------------------------------------------------------------------------ Mobility EXTensions for IPv6 (mext) IETF76 meeting minutes ------------------------------------------------------------------------ Chairs: Marcelo Bagnulo Julien Laganier ------------------------------------------------------------------------ TUESDAY, November 10, 2009 1520-1700 Afternoon Session II (Orchid Centre) ------------------------------------------------------------------------ Note for this session were taken by Raj Patil (20 min) Flow Binding, WGLC Wrap-Up -- George Tsirtis http://tools.ietf.org/html/draft-ietf-mext-flow-binding Raj: Does the traffic selector option allow the specification of other formats such as text, binary etc. George: Yes. Instead of having a separate suboption this parameter is now included as part of the FID. Raj: Should Yuri Ismailov: There is another I-D specifying ascii format for TS. Marcelo: This document was considered but not accepted as the WG doc. Yuri: Why was it not accepted? Marcelo: Because the WG did not want to specify multiple solutions. Yuri: But now the Flow binding allows multiple TS types Marcelo: The WG will consider it if there is consensus Yuri: Because Raj: There are two parts to the flow binding work. The signaling to establish the flow binding and the format of the traffic selectors. Marcelo: The WG has chosen to specify only a single format for now and is not open to considering other formats Discussion about whether the WG should be consuted rather than a decision being made by the chairs. Marcelo said that this discussion will be opened at the time of rechartering ------------------------------------------------------------------------ (20 min) Traffic Selectors for Flow Binding, Status update -- George Tsirtsis http://tools.ietf.org/html/draft-ietf-mext-binary-ts - Basically this draft does not specify any protocol but is instead specifing a format Marcelo: A WG last call will be issued next week. ------------------------------------------------------------------------ (20 min) (DS)MIPv6 Implementation with Unmodified IPsec -- Julien Laganier http://tools.ietf.org/html/draft-laganier-mext-dsmipv6-ipsec Marcelo: Are the statements about RFC4301 compliance and use of IPsec by DSMIP6 not contradictory? Julien: They are. But this analysis shows that a conformant IPsec implementation can be used with DSMIP6 George: There could be other applications also using IPsec and hence have other SPIs. So how can you determine whether a packet is data or signaling from the SPI Julien: The MIP6 module cares only about those two specific SPIs Raj: The point about whether the outer header needs to be maintained in order to compare with Marcelo: Should we have clarifying text about how to do this implementation? Julien: Not sure. Jari Arkko: Is this document based on analysis or from implementation experience? Julien: It is an analysis only. Raj: We have implemented DSMIP6 with IPsec and IKEv2 and can assure the WG that it is not possible to implement the security using IPsec/IKEv2 without modifying the IPsec/IKEv2 modules. Marcelo: It would be good to do the analysis of what are the exact issues with implementing IPsec and IKEv2 with DSMIP6. Rather than saying we have problems with Ipsec/IKEv2 we should have very clear identification of the actual issues. Also recommends people implementing the Sri: Have you reviewed Pasi's comments from the IESG review of RFC5555 Julien: Disagreeing with the issues raised by Pasi during the RFC5555 standardization process ------------------------------------------------------------------------ (20 min) Security architecture for Mobile IPv6 using TLS -- Basavaraj Patil http://tools.ietf.org/html/draft-korhonen-mext-mip6-altsec Jean-Michel Combes: Suprised to see that we are still discussing whether we should work on an alternate security architecture while it is not proven if the current mechanism does not work Marcelo: This is a process question. At the moment we are not working on anything. We are just disucssing it and are not chartered to do anything. JMC: Compatibility aspect - When the MN changes HA then if the other HA does not support the same security architecture that could be an issue. Raj/Jouni: That is not a problem because the MN would not select - Lots of discussion about the IPsec/IKEv2 Ryuji: There is a difference between MIP6 and DSMIP6 and the use of IPsec/IKEv2 is specifically applicable to DSMIP6. Suresh Krishnan: There is no propoer interface between DSMIP6 and IPsec/IKEv2. So maybe we should specify such interfaces Marcelo: Are you (Suresh) willing to write an I-D? Suresh: There are already existsing I-Ds on this topic that have expired. Jari Arkko: How do we move forward? Rough consensus and running code. Would like to see more implementations and running code. Would like to see the interest about alternate security mechanisms. Reality is in the code and what people want to do. There is no point in having a philosophical discussion about which is better Jaris suggestions for steps to progress: 1. Julien's analysis should be completed 2. The alternate implementation report can be presented If only one team wants to do something that is a problem but if there is more acceptance then we should consider it. JMC: We should look at what we will win and what we lose by changing the security model. Marcelo: Julien will work on the analysis and Raj will report further on the progress and Suresh will dig up some drafts that discuss interfaces. Jari Arkko: Question for Suresh: Is this a MIP6 specific document? Or is this a more general IPsec control API? Suresh : It is a Mobile IPv6 to IPsec interface Raj: IPsec/IKEv2 on hosts today is used only for VPNs and nothing else. Why should MIP6 rely on it? Julien: But this was decided in the past and does it make sense to revisit this decision and change a proposed standard? Marcelo: Closing the discussion as this is not helping us make progress. ------------------------------------------------------------------------ Second MEXT session FRIDAY, November 13, 2009 1300-1400 Afternoon Session I (Orchid Centre) 1415-1515 Afternoon Session II (Orchid Centre) ------------------------------------------------------------------------ (05 min) Jabber Scribe, Note Takers, WG status -- Chairs Notetaker for this session: Jouni Korhonen Marcelo: flow binding stuff is progressing fine. discussion what stays in charter. If there is energy to work on something, it stays in charter. o RO in automotive industry. Thierry: going to update the document. Requirements from two SDOs (ETSI and ISO) Hannes: is ETSI interested in IETF work or do they want to work on their own on technical aspects. Marcello: charetered to do this for 2 years. Seems no energy to work on this. If we see new significant interest in next 2-3 months Hannes: ppl ran out of energy and went on other topics or they lost interest as the solution is not applicable anymore etc. Combes: HA reliability. I sent my review to Ruyji. New version coming soon. Marcelo: we need more than one review. This cannot be one or two people work. Such work is for AD track. WG work is Suresh: FW drafts. 3 complete reviews. Ready. New text coming for DSMIP. Marcelo: similar comment as earlier. ------------------------------------------------------------------------ (05 min) IPv4 Support for DSMIPv6 IPv6 Home Link -- Fuad Abinader http://tools.ietf.org/html/draft-premec-mext-extended-home-link marcelo: Anybody here besides the authors to work on this draft? (none) ------------------------------------------------------------------------ (05 min) MN Identifier Types for RFC 4283 Mobile Node Identifier Option -- Charles Perkins http://tools.ietf.org/html/draft-perkins-mext-4283mnids marcelo: does this require a chance in format? charlie: no. just a registry. marcelo: Jari? everything is in place but we need STD track document to assign new values. charlie: do not want to create any new identifier. jari: do we as a WG to want to do this. Or will ppl still continue to decorate NAI? Marcelo: any SDO going to use it? jari: we do not need ask SDOs. We can do a sensible thing ourselves. marcelo: no technical work really needed. jari: some needed to define the codings & formatting. marcelo: going to list.. ------------------------------------------------------------------------ (20 min) IPv6 Migration support in Mobility Architectures -- Sri Gundavelli http://tools.ietf.org/html/draft-gundavelli-softwire-gateway-init-ds-lite No show. ------------------------------------------------------------------------ (10 min) Interactions of MIPv6 and NAT64 -- Wassim Haddad http://tools.ietf.org/html/draft-haddad-behave-nat64-mobility-harmful Charlie P: previously in BEHAVE, was requested to be presented in MEXT Marcelo: not specific to mobility, NAT64 have constrained applicability Suresh: this problem is a generic problem for multi-interface nodes Julien: make it clear on doc that native connectivity is preferred Marcelo: valid document, just not the right place, maybe back to BEHAVE ------------------------------------------------------------------------ (20 min) Issues in NEMO RO for Intelligent Transportation System -- Thierry Ernst marcelo: two MRs to exchange routing information? Henry: Yes Marcelo: looks like a routing protocol. Could you use more specific routes here (rfc4191). In CSI more specific routes were specifically scoped out from certificate profiles but you want to use SeND here. Suresh: I understand where Jean's concerns come from.. Henry: ND is not worked in this group.. but could this worked in MEXT? Marcelo: this has really nothing to do with mobility. YTou need ND expertise, like in 6man or csi. Marcelo: if your requirements point you that you don't need mobility expertise to solve this, then don't work this in MEXT.. ------------------------------------------------------------------------