Re: [MEXT] FW: New Version Notification for draft-patil-mext-mip6issueswithipsec-00
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [MEXT] FW: New Version Notification for draft-patil-mext-mip6issueswithipsec-00
Hi Raj
It is a very interesting draft.
Issue #1 "... As a result of this dependence,
MIP6 is no longer a standalone host-based
mobility protocol..."
General speaking, I am with you. The protocol
is not elastic enough. IPSec is a very good
tool which MIPv6 should make use of .
On the other hand, it is better to keep the
protocol minimal self-sufficient in case
some external dependencies can not be satisfied.
Issue #2 "...Use of IPsec with Mobile IPv6 requires
configuration which in many cases is not easily done
because of reasons such as enterprise environments
preventing changing to IPsec policies or other"
Question: could you give me one case as an example?
Issue #3 "...The ability to terminate a large number
of IPsec SAs (millions) requires signifiant hardware
and platform capability. The cost issues of such an
HA are detrimental and hence act as a barrier to deployment"
I can partly agree with you because it is optional
to use IPSec for data traffice between MNs and HAs.
Issue #5 " MIP6 without any dependencies
on protocols for security is easier to implement and
has wider applicability'
I agree to decouple MIPv6 from IKE/IPSec.
BR
Frank
----- Original Message -----
From: "Basavaraj Patil" <basFrom mext-bounces at ietf.org Fri Oct 31 09:45:55 2008
Return-Path: <mext-bounces at ietf.org>
X-Original-To: mip6-archive at megatron.ietf.org
Delivered-To: ietfarch-mip6-archive at core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1])
by core3.amsl.com (Postfix) with ESMTP id 516A93A6C33;
Fri, 31 Oct 2008 09:45:55 -0700 (PDT)
X-Original-To: mext at core3.amsl.com
Delivered-To: mext at core3.amsl.com
Received: from localhost (localhost [127.0.0.1])
by core3.amsl.com (Postfix) with ESMTP id 3B35C3A6C33
for <mext at core3.amsl.com>; Fri, 31 Oct 2008 09:45:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.669
X-Spam-Level:
X-Spam-Status: No, score=-1.669 tagged_above=-999 required=5 tests=[AWL=0.929,
BAYES_00=-2.599, STOX_REPLY_TYPE=0.001]
Received: from mail.ietf.org ([64.170.98.32])
by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id tgA06iEq--nv for <mext at core3.amsl.com>;
Fri, 31 Oct 2008 09:45:53 -0700 (PDT)
Received: from usaga04-in.huawei.com (usaga04-in.huawei.com [206.16.17.180])
by core3.amsl.com (Postfix) with ESMTP id EFAC73A6997
for <mext at ietf.org>; Fri, 31 Oct 2008 09:45:35 -0700 (PDT)
Received: from huawei.com (usaga04-in [172.18.9.16])
by usaga04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14
(built Aug
8 2006)) with ESMTP id <0K9M00BRZ3VXPE at usaga04-in.huawei.com> for
mext at ietf.org; Fri, 31 Oct 2008 11:45:34 -0500 (CDT)
Received: from X24512z ([10.124.12.63])
by usaga04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14
(built Aug
8 2006)) with ESMTPA id <0K9M00H3E3VWNZ at usaga04-in.huawei.com> for
mext at ietf.org; Fri, 31 Oct 2008 11:45:33 -0500 (CDT)
Date: Fri, 31 Oct 2008 11:45:32 -0500
From: Frank Xia <xiayangsong at huawei.com>
To: Basavaraj Patil <basavaraj.patil at nokia.com>, mext at ietf.org
Message-id: <002f01c93b78$17786410$3f0c7c0a at china.huawei.com>
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
X-Mailer: Microsoft Outlook Express 6.00.2900.3138
X-Priority: 3
X-MSMail-priority: Normal
References: <C52B6435.1C272%basavaraj.patil at nokia.com>
Subject: Re: [MEXT] FW: New Version Notification for
draft-patil-mext-mip6issueswithipsec-00
X-BeenThere: mext at ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Mobile IPv6 EXTensions WG <mext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/mext>,
<mailto:mext-request at ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/mext>
List-Post: <mailto:mext at ietf.org>
List-Help: <mailto:mext-request at ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mext>,
<mailto:mext-request at ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Sender: mext-bounces at ietf.org
Errors-To: mext-bounces at ietf.org
Hi Raj
It is a very interesting draft.
Issue #1 "... As a result of this dependence,
MIP6 is no longer a standalone host-based
mobility protocol..."
General speaking, I am with you. The protocol
is not elastic enough. IPSec is a very good
tool which MIPv6 should make use of .
On the other hand, it is better to keep the
protocol minimal self-sufficient in case
some external dependencies can not be satisfied.
Issue #2 "...Use of IPsec with Mobile IPv6 requires
configuration which in many cases is not easily done
because of reasons such as enterprise environments
preventing changing to IPsec policies or other"
Question: could you give me one case as an example?
Issue #3 "...The ability to terminate a large number
of IPsec SAs (millions) requires signifiant hardware
and platform capability. The cost issues of such an
HA are detrimental and hence act as a barrier to deployment"
I can partly agree with you because it is optional
to use IPSec for data traffice between MNs and HAs.
Issue #5 " MIP6 without any dependencies
on protocols for security is easier to implement and
has wider applicability'
I agree to decouple MIPv6 from IKE/IPSec.
BR
Frank
----- Original Message -----
From: "Basavaraj Patil" <basavaraj.pavaraj.patil at nokia.com>
To: <mext at ietf.org>
Sent: Monday, October 27, 2008 12:27 PM
Subject: [MEXT] FW: New Version Notification for
draft-patil-mext-mip6issueswithipsec-00
FYI,
------ Forwarded Message
From: ext IETF I-D Submission Tool <idsubmission at ietf.org>
Date: Mon, 27 Oct 2008 09:55:13 -0700 (PDT)
To: Basavaraj Patil <basavaraj.patil at nokia.com>
Cc: Charles Perkins <charliep at wichorus.com>, <Hannes.Tschofenig at gmx.net>
Subject: New Version Notification for
draft-patil-mext-mip6issueswithipsec-00
A new version of I-D, draft-patil-mext-mip6issueswithipsec-00.txt has been
successfuly submitted by Basavaraj Patil and posted to the IETF
repository.
Filename: draft-patil-mext-mip6issueswithipsec
Revision: 00
Title: Issues related to the design choice of IPsec for Mobile IPv6
security
Creation_date: 2008-10-27
WG ID: Independent Submission
Number_of_pages: 15
Abstract:
Mobile IPv6 as specified in RFC3775 relies on IPsec for security. An
IPsec SA between the mobile node and the home agent provides security
for the mobility signaling. Use of IPsec for securing the data
traffic between the mobile node and home agent is optional. This
document analyses the implications of the design decision to mandate
IPsec as the default security protocol for Mobile IPv6 and recommends
revisiting this decision in view of the experience gained from
implementation and adoption in other standards bodies.
The IETF Secretariat.
------ End of Forwarded Message
_______________________________________________
MEXT mailing list
MEXT at ietf.org
https://www.ietf.org/mailman/listinfo/mext
_______________________________________________
MEXT mailing list
MEXT at ietf.org
https://www.ietf.org/mailman/listinfo/mext
atil at nokia.com>
To: <mext at ietf.org>
Sent: Monday, October 27, 2008 12:27 PM
Subject: [MEXT] FW: New Version Notification for
draft-patil-mext-mip6issueswithipsec-00
FYI,
------ Forwarded Message
From: ext IETF I-D Submission Tool <idsubmission at ietf.org>
Date: Mon, 27 Oct 2008 09:55:13 -0700 (PDT)
To: Basavaraj Patil <basavaraj.patil at nokia.com>
Cc: Charles Perkins <charliep at wichorus.com>, <Hannes.Tschofenig at gmx.net>
Subject: New Version Notification for
draft-patil-mext-mip6issueswithipsec-00
A new version of I-D, draft-patil-mext-mip6issueswithipsec-00.txt has been
successfuly submitted by Basavaraj Patil and posted to the IETF
repository.
Filename: draft-patil-mext-mip6issueswithipsec
Revision: 00
Title: Issues related to the design choice of IPsec for Mobile IPv6
security
Creation_date: 2008-10-27
WG ID: Independent Submission
Number_of_pages: 15
Abstract:
Mobile IPv6 as specified in RFC3775 relies on IPsec for security. An
IPsec SA between the mobile node and the home agent provides security
for the mobility signaling. Use of IPsec for securing the data
traffic between the mobile node and home agent is optional. This
document analyses the implications of the design decision to mandate
IPsec as the default security protocol for Mobile IPv6 and recommends
revisiting this decision in view of the experience gained from
implementation and adoption in other standards bodies.
The IETF Secretariat.
------ End of Forwarded Message
_______________________________________________
MEXT mailing list
MEXT at ietf.org
https://www.ietf.org/mailman/listinfo/mext
_______________________________________________
MEXT mailing list
MEXT at ietf.org
https://www.ietf.org/mailman/listinfo/mext
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
