From hipsec-bounces@lists.ietf.org Fri Oct 06 15:50:42 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GVvi3-0006h0-0n; Fri, 06 Oct 2006 15:50:15 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GVvhr-0006ex-Fy; Fri, 06 Oct 2006 15:50:03 -0400 Received: from ns1.neustar.com ([2001:503:c779:1a::9c9a:108a]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GVvhq-0004RL-FV; Fri, 06 Oct 2006 15:50:03 -0400 Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by ns1.neustar.com (Postfix) with ESMTP id 6ED4E26E6F; Fri, 6 Oct 2006 19:50:02 +0000 (GMT) Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1GVvhq-00022T-9X; Fri, 06 Oct 2006 15:50:02 -0400 Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 To: i-d-announce@ietf.org From: Internet-Drafts@ietf.org Message-Id: Date: Fri, 06 Oct 2006 15:50:02 -0400 X-Spam-Score: -2.5 (--) X-Scan-Signature: b280b4db656c3ca28dd62e5e0b03daa8 Cc: hipsec@ietf.org Subject: [Hipsec] I-D ACTION:draft-ietf-hip-esp-04.txt X-BeenThere: hipsec@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: hipsec-bounces@lists.ietf.org --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Host Identity Protocol Working Group of the IETF. Title : Using ESP transport format with HIP Author(s) : P. Jokela, et al. Filename : draft-ietf-hip-esp-04.txt Pages : 35 Date : 2006-10-6 This memo specifies an Encapsulated Security Payload (ESP) based mechanism for transmission of user data packets, to be used with the Host Identity Protocol (HIP). A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-hip-esp-04.txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-hip-esp-04.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-hip-esp-04.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2006-10-6124950.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-hip-esp-04.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-hip-esp-04.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2006-10-6124950.I-D@ietf.org> --OtherAccess-- --NextPart Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Hipsec mailing list Hipsec@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hipsec --NextPart-- From hipsec-bounces@lists.ietf.org Tue Oct 17 06:40:26 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GZmM7-0004gX-SK; Tue, 17 Oct 2006 06:39:31 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GZmM5-0004eY-AF for hipsec@ietf.org; Tue, 17 Oct 2006 06:39:29 -0400 Received: from n2.nomadiclab.com ([193.234.219.2]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GZmM3-0008Ew-S8 for hipsec@ietf.org; Tue, 17 Oct 2006 06:39:29 -0400 Received: from n2.nomadiclab.com (localhost [127.0.0.1]) by n2.nomadiclab.com (Postfix) with ESMTP id D42A4212C65; Tue, 17 Oct 2006 13:39:19 +0300 (EEST) Received: from [193.234.219.69] (n69.nomadiclab.com [193.234.219.69]) by n2.nomadiclab.com (Postfix) with ESMTP id 72354212C5F; Tue, 17 Oct 2006 13:39:19 +0300 (EEST) Message-ID: <4534B2D0.3050101@nomadiclab.com> Date: Tue, 17 Oct 2006 13:39:12 +0300 From: Petri Jokela User-Agent: Thunderbird 1.5.0.7 (X11/20060922) MIME-Version: 1.0 To: hipsec@ietf.org References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV using ClamSMTP X-Spam-Score: 0.0 (/) X-Scan-Signature: 52e1467c2184c31006318542db5614d5 Cc: Subject: [Hipsec] Base draft: padding issue X-BeenThere: hipsec@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: hipsec-bounces@lists.ietf.org Pekka Savola wrote: > All of the TLV parameters have a length (including Type and Length > fields) which is a multiple of 8 bytes. When needed, padding MUST be > added to the end of the parameter so that the total length becomes a > multiple of 8 bytes. This rule ensures proper alignment of data. If > padding is added, the Length field MUST NOT include the padding. > > ==> I must be missing something. If padding is added according to the > abovementioned text, adding the padding (up to the next 64 bit boundary) > doesn't change the Length field -- so I'm not sure what the last > sentence is > saying ? I think protocol design shouldn't be such that there is more data > (even if it's padding) that goes beyond the length field. Related to this padding issue, how should we proceed? I was first thinking about a similar method as e.g. in MIPv6 (Pad1 parameter, total length 1 octet, PadN parameter, total length 2-n octets), but we have a 32-bit type field which makes it impossible to create one octet padding using the parameter. Personally I don't have any problems with the current definition, but I can't tell if it is right or wrong. Anyway, the padding is included in the length of the HIP packet (Length field in the HIP header), but not in single parameter length fields. Any comments? /petri -- Petri Jokela e-mail: petri.jokela@nomadiclab.com Research Scientist phone: +358 9 299 2413 Ericsson Research, NomadicLab mobile: +358 44 299 2413 _______________________________________________ Hipsec mailing list Hipsec@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hipsec From hipsec-bounces@lists.ietf.org Tue Oct 17 10:03:09 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GZpWh-0001fw-T1; Tue, 17 Oct 2006 10:02:39 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GZpWg-0001fm-ON for hipsec@ietf.org; Tue, 17 Oct 2006 10:02:38 -0400 Received: from ug-out-1314.google.com ([66.249.92.175]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GZpWb-0003qk-Bc for hipsec@ietf.org; Tue, 17 Oct 2006 10:02:38 -0400 Received: by ug-out-1314.google.com with SMTP id 72so927322ugd for ; Tue, 17 Oct 2006 07:02:32 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:from:to:subject:date:user-agent:cc:mime-version:content-type:content-transfer-encoding:content-disposition:message-id:sender; b=lvYJqtKXIe8LA2/NvWI6JMjbTMiV0uSo5jyv+u0z/QwhSXxk/pxXtR1K+XU18uU+w0V6vH1Z6mbCXViZi3mmcBSM7cDZu4wTTlrNKhkb+ecK4+swufLWYB86E31Sz3DC7g+CGXcZrhem6qqfbQdD75jicFBLDqbcIPvHdMwxlRk= Received: by 10.66.232.10 with SMTP id e10mr2280234ugh; Tue, 17 Oct 2006 07:02:32 -0700 (PDT) Received: from ?192.168.1.109? ( [212.119.9.178]) by mx.google.com with ESMTP id j2sm1991584ugf.2006.10.17.07.02.31; Tue, 17 Oct 2006 07:02:31 -0700 (PDT) From: Julien Laganier To: hipsec@ietf.org Date: Tue, 17 Oct 2006 16:03:23 +0200 User-Agent: KMail/1.8.2 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200610171603.24068.julien.IETF@laposte.net> X-Spam-Score: 0.0 (/) X-Scan-Signature: 0bc60ec82efc80c84b8d02f4b0e4de22 Cc: Subject: [Hipsec] draft-ietf-hip-dns-08 X-BeenThere: hipsec@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: hipsec-bounces@lists.ietf.org Folks, As requested by the chairs, I just submitted to the secretariat a new revision of our DNS draft with minor editorial nits regarding references: - removed citation and reference to RFC3363 leftover from the Type 1 / Type 2 HITs discussion. - updated obsolete DNSSEC reference from RFC2065 to RFC4033, RFC4034 and RFC4035. - updated Base16/32/64 reference from RFC3548 to RFC4648 - updated HIP architecture reference from I-D to RFC4423, and added citation where first cited in introduction. - added citation to HIP MM I-D where first cited in introduction. - added citation of RFC1035 and RFC3596 where A and AAAA first cited in introduction As soon as it show up in the repository you'd be able to review those changes at the following URL: Best, --julien _______________________________________________ Hipsec mailing list Hipsec@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hipsec From hipsec-bounces@lists.ietf.org Tue Oct 17 10:38:38 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GZq5W-0001wi-4f; Tue, 17 Oct 2006 10:38:38 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GZq5V-0001wa-F0 for hipsec@ietf.org; Tue, 17 Oct 2006 10:38:37 -0400 Received: from slb-smtpout-01.boeing.com ([130.76.64.48] helo=slb-smtpout-01.ns.cs.boeing.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GZq5H-0007ry-2z for hipsec@ietf.org; Tue, 17 Oct 2006 10:38:37 -0400 Received: from blv-av-01.boeing.com (blv-av-01.boeing.com [192.42.227.216]) by slb-smtpout-01.ns.cs.boeing.com (8.13.6/8.13.6/SMTPOUT) with ESMTP id k9HEbinj014549 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Tue, 17 Oct 2006 07:37:49 -0700 (PDT) Received: from blv-av-01.boeing.com (localhost [127.0.0.1]) by blv-av-01.boeing.com (8.13.6/8.13.6/DOWNSTREAM_RELAY) with ESMTP id k9HEcGUj002364 for ; Tue, 17 Oct 2006 07:38:16 -0700 (PDT) Received: from XCH-NWBH-11.nw.nos.boeing.com (xch-nwbh-11.nw.nos.boeing.com [130.247.55.84]) by blv-av-01.boeing.com (8.13.6/8.13.6/UPSTREAM_RELAY) with ESMTP id k9HEcEkG002279; Tue, 17 Oct 2006 07:38:16 -0700 (PDT) Received: from XCH-NW-5V1.nw.nos.boeing.com ([130.247.55.44]) by XCH-NWBH-11.nw.nos.boeing.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 17 Oct 2006 07:38:15 -0700 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: RE: [Hipsec] Base draft: padding issue Date: Tue, 17 Oct 2006 07:38:13 -0700 Message-ID: <77F357662F8BFA4CA7074B0410171B6D01A2F82D@XCH-NW-5V1.nw.nos.boeing.com> In-Reply-To: <4534B2D0.3050101@nomadiclab.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [Hipsec] Base draft: padding issue Thread-Index: Acbx2K4ceuvs0u/RQge6ajYSlwICvAAIOSkw From: "Henderson, Thomas R" To: "Petri Jokela" X-OriginalArrivalTime: 17 Oct 2006 14:38:15.0688 (UTC) FILETIME=[E15EE080:01C6F1F9] X-Spam-Score: 0.0 (/) X-Scan-Signature: 7655788c23eb79e336f5f8ba8bce7906 Cc: hipsec@ietf.org X-BeenThere: hipsec@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: hipsec-bounces@lists.ietf.org I agree with Pekka Savola that the last sentence cited below is not needed and is inaccurate. Tom > -----Original Message----- > From: Petri Jokela [mailto:petri.jokela@nomadiclab.com]=20 > Sent: Tuesday, October 17, 2006 3:39 AM > To: hipsec@ietf.org > Subject: [Hipsec] Base draft: padding issue >=20 > Pekka Savola wrote: >=20 > > All of the TLV parameters have a length (including Type=20 > and Length > > fields) which is a multiple of 8 bytes. When needed,=20 > padding MUST be > > added to the end of the parameter so that the total=20 > length becomes a > > multiple of 8 bytes. This rule ensures proper alignment=20 > of data. If > > padding is added, the Length field MUST NOT include the padding. > >=20 _______________________________________________ Hipsec mailing list Hipsec@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hipsec From hipsec-bounces@lists.ietf.org Thu Oct 19 06:27:55 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GaV7O-0006RV-RR; Thu, 19 Oct 2006 06:27:18 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GaV7N-0006Pb-LF for hipsec@ietf.org; Thu, 19 Oct 2006 06:27:17 -0400 Received: from n2.nomadiclab.com ([193.234.219.2]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GaV7I-0003rG-SI for hipsec@ietf.org; Thu, 19 Oct 2006 06:27:17 -0400 Received: from n2.nomadiclab.com (localhost [127.0.0.1]) by n2.nomadiclab.com (Postfix) with ESMTP id 63DBE212C65; Thu, 19 Oct 2006 13:27:02 +0300 (EEST) Received: from [193.234.219.104] (n104.nomadiclab.com [193.234.219.104]) by n2.nomadiclab.com (Postfix) with ESMTP id 23357212C5D; Thu, 19 Oct 2006 13:27:02 +0300 (EEST) Message-ID: <453752E8.4060808@nomadiclab.com> Date: Thu, 19 Oct 2006 13:26:48 +0300 From: Petri Jokela User-Agent: Thunderbird 1.5.0.7 (X11/20060922) MIME-Version: 1.0 To: hipsec@ietf.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV using ClamSMTP X-Spam-Score: 0.0 (/) X-Scan-Signature: 97c820c82c68af374c4e382a80dc5017 Cc: "Gray, Eric" , "Joseph Salowey \(jsalowey\)" Subject: [Hipsec] Base draft issues X-BeenThere: hipsec@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: hipsec-bounces@lists.ietf.org Hi, I have received a bunch of comments related to the base draft (thanks to Joseph, Pekka S. and Eric) and I have tried to clarify and fix things in the draft. In addition to the ones listed below, I have fixed some typos. The pre-release of 07 draft is available at http://hip4inter.net/drafts.php draft-ietf-hip-base-07-pre191006.* Also diff from 06 is available. BR, Petri 1. Puzzle description, conflicting "keep state" statements. The text in 4.1.1. allows keeping state of failed puzzle solutions, but appendix A says "SHOULD NOT". - fixed 4.1.1. "algorithm" -> "algorithmic" (typo from the reference) - Appendix 2: modified the text so that it allows also keeping state. I'm not sure, however, if the original SHOULD NOT referred to the particular way to implement or not. 2. 384-bit D-H group "The weakness of this group is discussed in the appendix, it should probably also be discussed or at least referenced in the security considerations. If this group can really be broken in real-time then I would question whether it should be a MUST to support." - modification in 5.2.6 - added a paragraph in Security Considerations 3. ECHO_REQUEST / RESPONSE There are now two different ECHO_REQUEST and ECHO_RESPONSE parameters, depending on if they are signed or not. - multiple modifications on the draft. Please see if they are acceptable. I made change so that if the request is signed, it should be replied with response that is signed. If the request is unsigned, it is responded with unsigned ECHO_RESPONSE. 4. HIP_SIGNATURE_2 "The HIP signature 2 does not cover the puzzle sent from the responder to the initiator. I am not quite comfortable with this yet. I can't think of a problem associated with this off hand but it hasn't sunk in yet. It is only a SHOULD for the initiator to verify the signature, in what cases is it acceptable not to verify the signature?" - After a discussion, a clarification is added to 4.1.1. related to the unsigned puzzle. - I haven't added anything related to the second part of the comment, possibly the SHOULD should be clarified, i.e. under what circumstances the host can skip the signature verification. 5. Signature algorithms "The value RSA actually refers to RSA/SHA1 so it probably should indicate this in the name since it is possible to use RSA with a different hash. " - I have made modifications related to this. Are they ok? 6. HI Lifetime "The HI lifetime is not really discuss except for a statement that if the (optional) RI counter wraps then the HI MUST be replaced. This seems a bit odd since the RI counter is optional and is not necessarily guaranteed to be maintained in all cases. If there is a concern with HI lifetime then it should be described elsewhere in the document. If a host changes a key unexpectedly it could create difficulties. For example one way of mitigating some MITM risk is to use the SSH style "leap of faith" to create a local HI database (perhaps this is discussed in opportunistic HIP). " - after a discussion I modified 4.1.4. slightly (R1 counter SHOULD NOT roll over), but I am not sure if this is enough. 7. 5.2.2. conflict "In bullet 3 its states the "... By default, sending of such a new critical parameters SHOULD be off... " then it says the management interface MUST allow vanilla standards-only mode as a default configuration setting, and MAY allow new critical payloads to be configured on (and off)" It seems they should either both be MUSTS or both be SHOULDS. I think I would prefer that it say something like "Implementations operating in a mode adhering to this standard MUST disable the sending of new critical parameters." " - Text modified in 5.2.2. bullet 3. 8. Introduction: security association management "I do not think this paragraph is entirely clear about the role of HIP wrt. IKE. Does this mean that as "base protocol lacks the details for SA management..." that IKE must be used on conjuntion with HIP to manage the SAs? Or that if additional SA management features are deemed necessary, IKE must be used in addition to HIP? I suspect you mean the latter, but the language should be more explicit on this." - I modified the sentence at the end of 1.2 9. Clarification needed: protocol number 253 assigned for what purpose. - I modified the first paragraph in "IANA Considerations". I hope it is clearer now. 10. Question about definition of "small amount of time". - clarification in 4.1.4. The clarifying definition is not very accurate, but gives maybe a hint what the small amount of time could be. 11. comment about the "increasing order" in 5.2.1 - added a sentence to the first paragraph in 5.2.1. Ok? 12. Padding in parameter length - removed last sentence of third paragraph in 5.2.1 13. Wrong IP addresse in Appendix C. "I don't think I found in 5.1.1 or elsewhere any specification why you used IPv4-compatible IPv6 format here. Is that a pseudo-header representation of an IPv4 address? If so, it should probably be a mapped address (::ffff:a.b.c.d) instead as the compatible address has been deprecated and was used in tunneling. " - Added a clarification that the purpose of the v6 address format is to get the same output using either v4 or v6 implementations. This is only for testing purposes. 14. Intro: "other documents" "Which "other documents"? It might help if this was set up as a bullet list with specific references for each of the bullets." - I modified the Introduction section to contain references to the mentioned docs. 15. NOTIFY parameter and NOTIFY packet - The parameter name was changed to NOTIFICATION. List of issues that I do not necessarily require immediate actions or that I haven't modified: 16. Risk with using the same D-H value and random puzzle "The security consideration section indicates there is a risk in using the same D-H value and random puzzle, but it does not describe what the risk is. This makes it difficult to balance with the tradeoff described. " - I haven't made any modifications related to this. Any input for this? 17. Sigma "The draft claims to be based on the SIGMA exchange. While it is similar there are some differences. In particular the signature on the responder's exponential is not required to be validated. I think it looks OK since the last MAC is signed by the responder, but it would probably be good to have another set of eyes look at it. " -- Petri Jokela e-mail: petri.jokela@nomadiclab.com Research Scientist phone: +358 9 299 2413 Ericsson Research, NomadicLab mobile: +358 44 299 2413 _______________________________________________ Hipsec mailing list Hipsec@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hipsec From hipsec-bounces@lists.ietf.org Fri Oct 20 02:51:07 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GaoDJ-0007wK-Iv; Fri, 20 Oct 2006 02:50:41 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GaoDA-0007ba-B2; Fri, 20 Oct 2006 02:50:32 -0400 Received: from stsc1260-eth-s1-s1p1-vip.va.neustar.com ([156.154.16.129] helo=chiedprmail1.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GaoDA-0004UV-8V; Fri, 20 Oct 2006 02:50:32 -0400 Received: from ns4.neustar.com ([156.154.24.139]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1GaoD9-0007ZU-SB; Fri, 20 Oct 2006 02:50:32 -0400 Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by ns4.neustar.com (Postfix) with ESMTP id A521D2ACA5; Fri, 20 Oct 2006 06:50:01 +0000 (GMT) Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1GaoCf-0004fA-DS; Fri, 20 Oct 2006 02:50:01 -0400 Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 To: i-d-announce@ietf.org From: Internet-Drafts@ietf.org Message-Id: Date: Fri, 20 Oct 2006 02:50:01 -0400 X-Spam-Score: -2.5 (--) X-Scan-Signature: c3a18ef96977fc9bcc21a621cbf1174b Cc: hipsec@ietf.org Subject: [Hipsec] I-D ACTION:draft-ietf-hip-dns-08.txt X-BeenThere: hipsec@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: hipsec-bounces@lists.ietf.org --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Host Identity Protocol Working Group of the IETF. Title : Host Identity Protocol (HIP) Domain Name System (DNS) Extensions Author(s) : P. Nikander, J. Laganier Filename : draft-ietf-hip-dns-08.txt Pages : 21 Date : 2006-10-19 This document specifies a new resource record (RR) for the Domain Name System (DNS), and how to use it with the Host Identity Protocol (HIP.) This RR allows a HIP node to store in the DNS its Host Identity (HI, the public component of the node public-private key pair), Host Identity Tag (HIT, a truncated hash of its public key), and the Domain Names of its rendezvous servers (RVS.) A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-hip-dns-08.txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-hip-dns-08.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-hip-dns-08.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2006-10-19182752.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-hip-dns-08.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-hip-dns-08.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2006-10-19182752.I-D@ietf.org> --OtherAccess-- --NextPart Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Hipsec mailing list Hipsec@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hipsec --NextPart-- From hipsec-bounces@lists.ietf.org Tue Oct 24 03:45:54 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GcGyS-0000Nx-99; Tue, 24 Oct 2006 03:45:24 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GcGyQ-0000Gq-RM for hipsec@ietf.org; Tue, 24 Oct 2006 03:45:22 -0400 Received: from mailgw4.ericsson.se ([193.180.251.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GcGyP-0002Rx-9a for hipsec@ietf.org; Tue, 24 Oct 2006 03:45:22 -0400 Received: from esealmw129.eemea.ericsson.se (unknown [153.88.254.120]) by mailgw4.ericsson.se (Symantec Mail Security) with ESMTP id AA8DA72F; Tue, 24 Oct 2006 09:45:20 +0200 (CEST) Received: from esealmw129.eemea.ericsson.se ([153.88.254.177]) by esealmw129.eemea.ericsson.se with Microsoft SMTPSVC(6.0.3790.1830); Tue, 24 Oct 2006 09:45:00 +0200 Received: from mail.lmf.ericsson.se ([131.160.11.50]) by esealmw129.eemea.ericsson.se with Microsoft SMTPSVC(6.0.3790.1830); Tue, 24 Oct 2006 09:44:11 +0200 Received: from [131.160.126.135] (rvi2-126-135.lmf.ericsson.se [131.160.126.135]) by mail.lmf.ericsson.se (Postfix) with ESMTP id E3D6B2468; Tue, 24 Oct 2006 10:44:11 +0300 (EEST) Message-ID: <453DC44B.107@ericsson.com> Date: Tue, 24 Oct 2006 10:44:11 +0300 From: Gonzalo Camarillo User-Agent: Thunderbird 1.5.0.7 (Windows/20060909) MIME-Version: 1.0 To: Julien Laganier Subject: Re: [Hipsec] I-D ACTION:draft-ietf-hip-dns-08.txt References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 24 Oct 2006 07:44:11.0994 (UTC) FILETIME=[324443A0:01C6F740] X-Brightmail-Tracker: AAAAAA== X-Spam-Score: 0.0 (/) X-Scan-Signature: 00e94c813bef7832af255170dca19e36 Cc: hipsec@ietf.org X-BeenThere: hipsec@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: hipsec-bounces@lists.ietf.org Folks, FYI: at this point, we have already requested the publication of all our original milestones. As you know, the rechartering process is progressing and we will hopefully have a new charter soon. Cheers, Gonzalo Internet-Drafts@ietf.org wrote: > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Host Identity Protocol Working Group of the IETF. > > Title : Host Identity Protocol (HIP) Domain Name > System (DNS) Extensions > Author(s) : P. Nikander, J. Laganier > Filename : draft-ietf-hip-dns-08.txt > Pages : 21 > Date : 2006-10-19 > > This document specifies a new resource record (RR) for the Domain > Name System (DNS), and how to use it with the Host Identity Protocol > (HIP.) This RR allows a HIP node to store in the DNS its Host > Identity (HI, the public component of the node public-private key > pair), Host Identity Tag (HIT, a truncated hash of its public key), > and the Domain Names of its rendezvous servers (RVS.) > > A URL for this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-ietf-hip-dns-08.txt > > To remove yourself from the I-D Announcement list, send a message to > i-d-announce-request@ietf.org with the word unsubscribe in the body of > the message. > You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce > to change your subscription settings. > > Internet-Drafts are also available by anonymous FTP. Login with the > username "anonymous" and a password of your e-mail address. After > logging in, type "cd internet-drafts" and then > "get draft-ietf-hip-dns-08.txt". > > A list of Internet-Drafts directories can be found in > http://www.ietf.org/shadow.html > or ftp://ftp.ietf.org/ietf/1shadow-sites.txt > > Internet-Drafts can also be obtained by e-mail. > > Send a message to: > mailserv@ietf.org. > In the body type: > "FILE /internet-drafts/draft-ietf-hip-dns-08.txt". > > NOTE: The mail server at ietf.org can return the document in > MIME-encoded form by using the "mpack" utility. To use this > feature, insert the command "ENCODING mime" before the "FILE" > command. To decode the response(s), you will need "munpack" or > a MIME-compliant mail reader. Different MIME-compliant mail readers > exhibit different behavior, especially when dealing with > "multipart" MIME messages (i.e. documents which have been split > up into multiple messages), so check your local documentation on > how to manipulate these messages. > > Below is the data which will enable a MIME compliant mail reader > implementation to automatically retrieve the ASCII version of the > Internet-Draft. > > > ------------------------------------------------------------------------ > > _______________________________________________ > Hipsec mailing list > Hipsec@lists.ietf.org > https://www1.ietf.org/mailman/listinfo/hipsec _______________________________________________ Hipsec mailing list Hipsec@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hipsec From hipsec-bounces@lists.ietf.org Fri Oct 27 03:09:03 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GdLpH-0000oS-Ks; Fri, 27 Oct 2006 03:08:23 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GZuwr-0000zf-RB; Tue, 17 Oct 2006 15:50:01 -0400 Received: from ns0.neustar.com ([156.154.16.158]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GZuwr-0004ao-II; Tue, 17 Oct 2006 15:50:01 -0400 Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by ns0.neustar.com (Postfix) with ESMTP id 835AB328A2; Tue, 17 Oct 2006 19:50:01 +0000 (GMT) Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1GZuwr-0007HO-Cp; Tue, 17 Oct 2006 15:50:01 -0400 Content-Type: text/plain; charset="utf-8" Mime-Version: 1.0 To: ietf-announce@ietf.org From: IESG Secretary Message-Id: Date: Tue, 17 Oct 2006 15:50:01 -0400 X-Spam-Score: -2.8 (--) X-Scan-Signature: 6d95a152022472c7d6cdf886a0424dc6 X-Mailman-Approved-At: Fri, 27 Oct 2006 03:08:22 -0400 Cc: hipsec@ietf.org, Gonzalo Camarillo Subject: [Hipsec] WG Review: Recharter of Host Identity Protocol (hip) X-BeenThere: hipsec@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: iesg@ietf.org List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: hipsec-bounces@lists.ietf.org A modified charter has been submitted for the Host Identity Protocol (hip) working group in the Internet Area of the IETF. The IESG has not made any determination as yet. The modified charter is provided below for informational purposes only. Please send your comments to the IESG mailing list (iesg@ietf.org) by October 23rd. +++ Host Identity Protocol (hip) ---------------------------- Current Status: Active Working Group Chair(s): David Ward Gonzalo Camarillo Internet Area Director(s): Jari Arkko Mark Townsley Internet Area Advisor: Mark Townsley Mailing Lists: General Discussion: hipsec@ietf.org To Subscribe: http://www1.ietf.org/mailman/listinfo/hipsec Archive: http://www.ietf.org/mail-archive/web/hipsec/index.html Description of Working Group: The Host Identity Protocol (HIP) provides a method of separating the end-point identifier and locator roles of IP addresses. It introduces a new Host Identity (HI) name space, based on public keys. The public keys are typically, but not necessarily, self generated. There are five publicly known interoperating HIP implementations, some of which are open source. Currently, the HIP base protocol works well with any pair of co-operating end-hosts. However, to be more useful and more widely deployable, HIP needs some support from the existing infrastructure, including the DNS, and a new piece of infrastructure, called the HIP rendezvous server. Additionally, in order to facilitate experimenting with HIP, there is a need to study the interactions of HIP with legacy NATS and legacy applications, and to describe an API for HIP. +----------------------------------------------------------+ | The purpose of this Working Group is to define the | | minimal elements that are needed for HIP experimentation | | on a wide scale. | +----------------------------------------------------------+ In particular, the objective of this working group is to complete the base protocol specification, define one or more DNS resource records for storing HIP related data, complete the existing work on basic mobility and multi-homing, complete the work on NATs and on APIs, and produce Experimental RFCs for these. Note that even though the specifications are chartered for Experimental, it is understood that their quality and security properties should match the standards track requirements. The main purpose for producing Experimental documents instead of standards track ones are the unknown effects that the mechanisms may have on applications and on the Internet in the large. There is a roughly parallel, though perhaps considerably broader, IRTF Research Group that includes efforts both on developing the more forward looking aspects of the HIP architecture and on exploring the effects that HIP may have on applications and the Internet. Goals and Milestones: Mark as "Done" the following existing milestones: Oct 2005 WGLC the HIP registration extensions specification Oct 2005 WGLC the HIP DNS resource record(s) specification Oct 2005 WG LC on the basic HIP rendezvous mechanism specification. Nov 2005 Submit the ESP usage specification to the IESG for Experimental Nov 2005 Submit the base protocol specification to the IESG for Experimental Nov 2005 WG LC on the HIP basic mobility and multi-homing specification. Dec 2005 Submit the HIP registration extensions specification for Experimental Dec 2005 Submit the HIP DNS resource record(s) specification to the IESG for Experimental. Dec 2005 Submit the HIP basic mobility and multihoming specification to the IESG for Experimental. Dec 2005 Submit the basic HIP rendezvous mechanism specification to the IESG for Experimental. Add the following new milestones: Jan 2007 WGLC Legacy NAT traversal specification Jan 2007 WGLC Legacy Application Interworking specification Jan 2007 WGLC Native API specification Mar 2007 Submit the Legacy NAT traversal specification to the IESG Mar 2007 Submit the Legacy Application Interworking specification to the IESG Mar 2007 Submit Native API specification to the IESG Change the date of the following milestone to "Apr 2007" Jan 2006 Recharter or close the WG _______________________________________________ Hipsec mailing list Hipsec@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hipsec From hipsec-bounces@lists.ietf.org Fri Oct 27 04:11:32 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GdMnj-00020E-0B; Fri, 27 Oct 2006 04:10:51 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GdMnh-000204-I5 for hipsec@ietf.org; Fri, 27 Oct 2006 04:10:49 -0400 Received: from twilight.cs.hut.fi ([130.233.40.5]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GdMnd-0005mO-6G for hipsec@ietf.org; Fri, 27 Oct 2006 04:10:49 -0400 Received: by twilight.cs.hut.fi (Postfix, from userid 60001) id 4453B35FD; Fri, 27 Oct 2006 11:10:42 +0300 (EEST) X-Spam-Checker-Version: SpamAssassin 3.1.5-niksula20060712 (2006-08-29) on twilight.cs.hut.fi X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=ALL_TRUSTED autolearn=disabled version=3.1.5-niksula20060712 X-Spam-Niksula: No Received: from kekkonen.cs.hut.fi (kekkonen.cs.hut.fi [130.233.41.50]) by twilight.cs.hut.fi (Postfix) with ESMTP id 8D30C35F0 for ; Fri, 27 Oct 2006 11:10:41 +0300 (EEST) Received: from localhost (mkomu@localhost) by kekkonen.cs.hut.fi (8.13.4+Sun/8.13.3/Submit) with ESMTP id k9R8Afua028301 for ; Fri, 27 Oct 2006 11:10:41 +0300 (EEST) X-Authentication-Warning: kekkonen.cs.hut.fi: mkomu owned process doing -bs Date: Fri, 27 Oct 2006 11:10:40 +0300 (EEST) From: Miika Komu X-X-Sender: mkomu@kekkonen.cs.hut.fi To: hipsec@ietf.org Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Spam-Score: 0.0 (/) X-Scan-Signature: e5ba305d0e64821bf3d8bc5d3bb07228 Cc: Subject: [Hipsec] draft-schmitt-hip-nat-traversal-02.txt X-BeenThere: hipsec@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: hipsec-bounces@lists.ietf.org A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : HIP Extensions for the Traversal of Network Address Translators Author(s) : V. Schmitt, et al. Filename : draft-schmitt-hip-nat-traversal-02.txt Pages : 33 Date : 2006-10-19 This document specifies extensions to Host Identity Protocol (HIP) to support traversal of Network Address Translator (NAT) middleboxes. The traversal mechanism tunnels HIP control and data traffic over UDP and enables HIP initiators which MAY be behind NATs to contact HIP responders which MAY be behind another NAT. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-schmitt-hip-nat-traversal-02.txt A brief diff with the to previous version: * NAT holepunching does not assume anymore end-point independent filtering * Lot's of small corrections from Lauri Silvennoinen related to his implementation efforts The issue tracker: http://hip4inter.net/cgi-bin/roundup.cgi/hip-nat/index -- Miika Komu http://www.iki.fi/miika/ _______________________________________________ Hipsec mailing list Hipsec@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hipsec From hipsec-bounces@lists.ietf.org Fri Oct 27 08:15:55 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GdQcI-0008Rs-Iq; Fri, 27 Oct 2006 08:15:18 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GdQcH-0008PA-Vk for hipsec@ietf.org; Fri, 27 Oct 2006 08:15:17 -0400 Received: from mailgw4.ericsson.se ([193.180.251.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GdQNd-0000Zm-7h for hipsec@ietf.org; Fri, 27 Oct 2006 08:00:11 -0400 Received: from esealmw128.eemea.ericsson.se (unknown [153.88.254.121]) by mailgw4.ericsson.se (Symantec Mail Security) with ESMTP id 5C51E4F0001; Fri, 27 Oct 2006 14:00:06 +0200 (CEST) Received: from esealmw128.eemea.ericsson.se ([153.88.254.176]) by esealmw128.eemea.ericsson.se with Microsoft SMTPSVC(6.0.3790.1830); Fri, 27 Oct 2006 14:00:05 +0200 Received: from mail.lmf.ericsson.se ([131.160.11.50]) by esealmw128.eemea.ericsson.se with Microsoft SMTPSVC(6.0.3790.1830); Fri, 27 Oct 2006 14:00:05 +0200 Received: from [131.160.36.36] (EH3I2003TGFCPET-131160036036.lmf.ericsson.se [131.160.36.36]) by mail.lmf.ericsson.se (Postfix) with ESMTP id CFB7224A8; Fri, 27 Oct 2006 15:00:05 +0300 (EEST) Message-ID: <4541F4C5.8000703@ericsson.com> Date: Fri, 27 Oct 2006 15:00:05 +0300 From: Gonzalo Camarillo User-Agent: Thunderbird 1.5.0.7 (Windows/20060909) MIME-Version: 1.0 To: HIP Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 27 Oct 2006 12:00:05.0797 (UTC) FILETIME=[7115ED50:01C6F9BF] X-Brightmail-Tracker: AAAAAA== X-Spam-Score: 0.0 (/) X-Scan-Signature: 798b2e660f1819ae38035ac1d8d5e3ab Cc: Subject: [Hipsec] WG items for our new milestones X-BeenThere: hipsec@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: hipsec-bounces@lists.ietf.org Folks, our new charter has been approved and will be posted soon. The new charter has three new milestones: 1) Legacy NAT Traversal 2) Legacy Application Interworking 3) Native API We intend to use the following drafts as starting points for their respective milestones: 1) draft-schmitt-hip-nat-traversal-02.txt 2) draft-henderson-hip-applications-03.txt 3) draft-komu-shim-native-api-00.txt If somebody disagrees with making these drafts WG items, please let us know. Thanks, Gonzalo HIP co-chair _______________________________________________ Hipsec mailing list Hipsec@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hipsec From hipsec-bounces@lists.ietf.org Sun Oct 29 17:52:22 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GeJVL-0004kr-Il; Sun, 29 Oct 2006 17:51:47 -0500 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GeJOi-0005JD-N4; Sun, 29 Oct 2006 17:44:56 -0500 Received: from p130.piuha.net ([193.234.218.130]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GeJIR-0006IO-5Z; Sun, 29 Oct 2006 17:38:28 -0500 Received: from p130.piuha.net (localhost [127.0.0.1]) by p130.piuha.net (Postfix) with ESMTP id 8EE3389856; Mon, 30 Oct 2006 00:38:19 +0200 (EET) Received: from [127.0.0.1] (p130.piuha.net [193.234.218.130]) by p130.piuha.net (Postfix) with ESMTP id 68DE089854; Mon, 30 Oct 2006 00:38:18 +0200 (EET) Message-ID: <45452D5A.6000007@piuha.net> Date: Mon, 30 Oct 2006 00:38:18 +0200 From: Jari Arkko User-Agent: Thunderbird 1.5.0.7 (X11/20060922) MIME-Version: 1.0 To: IETF Discussion References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV using ClamSMTP X-Spam-Score: 0.0 (/) X-Scan-Signature: 0a7aa2e6e558383d84476dc338324fab Cc: Internet Area , HIP , IETF IPv6 Mailing List , iesg@ietf.org, discuss@apps.ietf.org Subject: [Hipsec] Re: Last Call: 'An IPv6 Prefix for Overlay Routable Cryptographic Hash Identifiers (ORCHID)' to Experimental RFC (draft-laganier-ipv6-khi) X-BeenThere: hipsec@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: hipsec-bounces@lists.ietf.org We are last calling this document for the second time, for two reasons. The first reason is to make sure that the last call has been circulated widely enough in the community. The second reason is that we want to call the attention of the IETF community on the specific issue of using IPv6 addresses as identifiers in this manner. To summarize the background, the document suggests the allocation of a temporary experimental block out of the IPv6 address space for the purposes of easing experiments that deal with identity-locator split. In particular the HIP community wants this in order to be able to run unmodified applications. The allocated address space would be used to represent identifiers in the place of addresses in the existing APIs. While the long-term plan is to use new APIs that reflect the semantics appropriate for identifiers, the ability to experiment without having to upgrade all applications is important. Such an approach is not without problems, however. For instance, applications that deal with referrals (e.g. one application passing an address to another one) may end up "leaking" such identifiers to the hosts that are not involved in an experiment. Since the identifiers are not routable in the current Internet, communications initiated towards such identifiers will fail. My own take on this issue is that there are risks, but that the benefits are greater. In particular, its clear that the identity-locator split proposals need more experiments and experience before we can consider them for real. Making such experiments easy is important. Also, IMHO, the topic is sufficiently far in the domain of research that the practical danger of the experiment becoming a permanent problem is small. But this is enough about my opinions. Please state your opinion -- in the interest of not replicating this discussion on multiple lists, send follow-ups to ietf@ietf.org. > The IESG has received a request from an individual submitter to consider > the following document: > > - 'An IPv6 Prefix for Overlay Routable Cryptographic Hash Identifiers > (ORCHID) ' > as an Experimental RFC > > The IESG plans to make a decision in the next few weeks, and solicits > final comments on this action. Please send any comments to the > iesg@ietf.org or ietf@ietf.org mailing lists by 2006-11-24. > > The file can be obtained via > http://www.ietf.org/internet-drafts/draft-laganier-ipv6-khi-05.txt > _______________________________________________ Hipsec mailing list Hipsec@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hipsec From hipsec-bounces@lists.ietf.org Tue Oct 31 08:31:29 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gethj-0005N3-2R; Tue, 31 Oct 2006 08:30:59 -0500 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gethd-0005Mm-5t for hipsec@ietf.org; Tue, 31 Oct 2006 08:30:53 -0500 Received: from twilight.cs.hut.fi ([130.233.40.5]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GethW-0005L6-PG for hipsec@ietf.org; Tue, 31 Oct 2006 08:30:53 -0500 Received: by twilight.cs.hut.fi (Postfix, from userid 60001) id F1310347F; Tue, 31 Oct 2006 15:30:45 +0200 (EET) X-Spam-Checker-Version: SpamAssassin 3.1.7-niksula20060712 (2006-10-05) on twilight.cs.hut.fi X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=ALL_TRUSTED autolearn=disabled version=3.1.7-niksula20060712 X-Spam-Niksula: No Received: from kekkonen.cs.hut.fi (kekkonen.cs.hut.fi [130.233.41.50]) by twilight.cs.hut.fi (Postfix) with ESMTP id 6E2A233BD for ; Tue, 31 Oct 2006 15:30:45 +0200 (EET) Received: from localhost (mkomu@localhost) by kekkonen.cs.hut.fi (8.13.4+Sun/8.13.3/Submit) with ESMTP id k9VDUjuk020251 for ; Tue, 31 Oct 2006 15:30:45 +0200 (EET) X-Authentication-Warning: kekkonen.cs.hut.fi: mkomu owned process doing -bs Date: Tue, 31 Oct 2006 15:30:44 +0200 (EET) From: Miika Komu X-X-Sender: mkomu@kekkonen.cs.hut.fi To: hipsec@ietf.org Subject: Re: [Hipsec] draft-schmitt-hip-nat-traversal-02.txt In-Reply-To: Message-ID: References: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Spam-Score: 0.0 (/) X-Scan-Signature: 69a74e02bbee44ab4f8eafdbcedd94a1 Cc: X-BeenThere: hipsec@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: hipsec-bounces@lists.ietf.org On Fri, 27 Oct 2006, Miika Komu wrote: > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > > Title : HIP Extensions for the Traversal of Network > Address Translators > Author(s) : V. Schmitt, et al. > Filename : draft-schmitt-hip-nat-traversal-02.txt > Pages : 33 > Date : 2006-10-19 > > This document specifies extensions to Host Identity Protocol (HIP) to > support traversal of Network Address Translator (NAT) middleboxes. > The traversal mechanism tunnels HIP control and data traffic over UDP > and enables HIP initiators which MAY be behind NATs to contact HIP > responders which MAY be behind another NAT. > > A URL for this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-schmitt-hip-nat-traversal-02.txt > > A brief diff with the to previous version: > * NAT holepunching does not assume anymore end-point independent filtering > * Lot's of small corrections from Lauri Silvennoinen related to his > implementation efforts > > The issue tracker: > http://hip4inter.net/cgi-bin/roundup.cgi/hip-nat/index We are going to split this NAT draft into two pieces unless there are some objections. The reason for the split is to keep the drafts more focused and small size. The first part consists of the base exchange, close and esp descriptions. The second part will contain a more detailed description of the mobility and multihoming handling. The mobility draft will be available by the Prague meeting. -- Miika Komu http://www.iki.fi/miika/ _______________________________________________ Hipsec mailing list Hipsec@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hipsec