Handover Keying (hokey) Working Group MINUTES  

Chairs  : Glen Zorn (gwz@net-zen.net)

          Tina Tsou (tena@huawei.com)

URL     : http://tools.ietf.org/wg/hokey/

Minutes : Version 1.0 (draft)

Meeting : IETF 77; Anaheim, California USA


Session 1

Date    : Wednesday, 24 March 2010

Time    : 10:300–11:30

Location: California D


Welcome & Administrivia (10 minutes)

Document Status (5 minutes, Chairs)

All of the previous WG documents have either been published as RFCs or are in the hands of the RFC Editor.  One of the purposes of this meeting is to begin to choose a new set of documents to work on from the set of candidates.


Proposed New WG Drafts (40 minutes)

Hokey Architecture (Tom Taylor)

I-D       :   https://datatracker.ietf.org/doc/draft-hoeper-hokey-arch-design

Charts    :   http://www.ietf.org/proceedings/10mar/slides/hokey-2.ppt


Slide 3:

- The list points to existing work, not all items are new.


Glen: Problem with the word "authenticator". Use "Network access point" instead.


Slide 4:

- model 1: We need a new L3 protocol to carry EAP packets.


Glen: Can use PANA instead of something new.

(Lady, sorry I did not get the name): Can we re-use another protocol instead of a new one (from other SDO)?

      In inter-technology handovers, we already do pre-authentication, so there are existing solutions.

Qin: Not sure about the new protocol in model 2...

Lionel: We can re-use PANA if running over IP.

Glen: Make-before-break: irrelevant. Break-before-make: OK.


- Model 2: between serving & candidate autehtnicator: what proto ? Diameter ? PANA?


- Model 3: Diameter OK but new AVP to be defined inside


Slide 6:

- for direct model, discovery must be resolved.


Slide 7, 8:

- These options can be transparent to the peer, or not...


Slide 9:


Glen as chair: cannot predict the future... will they deploy more than 1? Unknown...

Tom: then we must implement everything everywhere for interoperability.

Glen: ok... it s not the time to make this decision

Tom: this document is a guideline

Glen: no, it just describes the requirements

(Sorry, minute taker got lost in exchange Tom / Glen)

Tom: there is a big difference between models 1 and (2, 3).

     If we support more than 1 model, we might limit interoperability.

Glen: this must be discussed on the list.

Lionel: Can the solution to be defined support more than 1 model in the same way?

         For example, model 1 is a fallback in case of another attempt failed?

Qin: answer to Glen: it is easy to use L2 or L3 protocol to distinguish between the models.

Tom: major concern: interoperability!

Glen: mistake between inter & intra domain... inter domain was historically out of scope.

      In intra domain, you don't have an interoperability problem.

      You can arrange for deployment to bear with interoperability.

      It does not relate to architecture.

Tina: these are different scenarios

Lionel: it will depend on the capabilities of the serving domain. You need at least one solution.

      The 3 models are guidelines from the architecture


Slide 10:

- Problem: how to give the key to ER server.

  5296: assumes it is on the path of original EAP auth.


Glen: There a problem in the diagram. The EAP entities do not speak AAA.

      There is a (transparent) transport that can be anything (incl. AAA)

Tom: it is the job of the WG to specify how they talk

Glen: no, we just need to say that the EAP entities talk.

Tom: OK, will remove AAA and output a recommendation on the transport protocols.

Sib: For Diameter ERP, we need to know the entities talking and the message flow.

Lionel: we can just put EAP frames on the diagram. For authentication, it is OK to speak about EAP only.

     in "real" access, we need more information.

Glen: this document should only specify what is needed to support HOKEY. No telling how to do it.

Qin: to sum up: Diameter is not mandatory, you can use others

Glen: confirmed.


Slide 16:


Glen: how many people read the draft?

~ 7, 8 arms raised.


Glen: who would commit to really comment on the document, in the next month?

~ 5, 6 people


Glen: OK good, wait for comments, then we will discuss on the ML if we want to adopt in current shape.


Lionel: why it is not a WG document yet?


Glen: the work is in the charter, but the second bullet on the slide is not yet answered.


Tim: yes, we need to know it is going in the good direction before it becomes the WG document.


Glen: as chair, no problem with the document.


Session 2

Date    : Thursday, 25 March 2010

Time    : 15:10–16:10

Location: Huntington


Welcome & Administrivia (10 minutes)


Proposed New WG Drafts (45 minutes)

Internet-Draft: http://tools.ietf.org/html/draft-wang-hokey-erp-aak

Charts: http://www.ietf.org/proceedings/10mar/slides/hokey-3.ppt


§  The Local Domain Name DHCP Option (Qin Wu, 15 minutes)

Internet-Draft: http://tools.ietf.org/html/draft-wu-hokey-ldn-discovery

Charts:  http://www.ietf.org/proceedings/10mar/slides/hokey-1/hokey-1_files/frame.htm


Wrap-Up (5 minutes, Chairs)