IETF Logo Mail Archive

Re: [Tsvwg] Adopting draft-behringer-tsvwg-rsvp-security-groupkeying as WG item?

Hannes Tschofenig <Hannes.Tschofenig@gmx.net> Wed, 30 January 2008 07:20 UTC

Return-path: <tsvwg-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1JK7Fd-0001fo-0A; Wed, 30 Jan 2008 02:20:53 -0500
Received: from tsvwg by megatron.ietf.org with local (Exim 4.43) id 1JK7Fb-0001fd-QU for tsvwg-confirm+ok@megatron.ietf.org; Wed, 30 Jan 2008 02:20:51 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1JK7Fb-0001fV-Az for tsvwg@ietf.org; Wed, 30 Jan 2008 02:20:51 -0500
Received: from mail.gmx.net ([213.165.64.20]) by chiedprmail1.ietf.org with smtp (Exim 4.43) id 1JK7Fa-0001m9-GL for tsvwg@ietf.org; Wed, 30 Jan 2008 02:20:51 -0500
Received: (qmail invoked by alias); 30 Jan 2008 07:20:48 -0000
Received: from proxy4-nsn.nsn-inter.net (EHLO [217.115.75.232]) [217.115.75.232] by mail.gmx.net (mp006) with SMTP; 30 Jan 2008 08:20:48 +0100
X-Authenticated: #29516787
X-Provags-ID: V01U2FsdGVkX1+1du5mb0m1HmHhoHMgdPaGC5cOO4I6BXKMj7/h7s tov2C/rdIKUtic
Message-ID: <47A02553.4030403@gmx.net>
Date: Wed, 30 Jan 2008 09:20:51 +0200
From: Hannes Tschofenig <Hannes.Tschofenig@gmx.net>
User-Agent: Thunderbird 2.0.0.9 (Windows/20071031)
MIME-Version: 1.0
To: Brian Weis <bew@cisco.com>
Subject: Re: [Tsvwg] Adopting draft-behringer-tsvwg-rsvp-security-groupkeying as WG item?
References: <47974BDB.70406@ericsson.com> <CD8D57B6-EB94-4DCE-A42A-02BC5F573A13@nokia.com> <7A1BB0E8-5EFB-4341-918A-F841DB1B57FF@cisco.com> <A268781D-F81A-48B3-8042-1892AC93B749@nokia.com> <E603EB77-B600-4A73-9217-EB797A5D7AAB@cisco.com> <E119D886-0838-4323-ABD7-0C8CCAE5C7A3@nokia.com> <D2813B59-D4EA-474C-AC31-FF6B86BF8294@cisco.com>
In-Reply-To: <D2813B59-D4EA-474C-AC31-FF6B86BF8294@cisco.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Y-GMX-Trusted: 0
X-Spam-Score: 0.0 (/)
X-Scan-Signature: c0bedb65cce30976f0bf60a0a39edea4
Cc: ext Magnus Westerlund <magnus.westerlund@ericsson.com>, RJ Atkinson <rja@extremenetworks.com>, tsvwg list IETF <tsvwg@ietf.org>
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
Errors-To: tsvwg-bounces@ietf.org

I think that the scope of the document should be the following:

* Describe what the problem is (largely known already)
* Describe the deployment scenarios where this is a problem (not every 
possible deployment combination of RSVP is really useful in the 
real-world; in fact I would even argue the other way around). In some 
other groups in the Transport Area Lars and Magnus have been very keen 
on investigating whether there is a relevance for deployment....
* Illustrate the requirements and assumptions for solutions for the 
deployment scenarios that are seen as relevant.

If it only motivates a specific solution proposal then you could just 
merge it with the solution and use it as a motivation section for the 
solution spec.

Ciao
Hannes

Brian Weis wrote:
> Hi Lars,
>
> On Jan 29, 2008, at 2:05 AM, Lars Eggert wrote:
>
>> Hi, Brian,
>>
>> On 2008-1-28, at 19:58, ext Brian Weis wrote:
>>> Calling draft-behringer-tsvwg a "survey" of "group keying for RSVP" 
>>> isn't an entirely accurate statement. It's a much more fundamental 
>>> description of RSVP security: it documents the RSVP trust model 
>>> (perhaps for the first time), and from there it describes the 
>>> appropriate uses for RSVP keys that should be used within different 
>>> network topologies, as well as provisioning methods for those keys. 
>>> Although these topics don't motivate new TSVWG protocol development, 
>>> taking ownership of these RSVP security fundamentals is important 
>>> for TSVWG. I believe that is a good rationale for accepting 
>>> draft-behringer-tsvwg as a WG item.
>>
>> I agree with you, and I said during the Vancouver meeting that I'd 
>> see such an Informational document in scope for TSVWG.
>>
>> However, I'm now hesitating, because I've heard the argument being 
>> made (both in Vancouver during SAAG and in the recent email by 
>> Francois) that the acceptance of 
>> draft-behringer-tsvwg-rsvp-security-groupkeying as a TSVWG work item 
>> would establish a need to work on a solution in MSEC (based on 
>> draft-weis-gdoi-for-rsvp). I don't agree with this argument. At best, 
>> the document would identify a hole in the solution space, and if MSEC 
>> wants to fill that, I'd need to find its own motivation for doing so.
>
> I certainly agree that the action of TSVWG accepting 
> draft-behringer-tsvwg-rsvp-security-groupkeying as a WG document can't 
> dictate any particular action to MSEC. But such a TWVWG document 
> describing a group security model for RSVP does provide MSEC with the 
> basis for considering protocol work that increases the overall level 
> of security when group keys are used.
>
> On the other hand, rejecting it sends a message to MSEC that the use 
> of group security isn't particularly valuable for RSVP and so there 
> isn't much point in doing addition protocol work to make the group 
> security model more secure.
>
> Thanks,
> Brian
>
>> Lars
>

v2.23.0 | Report a Bug | By Email