From mobike-bounces@machshav.com Wed Mar 01 02:27:33 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FELj0-0006YT-Az for mobike-archive@lists.ietf.org; Wed, 01 Mar 2006 02:26:18 -0500 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FELeP-00011k-Ci for mobike-archive@lists.ietf.org; Wed, 01 Mar 2006 02:21:37 -0500 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 48163FB2AE; Wed, 1 Mar 2006 02:21:32 -0500 (EST) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from n2.nomadiclab.com (n2.nomadiclab.com [193.234.219.2]) by machshav.com (Postfix) with ESMTP id 2A32AFB2AA for ; Wed, 1 Mar 2006 02:21:30 -0500 (EST) Received: from n2.nomadiclab.com (localhost [127.0.0.1]) by n2.nomadiclab.com (Postfix) with ESMTP id 205FF212CBE for ; Wed, 1 Mar 2006 09:21:28 +0200 (EET) Received: from n50.nomadiclab.com (n50.nomadiclab.com [193.234.219.50]) by n2.nomadiclab.com (Postfix) with ESMTP id E2896212CBC for ; Wed, 1 Mar 2006 09:21:27 +0200 (EET) From: Jan Mikael Melen To: mobike@machshav.com Date: Wed, 1 Mar 2006 09:21:36 +0200 User-Agent: KMail/1.8.2 MIME-Version: 1.0 Content-Type: Multipart/Mixed; boundary="Boundary-00=_BuUBEd6Sj38K47V" Message-Id: <200603010921.37135.Jan.Melen@nomadiclab.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [Mobike] Fwd: I-D ACTION:draft-nikander-esp-beet-mode-05.txt X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: 37af5f8fbf6f013c5b771388e24b09e7 --Boundary-00=_BuUBEd6Sj38K47V Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Hi, This might be something that would be interesting for the mobike, perhaps=20 something that could be considered as a WG work item? Regards, Jan =2D--------- Forwarded Message ---------- Subject: I-D ACTION:draft-nikander-esp-beet-mode-05.txt Date: Wednesday 01 March 2006 01:50 =46rom: Internet-Drafts@ietf.org To: i-d-announce@ietf.org A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : A Bound End-to-End Tunnel (BEET) mode for ESP Author(s) : J. Melen, P. Nikander Filename : draft-nikander-esp-beet-mode-05.txt Pages : 31 Date : 2006-2-28 This document specifies a new mode, called Bound End-to-End Tunnel (BEET) mode, for IPsec ESP. The new mode augments the existing ESP tunnel and transport modes. For end-to-end tunnels, the new mode provides limited tunnel mode semantics without the regular tunnel mode overhead. The mode is intended to support new uses of ESP, including mobility and multi-address multi-homing. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-nikander-esp-beet-mode-05.txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-nikander-esp-beet-mode-05.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-nikander-esp-beet-mode-05.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. =2D------------------------------------------------------ =2D-=20 Jan M. Mel=E9n Research Scientist, NomadicLab, IP Networks,=20 Ericsson Research, Corporate Unit.=20 Tel. + 358 9 2993056=20 =46ax. + 358 9 2992448 Mobile + 358 400 836926 --Boundary-00=_BuUBEd6Sj38K47V Content-Type: Message/External-body; name="draft-nikander-esp-beet-mode-05.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Transfer-Encoding: 7bit Content-Type: text/plain Content-ID: <2006-2-28150147.I-D@ietf.org> --Boundary-00=_BuUBEd6Sj38K47V Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike --Boundary-00=_BuUBEd6Sj38K47V-- From mobike-bounces@machshav.com Wed Mar 01 03:27:35 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FEMgJ-0000xA-47 for mobike-archive@lists.ietf.org; Wed, 01 Mar 2006 03:27:35 -0500 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FEMgF-00030X-NE for mobike-archive@lists.ietf.org; Wed, 01 Mar 2006 03:27:35 -0500 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 2BA29FB2A6; Wed, 1 Mar 2006 03:27:30 -0500 (EST) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from p130.piuha.net (p130.piuha.net [193.234.218.130]) by machshav.com (Postfix) with ESMTP id 82905FB2A2 for ; Wed, 1 Mar 2006 03:27:28 -0500 (EST) Received: from p130.piuha.net (localhost [127.0.0.1]) by p130.piuha.net (Postfix) with ESMTP id 9734989834 for ; Wed, 1 Mar 2006 10:27:24 +0200 (EET) Received: from [127.0.0.1] (p130.piuha.net [193.234.218.130]) by p130.piuha.net (Postfix) with ESMTP id 625128982D for ; Wed, 1 Mar 2006 10:27:24 +0200 (EET) Message-ID: <44055AFD.50307@piuha.net> Date: Wed, 01 Mar 2006 10:27:41 +0200 From: Jari Arkko User-Agent: Mozilla Thunderbird 1.0 (X11/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: MOBIKE Mailing List X-Virus-Scanned: ClamAV using ClamSMTP Subject: [Mobike] FW: MPA using IKEv2 and MOBIKE X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: 08e48e05374109708c00c6208b534009 A new MOBIKE-related draft: http://www.ietf.org/internet-drafts/draft-yacine-preauth-ipsec-00.txt _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Fri Mar 03 08:52:28 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FFAho-0004e1-3B for mobike-archive@lists.ietf.org; Fri, 03 Mar 2006 08:52:28 -0500 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FFAhm-00060y-OK for mobike-archive@lists.ietf.org; Fri, 03 Mar 2006 08:52:28 -0500 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 73EDCFB2B8; Fri, 3 Mar 2006 08:52:23 -0500 (EST) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from mail.kivinen.iki.fi (fireball.acr.fi [83.145.195.1]) by machshav.com (Postfix) with ESMTP id AD03CFB2B7 for ; Fri, 3 Mar 2006 08:52:21 -0500 (EST) Received: from fireball.kivinen.iki.fi (localhost [IPv6:::1]) by mail.kivinen.iki.fi (8.13.4/8.12.10) with ESMTP id k23DqGM6004995 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 3 Mar 2006 15:52:16 +0200 (EET) Received: (from kivinen@localhost) by fireball.kivinen.iki.fi (8.13.4/8.12.11) id k23DqGt9000781; Fri, 3 Mar 2006 15:52:16 +0200 (EET) X-Authentication-Warning: fireball.kivinen.iki.fi: kivinen set sender to kivinen@iki.fi using -f MIME-Version: 1.0 Message-ID: <17416.18960.76088.824076@fireball.kivinen.iki.fi> Date: Fri, 3 Mar 2006 15:52:16 +0200 From: Tero Kivinen To: mobike@machshav.com X-Mailer: VM 7.17 under Emacs 21.4.1 X-Edit-Time: 3 min X-Total-Time: 2 min Subject: [Mobike] Draft-ietf-mobike-design-08.txt X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.1 (/) X-Scan-Signature: 1ac7cc0a4cd376402b85bc1961a86ac2 [Link to design draft issue list: http://www.kivinen.iki.fi/ietf/mobike-design-issues.html] I just submitted new design draft, which contains the new framework picture from Arkko. I also closed the 2 final open issues, i.e. D105 and D109. All open issues for the design draft are now closed, so I think it should be ready for the next step, i.e. for the IETF last call and so on. -- kivinen@safenet-inc.com _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Fri Mar 03 15:50:08 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FFHE0-00052J-Qm for mobike-archive@lists.ietf.org; Fri, 03 Mar 2006 15:50:08 -0500 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FFHDz-0004MW-Df for mobike-archive@lists.ietf.org; Fri, 03 Mar 2006 15:50:08 -0500 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 4C810FB2B7; Fri, 3 Mar 2006 15:50:06 -0500 (EST) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from willow.neustar.com (willow.neustar.com [209.173.53.84]) by machshav.com (Postfix) with ESMTP id 75E16FB2B5 for ; Fri, 3 Mar 2006 15:50:04 -0500 (EST) Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by willow.neustar.com (8.12.8/8.12.8) with ESMTP id k23Ko29W021546 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 3 Mar 2006 20:50:02 GMT Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1FFHDu-0005Kw-M8; Fri, 03 Mar 2006 15:50:02 -0500 Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 To: i-d-announce@ietf.org From: Internet-Drafts@ietf.org Message-Id: Date: Fri, 03 Mar 2006 15:50:02 -0500 Cc: mobike@machshav.com Subject: [Mobike] I-D ACTION:draft-ietf-mobike-design-08.txt X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.3 (/) X-Scan-Signature: 1a1bf7677bfe77d8af1ebe0e91045c5b --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the IKEv2 Mobility and Multihoming Working Group of the IETF. Title : Design of the MOBIKE Protocol Author(s) : T. Kivinen, H. Tschofenig Filename : draft-ietf-mobike-design-08.txt Pages : 37 Date : 2006-3-3 The MOBIKE (IKEv2 Mobility and Multihoming) is an extension of the Internet Key Exchange Protocol version 2 (IKEv2). These extensions should enable an efficient management of IKE and IPsec Security Associations when a host possesses multiple IP addresses and/or where IP addresses of an IPsec host change over time (for example, due to mobility). This document discusses the involved network entities, and the relationship between IKEv2 signaling and information provided by other protocols. Design decisions for the MOBIKE protocol, background information and discussions within the working group are recorded. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-mobike-design-08.txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-mobike-design-08.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-mobike-design-08.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2006-3-3145921.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-mobike-design-08.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-mobike-design-08.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2006-3-3145921.I-D@ietf.org> --OtherAccess-- --NextPart Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike --NextPart-- From mobike-bounces@machshav.com Fri Mar 03 16:25:46 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FFHlI-0000td-I8 for mobike-archive@lists.ietf.org; Fri, 03 Mar 2006 16:24:32 -0500 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FFHel-0000oE-62 for mobike-archive@lists.ietf.org; Fri, 03 Mar 2006 16:17:48 -0500 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 243E4FB2B4; Fri, 3 Mar 2006 16:17:46 -0500 (EST) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from cypress.neustar.com (cypress.neustar.com [209.173.57.84]) by machshav.com (Postfix) with ESMTP id 4E424FB2A7 for ; Fri, 3 Mar 2006 16:17:44 -0500 (EST) Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by cypress.neustar.com (8.12.8/8.12.8) with ESMTP id k23LHg0e005104 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 3 Mar 2006 21:17:42 GMT Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1FFHeg-00077d-OI; Fri, 03 Mar 2006 16:17:42 -0500 X-test-idtracker: no From: The IESG To: IETF-Announce Message-Id: Date: Fri, 03 Mar 2006 16:17:42 -0500 Cc: mobike chair , Internet Architecture Board , mobike mailing list , mobike chair , RFC Editor Subject: [Mobike] Protocol Action: 'IKEv2 Mobility and Multihoming Protocol (MOBIKE)' to Proposed Standard X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.1 (/) X-Scan-Signature: 52f7a77164458f8c7b36b66787c853da The IESG has approved the following document: - 'IKEv2 Mobility and Multihoming Protocol (MOBIKE) ' as a Proposed Standard This document is the product of the IKEv2 Mobility and Multihoming Working Group. The IESG contact persons are Russ Housley and Sam Hartman. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-mobike-protocol-08.txt Technical Summary This document describes MOBIKE, a mobility and multihoming extension to Internet Key Exchange (IKEv2). This protocol allows hosts to update the IP addresses associated with IKEv2 and tunnel mode IPsec Security Associations. A mobile VPN client could use MOBIKE to keep the connection with the VPN gateway active while moving from one address to another. Similarly, a multihomed host could use MOBIKE to move the traffic to a different interface if, for instance, the one currently being used stops working. Working Group Summary The document has been presented at several IETF WG meetings and been discussed extensively on the MOBIKE WG mail list. The document has been reviewed by a number of experts from different areas. The WG Last Call resulted in a fairly large number of issues, which indicates that many people took the time to review the document. Comment resolution resulted in few (maybe just one) changes that affects the on-the-wire protocol. All WG Last Call issues are addressed in the current version of the document. An issue tracker was used by the WG during design and protocol specification. There is consensus in the MOBIKE WG to publish this document as a proposed standard. Protocol Quality The basic concepts in MOBIKE are very straightforward. The hardest parts of the protocol involve the co-existence with IKEv2 NAT- Traversal features and the use of the IKEv2 communication channel for dynamically changing messages and addresses. Also, MOBIKE is only a part of an overall solution. For example, MOBIKE relies on the IP layer to detect when this node gets a new IP address. Contributors and reviewers include experts in IPsec, mobility, NAT traversal, and IKEv2 implementation. No known implementations exist at this time. MOBIKE is currently being referenced from one other IETF WG and one external SDO. This specification is part of the early RFC Editor copy editing experiment, and it has already gone through basic editing phase prior to WG Last Call. The specification authors used XML2RFC, which was a requirement for taking part in the experiment. This document was reviewed by Russ Housley for the IESG. _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Sun Mar 05 19:17:13 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FG3PV-0007CO-J0 for mobike-archive@lists.ietf.org; Sun, 05 Mar 2006 19:17:13 -0500 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FG3PU-0007YH-7P for mobike-archive@lists.ietf.org; Sun, 05 Mar 2006 19:17:13 -0500 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id A7BFBFB2C1; Sun, 5 Mar 2006 19:17:10 -0500 (EST) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from balder-227.proper.com (Balder-227.Proper.COM [192.245.12.227]) by machshav.com (Postfix) with ESMTP id 31089FB2C0 for ; Sun, 5 Mar 2006 19:17:08 -0500 (EST) Received: from [10.20.30.249] (dsl2-63-249-108-169.cruzio.com [63.249.108.169]) (authenticated bits=0) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k260H69w072316 for ; Sun, 5 Mar 2006 17:17:07 -0700 (MST) (envelope-from paul.hoffman@vpnc.org) Mime-Version: 1.0 Message-Id: Date: Sun, 5 Mar 2006 16:17:02 -0800 To: mobike@machshav.com From: Paul Hoffman Subject: [Mobike] Proposed agenda for the Dallas IETF meeting X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: 79899194edc4f33a41f49410777972f8 Greetings again. We have a one-hour slot assigned (Tuesday afternoon, 1740-1840, after the cookie break), but will probably not even fill that. We will discuss a proposal that involves topic #5 on our charter (see ), and what we want to do with the WG now that we are finished with the most interesting deliverable we have. Suggested agenda: Status of MOBIKE protocol and design documents - 5 minutes Presentation on draft-nikander-esp-beet-mode - 20 minutes Discussion of what to do with the WG - 20 minutes or less --Paul Hoffman, Director --VPN Consortium _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Tue Mar 21 14:41:28 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FLmjQ-0007c1-In for mobike-archive@lists.ietf.org; Tue, 21 Mar 2006 14:41:28 -0500 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FLmjP-0005YE-7I for mobike-archive@lists.ietf.org; Tue, 21 Mar 2006 14:41:28 -0500 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 935EAFB2AB; Tue, 21 Mar 2006 14:41:19 -0500 (EST) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from p130.piuha.net (p130.piuha.net [193.234.218.130]) by machshav.com (Postfix) with ESMTP id 24607FB2A4 for ; Tue, 21 Mar 2006 14:41:17 -0500 (EST) Received: from p130.piuha.net (localhost [127.0.0.1]) by p130.piuha.net (Postfix) with ESMTP id 0DC7689834; Tue, 21 Mar 2006 21:41:13 +0200 (EET) Received: from [127.0.0.1] (p130.piuha.net [193.234.218.130]) by p130.piuha.net (Postfix) with ESMTP id 27B9D8982D; Tue, 21 Mar 2006 21:41:11 +0200 (EET) Message-ID: <442056CA.3020101@piuha.net> Date: Tue, 21 Mar 2006 13:40:58 -0600 From: Jari Arkko User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051013) X-Accept-Language: en-us, en MIME-Version: 1.0 To: MOBIKE Mailing List , Jan Mikael Melen , Pekka Nikander X-Virus-Scanned: ClamAV using ClamSMTP Subject: [Mobike] comments on draft-nikander-esp-beet X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: 9ed51c9d1356100bce94f1ae4ec616a9 I have read the draft. Overall, its well written and specified. I do have a number of comments, however: o The fact that you are not doing full tunnel mode semantics limits the application of this mode. For instance, in typical VPN setup we do need the full semantics but would still perhaps appreciate compressed headers. Is there a solution that would allow this? I understand the role of the BEET in the HIP context and how the inner identifiers work, and the architecture. But is tehre something that prevents a more general solution that would be better in line with the general IPsec user community, including MOBIKE? o Without the generalization to full tunnel mode, I think BEET is something that can only be with MOBIKE when you use either direct connections to the specific peers that you want to talk to. This is something that is potentially useful, but not as useful as the general solution would be. The limited solution would though become more useful if we assume a future where BTNS exists and can be used in connection with MOBIKE and BEET. Question: does BEET prevent usage in a situation where a VPN gateway is used but the IPsec SAs are specific to the peers that the client communicates with? I.e., not end to end usage but inner addresses are fixed per SA pair. o I remained unconvinced that the Mobile IP section is matches what people would like to do (or even that its correct). I can talk about the details off line, but my point is that the integrated use of BEET in application X would require further work, and might not be something that you want to commit to. o If this work comes to MOBIKE, I'd rather not see the PF_KEY part in the document. --Jari _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Tue Mar 21 20:20:47 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FLs1n-0005VN-UP for mobike-archive@lists.ietf.org; Tue, 21 Mar 2006 20:20:47 -0500 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FLs1l-0005EX-NO for mobike-archive@lists.ietf.org; Tue, 21 Mar 2006 20:20:47 -0500 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id A0E34FB29E; Tue, 21 Mar 2006 20:20:44 -0500 (EST) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from mailgw4.ericsson.se (mailgw4.ericsson.se [193.180.251.62]) by machshav.com (Postfix) with ESMTP id E9AAEFB2A7 for ; Tue, 21 Mar 2006 17:14:55 -0500 (EST) Received: from esealmw128.eemea.ericsson.se (unknown [153.88.254.121]) by mailgw4.ericsson.se (Symantec Mail Security) with ESMTP id 4E5E36F2; Tue, 21 Mar 2006 23:14:52 +0100 (CET) Received: from esealmw126.eemea.ericsson.se ([153.88.254.170]) by esealmw128.eemea.ericsson.se with Microsoft SMTPSVC(6.0.3790.1830); Tue, 21 Mar 2006 23:14:51 +0100 Received: from mail.lmf.ericsson.se ([131.160.11.50]) by esealmw126.eemea.ericsson.se with Microsoft SMTPSVC(6.0.3790.1830); Tue, 21 Mar 2006 23:14:51 +0100 Received: from nomadiclab.lmf.ericsson.se (nomadiclab.lmf.ericsson.se [131.160.33.3]) by mail.lmf.ericsson.se (Postfix) with ESMTP id 7B172236B; Wed, 22 Mar 2006 00:14:51 +0200 (EET) Received: from nomadiclab.lmf.ericsson.se (localhost [127.0.0.1]) by nomadiclab.lmf.ericsson.se (Postfix) with ESMTP id 0E99F1AB951; Wed, 22 Mar 2006 00:14:51 +0200 (EET) Received: from [127.0.0.1] (localhost [127.0.0.1]) by nomadiclab.lmf.ericsson.se (Postfix) with ESMTP id F236E1AB900; Wed, 22 Mar 2006 00:14:47 +0200 (EET) In-Reply-To: <442056CA.3020101@piuha.net> References: <442056CA.3020101@piuha.net> Mime-Version: 1.0 (Apple Message framework v746.3) Message-Id: <309ECDFF-50C8-4CBD-ABBD-5A0CB2642D81@ericsson.com> From: Pekka Nikander Date: Tue, 21 Mar 2006 16:14:45 -0600 To: Jari Arkko X-Mailer: Apple Mail (2.746.3) X-Virus-Scanned: ClamAV using ClamSMTP X-OriginalArrivalTime: 21 Mar 2006 22:14:51.0415 (UTC) FILETIME=[DFBF9270:01C64D34] X-Brightmail-Tracker: AAAAAA== X-Mailman-Approved-At: Tue, 21 Mar 2006 20:20:40 -0500 Cc: Jan Mikael Melen , MOBIKE Mailing List Subject: Re: [Mobike] comments on draft-nikander-esp-beet X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: b280b4db656c3ca28dd62e5e0b03daa8 > I have read the draft. Overall, its well written and specified. I do > have a number of comments, however: Thanks, Jari! > o The fact that you are not doing full tunnel mode semantics limits > the application of this mode. For instance, in typical VPN setup > we do need the full semantics but would still perhaps appreciate > compressed headers. > > Is there a solution that would allow this? I understand the > role of the BEET in the HIP context and how the inner identifiers > work, and the architecture. But is there something that > prevents a more general solution that would be better in > line with the general IPsec user community, including MOBIKE? Not supporting full tunnel semantics is intentional in BEET. We did want to support only a bound pair of inner IP addresses. Full tunnel semantics requires that different packets can have different inner IP addresses. In general, if you allow any addresses within the tunnel, you can't compress the addresses to nothing but need to present something in the packet, at least one bit. Hence, if we want to go to that direction, I would apply normal header compression protocols instead of BEET. Conversely, BEET can be and should be seen from three different points of view. Compressing inner IP header to zero bytes is just one. The other two are making transport mode address agile, and allowing ESP to function as a *secure* place in the stack for implementing identifier / locator split. > o Without the generalization to full tunnel mode, I think BEET > is something that can only be with MOBIKE when you use > either direct connections to the specific peers that you want > to talk to. This is something that is potentially useful, but > not as useful as the general solution would be. The limited > solution would though become more useful if we assume a > future where BTNS exists and can be used in connection with > MOBIKE and BEET. > > Question: does BEET prevent usage in a situation where > a VPN gateway is used but the IPsec SAs are specific to > the peers that the client communicates with? I.e., not end > to end usage but inner addresses are fixed per SA pair. There are no technical reasons why BEET could not be used between a end-host and a VPN gateway (in a road warrior fashion), nor between two security gateways, as long as the inner IP addresses are kept fixed. The reason why this is explicitly forbidden in the current draft is that back when the draft was initially written, I didn't understand the potential security consequences of such usage, and I am still unsure. In other words, if someone did a proper security analysis on those use cases, I think they could be fairly easily supported. There may be some caveats that must be documented, but I wouldn't expect any protocol changes. > o I remained unconvinced that the Mobile IP section is matches > what people would like to do (or even that its correct). I can > talk about the details off line, but my point is that the > integrated use of BEET in application X would require further > work, and might not be something that you want to commit to. OK; the Mobile IP section is based on what Mobile IP people told me, and I may have gotten it wrong. > o If this work comes to MOBIKE, I'd rather not see the PF_KEY > part in the document. Fine with me. OTOH, I do think that the various PF_KEY extensions out there should be gathered somewhere and at least documented, if not standardised. --Pekka _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Wed Mar 22 17:20:51 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FMBhD-00039p-T8 for mobike-archive@lists.ietf.org; Wed, 22 Mar 2006 17:20:51 -0500 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FMBhC-0005Nu-Ge for mobike-archive@lists.ietf.org; Wed, 22 Mar 2006 17:20:51 -0500 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 5DBB7FB2A7; Wed, 22 Mar 2006 17:20:48 -0500 (EST) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from n2.nomadiclab.com (n2.nomadiclab.com [193.234.219.2]) by machshav.com (Postfix) with ESMTP id 23B34FB2A4 for ; Wed, 22 Mar 2006 17:20:46 -0500 (EST) Received: from n2.nomadiclab.com (localhost [127.0.0.1]) by n2.nomadiclab.com (Postfix) with ESMTP id 11CEC212C59 for ; Thu, 23 Mar 2006 00:20:42 +0200 (EET) Received: from [127.0.0.1] (localhost [127.0.0.1]) by n2.nomadiclab.com (Postfix) with ESMTP id 57168212C4C for ; Thu, 23 Mar 2006 00:20:40 +0200 (EET) Mime-Version: 1.0 (Apple Message framework v746.3) Message-Id: <71AEE30A-12F9-4945-BD3E-13013DCD7CA3@nomadiclab.com> To: MOBIKE Mailing List From: Pekka Nikander Date: Wed, 22 Mar 2006 16:20:37 -0600 X-Mailer: Apple Mail (2.746.3) X-Virus-Scanned: ClamAV using ClamSMTP Subject: [Mobike] Proposal for revised charter X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: 00e94c813bef7832af255170dca19e36 As discussed in yesterday's meeting, below is a proposal for a charter delta, to address transport mode. In practical terms, the work could consist of the following: 1) Complete BEET in terms of fragmentation etc. support (as noted by Michael Richardson) 2) Perform security analysis on how BEET could be used in security gateways 3) Add necessary IKE extensions (probably minimal) so that non- transport gets supported. I can see that the WG may not have the interest and energy for this, as tunnel mode already works. Hence, from my point of view, quite a lot depends on whether there would be volunteers to do the work. I am volunteering to read the resulting specs, but I can't promise to do much else. --Pekka --- mobike-charter.orig 2006-03-22 16:08:56.000000000 -0600 +++ mobike-charter.proposed 2006-03-22 16:14:54.000000000 -0600 @@ -18,19 +18,10 @@ protocol. In particular, the WG shall NOT develop mechanisms for the following functions: -o Hiding of mobility from transport layer protocols or applications - (beyond what already exists through the use of the tunnel mode). In +o Hiding of mobility from transport layer protocols or applications. In this respect MOBIKE is different from Mobile IP, HIP, and other mobility protocols. -o IP address changes done by third parties (NATs, firewalls etc). In - particular, MOBIKE shall not replace or modify IKEv2 NAT traversal - function. MOBIKE handles IP address changes initiated by one of the - endpoints of the security associations. NAT traversal handles other - address changes. MOBIKE should not be tightly coupled with the NAT - traversal function, but it is necessary to specify in which cases - (if any) they can be used together, and how they interact. - o Opportunistic authentication or other tools for the reduction of configuration effort. The mechanisms specified in this WG are to be designed for the traditional VPN use case only. @@ -43,9 +34,9 @@ o Use of IKEv1. -Work Items +Past Work Items -The goals of the MOBIKE working group are to address the +In the past, the MOBIKE working group has succesfully addressed the following issues: (1) IKEv2 mobile IP support for IKE SAs. Support for changing and @@ -68,17 +59,21 @@ from certificates, or through the use of a return routability mechanism. +Current Work Items + (5) Reduction of header overhead involved with mobility-related tunnels. This is a performance requirement in wireless environments. (6) Specification of PFKEY extensions to support the IPsec SA movements and tunnel overhead reduction. + +(7) Non-tunnel-mode use. This may involve addressing IP address + changes performed by third parties, such as NATs and firewalls. + However, MOBIKE shall not replace IKEv2 NAT traversal function but + it may extend it to support non-tunneled use cases. While NAT + traversal handles address changes performed by NATs, the current + solution works only with tunnel mode. To address non-tunnel mode + SAs, MOBIKE may be coupled with the NAT traversal function, if + necessary. + _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Wed Mar 22 18:09:51 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FMCSd-0003X6-Sl for mobike-archive@lists.ietf.org; Wed, 22 Mar 2006 18:09:51 -0500 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FMCSc-0007cC-Hm for mobike-archive@lists.ietf.org; Wed, 22 Mar 2006 18:09:51 -0500 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 8D4E4FB2AF; Wed, 22 Mar 2006 18:09:49 -0500 (EST) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from laposte.rennes.enst-bretagne.fr (laposte.rennes.enst-bretagne.fr [192.44.77.17]) by machshav.com (Postfix) with ESMTP id 57CA1FB2AC for ; Wed, 22 Mar 2006 18:09:47 -0500 (EST) Received: from localhost (localhost.localdomain [127.0.0.1]) by laposte.rennes.enst-bretagne.fr (8.13.4/8.13.4/2004.10.03) with ESMTP id k2MN9jOP032707; Thu, 23 Mar 2006 00:09:45 +0100 Received: from givry.rennes.enst-bretagne.fr (givry.rennes.enst-bretagne.fr [192.44.77.29]) by laposte.rennes.enst-bretagne.fr (8.13.4/8.13.4/2004.09.01) with ESMTP id k2MN9eB4032702; Thu, 23 Mar 2006 00:09:40 +0100 Received: from givry.rennes.enst-bretagne.fr (localhost.rennes.enst-bretagne.fr [127.0.0.1]) by givry.rennes.enst-bretagne.fr (8.13.1/8.13.1) with ESMTP id k2MN9eGv028218; Thu, 23 Mar 2006 00:09:40 +0100 (CET) (envelope-from dupont@givry.rennes.enst-bretagne.fr) Message-Id: <200603222309.k2MN9eGv028218@givry.rennes.enst-bretagne.fr> From: Francis Dupont To: Pekka Nikander In-reply-to: Your message of Wed, 22 Mar 2006 16:20:37 CST. <71AEE30A-12F9-4945-BD3E-13013DCD7CA3@nomadiclab.com> Date: Thu, 23 Mar 2006 00:09:40 +0100 X-Virus-Scanned: amavisd-new at enst-bretagne.fr Cc: MOBIKE Mailing List Subject: Re: [Mobike] Proposal for revised charter X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: cf4fa59384e76e63313391b70cd0dd25 In your previous mail you wrote: As discussed in yesterday's meeting, below is a proposal for a charter delta, to address transport mode. => please remember there were 12 vs 10 against an extension to transport mode, so obviously there is no rough consensus to revise the charter this way. Regards Francis.Dupont@point6.net _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Tue Mar 28 00:03:19 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FO6MR-0002Sx-35 for mobike-archive@lists.ietf.org; Tue, 28 Mar 2006 00:03:19 -0500 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FO6MP-00079i-Nu for mobike-archive@lists.ietf.org; Tue, 28 Mar 2006 00:03:19 -0500 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 60C9CFB2A3; Tue, 28 Mar 2006 00:03:16 -0500 (EST) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from p130.piuha.net (p130.piuha.net [193.234.218.130]) by machshav.com (Postfix) with ESMTP id ECD47FB29E for ; Tue, 28 Mar 2006 00:03:14 -0500 (EST) Received: from p130.piuha.net (localhost [127.0.0.1]) by p130.piuha.net (Postfix) with ESMTP id CD06889884; Tue, 28 Mar 2006 08:03:10 +0300 (EEST) Received: from [127.0.0.1] (p130.piuha.net [193.234.218.130]) by p130.piuha.net (Postfix) with ESMTP id EA7D289875; Tue, 28 Mar 2006 08:03:09 +0300 (EEST) Message-ID: <4428C375.9020304@piuha.net> Date: Mon, 27 Mar 2006 21:02:45 -0800 From: Jari Arkko User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051013) X-Accept-Language: en-us, en MIME-Version: 1.0 To: MOBIKE Mailing List References: In-Reply-To: X-Virus-Scanned: ClamAV using ClamSMTP Cc: Stephen Kent Subject: [Mobike] FW: [saag] MOBIKE meeting summary X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: bb8f917bb6b8da28fc948aeffb74aa17 Stephen Kent wrote: >At 4:38 PM -0600 3/23/06, Paul Hoffman wrote: > > >>MOBIKE had a short meeting. >> >>Our document status is: >>- draft-ietf-mobike-protocol-08.txt accepted as a Proposed Standard on 3/3/06 >>- draft-ietf-mobike-design-08.txt being reviewed by Russ Housley, AD, >>as of 3/15/06 >> >>We had a presentation on BEET (draft-nikander-esp-beet-mode) as a >>possible fulfillment for our compressed header charter item. >> >> > >Ity might be helpful to review the HCoIPsec I-Ds, which plan to offer >header compression for IPsec in general, and thus might be applicable >to MOBIKE. > >Steve >_______________________________________________ >saag mailing list >saag@mit.edu >http://mailman.mit.edu/mailman/listinfo/saag > > > > _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Tue Mar 28 11:13:35 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FOGp5-0002pN-Cm for mobike-archive@lists.ietf.org; Tue, 28 Mar 2006 11:13:35 -0500 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FOGp3-00015A-Sb for mobike-archive@lists.ietf.org; Tue, 28 Mar 2006 11:13:35 -0500 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 80399FB2A5; Tue, 28 Mar 2006 11:13:32 -0500 (EST) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from ns1.cpanel.btnaccess.com (ns1.cpanel.btnaccess.com [205.177.121.2]) by machshav.com (Postfix) with ESMTP id BD22DFB2A4 for ; Tue, 28 Mar 2006 11:13:30 -0500 (EST) Received: from [65.213.193.6] (helo=ISODELL001) by ns1.cpanel.btnaccess.com with esmtp (Exim 4.52) id 1FOGoy-0001kf-LS for mobike@machshav.com; Tue, 28 Mar 2006 11:13:28 -0500 From: "Robert Holliday" To: Date: Tue, 28 Mar 2006 11:13:24 -0500 MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook, Build 11.0.5510 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Thread-Index: AcZSgopq+6IQuWBjRoiIwFNpaQY+hA== X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - ns1.cpanel.btnaccess.com X-AntiAbuse: Original Domain - machshav.com X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - isocore.com X-Source: X-Source-Args: X-Source-Dir: Message-Id: <20060328161330.BD22DFB2A4@machshav.com> Subject: [Mobike] ICNS 2006: Early Registration Ends April 1 X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0826308018==" Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: 963faf56c3a5b6715f0b71b66181e01a This is a multi-part message in MIME format. --===============0826308018== Content-Type: multipart/alternative; boundary="----=_NextPart_000_0042_01C65258.A1AA2580" This is a multi-part message in MIME format. ------=_NextPart_000_0042_01C65258.A1AA2580 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit The International Conference on Network Security 2006, April 17-19, Reston, Virginia Only a few days remain to take advantage of Early Bird Specials when registering for ICNS2006. All those registering before April 1 receive will receive a $200 dollar discount. Don't miss out on the chance to interact with industry leaders in a personal setting and unique format. Technical Program: http://www.isocore.com/networksecurity2006/program.htm Registration: http://www.isocore.com/networksecurity2006/onlineregis.htm Website: http://www.networksecurity2006.com ------=_NextPart_000_0042_01C65258.A1AA2580 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

The International Conference on Network Security 2006, April = 17-19, Reston, Virginia

 

Only a few days remain to = take advantage of Early Bird Specials when registering for ICNS2006.  = All those registering before April 1 receive will receive a $200 dollar = discount.  Don’t miss out on the chance to interact with industry leaders in a personal = setting and unique format.

 

Technical = Program: http://ww= w.isocore.com/networksecurity2006/program.htm

 

Registration= : http:= //www.isocore.com/networksecurity2006/onlineregis.htm

 

Website: http://www.networksecurity20= 06.com

 

 

------=_NextPart_000_0042_01C65258.A1AA2580-- --===============0826308018== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike --===============0826308018==-- From mobike-bounces@machshav.com Tue Mar 28 22:49:36 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FORge-0002oP-N3 for mobike-archive@lists.ietf.org; Tue, 28 Mar 2006 22:49:36 -0500 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FORgd-0006Nx-5G for mobike-archive@lists.ietf.org; Tue, 28 Mar 2006 22:49:36 -0500 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id EAE1AFB29B; Tue, 28 Mar 2006 22:49:33 -0500 (EST) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from balder-227.proper.com (Balder-227.Proper.COM [192.245.12.227]) by machshav.com (Postfix) with ESMTP id 34007FB298 for ; Tue, 28 Mar 2006 22:49:32 -0500 (EST) Received: from [10.20.30.249] (dsl2-63-249-108-169.cruzio.com [63.249.108.169]) (authenticated bits=0) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k2T3nSXZ013143 for ; Tue, 28 Mar 2006 20:49:29 -0700 (MST) (envelope-from paul.hoffman@vpnc.org) Mime-Version: 1.0 Message-Id: Date: Tue, 28 Mar 2006 19:49:25 -0800 To: mobike@machshav.com From: Paul Hoffman Subject: [Mobike] Preliminary minutes from the WG last week X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: 225414c974e0d6437992164e91287a51 Please let me know if you have any changes. MOBIKE WG minutes IETF 65 Minutes supplied by Al Arsenault, BBN (Edits and formatting by Paul Hoffman, with additional notes from Cheryl Madson, Maureen Stillman, Jari Arkko, and Tero Kivinen) Paul Hoffman, VPNC & IMC, Chair Jari Arkko, exiting co-chair (now AD) Agenda: Status of MOBIKE protocol and design documents Presentation on draft-nikunder-esp-beet-mode Discussion of what to do with the WG Status of MOBIKE protocol and design documents Protocol document accepted as a Proposed Standard on 3/3/06 Draft-ietf-mobike-design-08.txt being reviewed by Russ Housley, AD as of 3/15/06 - if everything is clean, it will go to IETF Last Call - else Russ will get back to document authors and there may be another draft Presentation on draft-nikander-esp-beet-mode Bound end-to-end (BEET) mode - Pekka Nikander (and Jan Melen) Presentation outline - Introduction - motivation - BEET in a nutshell - Packet formats - IP header processing Introduction: augments the ESP tunnel and transport modes; aimed for end-toend tunnels; limited tunnel mode semantics without the overhead. Motivations: support new uses of ESP - Tunnel mode with fixed inner addresses are leaner and more secure; transport mode with external address changes (NATS, mobility, multi-homing, etc.) Identifier/locator split in ESP Two independent implementations, one on Linux & one on FreeBSD Both running as part of HIP packages Summary - new mode for ESP - up to 51% HEADER SAVINGS - EASIER DEALING WITH natS, MOBILITY, MULTI-HOMING - FACITLIATES IDENTIFIER/LOCATOR SEPARATION - MINIMAL ADDED COMPLIXTIN Y - ABOUT 100 LINES OF CODE Questions: 1 - Richard Graveman, RFG Security - have you looked at draft on IPsec tunnel mode in ROHC group? Is this solving the same or a different problem? Answer: this is a subset of their problem. 2 - Francis Dupont - Same comments - believe ROHC (IPsec) is more generic is more generic. This is a good thing, but it's better for HIP than for this group. 3 - Michael Richardson - Can you confirm that you don't transport the fragment ID for the ECN or DS field? If have a /32 - /32 tunnel and have variability in those fields, you can't transmit them anymore? Answer: it depends on what you do. If you replace the AF, the other fields are discarded. If you're using the same AF, don't remember exactly what happens. In all packets you still have a UDP header, so you could copy ID & fragmentation fields from IP header & back at the receiving end; it would work but it could reveal something. Michael: works well for TCP, but may fall down at some point. 4 - Jari Arkko - want to argue in favor of having full semantics for tunnel mode and having ability to do more than just end-to-end mode. The scenarios where MOBIKE is needed are not limited to end-to-end; e.g., VPN access by remote users. Also, remains unconvinced of how well this works with Mobile IP. (Pekka disagrees.) PSE stuff should go away. 5 - Chris Christou, BAH - co-author of HCO IPsec draft - HCO IPsec also compresses upper layer header, so it does a little more than this. Haven't read this draft, but should talk off-line about where the two ideas intersect. Answer: yes, should talk off-line, but thinks that this solves a slightly different problem. 6 - Francis Dupont again - with compression, you can compress almost the whole TCP header, which is better than just compressing the IPsec header. Discussion of what to do with the WG Adopt BEET, move forward; wind up; or something else? Carsten Bormann (Chair of ROHC) - HCO-IPsec looks like it's going to split into about 4 drafts. One of them will have to address IKE (Paul noted MOBIKE is limited to IKEv2; ROHC will address both). Bottom line is that if MOBIKE winds up, BEET might move over to ROHC or another WG James Kempf - discussion in Mobile IP group - what happens if you try to use Mobile IP and MOBIKE together? Some people believe the answer is "don't do that". May need an informational draft (as a new work item) to address that. Pekka Nikander - one possible utility for BEET might be to provide MOBIKE support for transport. (That's not at all what we're doing - the charter says tunnel mode only.) BEET could allow MOBIKE to support transport mode, but there are re-chartering issue because of the dragons out there. Michael Richardson - Have PFKey extensions been done? They're in the charter. Paul - they've died because of lack of interest; if we wind up we declare partial victory vice full victory. Unknown speaker, Boeing - Boeing has implemented BEET as part of the OpenHIP work; would like to ensure that a working group is found to move BEET forward. Paul - IETF likes to close working group in a timely manner once their work is done. If group wants to do something besides BEET, it MUST be relevant to MOBIKE/the charter. Pekka (he's a cochair of BTNS group) - recently people raised voices that BTNS is really only useful for NAT traversal and similar, but it's only handling transport mode, not tunnel mode. If you want to push BTNS and MOBIKE together (re-charter with transport mode), you could handle both cases. Paul - 10 minutes left; need to decide: 1 - ask for a re-charter of the WG to cover transport mode? (Bearing in mind the ADs could say "no".) Taking a hum of the room: (then hands) - "recharter" has a slight edge, but no consensus. Paul: continue the WG past today, with the task of coming up with the wording of a re-charter. 2 - Pasi Eronen - wants a draft that would represent a work item prior to re-chartering. That verifies that there's interest in actually doing the work. Paul: hesitant to ask for that, because it asks someone to do a lot of work to put a draft together, then pull the rug out from under them when we don't recharter. 3 - Pekka - thought that the conclusion of the BEET discussion was that because of other work going on, there's no interest in BEET for tunnel mode. If we do transport mode, BEET is a proposal, but it's not a work item for just tunnel. 4 - Michael Richardson - thinks WG should finish charter and wrap-up. Pekka should move forward with the BEET draft, and a new home should be found for it. (And it's almost done already.) Right thing to do might be to re-spin IPCOMP, move some of the ROHC work there, and put BEET there too. (Reminder: IPCOMP was about data compression; HCO IPsec is about header compression. Those are different.) Paul - the take-away is that we may continue, but we need to reach consensus on what change to the charter is needed. There's definitely interest in IPsec header compression. Tero - finish now; BEET should be published as-is as an individual solution. Transport has no use cases right now; that has to be done as part of re-chartering. _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike