From roque@lacnic.net Tue Oct 6 04:35:09 2009 Return-Path: X-Original-To: cga-ext@core3.amsl.com Delivered-To: cga-ext@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C873928C171 for ; Tue, 6 Oct 2009 04:35:09 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.488 X-Spam-Level: X-Spam-Status: No, score=-0.488 tagged_above=-999 required=5 tests=[AWL=-0.560, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_EQ_IP_ADDR=1.119, HTML_MESSAGE=0.001, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id njq+ZcSHcoRO for ; Tue, 6 Oct 2009 04:35:08 -0700 (PDT) Received: from mail.lacnic.net.uy (mail.lacnic.net.uy [IPv6:2001:13c7:7001:4000::3]) by core3.amsl.com (Postfix) with ESMTP id 94B9B28C158 for ; Tue, 6 Oct 2009 04:35:07 -0700 (PDT) Received: from [200.7.85.67] (unknown [200.7.85.67]) by mail.lacnic.net.uy (Postfix) with ESMTP id 0AA51308512 for ; Tue, 6 Oct 2009 09:36:24 -0200 (UYST) Message-Id: <3459FB4F-F275-4436-ADBE-B35EF8FD88F7@lacnic.net> From: Roque Gagliano To: cga-ext@ietf.org Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Apple-Mail-10--503641358" Mime-Version: 1.0 (Apple Message framework v936) Date: Tue, 6 Oct 2009 12:35:49 +0100 References: <20091006112313.4514728C167@core3.amsl.com> X-Pgp-Agent: GPGMail d55 (v55, Leopard) Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.936) X-LACNIC.uy-MailScanner-Information: Please contact the ISP for more information X-LACNIC.uy-MailScanner: Found to be clean X-LACNIC.uy-MailScanner-SpamCheck: X-LACNIC.uy-MailScanner-From: roque@lacnic.net Subject: [CGA-EXT] Fwd: New Version Notification for draft-rgaglian-csi-send-ski-ta-nametype-00 X-BeenThere: cga-ext@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: CGA and SeND Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Oct 2009 11:35:09 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --Apple-Mail-10--503641358 Content-Type: multipart/alternative; boundary=Apple-Mail-9--503641401 --Apple-Mail-9--503641401 Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Dear WG, At the "cert" team we have identify a problem with RFC 3971 and the trust anchor name types defined there. The RFC defines as possible name types a X501 subject name or a FQDN. The problem we have is that subject name may not be unique across CAs in a PKI. As we decided to adopt SIDR WG certificate profile, the Subject Key Identifier extension is mandatory now. Consequently, we can use this hash of the subject public key to identify the host TAs even if we need to search across several CAs. We are issuing this draft to document the problem. However, RFC 3971 did not set a Registry for name types in the TA ICMP option, which means that the only way to implement this new name type is to modify RFC 3971 that I understand was already part of the plans for this WG. How do the group feels about taking this path? Regards, Roque, Suresh, Ana. Begin forwarded message: > From: IETF I-D Submission Tool > Date: October 6, 2009 12:23:13 PM GMT+01:00 > To: roque@lacnic.net > Cc: suresh.krishnan@ericsson.com,ana.kukec@fer.hr > Subject: New Version Notification for draft-rgaglian-csi-send-ski- > ta-nametype-00 > > > A new version of I-D, draft-rgaglian-csi-send-ski-ta-nametype-00.txt > has been successfuly submitted by Roque Gagliano and posted to the > IETF repository. > > Filename: draft-rgaglian-csi-send-ski-ta-nametype > Revision: 00 > Title: Subject Key Identifier (SKI) name type for SEND TA option > Creation_date: 2009-10-06 > WG ID: Independent Submission > Number_of_pages: 10 > > Abstract: > SEcure Neighbor Discovery (SEND) Utilizes X.509v3 certificates for > performing router authorization. This document specifies a SEND name > type to identify trust anchor X.509v3 certificates based on its > Subject Key Identifier. > > > > The IETF Secretariat. > ------------------------------------------------------------- Roque Gagliano LACNIC roque@lacnic.net GPG Fingerprint: E929 06F4 D8CD 2AD8 9365 DB72 9E4F 964A 01E9 6CEE --Apple-Mail-9--503641401 Content-Type: text/html; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Dear WG,

At = the "cert" team we have identify a problem with RFC 3971 and the trust = anchor name types defined there. The RFC defines as possible name types = a X501 subject name or a FQDN. The problem we have is that subject = name may not be unique across CAs in a = PKI. 

As we decided to adopt SIDR WG = certificate profile, the Subject Key Identifier extension is mandatory = now. Consequently, we can use this hash of the subject public key to = identify the host TAs even if we need to search across several = CAs.

We are issuing this draft to document the = problem. However, RFC 3971 did not set a Registry for name types in the = TA ICMP option, which means that the only way to implement this new name = type is to modify RFC 3971 that I understand was already part of the = plans for this WG. 

How do the group feels = about taking this = path?

Regards,

Roque, = Suresh, Ana.


Begin forwarded = message:

From: IETF I-D Submission Tool <idsubmission@ietf.org>=
Date: October 6, 2009 12:23:13 PM = GMT+01:00
Subject: = New Version Notification for  = draft-rgaglian-csi-send-ski-ta-nametype-00 


A new = version of I-D, draft-rgaglian-csi-send-ski-ta-nametype-00.txt has been = successfuly submitted by Roque Gagliano and posted to the IETF = repository.

Filename: = draft-rgaglian-csi-send-ski-ta-nametype
Revision: = 00
Title: = = Subject Key Identifier (SKI) name type for SEND TA = option
Creation_date: 2009-10-06
WG ID: = Independent Submission
Number_of_pages: 10

Abstract:
SEcure = Neighbor Discovery (SEND) Utilizes X.509v3 certificates = for
performing router authorization.  This document specifies a = SEND name
type to identify trust anchor X.509v3 certificates based on = its
Subject Key Identifier.



The IETF = Secretariat.


-------------------------------------------------------------<= /div>
Roque Gagliano
LACNIC
GPG = Fingerprint: E929 06F4 D8CD 2AD8 9365  DB72 9E4F 964A 01E9 = 6CEE
=

= --Apple-Mail-9--503641401-- --Apple-Mail-10--503641358 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: This is a digitally signed message part content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) iEYEARECAAYFAkrLK5UACgkQnk+WSgHpbO5+AQCdGcuOqgAL0R8rRaIhMJ4mBim1 y98AoLzY04sx/Xojx+Kd3Xu0VQcF8haP =iJVS -----END PGP SIGNATURE----- --Apple-Mail-10--503641358-- From marcelo@it.uc3m.es Tue Oct 6 06:52:23 2009 Return-Path: X-Original-To: cga-ext@core3.amsl.com Delivered-To: cga-ext@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A58693A6925 for ; Tue, 6 Oct 2009 06:52:23 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.524 X-Spam-Level: X-Spam-Status: No, score=-6.524 tagged_above=-999 required=5 tests=[AWL=0.075, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7KvMT4EWQi3k for ; Tue, 6 Oct 2009 06:52:22 -0700 (PDT) Received: from smtp02.uc3m.es (smtp02.uc3m.es [163.117.176.132]) by core3.amsl.com (Postfix) with ESMTP id 6F5F73A67AE for ; Tue, 6 Oct 2009 06:52:21 -0700 (PDT) Received: from marcelo-bagnulos-macbook-pro.local (wlap005.it.uc3m.es [163.117.139.108]) by smtp02.uc3m.es (Postfix) with ESMTP id CDFE7655FC1; Tue, 6 Oct 2009 15:53:57 +0200 (CEST) Message-ID: <4ACB4BF5.8090102@it.uc3m.es> Date: Tue, 06 Oct 2009 15:53:57 +0200 From: marcelo bagnulo braun User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812) MIME-Version: 1.0 To: Roque Gagliano References: <20091006112313.4514728C167@core3.amsl.com> <3459FB4F-F275-4436-ADBE-B35EF8FD88F7@lacnic.net> In-Reply-To: <3459FB4F-F275-4436-ADBE-B35EF8FD88F7@lacnic.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-TM-AS-Product-Ver: IMSS-7.0.0.3116-5.6.0.1016-16930.003 Cc: cga-ext@ietf.org Subject: Re: [CGA-EXT] Fwd: New Version Notification for draft-rgaglian-csi-send-ski-ta-nametype-00 X-BeenThere: cga-ext@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: CGA and SeND Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Oct 2009 13:52:23 -0000 Hi, My take on this one. I think we need a way to distinguish TAs across different CAs. I think that using the Hash of the public key is a reasonable option. Now, what i am not sure i understand is why do we need a new option. I mean, wouldn't be possible to define a new Name Type of the Trust anchor Option defined in section 6.4.3 of RFC3971, the new Name type being the SKI? People that are using multiple Tas should use this Name Type to be certain that they identify the right TA accors multiple TAs. Regards, marcelo Roque Gagliano escribió: > Dear WG, > > At the "cert" team we have identify a problem with RFC 3971 and the > trust anchor name types defined there. The RFC defines as possible > name types a X501 subject name or a FQDN. The problem we have is that > subject name may not be unique across CAs in a PKI. > > As we decided to adopt SIDR WG certificate profile, the Subject Key > Identifier extension is mandatory now. Consequently, we can use this > hash of the subject public key to identify the host TAs even if we > need to search across several CAs. > > We are issuing this draft to document the problem. However, RFC 3971 > did not set a Registry for name types in the TA ICMP option, which > means that the only way to implement this new name type is to modify > RFC 3971 that I understand was already part of the plans for this WG. > > How do the group feels about taking this path? > > Regards, > > Roque, Suresh, Ana. > > > Begin forwarded message: > >> *From: *IETF I-D Submission Tool > > >> *Date: *October 6, 2009 12:23:13 PM GMT+01:00 >> *To: *roque@lacnic.net >> *Cc: *suresh.krishnan@ericsson.com >> ,ana.kukec@fer.hr >> >> *Subject: **New Version Notification for >> draft-rgaglian-csi-send-ski-ta-nametype-00 * >> >> >> A new version of I-D, draft-rgaglian-csi-send-ski-ta-nametype-00.txt >> has been successfuly submitted by Roque Gagliano and posted to the >> IETF repository. >> >> Filename: draft-rgaglian-csi-send-ski-ta-nametype >> Revision: 00 >> Title: Subject Key Identifier (SKI) name type for SEND TA option >> Creation_date: 2009-10-06 >> WG ID: Independent Submission >> Number_of_pages: 10 >> >> Abstract: >> SEcure Neighbor Discovery (SEND) Utilizes X.509v3 certificates for >> performing router authorization. This document specifies a SEND name >> type to identify trust anchor X.509v3 certificates based on its >> Subject Key Identifier. >> >> >> >> The IETF Secretariat. >> > > ------------------------------------------------------------- > Roque Gagliano > LACNIC > roque@lacnic.net > GPG Fingerprint: E929 06F4 D8CD 2AD8 9365 DB72 9E4F 964A 01E9 6CEE > > ------------------------------------------------------------------------ > > _______________________________________________ > CGA-EXT mailing list > CGA-EXT@ietf.org > https://www.ietf.org/mailman/listinfo/cga-ext > From marcelo@it.uc3m.es Tue Oct 6 08:40:03 2009 Return-Path: X-Original-To: cga-ext@core3.amsl.com Delivered-To: cga-ext@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id ACBF23A6901 for ; Tue, 6 Oct 2009 08:40:02 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.527 X-Spam-Level: X-Spam-Status: No, score=-6.527 tagged_above=-999 required=5 tests=[AWL=0.072, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1PCEo84bqNqL for ; Tue, 6 Oct 2009 08:40:00 -0700 (PDT) Received: from smtp02.uc3m.es (smtp02.uc3m.es [163.117.176.132]) by core3.amsl.com (Postfix) with ESMTP id AD5693A6860 for ; Tue, 6 Oct 2009 08:40:00 -0700 (PDT) Received: from marcelo-bagnulos-macbook-pro.local (wlap005.it.uc3m.es [163.117.139.108]) by smtp02.uc3m.es (Postfix) with ESMTP id ED6826C2BCE; Tue, 6 Oct 2009 17:41:36 +0200 (CEST) Message-ID: <4ACB6530.6070407@it.uc3m.es> Date: Tue, 06 Oct 2009 17:41:36 +0200 From: marcelo bagnulo braun User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812) MIME-Version: 1.0 To: "cga-ext@ietf.org" Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-TM-AS-Product-Ver: IMSS-7.0.0.3116-5.6.0.1016-16930.003 Subject: [CGA-EXT] Call for presentations X-BeenThere: cga-ext@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: CGA and SeND Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Oct 2009 15:40:03 -0000 Hi, We have scheduled a meeting for the IETF76. If you want a slot for making a presentation, please let us know. Regards, marcelo From roque@lacnic.net Tue Oct 6 11:10:48 2009 Return-Path: X-Original-To: cga-ext@core3.amsl.com Delivered-To: cga-ext@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2302F3A68B8 for ; Tue, 6 Oct 2009 11:10:48 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n+eco43e+WoY for ; Tue, 6 Oct 2009 11:10:46 -0700 (PDT) Received: from mail.lacnic.net.uy (mail.lacnic.net.uy [IPv6:2001:13c7:7001:4000::3]) by core3.amsl.com (Postfix) with ESMTP id 5A0023A6783 for ; Tue, 6 Oct 2009 11:10:45 -0700 (PDT) Received: from [IPv6:2001:67c:64:42:225:ff:fe4b:94a8] (unknown [IPv6:2001:67c:64:42:225:ff:fe4b:94a8]) by mail.lacnic.net.uy (Postfix) with ESMTP id 427FF308502; Tue, 6 Oct 2009 16:12:09 -0200 (UYST) Message-Id: <6ADE5FD5-0981-44C2-ACA6-C943F1466AAC@lacnic.net> From: Roque Gagliano To: marcelo bagnulo braun In-Reply-To: <4ACB4BF5.8090102@it.uc3m.es> Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Apple-Mail-16--479863460" Mime-Version: 1.0 (Apple Message framework v936) Date: Tue, 6 Oct 2009 19:12:06 +0100 References: <20091006112313.4514728C167@core3.amsl.com> <3459FB4F-F275-4436-ADBE-B35EF8FD88F7@lacnic.net> <4ACB4BF5.8090102@it.uc3m.es> X-Pgp-Agent: GPGMail d55 (v55, Leopard) Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.936) X-LACNIC.uy-MailScanner-Information: Please contact the ISP for more information X-LACNIC.uy-MailScanner: Found to be clean X-LACNIC.uy-MailScanner-SpamCheck: X-LACNIC.uy-MailScanner-From: roque@lacnic.net Cc: cga-ext@ietf.org Subject: Re: [CGA-EXT] Fwd: New Version Notification for draft-rgaglian-csi-send-ski-ta-nametype-00 X-BeenThere: cga-ext@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: CGA and SeND Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Oct 2009 18:10:48 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --Apple-Mail-16--479863460 Content-Type: multipart/alternative; boundary=Apple-Mail-15--479863476 --Apple-Mail-15--479863476 Content-Type: text/plain; charset=ISO-8859-1; format=flowed; delsp=yes Content-Transfer-Encoding: quoted-printable Marcelo, What is being propossed is exactly that, a new Name Type of the Trust =20= anchor Option: Name Type TBD SHA-1 Subject Key Identifier (SKI) To be added to the ones already defined in RFC 3971in sectin 6.4.3 "The type of the name included in the Name field. This specification =20 defines two legal values for this field: 1 DER Encoded X.501 Name 2 FQDN" Regards, Roque On Oct 6, 2009, at 2:53 PM, marcelo bagnulo braun wrote: > Hi, > > My take on this one. > I think we need a way to distinguish TAs across different CAs. I =20 > think that using the Hash of the public key is a reasonable option. > > Now, what i am not sure i understand is why do we need a new option. > I mean, wouldn't be possible to define a new Name Type of the Trust =20= > anchor Option defined in section 6.4.3 of RFC3971, the new Name type =20= > being the SKI? > > People that are using multiple Tas should use this Name Type to be =20 > certain that they identify the right TA accors multiple TAs. > > Regards, marcelo > > > Roque Gagliano escribi=F3: >> Dear WG, >> >> At the "cert" team we have identify a problem with RFC 3971 and the =20= >> trust anchor name types defined there. The RFC defines as possible =20= >> name types a X501 subject name or a FQDN. The problem we have is =20 >> that subject name may not be unique across CAs in a PKI. >> As we decided to adopt SIDR WG certificate profile, the Subject Key =20= >> Identifier extension is mandatory now. Consequently, we can use =20 >> this hash of the subject public key to identify the host TAs even =20 >> if we need to search across several CAs. >> >> We are issuing this draft to document the problem. However, RFC =20 >> 3971 did not set a Registry for name types in the TA ICMP option, =20 >> which means that the only way to implement this new name type is to =20= >> modify RFC 3971 that I understand was already part of the plans for =20= >> this WG. >> How do the group feels about taking this path? >> >> Regards, >> >> Roque, Suresh, Ana. >> >> >> Begin forwarded message: >> >>> *From: *IETF I-D Submission Tool >> >> >>> *Date: *October 6, 2009 12:23:13 PM GMT+01:00 >>> *To: *roque@lacnic.net >>> *Cc: *suresh.krishnan@ericsson.com = >> >,ana.kukec@fer.hr >>> *Subject: **New Version Notification for draft-rgaglian-csi-send-=20= >>> ski-ta-nametype-00 * >>> >>> >>> A new version of I-D, draft-rgaglian-csi-send-ski-ta-=20 >>> nametype-00.txt has been successfuly submitted by Roque Gagliano =20 >>> and posted to the IETF repository. >>> >>> Filename: draft-rgaglian-csi-send-ski-ta-nametype >>> Revision: 00 >>> Title: Subject Key Identifier (SKI) name type for SEND TA option >>> Creation_date: 2009-10-06 >>> WG ID: Independent Submission >>> Number_of_pages: 10 >>> >>> Abstract: >>> SEcure Neighbor Discovery (SEND) Utilizes X.509v3 certificates for >>> performing router authorization. This document specifies a SEND =20 >>> name >>> type to identify trust anchor X.509v3 certificates based on its >>> Subject Key Identifier. >>> >>> >>> >>> The IETF Secretariat. >>> >> >> ------------------------------------------------------------- >> Roque Gagliano >> LACNIC >> roque@lacnic.net >> GPG Fingerprint: E929 06F4 D8CD 2AD8 9365 DB72 9E4F 964A 01E9 6CEE >> >> = ------------------------------------------------------------------------ >> >> _______________________________________________ >> CGA-EXT mailing list >> CGA-EXT@ietf.org >> https://www.ietf.org/mailman/listinfo/cga-ext >> ------------------------------------------------------------- Roque Gagliano LACNIC roque@lacnic.net GPG Fingerprint: E929 06F4 D8CD 2AD8 9365 DB72 9E4F 964A 01E9 6CEE --Apple-Mail-15--479863476 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Marcelo,

What is being propossed is exactly that, a = new Name Type of the Trust anchor Option:

Name Type  
TBD SHA-1 Subject =
Key Identifier (SKI)
To be added to the ones already defined in RFC 3971in sectin = 6.4.3
"The type of the name included in the Name =
field.  This
      specification defines two legal values for this =
field: 
 1        DER =
Encoded X.501 Name 
 2        =
FQDN"

Regards,
Roque

On Oct 6, 2009, at = 2:53 PM, marcelo bagnulo braun wrote:

Hi,

My take = on this one.
I think we need a way to distinguish TAs across = different CAs. I think that using the Hash of the public key is a = reasonable option.

Now, what i am not sure i understand is why do = we need a new option.
I mean, wouldn't be possible to define a new = Name Type of the Trust anchor Option defined in section 6.4.3 of = RFC3971, the new Name type being the SKI?

People that are using = multiple Tas should use this Name Type to be certain that they identify = the right TA accors multiple TAs.

Regards, = marcelo


Roque Gagliano escribi=F3:
Dear WG,

At the "cert" team = we have identify a problem with RFC 3971 and the trust anchor name types = defined there. The RFC defines as possible name types a X501 subject = name or a FQDN. The problem we have is that subject name may not be = unique across CAs in a PKI.
As we decided to adopt SIDR WG certificate profile, the Subject = Key Identifier extension is mandatory now. Consequently, we can use this = hash of the subject public key to identify the host TAs even if we need = to search across several CAs.

We are issuing = this draft to document the problem. However, RFC 3971 did not set a = Registry for name types in the TA ICMP option, which means that the only = way to implement this new name type is to modify RFC 3971 that I = understand was already part of the plans for this WG. =
How do the group = feels about taking this path?

Regards,

Roque, Suresh, = Ana.


Begin forwarded = message:

*From: *IETF I-D Submission Tool = <idsubmission@ietf.org <mailto:idsubmission@ietf.org>= >
*Date: *October 6, 2009 12:23:13 PM = GMT+01:00
*To: *roque@lacnic.net <mailto:roque@lacnic.net>
*Cc: *suresh.krishnan@ericsson.com <mailto:suresh.krishnan@ericss= on.com>,ana.kukec@fer.hr <mailto:ana.kukec@fer.hr>
*Subject: **New Version Notification for =  draft-rgaglian-csi-send-ski-ta-nametype-00 = *


A new version of I-D, = draft-rgaglian-csi-send-ski-ta-nametype-00.txt has been successfuly = submitted by Roque Gagliano and posted to the IETF = repository.

Filename: = draft-rgaglian-csi-send-ski-ta-nametype
Revision: = 00
Title: Subject Key Identifier (SKI) name type = for SEND TA = option
Creation_date: = 2009-10-06
WG ID: Independent = Submission
Number_of_pages: = 10

Abstract:
SEcure Neighbor Discovery (SEND) Utilizes = X.509v3 certificates = for
performing router authorization.  This = document specifies a SEND = name
type to identify trust anchor X.509v3 = certificates based on = its
Subject Key = Identifier.



The IETF = Secretariat.


-------------------------------------------------------------
Roque = Gagliano
LACNIC
roque@lacnic.net <mailto:roque@lacnic.net>
GPG Fingerprint: = E929 06F4 D8CD 2AD8 9365  DB72 9E4F 964A 01E9 = 6CEE

-------------------------------------------------------------------= -----

_______________________________________________
CGA-EXT mailing = list
CGA-EXT@ietf.org
https://www.ietf.or= g/mailman/listinfo/cga-ext
=  

-------------------------------------------------------------
Roque Gagliano
LACNIC
<= div>GPG Fingerprint: = E929 06F4 D8CD 2AD8 9365  DB72 9E4F 964A 01E9 = 6CEE
=

= --Apple-Mail-15--479863476-- --Apple-Mail-16--479863460 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: This is a digitally signed message part content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) iEYEARECAAYFAkrLiHcACgkQnk+WSgHpbO4DlACfTO5vXHhLSeNrOIGiecGoeDBP IisAniMsUQDup1KO40zJ1irE0tlV9aA5 =O7bo -----END PGP SIGNATURE----- --Apple-Mail-16--479863460-- From marcelo@it.uc3m.es Tue Oct 6 11:30:35 2009 Return-Path: X-Original-To: cga-ext@core3.amsl.com Delivered-To: cga-ext@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 51CDB3A6853 for ; Tue, 6 Oct 2009 11:30:35 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.533 X-Spam-Level: X-Spam-Status: No, score=-6.533 tagged_above=-999 required=5 tests=[AWL=0.066, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i9OzqUGmOR3u for ; Tue, 6 Oct 2009 11:30:34 -0700 (PDT) Received: from smtp03.uc3m.es (smtp03.uc3m.es [163.117.176.133]) by core3.amsl.com (Postfix) with ESMTP id 157F83A676A for ; Tue, 6 Oct 2009 11:30:34 -0700 (PDT) Received: from marcelo-bagnulos-macbook-pro.local (54.pool85-53-139.dynamic.orange.es [85.53.139.54]) by smtp03.uc3m.es (Postfix) with ESMTP id 8540B7F3BAB; Tue, 6 Oct 2009 20:32:10 +0200 (CEST) Message-ID: <4ACB8D2A.9010208@it.uc3m.es> Date: Tue, 06 Oct 2009 20:32:10 +0200 From: marcelo bagnulo braun User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812) MIME-Version: 1.0 To: Roque Gagliano References: <20091006112313.4514728C167@core3.amsl.com> <3459FB4F-F275-4436-ADBE-B35EF8FD88F7@lacnic.net> <4ACB4BF5.8090102@it.uc3m.es> <6ADE5FD5-0981-44C2-ACA6-C943F1466AAC@lacnic.net> In-Reply-To: <6ADE5FD5-0981-44C2-ACA6-C943F1466AAC@lacnic.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-TM-AS-Product-Ver: IMSS-7.0.0.3116-5.6.0.1016-16930.003 Cc: cga-ext@ietf.org Subject: Re: [CGA-EXT] Fwd: New Version Notification for draft-rgaglian-csi-send-ski-ta-nametype-00 X-BeenThere: cga-ext@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: CGA and SeND Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Oct 2009 18:30:35 -0000 ah, perfect then! I guess i got confused by the title of the section that reads: 3. SEND SKI trust anchor identifier option But you are not defining a SEND SKI trust anchor identifier option but you are defining a SKI NAME TYPE, correct? If so, i don't think we need to update rfc3971, we just need to publish this document as STD RFC, correct? Regards, marcelo Roque Gagliano escribió: > Marcelo, > > What is being propossed is exactly that, a new Name Type of the Trust > anchor Option: > > Name Type > TBD SHA-1 Subject Key Identifier (SKI) > To be added to the ones already defined in RFC 3971in sectin 6.4.3 > "The type of the name included in the Name field. This > specification defines two legal values for this field: > 1 DER Encoded X.501 Name > 2 FQDN" > > Regards, > Roque > > On Oct 6, 2009, at 2:53 PM, marcelo bagnulo braun wrote: > >> Hi, >> >> My take on this one. >> I think we need a way to distinguish TAs across different CAs. I >> think that using the Hash of the public key is a reasonable option. >> >> Now, what i am not sure i understand is why do we need a new option. >> I mean, wouldn't be possible to define a new Name Type of the Trust >> anchor Option defined in section 6.4.3 of RFC3971, the new Name type >> being the SKI? >> >> People that are using multiple Tas should use this Name Type to be >> certain that they identify the right TA accors multiple TAs. >> >> Regards, marcelo >> >> >> Roque Gagliano escribió: >>> Dear WG, >>> >>> At the "cert" team we have identify a problem with RFC 3971 and the >>> trust anchor name types defined there. The RFC defines as possible >>> name types a X501 subject name or a FQDN. The problem we have is >>> that subject name may not be unique across CAs in a PKI. >>> As we decided to adopt SIDR WG certificate profile, the Subject Key >>> Identifier extension is mandatory now. Consequently, we can use this >>> hash of the subject public key to identify the host TAs even if we >>> need to search across several CAs. >>> >>> We are issuing this draft to document the problem. However, RFC 3971 >>> did not set a Registry for name types in the TA ICMP option, which >>> means that the only way to implement this new name type is to modify >>> RFC 3971 that I understand was already part of the plans for this WG. >>> How do the group feels about taking this path? >>> >>> Regards, >>> >>> Roque, Suresh, Ana. >>> >>> >>> Begin forwarded message: >>> >>>> *From: *IETF I-D Submission Tool >>> > >>>> *Date: *October 6, 2009 12:23:13 PM GMT+01:00 >>>> *To: *roque@lacnic.net >>>> *Cc: *suresh.krishnan@ericsson.com >>>> ,ana.kukec@fer.hr >>>> >>>> *Subject: **New Version Notification for >>>> draft-rgaglian-csi-send-ski-ta-nametype-00 * >>>> >>>> >>>> A new version of I-D, >>>> draft-rgaglian-csi-send-ski-ta-nametype-00.txt has been successfuly >>>> submitted by Roque Gagliano and posted to the IETF repository. >>>> >>>> Filename: draft-rgaglian-csi-send-ski-ta-nametype >>>> Revision: 00 >>>> Title: Subject Key Identifier (SKI) name type for SEND TA option >>>> Creation_date: 2009-10-06 >>>> WG ID: Independent Submission >>>> Number_of_pages: 10 >>>> >>>> Abstract: >>>> SEcure Neighbor Discovery (SEND) Utilizes X.509v3 certificates for >>>> performing router authorization. This document specifies a SEND name >>>> type to identify trust anchor X.509v3 certificates based on its >>>> Subject Key Identifier. >>>> >>>> >>>> >>>> The IETF Secretariat. >>>> >>> >>> ------------------------------------------------------------- >>> Roque Gagliano >>> LACNIC >>> roque@lacnic.net >>> GPG Fingerprint: E929 06F4 D8CD 2AD8 9365 DB72 9E4F 964A 01E9 6CEE >>> >>> ------------------------------------------------------------------------ >>> >>> _______________________________________________ >>> CGA-EXT mailing list >>> CGA-EXT@ietf.org >>> https://www.ietf.org/mailman/listinfo/cga-ext >>> > > ------------------------------------------------------------- > Roque Gagliano > LACNIC > roque@lacnic.net > GPG Fingerprint: E929 06F4 D8CD 2AD8 9365 DB72 9E4F 964A 01E9 6CEE > From roque@lacnic.net Tue Oct 6 12:16:57 2009 Return-Path: X-Original-To: cga-ext@core3.amsl.com Delivered-To: cga-ext@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0802828C1F6 for ; Tue, 6 Oct 2009 12:16:57 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, NO_RELAYS=-0.001] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hlPwlU5xBWzF for ; Tue, 6 Oct 2009 12:16:56 -0700 (PDT) Received: from mail.lacnic.net.uy (mail.lacnic.net.uy [IPv6:2001:13c7:7001:4000::3]) by core3.amsl.com (Postfix) with ESMTP id 1451D28C17B for ; Tue, 6 Oct 2009 12:16:55 -0700 (PDT) Received: from [IPv6:2001:67c:64:42:225:ff:fe4b:94a8] (unknown [IPv6:2001:67c:64:42:225:ff:fe4b:94a8]) by mail.lacnic.net.uy (Postfix) with ESMTP id 5284C3084EC for ; Tue, 6 Oct 2009 17:18:29 -0200 (UYST) Message-Id: <7113AD42-CE2D-442E-9DCC-28679E322633@lacnic.net> From: Roque Gagliano To: cga-ext@ietf.org In-Reply-To: <4ACB8D2A.9010208@it.uc3m.es> Content-Type: text/plain; charset=ISO-8859-1; format=flowed; delsp=yes Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Apple Message framework v936) Date: Tue, 6 Oct 2009 20:18:16 +0100 References: <20091006112313.4514728C167@core3.amsl.com> <3459FB4F-F275-4436-ADBE-B35EF8FD88F7@lacnic.net> <4ACB4BF5.8090102@it.uc3m.es> <6ADE5FD5-0981-44C2-ACA6-C943F1466AAC@lacnic.net> <4ACB8D2A.9010208@it.uc3m.es> X-Pgp-Agent: GPGMail d55 (v55, Leopard) X-Mailer: Apple Mail (2.936) X-LACNIC.uy-MailScanner-Information: Please contact the ISP for more information X-LACNIC.uy-MailScanner: Found to be clean X-LACNIC.uy-MailScanner-SpamCheck: X-LACNIC.uy-MailScanner-From: roque@lacnic.net Subject: Re: [CGA-EXT] Fwd: New Version Notification for draft-rgaglian-csi-send-ski-ta-nametype-00 X-BeenThere: cga-ext@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: CGA and SeND Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Oct 2009 19:16:57 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Marcelo, On Oct 6, 2009, at 7:32 PM, marcelo bagnulo braun wrote: > ah, perfect then! > > I guess i got confused by the title of the section that reads: > > 3. SEND SKI trust anchor identifier option > > But you are not defining a SEND SKI trust anchor identifier option =20 > but you are defining a SKI NAME TYPE, correct? > correct. > If so, i don't think we need to update rfc3971, we just need to =20 > publish this document as STD RFC, correct? > The problem that I described in the original email was that RFC 3971 =20 does not define a registry for name type. We issue this document just =20= to point out that we believe that this new name type is needed. What =20 we could do is to modify the draft to create this registry and add the =20= SKY name type to the ones defined in RFC 3971. What does the group feel about this? Roque. > Regards, marcelo > > > > Roque Gagliano escribi=F3: >> Marcelo, >> >> What is being propossed is exactly that, a new Name Type of the =20 >> Trust anchor Option: >> >> Name Type TBD SHA-1 Subject Key Identifier (SKI) >> To be added to the ones already defined in RFC 3971in sectin 6.4.3 >> "The type of the name included in the Name field. This >> specification defines two legal values for this field: =20 >> 1 DER Encoded X.501 Name 2 FQDN" >> >> Regards, >> Roque >> >> On Oct 6, 2009, at 2:53 PM, marcelo bagnulo braun wrote: >> >>> Hi, >>> >>> My take on this one. >>> I think we need a way to distinguish TAs across different CAs. I =20 >>> think that using the Hash of the public key is a reasonable option. >>> >>> Now, what i am not sure i understand is why do we need a new option. >>> I mean, wouldn't be possible to define a new Name Type of the =20 >>> Trust anchor Option defined in section 6.4.3 of RFC3971, the new =20 >>> Name type being the SKI? >>> >>> People that are using multiple Tas should use this Name Type to be =20= >>> certain that they identify the right TA accors multiple TAs. >>> >>> Regards, marcelo >>> >>> >>> Roque Gagliano escribi=F3: >>>> Dear WG, >>>> >>>> At the "cert" team we have identify a problem with RFC 3971 and =20 >>>> the trust anchor name types defined there. The RFC defines as =20 >>>> possible name types a X501 subject name or a FQDN. The problem we =20= >>>> have is that subject name may not be unique across CAs in a PKI. >>>> As we decided to adopt SIDR WG certificate profile, the Subject =20 >>>> Key Identifier extension is mandatory now. Consequently, we can =20 >>>> use this hash of the subject public key to identify the host TAs =20= >>>> even if we need to search across several CAs. >>>> >>>> We are issuing this draft to document the problem. However, RFC =20 >>>> 3971 did not set a Registry for name types in the TA ICMP option, =20= >>>> which means that the only way to implement this new name type is =20= >>>> to modify RFC 3971 that I understand was already part of the =20 >>>> plans for this WG. >>>> How do the group feels about taking this path? >>>> >>>> Regards, >>>> >>>> Roque, Suresh, Ana. >>>> >>>> >>>> Begin forwarded message: >>>> >>>>> *From: *IETF I-D Submission Tool >>>> >> >>>>> *Date: *October 6, 2009 12:23:13 PM GMT+01:00 >>>>> *To: *roque@lacnic.net >>>>> *Cc: *suresh.krishnan@ericsson.com = >>>> >,ana.kukec@fer.hr >>>>> *Subject: **New Version Notification for draft-rgaglian-csi-=20 >>>>> send-ski-ta-nametype-00 * >>>>> >>>>> >>>>> A new version of I-D, draft-rgaglian-csi-send-ski-ta-=20 >>>>> nametype-00.txt has been successfuly submitted by Roque Gagliano =20= >>>>> and posted to the IETF repository. >>>>> >>>>> Filename: draft-rgaglian-csi-send-ski-ta-nametype >>>>> Revision: 00 >>>>> Title: Subject Key Identifier (SKI) name type for SEND TA option >>>>> Creation_date: 2009-10-06 >>>>> WG ID: Independent Submission >>>>> Number_of_pages: 10 >>>>> >>>>> Abstract: >>>>> SEcure Neighbor Discovery (SEND) Utilizes X.509v3 certificates for >>>>> performing router authorization. This document specifies a SEND =20= >>>>> name >>>>> type to identify trust anchor X.509v3 certificates based on its >>>>> Subject Key Identifier. >>>>> >>>>> >>>>> >>>>> The IETF Secretariat. >>>>> >>>> >>>> ------------------------------------------------------------- >>>> Roque Gagliano >>>> LACNIC >>>> roque@lacnic.net >>>> GPG Fingerprint: E929 06F4 D8CD 2AD8 9365 DB72 9E4F 964A 01E9 6CEE >>>> >>>> = ------------------------------------------------------------------------ >>>> >>>> _______________________________________________ >>>> CGA-EXT mailing list >>>> CGA-EXT@ietf.org >>>> https://www.ietf.org/mailman/listinfo/cga-ext >>>> >> >> ------------------------------------------------------------- >> Roque Gagliano >> LACNIC >> roque@lacnic.net >> GPG Fingerprint: E929 06F4 D8CD 2AD8 9365 DB72 9E4F 964A 01E9 6CEE >> - ------------------------------------------------------------- Roque Gagliano LACNIC roque@lacnic.net GPG Fingerprint: E929 06F4 D8CD 2AD8 9365 DB72 9E4F 964A 01E9 6CEE -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) iEYEARECAAYFAkrLl/gACgkQnk+WSgHpbO5GRQCfQnc72yzvMDbwj+Sd5kRfu1PD CBMAoKgpH6jz9UbiMcfzAJ/SVzjDWaUR =3DQwfu -----END PGP SIGNATURE----- From marcelo@it.uc3m.es Tue Oct 6 14:03:13 2009 Return-Path: X-Original-To: cga-ext@core3.amsl.com Delivered-To: cga-ext@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1F4F928C108 for ; Tue, 6 Oct 2009 14:03:13 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.523 X-Spam-Level: X-Spam-Status: No, score=-6.523 tagged_above=-999 required=5 tests=[AWL=0.076, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rUil0Jc2PmwH for ; Tue, 6 Oct 2009 14:03:12 -0700 (PDT) Received: from smtp01.uc3m.es (smtp01.uc3m.es [163.117.176.131]) by core3.amsl.com (Postfix) with ESMTP id C043F28C104 for ; Tue, 6 Oct 2009 14:03:11 -0700 (PDT) Received: from marcelo-bagnulos-macbook-pro.local (54.pool85-53-139.dynamic.orange.es [85.53.139.54]) by smtp01.uc3m.es (Postfix) with ESMTP id 7A872B48A80; Tue, 6 Oct 2009 23:04:47 +0200 (CEST) Message-ID: <4ACBB0EE.8050502@it.uc3m.es> Date: Tue, 06 Oct 2009 23:04:46 +0200 From: marcelo bagnulo braun User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812) MIME-Version: 1.0 To: Roque Gagliano References: <20091006112313.4514728C167@core3.amsl.com> <3459FB4F-F275-4436-ADBE-B35EF8FD88F7@lacnic.net> <4ACB4BF5.8090102@it.uc3m.es> <6ADE5FD5-0981-44C2-ACA6-C943F1466AAC@lacnic.net> <4ACB8D2A.9010208@it.uc3m.es> <7113AD42-CE2D-442E-9DCC-28679E322633@lacnic.net> In-Reply-To: <7113AD42-CE2D-442E-9DCC-28679E322633@lacnic.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-TM-AS-Product-Ver: IMSS-7.0.0.3116-5.6.0.1016-16932.000 Cc: cga-ext@ietf.org Subject: Re: [CGA-EXT] Fwd: New Version Notification for draft-rgaglian-csi-send-ski-ta-nametype-00 X-BeenThere: cga-ext@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: CGA and SeND Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Oct 2009 21:03:13 -0000 Roque Gagliano escribió: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Marcelo, > > On Oct 6, 2009, at 7:32 PM, marcelo bagnulo braun wrote: > >> ah, perfect then! >> >> I guess i got confused by the title of the section that reads: >> >> 3. SEND SKI trust anchor identifier option >> >> But you are not defining a SEND SKI trust anchor identifier option >> but you are defining a SKI NAME TYPE, correct? >> > > correct. > >> If so, i don't think we need to update rfc3971, we just need to >> publish this document as STD RFC, correct? >> > > The problem that I described in the original email was that RFC 3971 > does not define a registry for name type. We issue this document just > to point out that we believe that this new name type is needed. What > we could do is to modify the draft to create this registry and add the > SKY name type to the ones defined in RFC 3971. > > What does the group feel about this? this seems a reasonable option to me could you update the document and include a iana considerations section? Regards, marcelo > > Roque. > >> Regards, marcelo >> >> >> >> Roque Gagliano escribió: >>> Marcelo, >>> >>> What is being propossed is exactly that, a new Name Type of the >>> Trust anchor Option: >>> >>> Name Type TBD SHA-1 Subject Key Identifier (SKI) >>> To be added to the ones already defined in RFC 3971in sectin 6.4.3 >>> "The type of the name included in the Name field. This >>> specification defines two legal values for this field: >>> 1 DER Encoded X.501 Name 2 FQDN" >>> >>> Regards, >>> Roque >>> >>> On Oct 6, 2009, at 2:53 PM, marcelo bagnulo braun wrote: >>> >>>> Hi, >>>> >>>> My take on this one. >>>> I think we need a way to distinguish TAs across different CAs. I >>>> think that using the Hash of the public key is a reasonable option. >>>> >>>> Now, what i am not sure i understand is why do we need a new option. >>>> I mean, wouldn't be possible to define a new Name Type of the Trust >>>> anchor Option defined in section 6.4.3 of RFC3971, the new Name >>>> type being the SKI? >>>> >>>> People that are using multiple Tas should use this Name Type to be >>>> certain that they identify the right TA accors multiple TAs. >>>> >>>> Regards, marcelo >>>> >>>> >>>> Roque Gagliano escribió: >>>>> Dear WG, >>>>> >>>>> At the "cert" team we have identify a problem with RFC 3971 and >>>>> the trust anchor name types defined there. The RFC defines as >>>>> possible name types a X501 subject name or a FQDN. The problem we >>>>> have is that subject name may not be unique across CAs in a PKI. >>>>> As we decided to adopt SIDR WG certificate profile, the Subject >>>>> Key Identifier extension is mandatory now. Consequently, we can >>>>> use this hash of the subject public key to identify the host TAs >>>>> even if we need to search across several CAs. >>>>> >>>>> We are issuing this draft to document the problem. However, RFC >>>>> 3971 did not set a Registry for name types in the TA ICMP option, >>>>> which means that the only way to implement this new name type is >>>>> to modify RFC 3971 that I understand was already part of the plans >>>>> for this WG. >>>>> How do the group feels about taking this path? >>>>> >>>>> Regards, >>>>> >>>>> Roque, Suresh, Ana. >>>>> >>>>> >>>>> Begin forwarded message: >>>>> >>>>>> *From: *IETF I-D Submission Tool >>>>> > >>>>>> *Date: *October 6, 2009 12:23:13 PM GMT+01:00 >>>>>> *To: *roque@lacnic.net >>>>>> *Cc: *suresh.krishnan@ericsson.com >>>>>> ,ana.kukec@fer.hr >>>>>> >>>>>> *Subject: **New Version Notification for >>>>>> draft-rgaglian-csi-send-ski-ta-nametype-00 * >>>>>> >>>>>> >>>>>> A new version of I-D, >>>>>> draft-rgaglian-csi-send-ski-ta-nametype-00.txt has been >>>>>> successfuly submitted by Roque Gagliano and posted to the IETF >>>>>> repository. >>>>>> >>>>>> Filename: draft-rgaglian-csi-send-ski-ta-nametype >>>>>> Revision: 00 >>>>>> Title: Subject Key Identifier (SKI) name type for SEND TA option >>>>>> Creation_date: 2009-10-06 >>>>>> WG ID: Independent Submission >>>>>> Number_of_pages: 10 >>>>>> >>>>>> Abstract: >>>>>> SEcure Neighbor Discovery (SEND) Utilizes X.509v3 certificates for >>>>>> performing router authorization. This document specifies a SEND >>>>>> name >>>>>> type to identify trust anchor X.509v3 certificates based on its >>>>>> Subject Key Identifier. >>>>>> >>>>>> >>>>>> >>>>>> The IETF Secretariat. >>>>>> >>>>> >>>>> ------------------------------------------------------------- >>>>> Roque Gagliano >>>>> LACNIC >>>>> roque@lacnic.net >>>>> GPG Fingerprint: E929 06F4 D8CD 2AD8 9365 DB72 9E4F 964A 01E9 6CEE >>>>> >>>>> ------------------------------------------------------------------------ >>>>> >>>>> >>>>> _______________________________________________ >>>>> CGA-EXT mailing list >>>>> CGA-EXT@ietf.org >>>>> https://www.ietf.org/mailman/listinfo/cga-ext >>>>> >>> >>> ------------------------------------------------------------- >>> Roque Gagliano >>> LACNIC >>> roque@lacnic.net >>> GPG Fingerprint: E929 06F4 D8CD 2AD8 9365 DB72 9E4F 964A 01E9 6CEE >>> > > - ------------------------------------------------------------- > Roque Gagliano > LACNIC > roque@lacnic.net > GPG Fingerprint: E929 06F4 D8CD 2AD8 9365 DB72 9E4F 964A 01E9 6CEE > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.8 (Darwin) > > iEYEARECAAYFAkrLl/gACgkQnk+WSgHpbO5GRQCfQnc72yzvMDbwj+Sd5kRfu1PD > CBMAoKgpH6jz9UbiMcfzAJ/SVzjDWaUR > =Qwfu > -----END PGP SIGNATURE----- > _______________________________________________ > CGA-EXT mailing list > CGA-EXT@ietf.org > https://www.ietf.org/mailman/listinfo/cga-ext > From marcelo@it.uc3m.es Wed Oct 7 10:42:01 2009 Return-Path: X-Original-To: cga-ext@core3.amsl.com Delivered-To: cga-ext@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2A59628C18B for ; Wed, 7 Oct 2009 10:42:00 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.599 X-Spam-Level: X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xC10VhjPjfva for ; Wed, 7 Oct 2009 10:41:55 -0700 (PDT) Received: from smtp03.uc3m.es (smtp03.uc3m.es [163.117.176.133]) by core3.amsl.com (Postfix) with ESMTP id AF4C23A6984 for ; Wed, 7 Oct 2009 10:41:53 -0700 (PDT) Received: from marcelo-bagnulos-macbook-pro.local (236.pool85-59-201.dynamic.orange.es [85.59.201.236]) by smtp03.uc3m.es (Postfix) with ESMTP id 7E2697F3091 for ; Wed, 7 Oct 2009 19:43:30 +0200 (CEST) Message-ID: <4ACCD342.9090909@it.uc3m.es> Date: Wed, 07 Oct 2009 19:43:30 +0200 From: marcelo bagnulo braun User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812) MIME-Version: 1.0 To: "cga-ext@ietf.org" References: <4AB72214.4020809@it.uc3m.es> In-Reply-To: <4AB72214.4020809@it.uc3m.es> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-TM-AS-Product-Ver: IMSS-7.0.0.3116-5.6.0.1016-16932.003 Subject: Re: [CGA-EXT] Call for adoption of draft-jiang-csi-dhcpv6-cga-ps-03.txt X-BeenThere: cga-ext@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: CGA and SeND Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Oct 2009 17:42:01 -0000 Hi, since there was no objection, we will adopt this doc as a wg item. Authors, please submit a new version of the document, addressing the comments received Thanks, marcelo marcelo bagnulo braun escribió: > Hi, > > This is the call for adoption of draft-jiang-csi-dhcpv6-cga-ps-03.txt > as the WG item to cover the charter itema described as: > > - Develop an informational document analysing different approaches to > allow SeND and CGAs to be used in conjunction with DHCP, and making > recommendations on which are the best suited. Recharter based on the > result of the analysis. > > Find the information about the document below. > > Please comment before the 28th of september. > > Thanks, marcelo > > > -------- Mensaje original -------- > Asunto: I-D Action:draft-jiang-csi-dhcpv6-cga-ps-03.txt > Fecha: Fri, 18 Sep 2009 03:45:01 -0700 (PDT) > De: Internet-Drafts@ietf.org > Responder a: internet-drafts@ietf.org > Para: i-d-announce@ietf.org > > > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > > Title : DHCPv6 and CGA Interaction: Problem Statement > Author(s) : S. Jiang > Filename : draft-jiang-csi-dhcpv6-cga-ps-03.txt > Pages : 8 > Date : 2009-09-18 > > This document describes potential issues in the interaction between > DHCPv6 and Cryptographically Generated Addresses (CGAs). Firstly, the > scenario of using CGAs in DHCPv6 environments is discussed. > Some operations are clarified for the interaction of DHCPv6 servers > and CGA-associated hosts. We then also discuss how CGAs and DHCPv6 may > have mutual benefits for each other, including using CGAs in DHCPv6 > operations to enhance its security features and using DHCPv6 to > provide the CGA generation function. > > A URL for this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-jiang-csi-dhcpv6-cga-ps-03.txt > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > Below is the data which will enable a MIME compliant mail reader > implementation to automatically retrieve the ASCII version of the > Internet-Draft. > > > ------------------------------------------------------------------------ > > _______________________________________________ > CGA-EXT mailing list > CGA-EXT@ietf.org > https://www.ietf.org/mailman/listinfo/cga-ext From jeanmichel.combes@gmail.com Fri Oct 9 08:13:20 2009 Return-Path: X-Original-To: cga-ext@core3.amsl.com Delivered-To: cga-ext@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6FDE428C13A for ; Fri, 9 Oct 2009 08:13:20 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T13Bp5lcXa05 for ; Fri, 9 Oct 2009 08:13:19 -0700 (PDT) Received: from mail-iw0-f202.google.com (mail-iw0-f202.google.com [209.85.223.202]) by core3.amsl.com (Postfix) with ESMTP id A8FCF3A68C0 for ; Fri, 9 Oct 2009 08:13:19 -0700 (PDT) Received: by iwn40 with SMTP id 40so3896066iwn.32 for ; Fri, 09 Oct 2009 08:14:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=kXYHQxrKaMyQ/UlloZqxFW1vBb+/2jZUtlS0M9CTg5A=; b=nMMFd8iq6GbDVkZ0u3yQeV7iT/94tJdDYMOhVp30KjiHjNRBixV7kJ8+rffN8CZl88 IYb0RJltNlFLfH6iDPTBamlyjRIy09fyoqdtvSdCFWfxOAfKEJWghZr33CLfgp2Qn0WC HbEOLJqBiTevyZmoNkp8PlZp3AWTWRqV1UPXg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=nqT2NZSPlq66jWnM9dE3rcO+yJQMls9ulRkglk4+3a6p+ILUKz5TIVuXeyJTgXXt13 snmRQpao5F9XxDmv70km8Vx8uyO4ZsSCChikXULAv5n4V39cmcbz6PXsab0xuXY+6iJz w/WSFl1xDMtW+4hHGPlTQKKwM63f5MCnolqQI= MIME-Version: 1.0 Received: by 10.231.123.75 with SMTP id o11mr5331957ibr.55.1255101298460; Fri, 09 Oct 2009 08:14:58 -0700 (PDT) In-Reply-To: References: Date: Fri, 9 Oct 2009 17:14:58 +0200 Message-ID: <729b68be0910090814g1df7839doe2a1b20e4635c367@mail.gmail.com> From: Jean-Michel Combes To: Tony Cheneau Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: cga-ext@ietf.org, Suresh Krishnan Subject: Re: [CGA-EXT] Comments on draft-ietf-csi-sndp-prob-01.txt X-BeenThere: cga-ext@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: CGA and SeND Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Oct 2009 15:13:20 -0000 Hi Tony, At first, sorry for the delayed reply and thanks for your comments. 2009/3/27 Tony Cheneau : > Hello, > > I've read draft-ietf-csi-sndp-prob-01.txt. I think the document is in a g= ood > shape. Still I have some small questions and comments. > > - Figure 3, the box isn't drawn correctly (misaligned dashes) OK. > > - section 3.3: > Concerning the DAD issue on ND proxy, I think there might be a problem > too when there is a real collision. The node defending its address will > send a NA that might go thought the proxy. The proxy may not be > authorized to modify this NA if it is protected by SEND. > Does this make sense ? Or will this case never happen ? IMHO, this case is already include in the previous sections because DAD NA message is the same as a Solicited NA message. > > - section 4.2.5: s/are are/are/ OK. > > - section 4.2.6: > =A0 Movement between segments could be controlled with increasing > =A0 certificate sequence numbers and timestamps. =A0The timestamp of the > =A0 root authority (in this case, the CGA address owner) would be most > =A0 significant. =A0Where ties exist, the shortest chain would supercede, > =A0 as this would indicate a proxy closer to the proxied node. > > I don't understand the first sentence. Can you detail ? (Are you referrin= g > to > serial numbers ?) Yes: this is in fact serial numbers. I will modify it. Thanks again for the comments! Cheers. JMC. > > Regards, > =A0 =A0 =A0 =A0Tony Cheneau > From jeanmichel.combes@gmail.com Fri Oct 9 09:09:02 2009 Return-Path: X-Original-To: cga-ext@core3.amsl.com Delivered-To: cga-ext@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 596FA3A68BF for ; Fri, 9 Oct 2009 09:09:02 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0mb-FotBvg9Z for ; Fri, 9 Oct 2009 09:09:01 -0700 (PDT) Received: from mail-iw0-f202.google.com (mail-iw0-f202.google.com [209.85.223.202]) by core3.amsl.com (Postfix) with ESMTP id 7ABC828C112 for ; Fri, 9 Oct 2009 09:09:01 -0700 (PDT) Received: by iwn40 with SMTP id 40so3930125iwn.32 for ; Fri, 09 Oct 2009 09:10:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=l4At8nXgLcCiUpzgaVA/gHmJAPCFNj6r92OJcbMpXqA=; b=ofU39jPCRLzkDouzI8yeQ6fU0IGIO49De/SHcsmJmNTPi4t6fQgjLFxE4BHaZus+v5 3XJWINYdny4/ynzIfOfBLK4c4pygLLgmtGCdl2M7JFHGBhsz1Sl+gLjbjbwcBhif1VOQ FwlfKQ7iyH+X9tAG+94RfHmOUYHtiLyjMSTbc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=Y6mbD7FyB1Ov8z+kGe7T30n/5QyAv4SZs5XLUhWIVOnaVn+ozh6rG0Ve01NwPrCO2x Ed8s73gz3tRvPs3wu6Q//Mh77cBrcx8YpaMWg2FsmAtWIRJbynp3d+908xWmcJl77BUa gKdxgLo/mhgwdaWFrBEXBKf4KIxqojDi1gQC0= MIME-Version: 1.0 Received: by 10.231.122.103 with SMTP id k39mr5574302ibr.10.1255104643803; Fri, 09 Oct 2009 09:10:43 -0700 (PDT) In-Reply-To: References: Date: Fri, 9 Oct 2009 18:10:43 +0200 Message-ID: <729b68be0910090910h4c62b7dew48612d1aef1475d9@mail.gmail.com> From: Jean-Michel Combes To: Tony Cheneau Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: cga-ext@ietf.org, Suresh Krishnan Subject: Re: [CGA-EXT] (Others) comments on draft-ietf-csi-sndp-prob-01 X-BeenThere: cga-ext@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: CGA and SeND Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Oct 2009 16:09:02 -0000 Hi again, 2009/7/6 Tony Cheneau : > Hello, > > I (re)read draft-ietf-csi-sndp-prob-01 and I have the following (small) > comments: > > In section 2.3: > > =A0 ND Proxy resends messages containing their original address, even > =A0 after modification [RFC4389]. =A0[...] > > I think the text is a little fuzzy here. Can you explain in more detail t= o > which "original address" you refer to ? In fact, this sentence is linked to the difference between the ND Proxy function in MIPv6 and the one in ND Proxies (aka RFC 4389): in the first case, the IP source address of the NA message is the proxy's one (i.e. the HA's one) and in the second case, the IP source address is the proxied node's one. I will modify the text. > > > In section 3.4: > The text is a bit light. It would be wise to warn that generating or > modify Router Advertisement message implies that the proxy has "at > least" the same credentials as the proxied router (e.g. authorized > prefix). Proxies might even have more power than "basic" routers, given t= hat > they can modify/generate Router Advertisement, Neighbor Sol/Adv for all t= he > node of a subnet. OK. I will add text on this. > > > Hope it helps. Sure :) Thanks! Cheers. JMC. > > Regards, > =A0 =A0 =A0 =A0Tony > From tony.cheneau@it-sudparis.eu Tue Oct 13 01:20:02 2009 Return-Path: X-Original-To: cga-ext@core3.amsl.com Delivered-To: cga-ext@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4C30928C13A for ; Tue, 13 Oct 2009 01:20:02 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.249 X-Spam-Level: X-Spam-Status: No, score=-2.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_FR=0.35] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1u3WOZtJx6W4 for ; Tue, 13 Oct 2009 01:20:00 -0700 (PDT) Received: from smtp4.int-evry.fr (smtp4.int-evry.fr [157.159.10.71]) by core3.amsl.com (Postfix) with ESMTP id BE9DB28C111 for ; Tue, 13 Oct 2009 01:19:59 -0700 (PDT) Received: from smtp2.int-evry.fr (smtp2.int-evry.fr [157.159.10.45]) by smtp4.int-evry.fr (Postfix) with ESMTP id 33461FE259B; Tue, 13 Oct 2009 10:20:00 +0200 (CEST) Received: from smtp-ext.int-evry.fr (smtp-ext.int-evry.fr [157.159.11.17]) by smtp2.int-evry.fr (Postfix) with ESMTP id 9B2A54050BB; Tue, 13 Oct 2009 10:19:53 +0200 (CEST) Received: from [157.159.103.79] (unknown [157.159.103.79]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp-ext.int-evry.fr (Postfix) with ESMTP id 7808190136; Tue, 13 Oct 2009 10:19:53 +0200 (CEST) Date: Tue, 13 Oct 2009 10:20:02 +0200 (CEST) From: Tony Cheneau X-X-Sender: shad@whitebox To: cga-ext@ietf.org Message-ID: User-Agent: Alpine 2.00 (LNX 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII X-INT-MailScanner-Information: Please contact the ISP for more information X-INT-MailScanner-ID: 9B2A54050BB.A873A X-INT-MailScanner: Found to be clean X-INT-MailScanner-SpamCheck: n'est pas un polluriel, SpamAssassin (not cached, score=-4.399, requis 6.01, autolearn=not spam, ALL_TRUSTED -1.80, BAYES_00 -2.60) X-INT-MailScanner-From: tony.cheneau@it-sudparis.eu Cc: "Vanderveen, Michaela" , Maryline Maknavicius Subject: [CGA-EXT] Version -00 of draft-cheneau-csi-cga-pk-agility-00, draft-cheneau-csi-send-sig-agility-00, draft-cheneau-csi-ecc-sig-agility-00 X-BeenThere: cga-ext@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: CGA and SeND Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Oct 2009 08:20:02 -0000 Hello CSI WG, Michaela, Maryline, Sean and I have updated the draft "Signature Algorithm Agility in the Secure Neighbor Discovery (SEND) protocol" and its companion draft "Support for Multiple Signature Algorithms in Cryptographically Generated Addresses (CGAs)". Version number has been reset to -00 due to a change in the name of the document (to get referenced as "csi" in the tool pages). We also create a new document "ECC public key and signature support in Cryptographically Generated Addresses (CGA) and in the Secure Neighbor Discovery (SEND)" that specifically describes the usage of ECC in CGA and SEND. Changes from the previous version in cheneau-csi-send-sig-agility-00: - removed the Router as a notary section - removed references to ECC (placed in draft-cheneau-csi-ecc-sig-agility-00 now) - typo fixes Changes from the previous version in cheneau-csi-cga-pk-agility-00: - removed references to ECC (placed in draft-cheneau-csi-ecc-sig-agility-00) Here is the link to the documents: http://www.ietf.org/internet-drafts/draft-cheneau-csi-cga-pk-agility-00.txt http://www.ietf.org/internet-drafts/draft-cheneau-csi-send-sig-agility-00.txt http://www.ietf.org/internet-drafts/draft-cheneau-csi-ecc-sig-agility-00.txt Detailed informations: Filename: draft-cheneau-csi-cga-pk-agility Revision: 00 Title: Support for Multiple Signature Algorithms in Cryptographically Generated Addresses (CGAs) Creation_date: 2009-10-12 WG ID: Independent Submission Number_of_pages: 14 Abstract: This document defines an extension field for the CGA Parameters data structure specified in RFC 3972. This extension field carries a Public Key that is used in Cryptographically Generated Address (CGA) generation. This extension enables protocols using CGAs, such as SEND, to use multiple Public Key signing algorithms and/or multiple Public Keys. Filename: draft-cheneau-csi-send-sig-agility Revision: 00 Title: Signature Algorithm Agility in the Secure Neighbor Discovery (SEND) Protocol Creation_date: 2009-10-12 WG ID: Independent Submission Number_of_pages: 29 Abstract: This draft describes a mechanism to enable the Secure Neighbor Discovery (SEND) protocol to select between different signature algorithms to use with Cryptographically Generated Addresses (CGA). Filename: draft-cheneau-csi-ecc-sig-agility Revision: 00 Title: ECC public key and signature support in Cryptographically Generated Addresses (CGA) and in the Secure Neighbor Discovery (SEND) Creation_date: 2009-10-12 WG ID: Independent Submission Number_of_pages: 16 Abstract: This draft describes a mechanism to deploy Elliptic Curve Cryptography (ECC) alongside with Cryptographically Generated Addresses (CGA) and the Secure Neighbor Discovery (SEND). This document provides basic skeleton to integrate new signature algorithms in CGA and SEND. Comments are always welcomed! Best regards, Tony Cheneau From tony.cheneau@it-sudparis.eu Tue Oct 13 01:25:48 2009 Return-Path: X-Original-To: cga-ext@core3.amsl.com Delivered-To: cga-ext@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 191E328C111 for ; Tue, 13 Oct 2009 01:25:48 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.505 X-Spam-Level: X-Spam-Status: No, score=-1.505 tagged_above=-999 required=5 tests=[AWL=-0.745, BAYES_05=-1.11, HELO_EQ_FR=0.35] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QVVRg5eB5VWe for ; Tue, 13 Oct 2009 01:25:47 -0700 (PDT) Received: from smtp4.int-evry.fr (smtp4.int-evry.fr [157.159.10.71]) by core3.amsl.com (Postfix) with ESMTP id 432383A6926 for ; Tue, 13 Oct 2009 01:25:47 -0700 (PDT) Received: from smtp2.int-evry.fr (smtp2.int-evry.fr [157.159.10.45]) by smtp4.int-evry.fr (Postfix) with ESMTP id 496C1FE3EF4; Tue, 13 Oct 2009 10:25:48 +0200 (CEST) Received: from smtp-ext.int-evry.fr (smtp-ext.int-evry.fr [157.159.11.17]) by smtp2.int-evry.fr (Postfix) with ESMTP id E5FC14050A3; Tue, 13 Oct 2009 10:25:43 +0200 (CEST) Received: from [157.159.103.79] (unknown [157.159.103.79]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp-ext.int-evry.fr (Postfix) with ESMTP id C683690136; Tue, 13 Oct 2009 10:25:43 +0200 (CEST) Date: Tue, 13 Oct 2009 10:25:52 +0200 (CEST) From: Tony Cheneau X-X-Sender: shad@whitebox To: marcelo bagnulo braun In-Reply-To: <4ACB6530.6070407@it.uc3m.es> Message-ID: References: <4ACB6530.6070407@it.uc3m.es> User-Agent: Alpine 2.00 (LNX 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-INT-MailScanner-Information: Please contact the ISP for more information X-INT-MailScanner-ID: E5FC14050A3.A6398 X-INT-MailScanner: Found to be clean X-INT-MailScanner-SpamCheck: n'est pas un polluriel, SpamAssassin (not cached, score=-4.399, requis 6.01, autolearn=not spam, ALL_TRUSTED -1.80, BAYES_00 -2.60) X-INT-MailScanner-From: tony.cheneau@it-sudparis.eu Cc: "cga-ext@ietf.org" Subject: Re: [CGA-EXT] Call for presentations X-BeenThere: cga-ext@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: CGA and SeND Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Oct 2009 08:25:48 -0000 Hello Marcelo, We would appreciate to have a 20 minutes slot during the next CSI WG meeting. We will present the new version of the drafts. Regards, Tony On Tue, 6 Oct 2009, marcelo bagnulo braun wrote: > Hi, > > We have scheduled a meeting for the IETF76. If you want a slot for making a > presentation, please let us know. > > Regards, marcelo > _______________________________________________ > CGA-EXT mailing list > CGA-EXT@ietf.org > https://www.ietf.org/mailman/listinfo/cga-ext > > From shengjiang@huawei.com Tue Oct 13 19:35:01 2009 Return-Path: X-Original-To: cga-ext@core3.amsl.com Delivered-To: cga-ext@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 16DAB28C134 for ; Tue, 13 Oct 2009 19:35:01 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.11 X-Spam-Level: X-Spam-Status: No, score=-1.11 tagged_above=-999 required=5 tests=[BAYES_05=-1.11] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I4-BhCDb+wAY for ; Tue, 13 Oct 2009 19:35:00 -0700 (PDT) Received: from szxga04-in.huawei.com (szxga04-in.huawei.com [119.145.14.67]) by core3.amsl.com (Postfix) with ESMTP id 03BBC3A68F6 for ; Tue, 13 Oct 2009 19:35:00 -0700 (PDT) Received: from huawei.com (szxga04-in [172.24.2.12]) by szxga04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0KRH003DTGICNX@szxga04-in.huawei.com> for cga-ext@ietf.org; Wed, 14 Oct 2009 10:35:00 +0800 (CST) Received: from huawei.com ([172.24.1.24]) by szxga04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0KRH004WQGICR5@szxga04-in.huawei.com> for cga-ext@ietf.org; Wed, 14 Oct 2009 10:35:00 +0800 (CST) Received: from j66104a ([10.111.12.58]) by szxml04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTPA id <0KRH00AS4GIBG8@szxml04-in.huawei.com> for cga-ext@ietf.org; Wed, 14 Oct 2009 10:35:00 +0800 (CST) Date: Wed, 14 Oct 2009 10:34:59 +0800 From: Sheng Jiang To: cga-ext@ietf.org Message-id: <001001ca4c76$ece6c8c0$3a0c6f0a@china.huawei.com> MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.3350 X-Mailer: Microsoft Office Outlook 11 Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT Thread-index: AcpLSbXnKP10qTbRRLKH9nTxpDJ2fwBLL8Ig Subject: [CGA-EXT] FW: New Version Notification for draft-ietf-csi-dhcpv6-cga-ps-00 X-BeenThere: cga-ext@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: CGA and SeND Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Oct 2009 02:35:01 -0000 Following the CSI adoption decision on our draft csi-dhcpv6-cga-ps, we have submitted a new 00 version as WG document. The comments we received have been addressed in the new version. Comments are always welcomed! Best regards, Sheng > -----Original Message----- > From: IETF I-D Submission Tool [mailto:idsubmission@ietf.org] > Sent: Monday, October 12, 2009 10:39 PM > To: shengjiang@huawei.com > Cc: shenshuo@cnnic.cn; tjc@ecs.soton.ac.uk > Subject: New Version Notification for draft-ietf-csi-dhcpv6-cga-ps-00 > > > A new version of I-D, draft-ietf-csi-dhcpv6-cga-ps-00.txt has > been successfuly submitted by Sheng Jiang and posted to the > IETF repository. > > Filename: draft-ietf-csi-dhcpv6-cga-ps > Revision: 00 > Title: DHCPv6 and CGA Interaction: Problem Statement > Creation_date: 2009-10-12 > WG ID: csi > Number_of_pages: 8 > > Abstract: > This document describes potential issues in the interaction between > DHCPv6 and Cryptographically Generated Addresses (CGAs). > Firstly, the scenario of using CGAs in DHCPv6 environments is > discussed. > Some > operations are clarified for the interaction of DHCPv6 > servers and CGA-associated hosts. We then also discuss how > CGAs and DHCPv6 may have mutual benefits for each other, > including using CGAs in DHCPv6 operations to enhance its > security features and using DHCPv6 to provide the CGA > generation function. > > > The IETF Secretariat. From roque@lacnic.net Tue Oct 13 20:23:10 2009 Return-Path: X-Original-To: cga-ext@core3.amsl.com Delivered-To: cga-ext@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2E02228C14F for ; Tue, 13 Oct 2009 20:23:10 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.38 X-Spam-Level: X-Spam-Status: No, score=-0.38 tagged_above=-999 required=5 tests=[AWL=-0.260, BAYES_20=-0.74, HTML_MESSAGE=0.001, RCVD_IN_SORBS_WEB=0.619] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 56N8r9GKRQSS for ; Tue, 13 Oct 2009 20:23:09 -0700 (PDT) Received: from mail.lacnic.net.uy (mail.lacnic.net.uy [200.7.84.3]) by core3.amsl.com (Postfix) with ESMTP id A743F3A6836 for ; Tue, 13 Oct 2009 20:23:08 -0700 (PDT) Received: from [192.168.0.6] (r190-135-53-170.dialup.adsl.anteldata.net.uy [190.135.53.170]) by mail.lacnic.net.uy (Postfix) with ESMTP id 83B62308475 for ; Wed, 14 Oct 2009 01:22:30 -0200 (UYST) Message-Id: <87FF6E17-F784-4DB2-9FED-0C99F5AD2086@lacnic.net> From: Roque Gagliano To: cga-ext@ietf.org Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Apple-Mail-22-157956207" Mime-Version: 1.0 (Apple Message framework v936) Date: Wed, 14 Oct 2009 01:22:26 -0200 References: <20091014031600.81B533A6951@core3.amsl.com> X-Pgp-Agent: GPGMail d55 (v55, Leopard) Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.936) X-LACNIC.uy-MailScanner-Information: Please contact the ISP for more information X-LACNIC.uy-MailScanner: Found to be clean X-LACNIC.uy-MailScanner-SpamCheck: X-LACNIC.uy-MailScanner-From: roque@lacnic.net Subject: [CGA-EXT] Fwd: New Version Notification for draft-rgaglian-csi-send-name-type-registry-00 X-BeenThere: cga-ext@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: CGA and SeND Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Oct 2009 03:23:10 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --Apple-Mail-22-157956207 Content-Type: multipart/alternative; boundary=Apple-Mail-21-157956161 --Apple-Mail-21-157956161 Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Dear group, I issue a new ID requesting IANA the creation of the registry for the Name Type field in the ICMP Trust Anchor option. I look forward for comments. Roque. Begin forwarded message: > From: IETF I-D Submission Tool > Date: October 14, 2009 1:16:00 AM GMT-02:00 > To: roque@lacnic.net > Cc: suresh.krishnan@ericsson.com,ana.kukec@fer.hr > Subject: New Version Notification for draft-rgaglian-csi-send-name- > type-registry-00 > > > A new version of I-D, draft-rgaglian-csi-send-name-type- > registry-00.txt has been successfuly submitted by Roque Gagliano and > posted to the IETF repository. > > Filename: draft-rgaglian-csi-send-name-type-registry > Revision: 00 > Title: SEND Name Type field Registry > Creation_date: 2009-10-14 > WG ID: Independent Submission > Number_of_pages: 10 > > Abstract: > SEcure Neighbor Discovery (SEND) defines the Name Type field in the > Trust Anchor option. This document requesto to IANA the creation and > management of a registry for this field. This document also > specifies a new Name Type field based on a certificate Subject Key > Identifier (SKI). > > > > The IETF Secretariat. > ------------------------------------------------------------- Roque Gagliano LACNIC roque@lacnic.net GPG Fingerprint: E929 06F4 D8CD 2AD8 9365 DB72 9E4F 964A 01E9 6CEE --Apple-Mail-21-157956161 Content-Type: text/html; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Dear = group,

I issue a new ID requesting IANA the creation = of the registry for the  Name Type field in the = ICMP Trust Anchor option.

I look forward for = comments.

Roque.


Begin forwarded message:

From: = IETF I-D Submission Tool <idsubmission@ietf.org>=
Date: October 14, 2009 1:16:00 AM = GMT-02:00
Subject: = New Version Notification for  = draft-rgaglian-csi-send-name-type-registry-00 


A new = version of I-D, draft-rgaglian-csi-send-name-type-registry-00.txt has = been successfuly submitted by Roque Gagliano and posted to the IETF = repository.

Filename: = draft-rgaglian-csi-send-name-type-registry
Revision: = 00
Title: = = SEND Name Type field Registry
Creation_date: = 2009-10-14
WG ID: Independent = Submission
Number_of_pages: 10

Abstract:
SEcure Neighbor = Discovery (SEND) defines the Name Type field in the
Trust Anchor = option.  This document requesto to IANA the creation = and
management of a registry for this field.  This document = also
specifies a new Name Type field based on a certificate Subject = Key
Identifier (SKI).



The IETF = Secretariat.


-------------------------------------------------------------<= /div>
Roque Gagliano
LACNIC
GPG = Fingerprint: E929 06F4 D8CD 2AD8 9365  DB72 9E4F 964A 01E9 = 6CEE
=

= --Apple-Mail-21-157956161-- --Apple-Mail-22-157956207 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: This is a digitally signed message part content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) iEYEARECAAYFAkrVQ/IACgkQnk+WSgHpbO45twCgwXxmtRoYzEhgTJONzz6wGWID EAwAn13EArIpWr0T4QhwWybt1xpAaUHF =i8NZ -----END PGP SIGNATURE----- --Apple-Mail-22-157956207-- From jeanmichel.combes@gmail.com Sun Oct 18 07:01:49 2009 Return-Path: X-Original-To: cga-ext@core3.amsl.com Delivered-To: cga-ext@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1DA1A3A694F for ; Sun, 18 Oct 2009 07:01:49 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ct1LrFRe7puc for ; Sun, 18 Oct 2009 07:01:48 -0700 (PDT) Received: from mail-iw0-f186.google.com (mail-iw0-f186.google.com [209.85.223.186]) by core3.amsl.com (Postfix) with ESMTP id 57CD33A6832 for ; Sun, 18 Oct 2009 07:01:48 -0700 (PDT) Received: by iwn16 with SMTP id 16so1954557iwn.29 for ; Sun, 18 Oct 2009 07:01:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=99RlDPftG4ZrWEbwiDqgvncFSjYs3IWYaNZjK62GUio=; b=wBRcExuM4MEyFJEZEt/Ez2aTC5AxgihqprQ423XUAmL6Lch2nqKFCPcjtry7YUZ6Wz TCu6ZRzI40by8xz/D8R0SPMGpzC1HFN7zwxIbFgbjNgl7x5ket3UNmpK8OCgH6ax1EYk Yhl7CH2VtjMvl5/3YuUfuGKxqTZoYH2/BVa0I= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=DFLir9Jv+yEeSpudW68RkDfUbZZgf8vQ7vz7Kf5wgXqKbH+jmSqZ09s4Nz01NGzTcS 8zpYNbOPcC5OonRGZghLMxU7lkSVHXBTBBn6HCw0eS9neiYK4nKBt17cKJd82iCEjBWF qMNOsruF7xgBdXuVujZ6cRYA2nPesW6/uFyc4= MIME-Version: 1.0 Received: by 10.231.122.139 with SMTP id l11mr5004859ibr.53.1255874510735; Sun, 18 Oct 2009 07:01:50 -0700 (PDT) In-Reply-To: <4AB34C9E.1070603@it.uc3m.es> References: <4AB34C9E.1070603@it.uc3m.es> Date: Sun, 18 Oct 2009 16:01:50 +0200 Message-ID: <729b68be0910180701t79e615a5ibdc251253c6dcb13@mail.gmail.com> From: Jean-Michel Combes To: marcelo bagnulo braun Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: "cga-ext@ietf.org" Subject: Re: [CGA-EXT] a question about draft-ietf-csi-sndp-prob-01 X-BeenThere: cga-ext@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: CGA and SeND Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Oct 2009 14:01:49 -0000 Hi Marcelo, thanks for the review. 2009/9/18 marcelo bagnulo braun : > Hi, > > I am reviewing draft-ietf-csi-sndp-prob-01 to make the Shepherd write-up. > I think the document is in good shape, but I have a question about the > strcuture of the document. The current document has section =A02.1. =A0IP= v6 > Mobile Nodes and Neighbor Discovery Proxy and then section 2.4. =A0Proxy = ND > and Mobility. I fail to see why these two are separated, since they both > describe scenarios involving MIP and SEND. Wouldn't make more sense to > combine these two and have a single section that describes the MIP relate= d > scenarios? Finally, we have removed the section 2.4 because: - the first part of this section, as you said, is already described in the section 2.1 - the second part of this section described mobility issues and not security issues. Best regards. JMC. > > Regards, marcelo > > > > > > From shengjiang@huawei.com Mon Oct 19 04:24:16 2009 Return-Path: X-Original-To: cga-ext@core3.amsl.com Delivered-To: cga-ext@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C6DCB3A67E6 for ; Mon, 19 Oct 2009 04:24:16 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.802 X-Spam-Level: X-Spam-Status: No, score=-0.802 tagged_above=-999 required=5 tests=[AWL=-0.308, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RQ5QqgjBA8IK for ; Mon, 19 Oct 2009 04:24:16 -0700 (PDT) Received: from szxga02-in.huawei.com (unknown [119.145.14.65]) by core3.amsl.com (Postfix) with ESMTP id F3DDB3A681F for ; Mon, 19 Oct 2009 04:24:15 -0700 (PDT) Received: from huawei.com (szxga02-in [172.24.2.6]) by szxga02-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0KRR00MTKECBYT@szxga02-in.huawei.com> for cga-ext@ietf.org; Mon, 19 Oct 2009 19:24:12 +0800 (CST) Received: from huawei.com ([172.24.1.33]) by szxga02-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0KRR00FE8ECBPQ@szxga02-in.huawei.com> for cga-ext@ietf.org; Mon, 19 Oct 2009 19:24:11 +0800 (CST) Received: from j66104a ([10.111.12.58]) by szxml06-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTPA id <0KRR0071VECBUI@szxml06-in.huawei.com> for cga-ext@ietf.org; Mon, 19 Oct 2009 19:24:11 +0800 (CST) Date: Mon, 19 Oct 2009 19:24:12 +0800 From: Sheng Jiang To: cga-ext@ietf.org Message-id: <005b01ca50ae$af90e280$3a0c6f0a@china.huawei.com> MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.3350 X-Mailer: Microsoft Office Outlook 11 Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT Thread-index: AcpOFwukyl61YVokQy2w5lyVFSVGWACl2j3g Subject: [CGA-EXT] FW: New Version Notification for draft-ietf-csi-hash-threat-04 X-BeenThere: cga-ext@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: CGA and SeND Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Oct 2009 11:24:16 -0000 Dear all, A new version of draft csi-ietf-csi-hash-threat we have been submitted to the CSI WG. The comments we received have been addressed in the new version. Comments are always welcomed! Best regards, Sheng > -----Original Message----- > From: IETF I-D Submission Tool [mailto:idsubmission@ietf.org] > Sent: Friday, October 16, 2009 12:13 PM > To: shengjiang@huawei.com > Cc: ana.kukec@fer.hr; suresh.krishnan@ericsson.com > Subject: New Version Notification for draft-ietf-csi-hash-threat-04 > > > A new version of I-D, draft-ietf-csi-hash-threat-04.txt has > been successfuly submitted by Sheng Jiang and posted to the > IETF repository. > > Filename: draft-ietf-csi-hash-threat > Revision: 04 > Title: SeND Hash Threat Analysis > Creation_date: 2009-10-16 > WG ID: csi > Number_of_pages: 13 > > Abstract: > This document analysis the use of hashes in SeND, possible > threats and the impact of recent attacks on hash functions > used by SeND. > Current SeND specification [rfc3971] uses the SHA-1 [sha-1] > hash algorithm and PKIX certificates [rfc5280] and does not > provide support for the hash algorithm agility. The purpose > of the document is to provide analysis of possible hash > threats and to decide how to encode the hash agility support in SeND. > > > > > The IETF Secretariat. > > From marcelo@it.uc3m.es Fri Oct 23 06:50:16 2009 Return-Path: X-Original-To: cga-ext@core3.amsl.com Delivered-To: cga-ext@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 529173A68E7 for ; Fri, 23 Oct 2009 06:50:16 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.496 X-Spam-Level: X-Spam-Status: No, score=-6.496 tagged_above=-999 required=5 tests=[AWL=0.103, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g6Gan3qKhXhH for ; Fri, 23 Oct 2009 06:50:15 -0700 (PDT) Received: from smtp01.uc3m.es (smtp01.uc3m.es [163.117.176.131]) by core3.amsl.com (Postfix) with ESMTP id D63F33A6821 for ; Fri, 23 Oct 2009 06:50:14 -0700 (PDT) Received: from marcelo-bagnulos-macbook-pro.local (wlap005.it.uc3m.es [163.117.139.108]) by smtp01.uc3m.es (Postfix) with ESMTP id BD68CBA4DD9 for ; Fri, 23 Oct 2009 15:50:23 +0200 (CEST) Message-ID: <4AE1B49F.5050901@it.uc3m.es> Date: Fri, 23 Oct 2009 15:50:23 +0200 From: marcelo bagnulo braun User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812) MIME-Version: 1.0 To: "cga-ext@ietf.org" Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-TM-AS-Product-Ver: IMSS-7.0.0.3116-5.6.0.1016-16964.003 Subject: [CGA-EXT] Draft agenda for the next meeting X-BeenThere: cga-ext@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: CGA and SeND Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Oct 2009 13:50:16 -0000 Find the draft agenda at: http://www.ietf.org/proceedings/09nov/agenda/csi.txt Please check if i am not missing any request. Presenters should send Gab and me the slides on sunday before the meeting. Thanks, marcelo From xiayangsong@huawei.com Fri Oct 23 08:49:06 2009 Return-Path: X-Original-To: cga-ext@core3.amsl.com Delivered-To: cga-ext@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DC61B3A689D for ; Fri, 23 Oct 2009 08:49:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.154 X-Spam-Level: X-Spam-Status: No, score=-2.154 tagged_above=-999 required=5 tests=[AWL=-0.155, BAYES_00=-2.599, J_CHICKENPOX_33=0.6] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OMB+Dm6IyVB7 for ; Fri, 23 Oct 2009 08:49:06 -0700 (PDT) Received: from usaga04-in.huawei.com (usaga04-in.huawei.com [206.16.17.180]) by core3.amsl.com (Postfix) with ESMTP id 34C113A6821 for ; Fri, 23 Oct 2009 08:49:06 -0700 (PDT) Received: from huawei.com (usaga04-in [172.18.4.101]) by usaga04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0KRZ0026V5A4V2@usaga04-in.huawei.com> for cga-ext@ietf.org; Fri, 23 Oct 2009 10:49:17 -0500 (CDT) Received: from X24512z ([10.124.12.62]) by usaga04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTPA id <0KRZ00CDI5A40L@usaga04-in.huawei.com> for cga-ext@ietf.org; Fri, 23 Oct 2009 10:49:16 -0500 (CDT) Date: Fri, 23 Oct 2009 10:49:16 -0500 From: Frank Xia To: marcelo bagnulo braun , cga-ext@ietf.org Message-id: <00c301ca53f8$6064bd10$3e0c7c0a@china.huawei.com> MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.3350 X-Mailer: Microsoft Outlook Express 6.00.2900.3598 Content-type: text/plain; format=flowed; charset=iso-8859-1; reply-type=response Content-transfer-encoding: 7BIT X-Priority: 3 X-MSMail-priority: Normal References: <4AE1B49F.5050901@it.uc3m.es> Subject: Re: [CGA-EXT] Draft agenda for the next meeting X-BeenThere: cga-ext@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: CGA and SeND Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Oct 2009 15:49:07 -0000 Hi Marcelo Sorry for my negligence. We would like to have 10 minutes for DHC&CGA solution document http://tools.ietf.org/id/draft-xia-dhc-host-gen-id-02.txt which received many comments in past DHC group. BR Frank ----- Original Message ----- From: "marcelo bagnulo braun" To: Sent: Friday, October 23, 2009 8:50 AM Subject: [CGA-EXT] Draft agenda for the next meeting > Find the draft agenda at: > > http://www.ietf.org/proceedings/09nov/agenda/csi.txt > > Please check if i am not missing any request. > > Presenters should send Gab and me the slides on sunday before the meeting. > > Thanks, marcelo > > > > _______________________________________________ > CGA-EXT mailing list > CGA-EXT@ietf.org > https://www.ietf.org/mailman/listinfo/cga-ext From marcelo@it.uc3m.es Sat Oct 24 01:12:11 2009 Return-Path: X-Original-To: cga-ext@core3.amsl.com Delivered-To: cga-ext@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 95FCE3A6857 for ; Sat, 24 Oct 2009 01:12:11 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.299 X-Spam-Level: X-Spam-Status: No, score=-6.299 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_33=0.6, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dV3Hfg0ERooa for ; Sat, 24 Oct 2009 01:12:10 -0700 (PDT) Received: from smtp03.uc3m.es (smtp03.uc3m.es [163.117.176.133]) by core3.amsl.com (Postfix) with ESMTP id 7E9763A67B6 for ; Sat, 24 Oct 2009 01:12:09 -0700 (PDT) Received: from marcelo-bagnulos-macbook-pro.local (unknown [95.18.30.47]) by smtp03.uc3m.es (Postfix) with ESMTP id 55DBC72C7AD; Sat, 24 Oct 2009 10:12:18 +0200 (CEST) Message-ID: <4AE2B6D5.6050605@it.uc3m.es> Date: Sat, 24 Oct 2009 10:12:05 +0200 From: marcelo bagnulo braun User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812) MIME-Version: 1.0 To: Frank Xia References: <4AE1B49F.5050901@it.uc3m.es> <00c301ca53f8$6064bd10$3e0c7c0a@china.huawei.com> In-Reply-To: <00c301ca53f8$6064bd10$3e0c7c0a@china.huawei.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-TM-AS-Product-Ver: IMSS-7.0.0.3116-5.6.0.1016-16966.003 Cc: cga-ext@ietf.org Subject: Re: [CGA-EXT] Draft agenda for the next meeting X-BeenThere: cga-ext@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: CGA and SeND Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Oct 2009 08:12:11 -0000 ok Frank Xia escribió: > Hi Marcelo > > Sorry for my negligence. > > We would like to have 10 minutes for DHC&CGA > solution document > http://tools.ietf.org/id/draft-xia-dhc-host-gen-id-02.txt > which received many comments in past DHC group. > > BR > Frank > > > ----- Original Message ----- From: "marcelo bagnulo braun" > > To: > Sent: Friday, October 23, 2009 8:50 AM > Subject: [CGA-EXT] Draft agenda for the next meeting > > >> Find the draft agenda at: >> >> http://www.ietf.org/proceedings/09nov/agenda/csi.txt >> >> Please check if i am not missing any request. >> >> Presenters should send Gab and me the slides on sunday before the >> meeting. >> >> Thanks, marcelo >> >> >> >> _______________________________________________ >> CGA-EXT mailing list >> CGA-EXT@ietf.org >> https://www.ietf.org/mailman/listinfo/cga-ext > > From shengjiang@huawei.com Sun Oct 25 23:34:30 2009 Return-Path: X-Original-To: cga-ext@core3.amsl.com Delivered-To: cga-ext@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9DABC3A677D for ; Sun, 25 Oct 2009 23:34:30 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.692 X-Spam-Level: X-Spam-Status: No, score=-0.692 tagged_above=-999 required=5 tests=[AWL=-0.197, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9qZdzH0iMgXa for ; Sun, 25 Oct 2009 23:34:29 -0700 (PDT) Received: from szxga04-in.huawei.com (unknown [119.145.14.67]) by core3.amsl.com (Postfix) with ESMTP id BCCAA3A6403 for ; Sun, 25 Oct 2009 23:34:29 -0700 (PDT) Received: from huawei.com (szxga04-in [172.24.2.12]) by szxga04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0KS300LAZZLKWP@szxga04-in.huawei.com> for cga-ext@ietf.org; Mon, 26 Oct 2009 14:34:32 +0800 (CST) Received: from huawei.com ([172.24.1.24]) by szxga04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0KS3003ZLZLK7W@szxga04-in.huawei.com> for cga-ext@ietf.org; Mon, 26 Oct 2009 14:34:32 +0800 (CST) Received: from j66104a ([10.111.12.58]) by szxml04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTPA id <0KS300EG3ZLJCK@szxml04-in.huawei.com> for cga-ext@ietf.org; Mon, 26 Oct 2009 14:34:32 +0800 (CST) Date: Mon, 26 Oct 2009 14:34:31 +0800 From: Sheng Jiang To: cga-ext@ietf.org Message-id: <009601ca5606$607519c0$3a0c6f0a@china.huawei.com> MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.3350 X-Mailer: Microsoft Office Outlook 11 Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT Thread-index: AcpWBcE4L4cDP3ZIT1OIrXyE7mlc7AAAHOOA Subject: [CGA-EXT] FW: New Version Notification for draft-jiang-csi-cga-config-dhcpv6-01 X-BeenThere: cga-ext@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: CGA and SeND Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Oct 2009 06:34:30 -0000 Dear CSIers, An update version draft-jiang-csi-cga-config-dhcpv6-01 has been submitted to the CSI WG. Your comments are welcome. Best regards, Sheng > -----Original Message----- > From: IETF I-D Submission Tool [mailto:idsubmission@ietf.org] > Sent: Monday, October 26, 2009 2:30 PM > To: shengjiang@huawei.com > Cc: xiazhongqi@huawei.com > Subject: New Version Notification for > draft-jiang-csi-cga-config-dhcpv6-01 > > > A new version of I-D, > draft-jiang-csi-cga-config-dhcpv6-01.txt has been successfuly > submitted by Sheng Jiang and posted to the IETF repository. > > Filename: draft-jiang-csi-cga-config-dhcpv6 > Revision: 01 > Title: Configuring Cryptographically > Generated Addresses (CGA) using DHCPv6 > Creation_date: 2009-10-26 > WG ID: Independent Submission > Number_of_pages: 11 > > Abstract: > A Cryptographically Generated Address (CGA) is an IPv6 > addresses binding with a public/private key pair. However, > the current CGA specifications are lack of procedures to > enable proper management of CGA generation. Administrators > should be able to configure parameters used to generate CGA. > The Dynamic Host Configuration Protocol for > IPv6 (DHCPv6), which enables network management to > dynamically configure hosts, can be used in the CGA > configuration. Furthermore, CGA generation consumes large > computation power. This computational burden can be delegated > to the DHCPv6 server. A new DHCPv6 options are also defined > in this document to enable hosts delegate CGA generation to a > DHCPv6 server. > > > > > The IETF Secretariat. > > From shengjiang@huawei.com Thu Oct 29 19:10:04 2009 Return-Path: X-Original-To: cga-ext@core3.amsl.com Delivered-To: cga-ext@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0EAC83A682D for ; Thu, 29 Oct 2009 19:10:04 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.588 X-Spam-Level: X-Spam-Status: No, score=-0.588 tagged_above=-999 required=5 tests=[AWL=-0.093, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2FfvnTquI4ZS for ; Thu, 29 Oct 2009 19:10:03 -0700 (PDT) Received: from szxga04-in.huawei.com (unknown [119.145.14.67]) by core3.amsl.com (Postfix) with ESMTP id 36DC13A6359 for ; Thu, 29 Oct 2009 19:10:03 -0700 (PDT) Received: from huawei.com (szxga04-in [172.24.2.12]) by szxga04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0KSB00AJR20XRP@szxga04-in.huawei.com> for cga-ext@ietf.org; Fri, 30 Oct 2009 10:10:09 +0800 (CST) Received: from huawei.com ([172.24.1.24]) by szxga04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0KSB0013N20WQ6@szxga04-in.huawei.com> for cga-ext@ietf.org; Fri, 30 Oct 2009 10:10:08 +0800 (CST) Received: from j66104a ([10.111.12.58]) by szxml04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTPA id <0KSB00ITM20W34@szxml04-in.huawei.com> for cga-ext@ietf.org; Fri, 30 Oct 2009 10:10:08 +0800 (CST) Date: Fri, 30 Oct 2009 10:10:08 +0800 From: Sheng Jiang In-reply-to: <54FF3641-586F-4C6A-989B-A69916148846@fugue.com> To: 'Ted Lemon' , cga-ext@ietf.org Message-id: <001c01ca5906$1addcda0$3a0c6f0a@china.huawei.com> MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.3350 X-Mailer: Microsoft Office Outlook 11 Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT Thread-index: AcpY6maT30v6uynKQH+1pqK+QnsXxwAFCzAg Subject: Re: [CGA-EXT] FW: New Version Notification for draft-jiang-csi-cga-config-dhcpv6-01 X-BeenThere: cga-ext@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: CGA and SeND Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Oct 2009 02:10:04 -0000 Hi, Ted, The work of draft-jiang-csi-cga-config-dhcpv6-01 is recommended by draft-ietf-csi-cga-dhcpv6-ps. I am going to talk about works suggested by draft-ietf-csi-cga-dhcpv6-ps in Hiroshima. My talk will briefly introduce draft-jiang-csi-cga-config-dhcpv6, draft-jiang-dhc-secure-dhcpv6, xia-dhc-host-gen-id. For these works, people from the dhc wg are really appreciated. Cheers, Sheng > -----Original Message----- > From: Ted Lemon [mailto:mellon@fugue.com] > Sent: Friday, October 30, 2009 6:42 AM > To: Sheng Jiang > Subject: Re: [CGA-EXT] FW: New Version Notification for > draft-jiang-csi-cga-config-dhcpv6-01 > > On Oct 25, 2009, at 11:34 PM, Sheng Jiang wrote: > > An update version draft-jiang-csi-cga-config-dhcpv6-01 has been > > submitted to the CSI WG. Your comments are welcome. > > Is there any chance that you could do a brief > presentation/discussion about this in the DHC working group > meeting in Hiroshima? I'd like to get people from the dhc > wg engaged in the cga work that's going on--I think it's very > important. >