan 2008, at 11:05, Lars Eggert wrote:

> Hi, Brian,
>
> On 2008-1-28, at 19:58, ext Brian Weis wrote:
>> Calling draft-behringer-tsvwg a "survey" of "group keying for  
>> RSVP" isn't an entirely accurate statement. It's a much more  
>> fundamental description of RSVP security: it documents the RSVP  
>> trust model (perhaps for the first time), and from there it  
>> describes the appropriate uses for RSVP keys that should be used  
>> within different network topologies, as well as provisioning  
>> methods for those keys. Although these topics don't motivate new  
>> TSVWG protocol development, taking ownership of these RSVP  
>> security fundamentals is important for TSVWG. I believe that is a  
>> good rationale for accepting draft-behringer-tsvwg as a WG item.
>
> I agree with you, and I said during the Vancouver meeting that I'd  
> see such an Informational document in scope for TSVWG.

Good.

>
> However, I'm now hesitating, because I've heard the argument being  
> made (both in Vancouver during SAAG and in the recent email by  
> Francois) that the acceptance of draft-behringer-tsvwg-rsvp- 
> security-groupkeying as a TSVWG work item would establish a need to  
> work on a solution in MSEC (based on draft-weis-gdoi-for-rsvp). I  
> don't agree with this argument. At best, the document would  
> identify a hole in the solution space, and if MSEC wants to fill  
> that, I'd need to find its own motivation for doing so.

I am failing to see the concern.

First, I have already clarified several times that draft-behringer is  
NOT tied to draft-weis-gdoi-for-rsvp. It only mentions draft-weis- 
gdoi-for-rsvp as an example of solution to achieve automated key  
management for RSVP. The discussion in draft-behringer is about group  
keying and not about the specifics of how it is achieved. If there is  
text that ties teh discussion to draft-weis-gdoi, please identify it  
and we can fix that.

Second, draft-behringer is not proposing to dictate what MSEC should  
or should not do. It is about documenting group keying applicability  
to RSVP and its benefits in some scenarios. The expectation is indeed  
that MSEC will find its own motivation to develop a solution based on  
the benefits it would bring to RSVP. That's all.

With these clarifications in mind, do you still see an issue?
If so, perhaps you could identify the specifics parts of draft- 
behringer that create problem and we could edit/remove those parts?

The one question I do have is whether someone can think of other  
approaches than group keying for RSVP? This is because draft- 
behringer currently discusses group keying, but it could also discuss  
other approaches if there are other candidates automated key  
management approaches for RSVP.

Thanks

Francois

>
> Lars