Diameter Maintenance and Extensions

== Logistics =================================================================

THURSDAY, November 17, 2011
1740-1940  Afternoon Session III (note, session moved)

Chairs: Jouni Korhonen (jouni.nospam@gmail.com)
        Lionel Morand (lionel.morand@orange-ftgroup.com)

Room: 2103
Conflicts: lisp, samrg, multrans (bof), vipr, sdn (bof), tls, decade

== Administrative ============================================================

   Agenda Bashing                                              (chairs, 10min)
   o Bluesheets
   o Jabber: tbd
   o Note taker #1: Jean Mahoney
   o Note taker #2: tbd

Lionel is at the 3GPP meeting.

Moving rechartering discussion to earlier in the meeting. Dan (AD) has a colliding BoF to attend to a late scheduling of WG meetings.

Rechartering:

The other bullets based on what the WG has done (see the last page in agenda slideset). 
Last bullet is new. 


Dan - IESG hasn't seen the charter proposal. Comment from IESG - the docs walk the border of the scope of the WG. Maybe this is needed. Prefer an open discussion with the IESG to show there is demand from the industry and support from the WG. (the comment refers using Diameter for other purposes than pure AAA, such as, NAT control and generic configuration management)

What are the use cases for the bulk signaling. How does this enter into the scope (first paragraph)?

Marco Liebsch - Need to write up how the bulk signaling help to reduce signaling overhead. 

Dan - So you are saying this can be described as an optimization of the protocol?

Mark Jones - says yes. 

Glen Zorn - Signaling is not AAA. Change the word signaling to session control, which is part of AAA. 3588 and 3588bis says that diameter can be used for things other than AAA. 

Mark - Good point on the signaling term. 

Dan - Even if 3588 talks about other applications, this working group is chartered on incremental extensions are scoped to AAA.

Marco - I don't think it conflicts with the motivation for the charter. Group signaling doesn't deviate from AAA context. 

Dan - we have two options: 
- keep the current framework - easier to recharter, but will face the same kind of discusses from IESG members. 
- Or rewrite the first paragraph - it's your decision. 

Jouni - need to work on option 2 text. If we can't come up with text, fall back to option 1.

Glen - prefer option 2 to enlarge scope of dime to encompass synchronization state between proxies. This current change wouldn't do that. 

Jouni - post what you want to see as text as the charter. 

ACTION ==> To folks who want something to happen, they should propose text for new charter within a few weeks. 



   WG Status Update                                            (chairs, 15min)

   Documents in WG process:

   o draft-ietf-dime-erp-07         Going for WGLC
   o draft-ietf-dime-pmip6-lr-06    Completed WGLC. Going to move forward
   o draft-ietf-dime-rfc4005bis-05  TRAC issues not addressed.

   IESG Processing:

   o draft-ietf-dime-diameter-base-protocol-mib-06
   o draft-ietf-dime-diameter-cc-appl-mib-03
   o draft-ietf-dime-ikev2-psk-diameter-10
   o draft-ietf-dime-nat-control-12
   o draft-ietf-dime-priority-avps-05
   o draft-ietf-dime-rfc3588bis-29

   RFC-Editor's Queue:

   o draft-ietf-dime-	-07
   o draft-ietf-dime-extended-naptr-09           Now out as RFC 6408
   o draft-ietf-dime-local-keytran-14

   Missing in Action:

   o draft-ietf-dime-app-design-guide            Expired -> withdraw the I-D?
   o draft-ietf-dime-realm-based-redirect        Expired -> withdraw the I-D?

Jouni - anyone have an opinion on keeping app-design-guide? Victor has moved on. It needs to be rewritten in many places, needs new info added. 

No opinions expressed.

Should the document keep realm-based-redirect? There's an IPR issue.

Glen - is it useful?

Jouni - I don't have a use case for this. 

Glen - I don't know how much work is required. I recall that it went to WGLC. 

Jouni - the authors haven't responded. 4 major defects in tracker. Anyone against removing it?

Glen - these have been abandoned by the authors?

Jouni nods.

Glen - I don't have an issue with getting rid of the documents, but you can assign new authors.

Jouni - anyone interested in taken them on?

silence.

Glen - Design guides are useless. Is the other one useful?

==> DECISION: Jouni will submit question to the list.

       
== Working group draft presentations =========================================

   WG Draft Status updates since last IETF#81
   o draft-ietf-dime-ikev2-psk-diameter                       (Violeta, 15min)


The open issues and DISCUSSes have been resolved.

Presented changes made since the last meeting. 

Jouni - is something referencing this?

Violeta - 3GPP2 documents reference it.

Jouni - thanks for the hard work.



== Individual drafts presentations ===========================================


== Other discussion topics ===================================================

   o Diameter Bulk Signaling                               (Marco/Mark, 30min)

Mark presenting

3GPP hasn't proposed mechanisms for group signaling, would like to get in front of it. 

Doesn't specify new applications.

I'm not proposing NASREQ or DCCA.

Jouni - how big are the changes to the state machines?

Mark - The mods are not as radical as I thought they were be. They are in the draft.

Marco - We had an individual draft with a generic model, but no discussion on deployment considerations. I think it's the right approach to assess whether it's sufficient or a more generic approach is needed.




   o draft-ietf-dime-3588bis                                   (Glen,  >15min)
     * next steps to resolve the DISCUSSes

Jouni presented the IESG comments, highlighting Saint-Andre's feedback, which has been resolved (during the IETF meeting in a f2f discussions).

Glen discussed Stephen Farrell's feedback. Security is the elephant in the room. Glen thinks that it needs to be MUST to run diameter over IPSEC or TLS. Don't care if we embarrass operators. The SDOs don't specify security. 

Stefan Winter - we should write that security is a MUST.

Glen - another way to clear the discuss - leave it as-is and then detail the security problems with doing anything else, like network domain security. Would make the SDOs less happy. 

ACTION: Jouni will respond via email.

Simon Mizikovsky  - even if we implement Farrell's feedback, it doesn't provide security if the operator doesn't do it. Doesn't solve anything.

Stefan - we can be very clear that if the operators don't do it, they open themselves to risk.

Simon - makes the box more expensive. SDO says, "If not secured by other means, thenā .."

Stefan - we need to specify the security. 


== AOB =======================================================================

                                                                  total >85min
                                                                   
==> ACTION: Please comment on the charter.