IETF Logo Mail Archive

RE: draft-ietf-v6ops-cpe-simple-security-04 WGLC

"Dan Wing" <dwing@cisco.com> Fri, 24 April 2009 19:11 UTC

Return-Path: <owner-v6ops@ops.ietf.org>
X-Original-To: ietfarch-v6ops-archive@core3.amsl.com
Delivered-To: ietfarch-v6ops-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BEA6E3A6F95 for <ietfarch-v6ops-archive@core3.amsl.com>; Fri, 24 Apr 2009 12:11:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.475
X-Spam-Level:
X-Spam-Status: No, score=-5.475 tagged_above=-999 required=5 tests=[AWL=-0.980, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zZcxktJMm+fX for <ietfarch-v6ops-archive@core3.amsl.com>; Fri, 24 Apr 2009 12:11:37 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id ABADE3A68B0 for <v6ops-archive@lists.ietf.org>; Fri, 24 Apr 2009 12:11:37 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from <owner-v6ops@ops.ietf.org>) id 1LxQn2-000GtA-12 for v6ops-data0@psg.com; Fri, 24 Apr 2009 19:10:24 +0000
Received: from [171.71.176.71] (helo=sj-iport-2.cisco.com) by psg.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.69 (FreeBSD)) (envelope-from <dwing@cisco.com>) id 1LxQmi-000GoE-RK for v6ops@ops.ietf.org; Fri, 24 Apr 2009 19:10:15 +0000
X-IronPort-AV: E=Sophos;i="4.40,243,1238976000"; d="scan'208";a="158712662"
Received: from sj-dkim-2.cisco.com ([171.71.179.186]) by sj-iport-2.cisco.com with ESMTP; 24 Apr 2009 19:10:04 +0000
Received: from sj-core-4.cisco.com (sj-core-4.cisco.com [171.68.223.138]) by sj-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id n3OJA4AB030694; Fri, 24 Apr 2009 12:10:04 -0700
Received: from dwingwxp01 ([10.32.240.197]) by sj-core-4.cisco.com (8.13.8/8.13.8) with ESMTP id n3OJA4n5008905; Fri, 24 Apr 2009 19:10:04 GMT
From: Dan Wing <dwing@cisco.com>
To: 'james woodyatt' <jhw@apple.com>, 'IPv6 Operations' <v6ops@ops.ietf.org>
References: <32129337-7BED-4D7A-AF06-BC5ABB37D994@cisco.com> <18034D4D7FE9AE48BF19AB1B0EF2729F27F2C05DC3@NOK-EUMSG-01.mgdnok.nokia.com> <016701c9c506$97ff5ae0$c5f0200a@cisco.com> <159D69A1-72DD-43CC-8168-9149EE81AB6A@apple.com>
Subject: RE: draft-ietf-v6ops-cpe-simple-security-04 WGLC
Date: Fri, 24 Apr 2009 12:10:04 -0700
Message-ID: <020001c9c510$46333740$c5f0200a@cisco.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3350
Thread-Index: AcnFDb/OP9fZaSeiS/aCzKbEK5ETxwAAmdTw
In-reply-to: <159D69A1-72DD-43CC-8168-9149EE81AB6A@apple.com>
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=569; t=1240600204; x=1241464204; c=relaxed/simple; s=sjdkim2002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=dwing@cisco.com; z=From:=20=22Dan=20Wing=22=20<dwing@cisco.com> |Subject:=20RE=3A=20draft-ietf-v6ops-cpe-simple-security-04 =20WGLC |Sender:=20; bh=ip9YotuAzDqUqiuv86UH5iice7BtJRbOU+AOL0+KsDw=; b=I80KX35Qnrba9NVarzbDEBEyqkJzpnqgfcVMiy1aw4sXM1F9aLJXhqHFfr DDU3LHR36eRy+L8f5xJ9RG9m3IrzxaM10p7NChI8KXMFM5HDdl2T9SsOw/8Z br+IpHMZGc;
Authentication-Results: sj-dkim-2; header.From=dwing@cisco.com; dkim=pass ( sig from cisco.com/sjdkim2002 verified; );
Sender: owner-v6ops@ops.ietf.org
Precedence: bulk
List-ID: <v6ops.ops.ietf.org>

> > Two hours seems a long time to leave your door open.
> >
> > A longer timeout could be negotiated between the the host and its  
> > CPE router
> > using whatever protocol exists and becomes a defacto standard on  
> > IPv6 networks
> > (e.g., draft-woodyatt-ald, UPnP IGD version 2). 
> 
> Alternatively, the "simple" security functions could be disabled to  
> facilitate applications that can't afford to send keep-alive packets.

Sure, but that causes them to wake up their radio whenever a 
packet is received.  I don't know which is worse.

-d

v2.23.0 | Report a Bug | By Email