The purpose of SEND-based key derivation for handover is to
obtain a
handover key for securing FMIP signaling (Primarily FBU).
Whereas a
general-purpose solution may be desirable, our experience
with such
efforts indicate the pitfalls associated with subtlety. So,
I prefer to
keep the scope of the _current_ WG item to securing FMIP
signaling.
Perhaps in the future, enhancements may be considered.
Regards,
-Rajeev
James Kempf wrote:
> Wassim,
>
> As we've discussed offlist, context transfer of keys
between ARs has the
> potential to violate the Housley Critera:
>
> http://www.ietf.org/internet-drafts/draft-h
ousley-aaa-key-mgmt-02.txt
>
> Russ' draft is written specifically with AAA key
management in mind, but
> the criteria apply to other types of key management as
well. I skimmed
> your draft, and it seemed to me that there might be a
problem.
>
> Rajeev and I have been working on this draft for over a
year, and it was
> transferred from MOBOPTS with the recommendation that
it become a WG
> draft. If you manage to come up with some way to reduce
the amount of
> signaling involved in SEND-based key exchange for
handover that is
> consistent with the Housley Critera, I would have no
problem
> incorporating that into the WG draft at that time. Gab
and Stefano can
> correct me if I am wrong, but I do not believe we are
in a hurry to get
> this draft to the IESG, so there should be plenty of
time to incorporate
> enhancements that you or any WG member would like to
include.
>
> jak
>
>
> ----- Original Message ----- From: "Wassim
Haddad" <whaddad tcs.hut.fi>
> To: "gabriel montenegro"
<gabriel_montenegro_2000yahoo.com>
> Cc: <mipshopietf.org>
> Sent: Monday, March 27, 2006 12:07 PM
> Subject: Re: [Mipshop] Gauging interest in official WG
adoption of
> internetdrafts
>
>
>> Hi,
>>
>> I support making the first two and the last three
items WG items.
>> Concerning the third item, I'd like to mention
that the OptiSEND
>> proposal (draft-haddad-mipshop-optisend-01), while
not complete yet,
>> allows the MN to share a secret with the *first* AR
and to use it to
>> authenticate ND signaling messages *and* mobility
signaling messages
>> exchanged between an AR and the MN during the MN
movements and as
>> long as the shared secret remains valid.
>>
>>
>> Regards,
>>
>> Wassim H.
>>
>>
>>
>> On Tue, 21 Mar 2006, gabriel montenegro wrote:
>>
>>> Folks,
>>>
>>> In today's meeting we talked about 4 potential
items up for adoption
>>> as official working
>>> groups. Talking with folks after the meeting,
we've decided to add
>>> two more to the list
>>> of items we'll ask the WG whether we should
adopt. This is the
>>> follow-up email to today's
>>> discussion, to make sure we ask this on the
mailing list.
>>>
>>> So the question to the WG is: Should we adopt
the following documents
>>> as official WG
>>> items (based on the individual drafts as noted
below)?:
>>>
>>> 1. draft-ietf-mipshop-fmipv6-rev-XX.txt
>>> based on draft-koodli-mipshop-rfc4068bis-00.txt
>>>
>>> 2. draft-ietf-mipshop-handover-keys-aaa-XX.txt
>>> based on
draft-vidya-mipshop-handover-keys-aaa-01.txt
>>>
>>> 3. draft-ietf-mipshop-handover-key-send-XX.txt
>>> based on
draft-kempf-mobopts-handover-key-01.txt (currently expired)
>>>
>>> 4. draft-ietf-mipshop-fh80216e-XX.txt
>>> based on draft-jang-mipshop-fh80216e-02.txt
>>>
>>> 5. draft-ietf-mipshop-3gfh-XX.txt
>>> based on draft-yokota-mipshop-3gfh-02.txt
>>>
>>> 6. draft-ietf-mipshop-cga-cba-XX.txt
>>> based on draft-arkko-mipshop-cga-cba-03.txt
>>>
>>> Please send comments one way or another through
April 4, 2006.
>>>
>>> Thanks,
>>>
>>> chairs
>>>
>>>
>>>
__________________________________________________
>>> Do You Yahoo!?
>>> Tired of spam? Yahoo! Mail has the best spam
protection around
>>> http://mail.yahoo.com
>>>
>>> _______________________________________________
>>> Mipshop mailing list
>>> Mipshopietf.org
>>> https:
//www1.ietf.org/mailman/listinfo/mipshop
>>>
>>>
>>
>> _______________________________________________
>> Mipshop mailing list
>> Mipshopietf.org
>> https:
//www1.ietf.org/mailman/listinfo/mipshop
>>
>
>
>
> _______________________________________________
> Mipshop mailing list
> Mipshopietf.org
> https:
//www1.ietf.org/mailman/listinfo/mipshop
_______________________________________________
Mipshop mailing list
Mipshopietf.org
https:
//www1.ietf.org/mailman/listinfo/mipshop
|