[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [MEXT] Binding Revocation almost ready for IESG

To: "Vijay Devarapalli" <vijay at wichorus.com>
Subject: Re: [MEXT] Binding Revocation almost ready for IESG
From: "Ahmad Muhanna" <amuhanna at nortel.com>
Date: Wed, 20 May 2009 01:01:56 -0500
Cc: Julien Laganier <julien.laganier.ietf at googlemail.com>, mext <mext at ietf.org>
Delivered-to: mext at core3.amsl.com
In-reply-to: <C638835C.7965%vijay at wichorus.com>
List-archive: <http://www.ietf.org/mail-archive/web/mext>
List-help: <mailto:mext-request@ietf.org?subject=help>
List-id: Mobile IPv6 EXTensions WG <mext.ietf.org>
List-post: <mailto:mext@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=unsubscribe>
References: <C5A96676FCD00745B64AE42D5FCC9B6E1E822653 at zrc2hxm0.corp.nortel.com> <C638835C.7965%vijay at wichorus.com>
Thread-index: AcnO9sVR9cTLMTwdQ1GgPu1FD+lnTAAEbwpwAnKQ7sQADhwpEA==
Thread-topic: Binding Revocation almost ready for IESG

Hi Vijay,
Please see inline.

Regards,
Ahmad

> -----Original Message-----
> From: Vijay Devarapalli [mailto:vijay at wichorus.com] 
> Sent: Tuesday, May 19, 2009 5:40 PM
> To: Muhanna, Ahmad (RICH1:2H10)
> Cc: mext; Julien Laganier
> Subject: Re: Binding Revocation almost ready for IESG
> 
> Hi Ahmad,
> 
> I have a couple of comments on version 10
> 
> You explained to me that 3GPP2 wants to differentiate between 
> the two following triggers.
> 
>   3  Inter-MAG Handover - same Access Type
>   4  Inter-MAG Handover - different Access Type
>    
> That's fine. 
[Ahmad]
Thanks for agreeing on adding these two back! :)

> But what should the MAG behavior be when it 
> receives the following trigger?
> 
>  5  Inter-MAG Handover - Unknown
>
[Ahmad]
The MAG will reject the BRI with code "MN still attached" :)
I mean, the MAG is supposed to check whether the mobile node is attached
or not and based on its finding, it should reply back either success or
failure, e.g., "MN still attached".

> Instead, I suggest going with just two values
> 
>   3  Inter-MAG Handover
>   4  Inter-MAG Handover - different access types
> 
> '3' implicitly means it is the same access type. PMIPv6 after 
> all is supposed to be used for local mobility. :)
>
[Ahmad]
:)
No need to restate the definition of PMIP domain. 
I thought that you are the one who championed drafting that text:)
 
> On authorization for bulk revocation, we need some text that 
> explains how the LMA is supposed to check if a particular MAG 
> is authorized to perform bulk revocation. Is this list of 
> "MAGS-authorized-for-bulk-revocation"
> manually created on the LMA? If not, how is this populated?
> 
> (FWIW, I still think this authorization check should be 
> removed from the draft).

[Ahmad]
I think we keep coming back to this point:)
It is based on the home domain policy. 

1. Some home domain probably wont allow this across different domain
period. Example: only between MAG(s) and LMA(s) that belong to the same
operator.

2. It could be as simple as all MAGs which IDs matches a simple string
of "wildcard at xyz.com"

3. It could be as simple as "every MAG which is able to establish an
IPsec SA for protecting PMIP signaling is authorized for Global
revocation; I guess this matches your views to some extent.

4. etc.

Leaving the details out of scope gives the flexibility for the home
domain to enforce its own policy freely.

I hope this address your concern.

Cheers! 
> 
> Vijay
> 
>

Follow-Ups:
- Re: [MEXT] Binding Revocation almost ready for IESG
  - From: Vijay Devarapalli

References:
- Re: [MEXT] Binding Revocation almost ready for IESG
  - From: Ahmad Muhanna

Prev by Date: Re: [MEXT] weird idea about flow bindings
Next by Date: Re: [MEXT] Review of draft-ietf-monami6-multiplecoa-13 + Proposals
Previous by thread: Re: [MEXT] Binding Revocation almost ready for IESG
Next by thread: Re: [MEXT] Binding Revocation almost ready for IESG
Index(es):
- Date
- Thread