List Info

Thread: RE: WG Consensus call on AAA based handover keys for FMIPv6
RE: WG Consensus call on AAA based handover keys for FMIPv6
user name
 2007-04-23 12:40:36 
I share Hannes's thoughts. This consensus call, as any call
that may be
issued yet again on draft-vidya-mipshop-handover-keys-aaa,
has serious
procedural inconsistencies. 

In a consensus call issued on 3/22/06, the chairs asked for
adoption of
6 drafts as WG items, including draft-vidya. There was
pretty much equal
support to adopt all the drafts and some recommendations on
a mobility
directorate review for 3 drafts: 

draft-vidya-mipshop-handover-keys-aaa
draft-kempf-mobopts-handover-key
draft-arkko-mipshop-cga-cba-03.txt

The chairs then decided (in an email to the list on 4/11/06)
to delay
adoption of all those 3 drafts until after the MobDir review
(the other
3 drafts were immediately adopted). A MobDir review of
draft-vidya was
posted to the list on 5/29/06; one on draft-kempf was posted
on 1/27/07
and no MobDir review was posted on draft-arkko (sorry if I
missed it).
In addition, a security review on draft-vidya was also
posted. All
review comments posted have been addressed in
draft-vidya-mipshop-handover-keys-aaa-04. 

Since then, all the 5 other drafts that were part of the
original
consensus call have progressed (to varying degrees), while
draft-vidya
has been held without explanation. We have discussed
potential conflicts
between draft-ietf-mipshop-handover-key and RFC3972 that
need to be
resolved before that is an acceptable solution to move
FMIPv6 to a PS.
We need to discuss the implications of RFC3972 on that
document on the
list and see what needs to be done, before stating something
along the
lines of "We have already adopted
draft-ietf-mipshop-handover-key as a
WG document for the mechanism based on SeND. This is
sufficient for
advancing FMIPv6 as a proposed standard.", as the email
from the chairs
presently states.  

All said and done, I find this process completely
unacceptable and have
told the chairs that draft-vidya-mipshop-handover-keys-aaa
is NOT a
candidate for consideration in a procedurally inconsistent
environment
such as this one. 

Regards,
Vidya

> -----Original Message-----
> From: Hannes Tschofenig [mailto:Hannes.Tschofeniggmx.net]

> Sent: Monday, April 23, 2007 12:50 AM
> To: Vijay Devarapalli
> Cc: mipshopietf.org
> Subject: Re: [Mipshop] WG Consensus call on AAA based 
> handover keys for FMIPv6
> 
> Hi Vijay
> 
> I would like to understand all this procedure a bit
better.
> 
> When the charter was created it called out for two
mechanisms.
> 
> One was quickly turned into a working group document
whereas 
> the other is kept waiting (even though we know that the
AAA 
> infrastructure will very likely be deployed in many,
many networks).
> 
> Hence, I would like to get a better understanding why
there 
> is a need to repeatedly ask the group again and again
where 
> as other proposals progress quickly.
> Are we then going to have another consensus call
whether we 
> want draft-vidya-mipshop-handover-keys-aaa (or the many
other 
> competing drafts)?
> Maybe another one some time later to ensure that we
really want it.
> (I am not kidding here: That happened to me in one
other 
> working group...)
> 
> Ciao
> Hannes
> 
> Vijay Devarapalli wrote:
> > Hello folks,
> >
> > Progressing FMIPv6 to Proposed Standard requires a

> mechanism to setup 
> > security associations between the mobile node and
the access router 
> > dynamically. Currently our charter says we will
develop two 
> mechanisms 
> > for this, one based on using Secure Neighbor
Discovery between the 
> > mobile node and the access router and one based on
the AAA 
> > infrastructure.
> >
> > We have already adopted
draft-ietf-mipshop-handover-key as a WG 
> > document for the mechanism based on SeND. This is
sufficient for 
> > advancing FMIPv6 as a proposed standard.
> >
> > However, it is unknown whether SeND will always be

> available on access 
> > networks where FMIPv6 is likely to be deployed. At
the same 
> time a AAA 
> > infrastructure is likely to be used in deployments
where 
> FMIPv6 is used.
> > So it would be good to develop a mechanism that
leverages the AAA 
> > infrastructure and sets up security associations
between the mobile 
> > node and the access router dynamically. Note that
any mechanism we 
> > develop is likely to require extensions to the AAA

> > infrastructure/protocols to support the handover
keying mechanism.
> >
> > So we would like to check if the WG still wants to
develop 
> a AAA based 
> > handover keying mechanism for FMIPv6. So please
reply to 
> this email on 
> > whether you think such a mechanism needs to be
developed by the 
> > MIPSHOP WG. Please respond by April 30. This is a
short one-week 
> > consensus call since we need to re-charter pretty
soon.
> >
> > Note that this *NOT* a consensus call on adopting
any 
> particular draft.
> > That will follow once we decide to go ahead with
this work item.
> >
> > Chairs
> > MIPSHOP WG
> >
> > _______________________________________________
> > Mipshop mailing list
> > Mipshopietf.org
> > https:
//www1.ietf.org/mailman/listinfo/mipshop
> 
> 
> _______________________________________________
> Mipshop mailing list
> Mipshopietf.org
> https:
//www1.ietf.org/mailman/listinfo/mipshop
> 

_______________________________________________
Mipshop mailing list
Mipshopietf.org
https:
//www1.ietf.org/mailman/listinfo/mipshop
Re: WG Consensus call on AAA based handover keys for FMIPv6
user name
 2007-04-23 13:15:01 
Vidya,

>Since then, all the 5 other drafts that were part of the
original
>consensus call have progressed (to varying degrees),
while draft-vidya
>has been held without explanation. We have discussed
potential conflicts
>between draft-ietf-mipshop-handover-key and RFC3972 that
need to be
>resolved before that is an acceptable solution to move
FMIPv6 to a PS.
>We need to discuss the implications of RFC3972 on that
document on the
>list and see what needs to be done, before stating
something along the
>lines of "We have already adopted
draft-ietf-mipshop-handover-key as a
>WG document for the mechanism based on SeND. This is
sufficient for
>advancing FMIPv6 as a proposed standard.", as the
email from the chairs
>presently states.

I think everyone, including Rajeev and myself who are
co-authors on 
draft-ietf-mipshop-handover-key, agrees that we need to
resolve any issues 
with RFC3972. I took a look at the minutes from the Prague
meeting, and I 
could not make head nor tail of Lakshimanth's comments. I do
not know if 
that was because the recorder couldn't understand what he
was saying or was 
rather because the comments themselves were expressed in a
way that made his 
point difficult to understand. We are now trying to get a
clear statement of 
what Lakshimnath's concerns are, so that we can address
them, and we will 
resolve the issue if there is one.

In addition, as Rajeev's email and my email here and in the
past and my 
comments at the microphone during the San Diego meeting have
supported, 
everyone is in agreement that we need to adopt an AAA based
mechanism. As 
Vijay has stated, there is no harm in polling the WG
periodically about 
whether there is still interest in doing a work item. This
is, in fact, a 
good idea since it helps determine whether people have lost
interest and 
therefore to weed out items that are not of interest (for
example, the low 
latency work in MIP4 WG, which has lingered there for 5
years with gradually 
dwindling, and now zero, interest). I think from the
response so far I 
believe that there is strong interest, and I hope
draft-vidya will soon be 
submitted as a WG draft. I think this is independent of what
is needed for 
advancing FMIP, as Vijay said, but that should not hold up
acceptance of 
draft-vidya because people clearly want it.

Finally, I believe Vijay's email brought out the issue of
whether there are 
any changes needed in the AAA infrastructure in order to
support 
draft-vidya. Recall that such changes (though not large)
were identified 
during the bootstrapping design work in MIPv6. So I think 
it might be 
useful to consider what would be needed to make draft-vidya
work well, and 
maybe come up with a list of requirements for the
appropriate AAA WG if 
anything is found. Saying that no changes are needed in a
misguided 
competition to somehow make the AAA based mechanism look as
or more 
attractive than the SEND-based mechanism is really not
helpful . Not that 
anybody has made this kind of statement (yet). 

I think the goal of standardizing draft-vidya for an AAA
based mechanism 
should be to ensure that there is a well-designed AAA based
mechanism that 
covers all the security issues, with recommended changes to
the AAA 
infrastructure if necessary.

                      jak




_______________________________________________
Mipshop mailing list
Mipshopietf.org
https:
//www1.ietf.org/mailman/listinfo/mipshop
[1-2]

about | contact  Other archives ( Real Estate discussion Medical topics )