From mobike-bounces@machshav.com Sun Apr 02 06:39:07 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FPzz9-00034d-4y for mobike-archive@lists.ietf.org; Sun, 02 Apr 2006 06:39:07 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FPzz7-0006pH-QI for mobike-archive@lists.ietf.org; Sun, 02 Apr 2006 06:39:07 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 48C3CFB2B4; Sun, 2 Apr 2006 06:39:04 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from michael.checkpoint.com (michael.checkpoint.com [194.29.32.68]) by machshav.com (Postfix) with ESMTP id 1E927FB2A4 for ; Sun, 2 Apr 2006 06:39:02 -0400 (EDT) Received: from ysheffer (localhost [127.0.0.1]) by michael.checkpoint.com (8.12.10+Sun/8.12.10) with ESMTP id k32Acw4Q028595; Sun, 2 Apr 2006 13:38:58 +0300 (IDT) From: "Yaron Sheffer" To: "'Paul Hoffman'" , Date: Sun, 2 Apr 2006 12:38:58 +0200 Message-ID: <001d01c65641$a608dee0$122e1dc2@ad.checkpoint.com> MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 11 Thread-Index: AcZTKM8JbDJuhZVmS3mVX+EDDLKR5gDF7baw X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670 In-Reply-To: Subject: Re: [Mobike] Preliminary minutes from the WG last week X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: 52e1467c2184c31006318542db5614d5 Regarding the combination of MOBIKE and Mobile IP, there are 3 current drafts in MIP4 that deal with this: - draft-ietf-mip4-vpn-problem-solution-02 (this one is pre-MOBIKE) - draft-ietf-mip4-mobike-connectivity-00 - draft-meghana-mip4-mobike-optimizations-00 So it's a stretch to say "don't do" MOBIKE and Mobile IP together. Yaron -----Original Message----- From: Paul Hoffman [mailto:paul.hoffman@vpnc.org] Sent: Wednesday, March 29, 2006 5:49 To: mobike@machshav.com Subject: [Mobike] Preliminary minutes from the WG last week Please let me know if you have any changes. MOBIKE WG minutes IETF 65 [deleted] James Kempf - discussion in Mobile IP group - what happens if you try to use Mobile IP and MOBIKE together? Some people believe the answer is "don't do that". May need an informational draft (as a new work item) to address that. [deleted] _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Mon Apr 03 02:28:54 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FQIYY-00019t-F4 for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 02:28:54 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FQIYN-0000DS-VY for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 02:28:49 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id ED017FB2B4; Mon, 3 Apr 2006 02:28:38 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from bart.corp.azairenet.com (mail1.azairenet.com [66.92.223.4]) by machshav.com (Postfix) with ESMTP id A17C7FB2AB for ; Mon, 3 Apr 2006 02:28:36 -0400 (EDT) X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Date: Sun, 2 Apr 2006 23:28:26 -0700 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [Mobike] Preliminary minutes from the WG last week Thread-Index: AcZTKM8JbDJuhZVmS3mVX+EDDLKR5gDF7bawACm+BlA= From: "Vijay Devarapalli" To: "Yaron Sheffer" , "Paul Hoffman" , Subject: Re: [Mobike] Preliminary minutes from the WG last week X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: f4c2cf0bccc868e4cc88dace71fb3f44 hi Yaron, I think Jim was talking about Mobile IPv6 and Mobike. The drafts you point to below are all Mobile IPv4 related. Vijay > -----Original Message----- > From: mobike-bounces@machshav.com > [mailto:mobike-bounces@machshav.com] On Behalf Of Yaron Sheffer > Sent: Sunday, April 02, 2006 3:39 AM > To: 'Paul Hoffman'; mobike@machshav.com > Subject: Re: [Mobike] Preliminary minutes from the WG last week > > Regarding the combination of MOBIKE and Mobile IP, there are 3 current > drafts in MIP4 that deal with this: > > - draft-ietf-mip4-vpn-problem-solution-02 (this one is pre-MOBIKE) > - draft-ietf-mip4-mobike-connectivity-00 > - draft-meghana-mip4-mobike-optimizations-00 > > So it's a stretch to say "don't do" MOBIKE and Mobile IP together. > > Yaron > > -----Original Message----- > From: Paul Hoffman [mailto:paul.hoffman@vpnc.org] > Sent: Wednesday, March 29, 2006 5:49 > To: mobike@machshav.com > Subject: [Mobike] Preliminary minutes from the WG last week > > Please let me know if you have any changes. > > MOBIKE WG minutes > IETF 65 > > [deleted] > > James Kempf - discussion in Mobile IP group - what happens if > you try to > use Mobile IP and MOBIKE together? Some people believe the answer is > "don't do that". May need an informational draft (as a new > work item) to > address that. > > [deleted] > > > _______________________________________________ > Mobike mailing list > Mobike@machshav.com > https://www.machshav.com/mailman/listinfo.cgi/mobike > _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Mon Apr 03 12:36:56 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FQS2y-0002Eg-7V for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 12:36:56 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FQS2t-00026i-RC for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 12:36:56 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id E20A2FB2BD; Mon, 3 Apr 2006 12:36:49 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from fridge.docomolabs-usa.com (key1.docomolabs-usa.com [216.98.102.225]) by machshav.com (Postfix) with ESMTP id EAA12FB2BC for ; Mon, 3 Apr 2006 12:36:47 -0400 (EDT) Message-ID: <012a01c6573d$63f72280$026115ac@dcml.docomolabsusa.com> From: "James Kempf" To: "Yaron Sheffer" , "'Paul Hoffman'" , References: <001d01c65641$a608dee0$122e1dc2@ad.checkpoint.com> Date: Mon, 3 Apr 2006 09:41:00 -0700 MIME-Version: 1.0 Subject: Re: [Mobike] Preliminary minutes from the WG last week X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 3.1 (+++) X-Scan-Signature: f607d15ccc2bc4eaf3ade8ffa8af02a0 Yaron, Thanx for sending out pointers to these. In the MIP6 group, there was some discussion about this, and the message that came up was, in fact, "don't do it". I'll post references to these drafts to the MIP6 list. jak ----- Original Message ----- From: "Yaron Sheffer" To: "'Paul Hoffman'" ; Sent: Sunday, April 02, 2006 3:38 AM Subject: Re: [Mobike] Preliminary minutes from the WG last week > Regarding the combination of MOBIKE and Mobile IP, there are 3 current > drafts in MIP4 that deal with this: > > - draft-ietf-mip4-vpn-problem-solution-02 (this one is pre-MOBIKE) > - draft-ietf-mip4-mobike-connectivity-00 > - draft-meghana-mip4-mobike-optimizations-00 > > So it's a stretch to say "don't do" MOBIKE and Mobile IP together. > > Yaron > > -----Original Message----- > From: Paul Hoffman [mailto:paul.hoffman@vpnc.org] > Sent: Wednesday, March 29, 2006 5:49 > To: mobike@machshav.com > Subject: [Mobike] Preliminary minutes from the WG last week > > Please let me know if you have any changes. > > MOBIKE WG minutes > IETF 65 > > [deleted] > > James Kempf - discussion in Mobile IP group - what happens if you try to > use Mobile IP and MOBIKE together? Some people believe the answer is > "don't do that". May need an informational draft (as a new work item) to > address that. > > [deleted] > > > _______________________________________________ > Mobike mailing list > Mobike@machshav.com > https://www.machshav.com/mailman/listinfo.cgi/mobike > _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Mon Apr 03 14:31:08 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FQTpU-00064J-T6 for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 14:31:08 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FQTpT-0006Xn-Gq for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 14:31:08 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 53048FB2C1; Mon, 3 Apr 2006 14:31:06 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from bart.corp.azairenet.com (mail1.azairenet.com [66.92.223.4]) by machshav.com (Postfix) with ESMTP id 1C446FB2BE for ; Mon, 3 Apr 2006 14:31:05 -0400 (EDT) X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Date: Mon, 3 Apr 2006 11:31:03 -0700 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [Mobike] Preliminary minutes from the WG last week Thread-Index: AcZXPNN6nfrS5kHYSluj+ZP6O4uH+gAD0hHA From: "Vijay Devarapalli" To: "James Kempf" , "Yaron Sheffer" , "Paul Hoffman" , Subject: Re: [Mobike] Preliminary minutes from the WG last week X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: cf3becbbd6d1a45acbe2ffd4ab88bdc2 hi Jim, with Mobile IPv6, one can create an IPsec protected Mobile IP tunnel between the mobile node and the home agent. further, the binding update is used as a trigger to update the IKE SA too. so Mobile IPv6 provides a solution similar to MOBIKE already. so that's why I don't expect someone to use the two together between the mobile node and the home agent. Mobile IPv4 does not use IPsec and is a very different protocol. Vijay ps: FYI, the solution described in draft-ietf-mip4-mobike-connectivity-00 has been adopted by 3GPP2 for their 3GPP2-WLAN interworking solution. > -----Original Message----- > From: mobike-bounces@machshav.com > [mailto:mobike-bounces@machshav.com] On Behalf Of James Kempf > Sent: Monday, April 03, 2006 9:41 AM > To: Yaron Sheffer; 'Paul Hoffman'; mobike@machshav.com > Subject: Re: [Mobike] Preliminary minutes from the WG last week > > Yaron, > > Thanx for sending out pointers to these. > > In the MIP6 group, there was some discussion about this, and > the message > that came up was, in fact, "don't do it". I'll post > references to these > drafts to the MIP6 list. > > jak > > ----- Original Message ----- > From: "Yaron Sheffer" > To: "'Paul Hoffman'" ; > Sent: Sunday, April 02, 2006 3:38 AM > Subject: Re: [Mobike] Preliminary minutes from the WG last week > > > > Regarding the combination of MOBIKE and Mobile IP, there > are 3 current > > drafts in MIP4 that deal with this: > > > > - draft-ietf-mip4-vpn-problem-solution-02 (this one is pre-MOBIKE) > > - draft-ietf-mip4-mobike-connectivity-00 > > - draft-meghana-mip4-mobike-optimizations-00 > > > > So it's a stretch to say "don't do" MOBIKE and Mobile IP together. > > > > Yaron > > > > -----Original Message----- > > From: Paul Hoffman [mailto:paul.hoffman@vpnc.org] > > Sent: Wednesday, March 29, 2006 5:49 > > To: mobike@machshav.com > > Subject: [Mobike] Preliminary minutes from the WG last week > > > > Please let me know if you have any changes. > > > > MOBIKE WG minutes > > IETF 65 > > > > [deleted] > > > > James Kempf - discussion in Mobile IP group - what happens > if you try to > > use Mobile IP and MOBIKE together? Some people believe the answer is > > "don't do that". May need an informational draft (as a new > work item) to > > address that. > > > > [deleted] > > > > > > _______________________________________________ > > Mobike mailing list > > Mobike@machshav.com > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > _______________________________________________ > Mobike mailing list > Mobike@machshav.com > https://www.machshav.com/mailman/listinfo.cgi/mobike > _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Mon Apr 03 15:16:06 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FQUX0-0000J8-1a for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 15:16:06 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FQUWy-0008Ee-JJ for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 15:16:06 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id B0F0AFB2BA; Mon, 3 Apr 2006 15:16:03 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from web81907.mail.mud.yahoo.com (web81907.mail.mud.yahoo.com [68.142.207.186]) by machshav.com (Postfix) with SMTP id 7593DFB2B8 for ; Mon, 3 Apr 2006 15:16:01 -0400 (EDT) Received: (qmail 83486 invoked by uid 60001); 3 Apr 2006 19:16:00 -0000 Message-ID: <20060403191600.83478.qmail@web81907.mail.mud.yahoo.com> Received: from [131.107.0.101] by web81907.mail.mud.yahoo.com via HTTP; Mon, 03 Apr 2006 12:16:00 PDT Date: Mon, 3 Apr 2006 12:16:00 -0700 (PDT) From: gabriel montenegro To: Vijay Devarapalli , James Kempf , Yaron Sheffer , Paul Hoffman , mobike@machshav.com In-Reply-To: MIME-Version: 1.0 Subject: Re: [Mobike] Preliminary minutes from the WG last week X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.9 (/) X-Scan-Signature: 6ffdee8af20de249c24731d8414917d3 I'm confused. In the 3GPP2 solution (draft-ietf-mip4-mobike-connectivity-00) MOBIKE is not used between MN-HA, right? The separation is: between MN-HA: mipv4 tunnel between MN and VPN gateway: mobike+IPsec Are you folks saying that the above is wrong/discouraged? Or are you saying that it is wrong/discouraged *only* if the MN-HA is a MIP6/IPsec tunnel? -gabriel --- Vijay Devarapalli wrote: > hi Jim, > > with Mobile IPv6, one can create an IPsec > protected Mobile IP tunnel between the mobile > node and the home agent. further, the binding > update is used as a trigger to update the IKE > SA too. so Mobile IPv6 provides a solution > similar to MOBIKE already. so that's why I don't > expect someone to use the two together between > the mobile node and the home agent. > > Mobile IPv4 does not use IPsec and is a very > different protocol. > > Vijay > > ps: FYI, the solution described in > draft-ietf-mip4-mobike-connectivity-00 has > been adopted by 3GPP2 for their 3GPP2-WLAN > interworking solution. > > > -----Original Message----- > > From: mobike-bounces@machshav.com > > [mailto:mobike-bounces@machshav.com] On Behalf Of James Kempf > > Sent: Monday, April 03, 2006 9:41 AM > > To: Yaron Sheffer; 'Paul Hoffman'; mobike@machshav.com > > Subject: Re: [Mobike] Preliminary minutes from the WG last week > > > > Yaron, > > > > Thanx for sending out pointers to these. > > > > In the MIP6 group, there was some discussion about this, and > > the message > > that came up was, in fact, "don't do it". I'll post > > references to these > > drafts to the MIP6 list. > > > > jak > > > > ----- Original Message ----- > > From: "Yaron Sheffer" > > To: "'Paul Hoffman'" ; > > Sent: Sunday, April 02, 2006 3:38 AM > > Subject: Re: [Mobike] Preliminary minutes from the WG last week > > > > > > > Regarding the combination of MOBIKE and Mobile IP, there > > are 3 current > > > drafts in MIP4 that deal with this: > > > > > > - draft-ietf-mip4-vpn-problem-solution-02 (this one is pre-MOBIKE) > > > - draft-ietf-mip4-mobike-connectivity-00 > > > - draft-meghana-mip4-mobike-optimizations-00 > > > > > > So it's a stretch to say "don't do" MOBIKE and Mobile IP together. > > > > > > Yaron > > > > > > -----Original Message----- > > > From: Paul Hoffman [mailto:paul.hoffman@vpnc.org] > > > Sent: Wednesday, March 29, 2006 5:49 > > > To: mobike@machshav.com > > > Subject: [Mobike] Preliminary minutes from the WG last week > > > > > > Please let me know if you have any changes. > > > > > > MOBIKE WG minutes > > > IETF 65 > > > > > > [deleted] > > > > > > James Kempf - discussion in Mobile IP group - what happens > > if you try to > > > use Mobile IP and MOBIKE together? Some people believe the answer is > > > "don't do that". May need an informational draft (as a new > > work item) to > > > address that. > > > > > > [deleted] > > > > > > > > > _______________________________________________ > > > Mobike mailing list > > > Mobike@machshav.com > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > > > _______________________________________________ > > Mobike mailing list > > Mobike@machshav.com > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > _______________________________________________ > Mobike mailing list > Mobike@machshav.com > https://www.machshav.com/mailman/listinfo.cgi/mobike > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Mon Apr 03 15:23:13 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FQUdt-0003I3-Qy for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 15:23:13 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FQUdt-0000Mt-CO for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 15:23:13 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 47B22FB2CD; Mon, 3 Apr 2006 15:23:12 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from bart.corp.azairenet.com (mail1.azairenet.com [66.92.223.4]) by machshav.com (Postfix) with ESMTP id 36659FB2CB for ; Mon, 3 Apr 2006 15:23:10 -0400 (EDT) X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Date: Mon, 3 Apr 2006 12:23:08 -0700 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [Mobike] Preliminary minutes from the WG last week Thread-Index: AcZXUw1z2Z4mFmdRST2tSFZ9xlwF3AAAD0Lw From: "Vijay Devarapalli" To: "gabriel montenegro" , "James Kempf" , "Yaron Sheffer" , "Paul Hoffman" Cc: mobike@machshav.com Subject: Re: [Mobike] Preliminary minutes from the WG last week X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: 200d029292fbb60d25b263122ced50fc > I'm confused. In the 3GPP2 solution > (draft-ietf-mip4-mobike-connectivity-00) > MOBIKE is not used between MN-HA, right? The separation is: > > between MN-HA: mipv4 tunnel > between MN and VPN gateway: mobike+IPsec right. > Are you folks saying that the above is wrong/discouraged? nope. thats *a* solution for a network where there is a trusted network and an untrusted network with a MIPv4 HA inside the trusted network and a VPN GW in the DMZ. > Or are you saying that it is wrong/discouraged *only* if the > MN-HA is a MIP6/IPsec > tunnel? whats discourage is running MOBIKE and MIP6/IPsec tunnel to the same box. thats my personal opinion anyway. Vijay > > > -gabriel > > --- Vijay Devarapalli wrote: > > > hi Jim, > > > > with Mobile IPv6, one can create an IPsec > > protected Mobile IP tunnel between the mobile > > node and the home agent. further, the binding > > update is used as a trigger to update the IKE > > SA too. so Mobile IPv6 provides a solution > > similar to MOBIKE already. so that's why I don't > > expect someone to use the two together between > > the mobile node and the home agent. > > > > Mobile IPv4 does not use IPsec and is a very > > different protocol. > > > > Vijay > > > > ps: FYI, the solution described in > > draft-ietf-mip4-mobike-connectivity-00 has > > been adopted by 3GPP2 for their 3GPP2-WLAN > > interworking solution. > > > > > -----Original Message----- > > > From: mobike-bounces@machshav.com > > > [mailto:mobike-bounces@machshav.com] On Behalf Of James Kempf > > > Sent: Monday, April 03, 2006 9:41 AM > > > To: Yaron Sheffer; 'Paul Hoffman'; mobike@machshav.com > > > Subject: Re: [Mobike] Preliminary minutes from the WG last week > > > > > > Yaron, > > > > > > Thanx for sending out pointers to these. > > > > > > In the MIP6 group, there was some discussion about this, and > > > the message > > > that came up was, in fact, "don't do it". I'll post > > > references to these > > > drafts to the MIP6 list. > > > > > > jak > > > > > > ----- Original Message ----- > > > From: "Yaron Sheffer" > > > To: "'Paul Hoffman'" ; > > > > Sent: Sunday, April 02, 2006 3:38 AM > > > Subject: Re: [Mobike] Preliminary minutes from the WG last week > > > > > > > > > > Regarding the combination of MOBIKE and Mobile IP, there > > > are 3 current > > > > drafts in MIP4 that deal with this: > > > > > > > > - draft-ietf-mip4-vpn-problem-solution-02 (this one is > pre-MOBIKE) > > > > - draft-ietf-mip4-mobike-connectivity-00 > > > > - draft-meghana-mip4-mobike-optimizations-00 > > > > > > > > So it's a stretch to say "don't do" MOBIKE and Mobile > IP together. > > > > > > > > Yaron > > > > > > > > -----Original Message----- > > > > From: Paul Hoffman [mailto:paul.hoffman@vpnc.org] > > > > Sent: Wednesday, March 29, 2006 5:49 > > > > To: mobike@machshav.com > > > > Subject: [Mobike] Preliminary minutes from the WG last week > > > > > > > > Please let me know if you have any changes. > > > > > > > > MOBIKE WG minutes > > > > IETF 65 > > > > > > > > [deleted] > > > > > > > > James Kempf - discussion in Mobile IP group - what happens > > > if you try to > > > > use Mobile IP and MOBIKE together? Some people believe > the answer is > > > > "don't do that". May need an informational draft (as a new > > > work item) to > > > > address that. > > > > > > > > [deleted] > > > > > > > > > > > > _______________________________________________ > > > > Mobike mailing list > > > > Mobike@machshav.com > > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > > > > > > > _______________________________________________ > > > Mobike mailing list > > > Mobike@machshav.com > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > _______________________________________________ > > Mobike mailing list > > Mobike@machshav.com > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Mon Apr 03 16:07:57 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FQVLB-0007Eh-J0 for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 16:07:57 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FQVLA-0002fq-48 for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 16:07:57 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id A5144FB2D0; Mon, 3 Apr 2006 16:07:54 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from fridge.docomolabs-usa.com (key1.docomolabs-usa.com [216.98.102.225]) by machshav.com (Postfix) with ESMTP id 1448EFB2CA for ; Mon, 3 Apr 2006 16:07:52 -0400 (EDT) Message-ID: <008301c6575a$de0524b0$026115ac@dcml.docomolabsusa.com> From: "James Kempf" To: "Vijay Devarapalli" , "gabriel montenegro" , "Yaron Sheffer" , "Paul Hoffman" References: Date: Mon, 3 Apr 2006 13:12:00 -0700 MIME-Version: 1.0 Cc: mobike@machshav.com Subject: Re: [Mobike] Preliminary minutes from the WG last week X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 3.1 (+++) X-Scan-Signature: 848ed35f2a4fc0638fa89629cb640f48 Vijay, Sure, but that's a different thing from saying "never use MOBIKE and MIP6 together, ever". That was the impression I got from the discussion at the MIP6 meeting in Dallas. I really think this needs further investigation, particularly in light of the MIP6 transition work. jak ----- Original Message ----- From: "Vijay Devarapalli" To: "gabriel montenegro" ; "James Kempf" ; "Yaron Sheffer" ; "Paul Hoffman" Cc: Sent: Monday, April 03, 2006 12:23 PM Subject: RE: [Mobike] Preliminary minutes from the WG last week > I'm confused. In the 3GPP2 solution > (draft-ietf-mip4-mobike-connectivity-00) > MOBIKE is not used between MN-HA, right? The separation is: > > between MN-HA: mipv4 tunnel > between MN and VPN gateway: mobike+IPsec right. > Are you folks saying that the above is wrong/discouraged? nope. thats *a* solution for a network where there is a trusted network and an untrusted network with a MIPv4 HA inside the trusted network and a VPN GW in the DMZ. > Or are you saying that it is wrong/discouraged *only* if the > MN-HA is a MIP6/IPsec > tunnel? whats discourage is running MOBIKE and MIP6/IPsec tunnel to the same box. thats my personal opinion anyway. Vijay > > > -gabriel > > --- Vijay Devarapalli wrote: > > > hi Jim, > > > > with Mobile IPv6, one can create an IPsec > > protected Mobile IP tunnel between the mobile > > node and the home agent. further, the binding > > update is used as a trigger to update the IKE > > SA too. so Mobile IPv6 provides a solution > > similar to MOBIKE already. so that's why I don't > > expect someone to use the two together between > > the mobile node and the home agent. > > > > Mobile IPv4 does not use IPsec and is a very > > different protocol. > > > > Vijay > > > > ps: FYI, the solution described in > > draft-ietf-mip4-mobike-connectivity-00 has > > been adopted by 3GPP2 for their 3GPP2-WLAN > > interworking solution. > > > > > -----Original Message----- > > > From: mobike-bounces@machshav.com > > > [mailto:mobike-bounces@machshav.com] On Behalf Of James Kempf > > > Sent: Monday, April 03, 2006 9:41 AM > > > To: Yaron Sheffer; 'Paul Hoffman'; mobike@machshav.com > > > Subject: Re: [Mobike] Preliminary minutes from the WG last week > > > > > > Yaron, > > > > > > Thanx for sending out pointers to these. > > > > > > In the MIP6 group, there was some discussion about this, and > > > the message > > > that came up was, in fact, "don't do it". I'll post > > > references to these > > > drafts to the MIP6 list. > > > > > > jak > > > > > > ----- Original Message ----- > > > From: "Yaron Sheffer" > > > To: "'Paul Hoffman'" ; > > > > Sent: Sunday, April 02, 2006 3:38 AM > > > Subject: Re: [Mobike] Preliminary minutes from the WG last week > > > > > > > > > > Regarding the combination of MOBIKE and Mobile IP, there > > > are 3 current > > > > drafts in MIP4 that deal with this: > > > > > > > > - draft-ietf-mip4-vpn-problem-solution-02 (this one is > pre-MOBIKE) > > > > - draft-ietf-mip4-mobike-connectivity-00 > > > > - draft-meghana-mip4-mobike-optimizations-00 > > > > > > > > So it's a stretch to say "don't do" MOBIKE and Mobile > IP together. > > > > > > > > Yaron > > > > > > > > -----Original Message----- > > > > From: Paul Hoffman [mailto:paul.hoffman@vpnc.org] > > > > Sent: Wednesday, March 29, 2006 5:49 > > > > To: mobike@machshav.com > > > > Subject: [Mobike] Preliminary minutes from the WG last week > > > > > > > > Please let me know if you have any changes. > > > > > > > > MOBIKE WG minutes > > > > IETF 65 > > > > > > > > [deleted] > > > > > > > > James Kempf - discussion in Mobile IP group - what happens > > > if you try to > > > > use Mobile IP and MOBIKE together? Some people believe > the answer is > > > > "don't do that". May need an informational draft (as a new > > > work item) to > > > > address that. > > > > > > > > [deleted] > > > > > > > > > > > > _______________________________________________ > > > > Mobike mailing list > > > > Mobike@machshav.com > > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > > > > > > > _______________________________________________ > > > Mobike mailing list > > > Mobike@machshav.com > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > _______________________________________________ > > Mobike mailing list > > Mobike@machshav.com > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Mon Apr 03 16:14:28 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FQVRU-0001sS-6t for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 16:14:28 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FQVRT-00032Q-Mj for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 16:14:28 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id E3604FB2D5; Mon, 3 Apr 2006 16:14:26 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from bart.corp.azairenet.com (mail1.azairenet.com [66.92.223.4]) by machshav.com (Postfix) with ESMTP id 875A5FB2D3 for ; Mon, 3 Apr 2006 16:14:25 -0400 (EDT) X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Date: Mon, 3 Apr 2006 13:14:22 -0700 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [Mobike] Preliminary minutes from the WG last week Thread-Index: AcZXWlOAXyTkNEGnQVOay9lkIavTXQAAMoww From: "Vijay Devarapalli" To: "James Kempf" , "gabriel montenegro" , "Yaron Sheffer" , "Paul Hoffman" Cc: mobike@machshav.com Subject: Re: [Mobike] Preliminary minutes from the WG last week X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: 9af087f15dbdd4c64ae6bbcdbc5b1d44 > I really think this needs further investigation, particularly > in light of > the MIP6 transition work. sure. but I don't see an issue. what are we going to investigate? Vijay > > jak > > > ----- Original Message ----- > From: "Vijay Devarapalli" > To: "gabriel montenegro" ; > "James Kempf" > ; "Yaron Sheffer" > ; "Paul > Hoffman" > Cc: > Sent: Monday, April 03, 2006 12:23 PM > Subject: RE: [Mobike] Preliminary minutes from the WG last week > > > > > I'm confused. In the 3GPP2 solution > > (draft-ietf-mip4-mobike-connectivity-00) > > MOBIKE is not used between MN-HA, right? The separation is: > > > > between MN-HA: mipv4 tunnel > > between MN and VPN gateway: mobike+IPsec > > right. > > > Are you folks saying that the above is wrong/discouraged? > > nope. thats *a* solution for a network where > there is a trusted network and an untrusted > network with a MIPv4 HA inside the trusted > network and a VPN GW in the DMZ. > > > Or are you saying that it is wrong/discouraged *only* if the > > MN-HA is a MIP6/IPsec > > tunnel? > > whats discourage is running MOBIKE and > MIP6/IPsec tunnel to the same box. thats my > personal opinion anyway. > > Vijay > > > > > > > -gabriel > > > > --- Vijay Devarapalli wrote: > > > > > hi Jim, > > > > > > with Mobile IPv6, one can create an IPsec > > > protected Mobile IP tunnel between the mobile > > > node and the home agent. further, the binding > > > update is used as a trigger to update the IKE > > > SA too. so Mobile IPv6 provides a solution > > > similar to MOBIKE already. so that's why I don't > > > expect someone to use the two together between > > > the mobile node and the home agent. > > > > > > Mobile IPv4 does not use IPsec and is a very > > > different protocol. > > > > > > Vijay > > > > > > ps: FYI, the solution described in > > > draft-ietf-mip4-mobike-connectivity-00 has > > > been adopted by 3GPP2 for their 3GPP2-WLAN > > > interworking solution. > > > > > > > -----Original Message----- > > > > From: mobike-bounces@machshav.com > > > > [mailto:mobike-bounces@machshav.com] On Behalf Of James Kempf > > > > Sent: Monday, April 03, 2006 9:41 AM > > > > To: Yaron Sheffer; 'Paul Hoffman'; mobike@machshav.com > > > > Subject: Re: [Mobike] Preliminary minutes from the WG last week > > > > > > > > Yaron, > > > > > > > > Thanx for sending out pointers to these. > > > > > > > > In the MIP6 group, there was some discussion about this, and > > > > the message > > > > that came up was, in fact, "don't do it". I'll post > > > > references to these > > > > drafts to the MIP6 list. > > > > > > > > jak > > > > > > > > ----- Original Message ----- > > > > From: "Yaron Sheffer" > > > > To: "'Paul Hoffman'" ; > > > > > > Sent: Sunday, April 02, 2006 3:38 AM > > > > Subject: Re: [Mobike] Preliminary minutes from the WG last week > > > > > > > > > > > > > Regarding the combination of MOBIKE and Mobile IP, there > > > > are 3 current > > > > > drafts in MIP4 that deal with this: > > > > > > > > > > - draft-ietf-mip4-vpn-problem-solution-02 (this one is > > pre-MOBIKE) > > > > > - draft-ietf-mip4-mobike-connectivity-00 > > > > > - draft-meghana-mip4-mobike-optimizations-00 > > > > > > > > > > So it's a stretch to say "don't do" MOBIKE and Mobile > > IP together. > > > > > > > > > > Yaron > > > > > > > > > > -----Original Message----- > > > > > From: Paul Hoffman [mailto:paul.hoffman@vpnc.org] > > > > > Sent: Wednesday, March 29, 2006 5:49 > > > > > To: mobike@machshav.com > > > > > Subject: [Mobike] Preliminary minutes from the WG last week > > > > > > > > > > Please let me know if you have any changes. > > > > > > > > > > MOBIKE WG minutes > > > > > IETF 65 > > > > > > > > > > [deleted] > > > > > > > > > > James Kempf - discussion in Mobile IP group - what happens > > > > if you try to > > > > > use Mobile IP and MOBIKE together? Some people believe > > the answer is > > > > > "don't do that". May need an informational draft (as a new > > > > work item) to > > > > > address that. > > > > > > > > > > [deleted] > > > > > > > > > > > > > > > _______________________________________________ > > > > > Mobike mailing list > > > > > Mobike@machshav.com > > > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > > > > > > > > > > > _______________________________________________ > > > > Mobike mailing list > > > > Mobike@machshav.com > > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > _______________________________________________ > > > Mobike mailing list > > > Mobike@machshav.com > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > > > __________________________________________________ > > Do You Yahoo!? > > Tired of spam? Yahoo! Mail has the best spam protection around > > http://mail.yahoo.com > > > > > _______________________________________________ > Mobike mailing list > Mobike@machshav.com > https://www.machshav.com/mailman/listinfo.cgi/mobike > _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Mon Apr 03 16:29:58 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FQVgU-0003R2-1P for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 16:29:58 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FQVgS-0003yW-HR for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 16:29:58 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id A3372FB2C2; Mon, 3 Apr 2006 16:29:55 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from fridge.docomolabs-usa.com (key1.docomolabs-usa.com [216.98.102.225]) by machshav.com (Postfix) with ESMTP id 560C4FB2BD for ; Mon, 3 Apr 2006 16:29:54 -0400 (EDT) Message-ID: <009d01c6575d$f2a4a7d0$026115ac@dcml.docomolabsusa.com> From: "James Kempf" To: "Vijay Devarapalli" , "gabriel montenegro" , "Yaron Sheffer" , "Paul Hoffman" References: Date: Mon, 3 Apr 2006 13:34:03 -0700 MIME-Version: 1.0 Cc: mobike@machshav.com Subject: Re: [Mobike] Preliminary minutes from the WG last week X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 3.1 (+++) X-Scan-Signature: ec7c6dab5a62df223002ae71b5179d41 For example, listing cases where MOBIKE works with MIP and where not. And what to do with route optimization. jak ----- Original Message ----- From: "Vijay Devarapalli" To: "James Kempf" ; "gabriel montenegro" ; "Yaron Sheffer" ; "Paul Hoffman" Cc: Sent: Monday, April 03, 2006 1:14 PM Subject: RE: [Mobike] Preliminary minutes from the WG last week > I really think this needs further investigation, particularly > in light of > the MIP6 transition work. sure. but I don't see an issue. what are we going to investigate? Vijay > > jak > > > ----- Original Message ----- > From: "Vijay Devarapalli" > To: "gabriel montenegro" ; > "James Kempf" > ; "Yaron Sheffer" > ; "Paul > Hoffman" > Cc: > Sent: Monday, April 03, 2006 12:23 PM > Subject: RE: [Mobike] Preliminary minutes from the WG last week > > > > > I'm confused. In the 3GPP2 solution > > (draft-ietf-mip4-mobike-connectivity-00) > > MOBIKE is not used between MN-HA, right? The separation is: > > > > between MN-HA: mipv4 tunnel > > between MN and VPN gateway: mobike+IPsec > > right. > > > Are you folks saying that the above is wrong/discouraged? > > nope. thats *a* solution for a network where > there is a trusted network and an untrusted > network with a MIPv4 HA inside the trusted > network and a VPN GW in the DMZ. > > > Or are you saying that it is wrong/discouraged *only* if the > > MN-HA is a MIP6/IPsec > > tunnel? > > whats discourage is running MOBIKE and > MIP6/IPsec tunnel to the same box. thats my > personal opinion anyway. > > Vijay > > > > > > > -gabriel > > > > --- Vijay Devarapalli wrote: > > > > > hi Jim, > > > > > > with Mobile IPv6, one can create an IPsec > > > protected Mobile IP tunnel between the mobile > > > node and the home agent. further, the binding > > > update is used as a trigger to update the IKE > > > SA too. so Mobile IPv6 provides a solution > > > similar to MOBIKE already. so that's why I don't > > > expect someone to use the two together between > > > the mobile node and the home agent. > > > > > > Mobile IPv4 does not use IPsec and is a very > > > different protocol. > > > > > > Vijay > > > > > > ps: FYI, the solution described in > > > draft-ietf-mip4-mobike-connectivity-00 has > > > been adopted by 3GPP2 for their 3GPP2-WLAN > > > interworking solution. > > > > > > > -----Original Message----- > > > > From: mobike-bounces@machshav.com > > > > [mailto:mobike-bounces@machshav.com] On Behalf Of James Kempf > > > > Sent: Monday, April 03, 2006 9:41 AM > > > > To: Yaron Sheffer; 'Paul Hoffman'; mobike@machshav.com > > > > Subject: Re: [Mobike] Preliminary minutes from the WG last week > > > > > > > > Yaron, > > > > > > > > Thanx for sending out pointers to these. > > > > > > > > In the MIP6 group, there was some discussion about this, and > > > > the message > > > > that came up was, in fact, "don't do it". I'll post > > > > references to these > > > > drafts to the MIP6 list. > > > > > > > > jak > > > > > > > > ----- Original Message ----- > > > > From: "Yaron Sheffer" > > > > To: "'Paul Hoffman'" ; > > > > > > Sent: Sunday, April 02, 2006 3:38 AM > > > > Subject: Re: [Mobike] Preliminary minutes from the WG last week > > > > > > > > > > > > > Regarding the combination of MOBIKE and Mobile IP, there > > > > are 3 current > > > > > drafts in MIP4 that deal with this: > > > > > > > > > > - draft-ietf-mip4-vpn-problem-solution-02 (this one is > > pre-MOBIKE) > > > > > - draft-ietf-mip4-mobike-connectivity-00 > > > > > - draft-meghana-mip4-mobike-optimizations-00 > > > > > > > > > > So it's a stretch to say "don't do" MOBIKE and Mobile > > IP together. > > > > > > > > > > Yaron > > > > > > > > > > -----Original Message----- > > > > > From: Paul Hoffman [mailto:paul.hoffman@vpnc.org] > > > > > Sent: Wednesday, March 29, 2006 5:49 > > > > > To: mobike@machshav.com > > > > > Subject: [Mobike] Preliminary minutes from the WG last week > > > > > > > > > > Please let me know if you have any changes. > > > > > > > > > > MOBIKE WG minutes > > > > > IETF 65 > > > > > > > > > > [deleted] > > > > > > > > > > James Kempf - discussion in Mobile IP group - what happens > > > > if you try to > > > > > use Mobile IP and MOBIKE together? Some people believe > > the answer is > > > > > "don't do that". May need an informational draft (as a new > > > > work item) to > > > > > address that. > > > > > > > > > > [deleted] > > > > > > > > > > > > > > > _______________________________________________ > > > > > Mobike mailing list > > > > > Mobike@machshav.com > > > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > > > > > > > > > > > _______________________________________________ > > > > Mobike mailing list > > > > Mobike@machshav.com > > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > _______________________________________________ > > > Mobike mailing list > > > Mobike@machshav.com > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > > > __________________________________________________ > > Do You Yahoo!? > > Tired of spam? Yahoo! Mail has the best spam protection around > > http://mail.yahoo.com > > > > > _______________________________________________ > Mobike mailing list > Mobike@machshav.com > https://www.machshav.com/mailman/listinfo.cgi/mobike > _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Mon Apr 03 16:41:31 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FQVrf-0003Av-Tc for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 16:41:31 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FQVrf-0004oZ-Cb for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 16:41:31 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 5B7C2FB2CD; Mon, 3 Apr 2006 16:41:30 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from bart.corp.azairenet.com (mail1.azairenet.com [66.92.223.4]) by machshav.com (Postfix) with ESMTP id A717AFB2B8 for ; Mon, 3 Apr 2006 16:41:27 -0400 (EDT) X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Date: Mon, 3 Apr 2006 13:41:26 -0700 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [Mobike] Preliminary minutes from the WG last week Thread-Index: AcZXXV+kOv66iagLRDyRxre3bPzzngAASzbA From: "Vijay Devarapalli" To: "James Kempf" , "gabriel montenegro" , "Yaron Sheffer" , "Paul Hoffman" Cc: mobike@machshav.com Subject: Re: [Mobike] Preliminary minutes from the WG last week X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: e367d58950869b6582535ddf5a673488 > -----Original Message----- > From: James Kempf [mailto:kempf@docomolabs-usa.com] > Sent: Monday, April 03, 2006 1:34 PM > To: Vijay Devarapalli; gabriel montenegro; Yaron Sheffer; Paul Hoffman > Cc: mobike@machshav.com > Subject: Re: [Mobike] Preliminary minutes from the WG last week > > For example, listing cases where MOBIKE works with MIP Jim, let me know if you have a specific scenario in mind and if you see an issue. also please lookup RFC 4093. it is a problem statement for VPN traversal with MIPv4. > and > where not. And > what to do with route optimization. what about route optimization? Vijay > > jak > > ----- Original Message ----- > From: "Vijay Devarapalli" > To: "James Kempf" ; "gabriel montenegro" > ; "Yaron Sheffer" > ; "Paul Hoffman" > Cc: > Sent: Monday, April 03, 2006 1:14 PM > Subject: RE: [Mobike] Preliminary minutes from the WG last week > > > > I really think this needs further investigation, particularly > > in light of > > the MIP6 transition work. > > sure. but I don't see an issue. what are we > going to investigate? > > Vijay > > > > > jak > > > > > > ----- Original Message ----- > > From: "Vijay Devarapalli" > > To: "gabriel montenegro" ; > > "James Kempf" > > ; "Yaron Sheffer" > > ; "Paul > > Hoffman" > > Cc: > > Sent: Monday, April 03, 2006 12:23 PM > > Subject: RE: [Mobike] Preliminary minutes from the WG last week > > > > > > > > > I'm confused. In the 3GPP2 solution > > > (draft-ietf-mip4-mobike-connectivity-00) > > > MOBIKE is not used between MN-HA, right? The separation is: > > > > > > between MN-HA: mipv4 tunnel > > > between MN and VPN gateway: mobike+IPsec > > > > right. > > > > > Are you folks saying that the above is wrong/discouraged? > > > > nope. thats *a* solution for a network where > > there is a trusted network and an untrusted > > network with a MIPv4 HA inside the trusted > > network and a VPN GW in the DMZ. > > > > > Or are you saying that it is wrong/discouraged *only* if the > > > MN-HA is a MIP6/IPsec > > > tunnel? > > > > whats discourage is running MOBIKE and > > MIP6/IPsec tunnel to the same box. thats my > > personal opinion anyway. > > > > Vijay > > > > > > > > > > > -gabriel > > > > > > --- Vijay Devarapalli wrote: > > > > > > > hi Jim, > > > > > > > > with Mobile IPv6, one can create an IPsec > > > > protected Mobile IP tunnel between the mobile > > > > node and the home agent. further, the binding > > > > update is used as a trigger to update the IKE > > > > SA too. so Mobile IPv6 provides a solution > > > > similar to MOBIKE already. so that's why I don't > > > > expect someone to use the two together between > > > > the mobile node and the home agent. > > > > > > > > Mobile IPv4 does not use IPsec and is a very > > > > different protocol. > > > > > > > > Vijay > > > > > > > > ps: FYI, the solution described in > > > > draft-ietf-mip4-mobike-connectivity-00 has > > > > been adopted by 3GPP2 for their 3GPP2-WLAN > > > > interworking solution. > > > > > > > > > -----Original Message----- > > > > > From: mobike-bounces@machshav.com > > > > > [mailto:mobike-bounces@machshav.com] On Behalf Of James Kempf > > > > > Sent: Monday, April 03, 2006 9:41 AM > > > > > To: Yaron Sheffer; 'Paul Hoffman'; mobike@machshav.com > > > > > Subject: Re: [Mobike] Preliminary minutes from the WG > last week > > > > > > > > > > Yaron, > > > > > > > > > > Thanx for sending out pointers to these. > > > > > > > > > > In the MIP6 group, there was some discussion about this, and > > > > > the message > > > > > that came up was, in fact, "don't do it". I'll post > > > > > references to these > > > > > drafts to the MIP6 list. > > > > > > > > > > jak > > > > > > > > > > ----- Original Message ----- > > > > > From: "Yaron Sheffer" > > > > > To: "'Paul Hoffman'" ; > > > > > > > > Sent: Sunday, April 02, 2006 3:38 AM > > > > > Subject: Re: [Mobike] Preliminary minutes from the WG > last week > > > > > > > > > > > > > > > > Regarding the combination of MOBIKE and Mobile IP, there > > > > > are 3 current > > > > > > drafts in MIP4 that deal with this: > > > > > > > > > > > > - draft-ietf-mip4-vpn-problem-solution-02 (this one is > > > pre-MOBIKE) > > > > > > - draft-ietf-mip4-mobike-connectivity-00 > > > > > > - draft-meghana-mip4-mobike-optimizations-00 > > > > > > > > > > > > So it's a stretch to say "don't do" MOBIKE and Mobile > > > IP together. > > > > > > > > > > > > Yaron > > > > > > > > > > > > -----Original Message----- > > > > > > From: Paul Hoffman [mailto:paul.hoffman@vpnc.org] > > > > > > Sent: Wednesday, March 29, 2006 5:49 > > > > > > To: mobike@machshav.com > > > > > > Subject: [Mobike] Preliminary minutes from the WG last week > > > > > > > > > > > > Please let me know if you have any changes. > > > > > > > > > > > > MOBIKE WG minutes > > > > > > IETF 65 > > > > > > > > > > > > [deleted] > > > > > > > > > > > > James Kempf - discussion in Mobile IP group - what happens > > > > > if you try to > > > > > > use Mobile IP and MOBIKE together? Some people believe > > > the answer is > > > > > > "don't do that". May need an informational draft (as a new > > > > > work item) to > > > > > > address that. > > > > > > > > > > > > [deleted] > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > > > Mobike mailing list > > > > > > Mobike@machshav.com > > > > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > > Mobike mailing list > > > > > Mobike@machshav.com > > > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > > > _______________________________________________ > > > > Mobike mailing list > > > > Mobike@machshav.com > > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > > > > > > > __________________________________________________ > > > Do You Yahoo!? > > > Tired of spam? Yahoo! Mail has the best spam protection around > > > http://mail.yahoo.com > > > > > > > > > _______________________________________________ > > Mobike mailing list > > Mobike@machshav.com > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Mon Apr 03 16:48:26 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FQVyM-0006KC-BX for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 16:48:26 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FQVyK-000515-QU for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 16:48:26 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id D2853FB2BC; Mon, 3 Apr 2006 16:48:23 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from fridge.docomolabs-usa.com (key1.docomolabs-usa.com [216.98.102.225]) by machshav.com (Postfix) with ESMTP id 9F65FFB2A2 for ; Mon, 3 Apr 2006 16:48:22 -0400 (EDT) Message-ID: <00db01c65760$85929190$026115ac@dcml.docomolabsusa.com> From: "James Kempf" To: "Vijay Devarapalli" , "gabriel montenegro" , "Yaron Sheffer" , "Paul Hoffman" References: Date: Mon, 3 Apr 2006 13:52:29 -0700 MIME-Version: 1.0 Cc: mobike@machshav.com Subject: Re: [Mobike] Preliminary minutes from the WG last week X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 3.1 (+++) X-Scan-Signature: 1e467ff145ef391eb7b594ef62b8301f OK, Vijay, I get the point. You don't think there is an issue. I do. We disagree. jak ----- Original Message ----- From: "Vijay Devarapalli" To: "James Kempf" ; "gabriel montenegro" ; "Yaron Sheffer" ; "Paul Hoffman" Cc: Sent: Monday, April 03, 2006 1:41 PM Subject: RE: [Mobike] Preliminary minutes from the WG last week > -----Original Message----- > From: James Kempf [mailto:kempf@docomolabs-usa.com] > Sent: Monday, April 03, 2006 1:34 PM > To: Vijay Devarapalli; gabriel montenegro; Yaron Sheffer; Paul Hoffman > Cc: mobike@machshav.com > Subject: Re: [Mobike] Preliminary minutes from the WG last week > > For example, listing cases where MOBIKE works with MIP Jim, let me know if you have a specific scenario in mind and if you see an issue. also please lookup RFC 4093. it is a problem statement for VPN traversal with MIPv4. > and > where not. And > what to do with route optimization. what about route optimization? Vijay > > jak > > ----- Original Message ----- > From: "Vijay Devarapalli" > To: "James Kempf" ; "gabriel montenegro" > ; "Yaron Sheffer" > ; "Paul Hoffman" > Cc: > Sent: Monday, April 03, 2006 1:14 PM > Subject: RE: [Mobike] Preliminary minutes from the WG last week > > > > I really think this needs further investigation, particularly > > in light of > > the MIP6 transition work. > > sure. but I don't see an issue. what are we > going to investigate? > > Vijay > > > > > jak > > > > > > ----- Original Message ----- > > From: "Vijay Devarapalli" > > To: "gabriel montenegro" ; > > "James Kempf" > > ; "Yaron Sheffer" > > ; "Paul > > Hoffman" > > Cc: > > Sent: Monday, April 03, 2006 12:23 PM > > Subject: RE: [Mobike] Preliminary minutes from the WG last week > > > > > > > > > I'm confused. In the 3GPP2 solution > > > (draft-ietf-mip4-mobike-connectivity-00) > > > MOBIKE is not used between MN-HA, right? The separation is: > > > > > > between MN-HA: mipv4 tunnel > > > between MN and VPN gateway: mobike+IPsec > > > > right. > > > > > Are you folks saying that the above is wrong/discouraged? > > > > nope. thats *a* solution for a network where > > there is a trusted network and an untrusted > > network with a MIPv4 HA inside the trusted > > network and a VPN GW in the DMZ. > > > > > Or are you saying that it is wrong/discouraged *only* if the > > > MN-HA is a MIP6/IPsec > > > tunnel? > > > > whats discourage is running MOBIKE and > > MIP6/IPsec tunnel to the same box. thats my > > personal opinion anyway. > > > > Vijay > > > > > > > > > > > -gabriel > > > > > > --- Vijay Devarapalli wrote: > > > > > > > hi Jim, > > > > > > > > with Mobile IPv6, one can create an IPsec > > > > protected Mobile IP tunnel between the mobile > > > > node and the home agent. further, the binding > > > > update is used as a trigger to update the IKE > > > > SA too. so Mobile IPv6 provides a solution > > > > similar to MOBIKE already. so that's why I don't > > > > expect someone to use the two together between > > > > the mobile node and the home agent. > > > > > > > > Mobile IPv4 does not use IPsec and is a very > > > > different protocol. > > > > > > > > Vijay > > > > > > > > ps: FYI, the solution described in > > > > draft-ietf-mip4-mobike-connectivity-00 has > > > > been adopted by 3GPP2 for their 3GPP2-WLAN > > > > interworking solution. > > > > > > > > > -----Original Message----- > > > > > From: mobike-bounces@machshav.com > > > > > [mailto:mobike-bounces@machshav.com] On Behalf Of James Kempf > > > > > Sent: Monday, April 03, 2006 9:41 AM > > > > > To: Yaron Sheffer; 'Paul Hoffman'; mobike@machshav.com > > > > > Subject: Re: [Mobike] Preliminary minutes from the WG > last week > > > > > > > > > > Yaron, > > > > > > > > > > Thanx for sending out pointers to these. > > > > > > > > > > In the MIP6 group, there was some discussion about this, and > > > > > the message > > > > > that came up was, in fact, "don't do it". I'll post > > > > > references to these > > > > > drafts to the MIP6 list. > > > > > > > > > > jak > > > > > > > > > > ----- Original Message ----- > > > > > From: "Yaron Sheffer" > > > > > To: "'Paul Hoffman'" ; > > > > > > > > Sent: Sunday, April 02, 2006 3:38 AM > > > > > Subject: Re: [Mobike] Preliminary minutes from the WG > last week > > > > > > > > > > > > > > > > Regarding the combination of MOBIKE and Mobile IP, there > > > > > are 3 current > > > > > > drafts in MIP4 that deal with this: > > > > > > > > > > > > - draft-ietf-mip4-vpn-problem-solution-02 (this one is > > > pre-MOBIKE) > > > > > > - draft-ietf-mip4-mobike-connectivity-00 > > > > > > - draft-meghana-mip4-mobike-optimizations-00 > > > > > > > > > > > > So it's a stretch to say "don't do" MOBIKE and Mobile > > > IP together. > > > > > > > > > > > > Yaron > > > > > > > > > > > > -----Original Message----- > > > > > > From: Paul Hoffman [mailto:paul.hoffman@vpnc.org] > > > > > > Sent: Wednesday, March 29, 2006 5:49 > > > > > > To: mobike@machshav.com > > > > > > Subject: [Mobike] Preliminary minutes from the WG last week > > > > > > > > > > > > Please let me know if you have any changes. > > > > > > > > > > > > MOBIKE WG minutes > > > > > > IETF 65 > > > > > > > > > > > > [deleted] > > > > > > > > > > > > James Kempf - discussion in Mobile IP group - what happens > > > > > if you try to > > > > > > use Mobile IP and MOBIKE together? Some people believe > > > the answer is > > > > > > "don't do that". May need an informational draft (as a new > > > > > work item) to > > > > > > address that. > > > > > > > > > > > > [deleted] > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > > > Mobike mailing list > > > > > > Mobike@machshav.com > > > > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > > Mobike mailing list > > > > > Mobike@machshav.com > > > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > > > _______________________________________________ > > > > Mobike mailing list > > > > Mobike@machshav.com > > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > > > > > > > __________________________________________________ > > > Do You Yahoo!? > > > Tired of spam? Yahoo! Mail has the best spam protection around > > > http://mail.yahoo.com > > > > > > > > > _______________________________________________ > > Mobike mailing list > > Mobike@machshav.com > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Mon Apr 03 20:44:49 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FQZf7-0007zc-Np for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 20:44:49 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FQZf6-0007KH-D6 for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 20:44:49 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 76127FB2D3; Mon, 3 Apr 2006 20:44:47 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from balder-227.proper.com (Balder-227.Proper.COM [192.245.12.227]) by machshav.com (Postfix) with ESMTP id 2376BFB2BF for ; Mon, 3 Apr 2006 20:44:45 -0400 (EDT) Received: from [10.20.30.249] (dsl2-63-249-108-169.cruzio.com [63.249.108.169]) (authenticated bits=0) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k340ifsC027430 for ; Mon, 3 Apr 2006 17:44:42 -0700 (MST) (envelope-from paul.hoffman@vpnc.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <001d01c65641$a608dee0$122e1dc2@ad.checkpoint.com> References: <001d01c65641$a608dee0$122e1dc2@ad.checkpoint.com> Date: Mon, 3 Apr 2006 17:44:38 -0800 To: From: Paul Hoffman Subject: [Mobike] MOBIKE and Mobile IPv{4|6} (Was: Re: Preliminary minutes from the WG last week) X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: d17f825e43c9aed4fd65b7edddddec89 This discussion is interesting, but unrelated to the minutes. If someone would like to write up an informational document on it, I am sure it would be well-received by implementers in the future who are considering including both protocols in one device. --Paul Hoffman, Director --VPN Consortium _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Mon Apr 03 20:46:14 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FQZgU-0000Ek-G0 for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 20:46:14 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FQZgT-0007Mu-5B for mobike-archive@lists.ietf.org; Mon, 03 Apr 2006 20:46:14 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 881BEFB2E0; Mon, 3 Apr 2006 20:46:12 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from balder-227.proper.com (Balder-227.Proper.COM [192.245.12.227]) by machshav.com (Postfix) with ESMTP id CBC08FB2DF for ; Mon, 3 Apr 2006 20:46:10 -0400 (EDT) Received: from [10.20.30.249] (dsl2-63-249-108-169.cruzio.com [63.249.108.169]) (authenticated bits=0) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k340k9XU027660 for ; Mon, 3 Apr 2006 17:46:10 -0700 (MST) (envelope-from paul.hoffman@vpnc.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <71AEE30A-12F9-4945-BD3E-13013DCD7CA3@nomadiclab.com> References: <71AEE30A-12F9-4945-BD3E-13013DCD7CA3@nomadiclab.com> Date: Mon, 3 Apr 2006 17:46:07 -0800 To: From: Paul Hoffman Subject: Re: [Mobike] Proposal for revised charter X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: 7bac9cb154eb5790ae3b2913587a40de So far, only one person on the list has spoken up in favor of revising the charter to include work for a transport-mode protocol. Is there interest from others? --Paul Hoffman, Director --VPN Consortium _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Tue Apr 04 00:00:43 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FQcih-0003WR-C7 for mobike-archive@lists.ietf.org; Tue, 04 Apr 2006 00:00:43 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FQcif-0007Cd-Nb for mobike-archive@lists.ietf.org; Tue, 04 Apr 2006 00:00:43 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 26688FB2B7; Tue, 4 Apr 2006 00:00:38 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from ithilien.qualcomm.com (ithilien.qualcomm.com [129.46.51.59]) by machshav.com (Postfix) with ESMTP id D8A7DFB289 for ; Tue, 4 Apr 2006 00:00:35 -0400 (EDT) Received: from crowley.qualcomm.com (crowley.qualcomm.com [129.46.61.151]) by ithilien.qualcomm.com (8.13.6/8.12.5/1.0) with ESMTP id k3440GYm024998 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Mon, 3 Apr 2006 21:00:17 -0700 Received: from NAEXBR04.na.qualcomm.com (naexbr04.qualcomm.com [10.46.141.42]) by crowley.qualcomm.com (8.13.6/8.12.5/1.0) with ESMTP id k3440BeK014299; Mon, 3 Apr 2006 21:00:15 -0700 (PDT) Received: from NAEX06.na.qualcomm.com ([129.46.135.160]) by NAEXBR04.na.qualcomm.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 3 Apr 2006 21:00:11 -0700 X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Date: Mon, 3 Apr 2006 21:00:09 -0700 Message-ID: <2EBB8025B6D1BA41B567DB32C1D8DB8448749E@NAEX06.na.qualcomm.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: MOBIKE and MIP6 (was RE: [Mobike] Preliminary minutes from the WG last week) Thread-Index: AcZXX/mNO0g283j+RdS0YaFA1OgHBgANmiAg From: "Narayanan, Vidya" To: "James Kempf" , "Vijay Devarapalli" , "gabriel montenegro" , "Yaron Sheffer" , "Paul Hoffman" X-OriginalArrivalTime: 04 Apr 2006 04:00:11.0665 (UTC) FILETIME=[45599010:01C6579C] Cc: mobike@machshav.com Subject: [Mobike] MOBIKE and MIP6 (was RE: Preliminary minutes from the WG last week) X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: a0ecb232550b38fd41a3cf6a312fbabc All, Just catching up with this discussion - I do think that the MOBIKE-MIP6 interactions need more detail. I recap a gist of what I posted on the MIP6 list on this topic (for those of you on both lists, I apologize for the repeat): There are two cases with respect to MOBIKE and MIP6: 1. MOBIKE (or IKEv2) and MIP6 have different endpoints - i.e., MOBIKE between MN and VPN GW, MIP6 between MN and HA This is a valid model and has applicability in some markets (where data needs to be protected using IPsec in a VPN-over-MIP model). This would be a reason to write a draft similar to the MIP4-MOBIKE one. I'm not sure if there is a need to do the draft on this yet though (let the users of those markets ask for it?). 2. MOBIKE (or IKEv2) and MIP6 endpoints are the same - i.e., both run between the MN and HA In this model, the scope of the IKEv2 SA is important to decide whether MOBIKE or the 'K' bit in MIP6 is used to update the IP address of the SA. A few different cases to look at here: a. The IKEv2 SA is used to create IPsec SAs solely for MIP6 signaling protection b. The IKEv2 SA is used to create child SAs for applications other than MIP6 (e.g., SIP, data traffic protection, etc.) C. The IPsec SA created from the IKEv2 SA protects more than just MIP6 signaling (i.e., the same IPsec SA protects SIP, etc.) In the case of a, it might be acceptable to let the 'K' bit do the address update for IKEv2. For b and c, the fact that the IKEv2 and IPsec SAs have an applicability that is broader than MIP6 says that MIP6 should not be updating those SAs. I think we would be shortsighted to go the route of using MIP6 in place of MOBIKE there - meshing MIP6 and IKEv2 in those cases seems an architectural limitation waiting to be unraveled. Vidya > -----Original Message----- > From: mobike-bounces@machshav.com > [mailto:mobike-bounces@machshav.com] On Behalf Of James Kempf > Sent: Monday, April 03, 2006 1:52 PM > To: Vijay Devarapalli; gabriel montenegro; Yaron Sheffer; Paul Hoffman > Cc: mobike@machshav.com > Subject: Re: [Mobike] Preliminary minutes from the WG last week > > OK, Vijay, I get the point. You don't think there is an > issue. I do. We disagree. > > jak > > ----- Original Message ----- > From: "Vijay Devarapalli" > To: "James Kempf" ; "gabriel montenegro" > ; "Yaron Sheffer" > ; "Paul Hoffman" > Cc: > Sent: Monday, April 03, 2006 1:41 PM > Subject: RE: [Mobike] Preliminary minutes from the WG last week > > > > > > -----Original Message----- > > From: James Kempf [mailto:kempf@docomolabs-usa.com] > > Sent: Monday, April 03, 2006 1:34 PM > > To: Vijay Devarapalli; gabriel montenegro; Yaron Sheffer; > Paul Hoffman > > Cc: mobike@machshav.com > > Subject: Re: [Mobike] Preliminary minutes from the WG last week > > > > For example, listing cases where MOBIKE works with MIP > > Jim, let me know if you have a specific > scenario in mind and if you see an issue. > > also please lookup RFC 4093. it is a > problem statement for VPN traversal with > MIPv4. > > > and > > where not. And > > what to do with route optimization. > > what about route optimization? > > Vijay > > > > > jak > > > > ----- Original Message ----- > > From: "Vijay Devarapalli" > > To: "James Kempf" ; "gabriel montenegro" > > ; "Yaron Sheffer" > > ; "Paul Hoffman" > > Cc: > > Sent: Monday, April 03, 2006 1:14 PM > > Subject: RE: [Mobike] Preliminary minutes from the WG last week > > > > > > > I really think this needs further investigation, particularly > > > in light of > > > the MIP6 transition work. > > > > sure. but I don't see an issue. what are we > > going to investigate? > > > > Vijay > > > > > > > > jak > > > > > > > > > ----- Original Message ----- > > > From: "Vijay Devarapalli" > > > To: "gabriel montenegro" ; > > > "James Kempf" > > > ; "Yaron Sheffer" > > > ; "Paul > > > Hoffman" > > > Cc: > > > Sent: Monday, April 03, 2006 12:23 PM > > > Subject: RE: [Mobike] Preliminary minutes from the WG last week > > > > > > > > > > > > > I'm confused. In the 3GPP2 solution > > > > (draft-ietf-mip4-mobike-connectivity-00) > > > > MOBIKE is not used between MN-HA, right? The separation is: > > > > > > > > between MN-HA: mipv4 tunnel > > > > between MN and VPN gateway: mobike+IPsec > > > > > > right. > > > > > > > Are you folks saying that the above is wrong/discouraged? > > > > > > nope. thats *a* solution for a network where > > > there is a trusted network and an untrusted > > > network with a MIPv4 HA inside the trusted > > > network and a VPN GW in the DMZ. > > > > > > > Or are you saying that it is wrong/discouraged *only* if the > > > > MN-HA is a MIP6/IPsec > > > > tunnel? > > > > > > whats discourage is running MOBIKE and > > > MIP6/IPsec tunnel to the same box. thats my > > > personal opinion anyway. > > > > > > Vijay > > > > > > > > > > > > > > > -gabriel > > > > > > > > --- Vijay Devarapalli wrote: > > > > > > > > > hi Jim, > > > > > > > > > > with Mobile IPv6, one can create an IPsec > > > > > protected Mobile IP tunnel between the mobile > > > > > node and the home agent. further, the binding > > > > > update is used as a trigger to update the IKE > > > > > SA too. so Mobile IPv6 provides a solution > > > > > similar to MOBIKE already. so that's why I don't > > > > > expect someone to use the two together between > > > > > the mobile node and the home agent. > > > > > > > > > > Mobile IPv4 does not use IPsec and is a very > > > > > different protocol. > > > > > > > > > > Vijay > > > > > > > > > > ps: FYI, the solution described in > > > > > draft-ietf-mip4-mobike-connectivity-00 has > > > > > been adopted by 3GPP2 for their 3GPP2-WLAN > > > > > interworking solution. > > > > > > > > > > > -----Original Message----- > > > > > > From: mobike-bounces@machshav.com > > > > > > [mailto:mobike-bounces@machshav.com] On Behalf Of > James Kempf > > > > > > Sent: Monday, April 03, 2006 9:41 AM > > > > > > To: Yaron Sheffer; 'Paul Hoffman'; mobike@machshav.com > > > > > > Subject: Re: [Mobike] Preliminary minutes from the WG > > last week > > > > > > > > > > > > Yaron, > > > > > > > > > > > > Thanx for sending out pointers to these. > > > > > > > > > > > > In the MIP6 group, there was some discussion about this, and > > > > > > the message > > > > > > that came up was, in fact, "don't do it". I'll post > > > > > > references to these > > > > > > drafts to the MIP6 list. > > > > > > > > > > > > jak > > > > > > > > > > > > ----- Original Message ----- > > > > > > From: "Yaron Sheffer" > > > > > > To: "'Paul Hoffman'" ; > > > > > > > > > > Sent: Sunday, April 02, 2006 3:38 AM > > > > > > Subject: Re: [Mobike] Preliminary minutes from the WG > > last week > > > > > > > > > > > > > > > > > > > Regarding the combination of MOBIKE and Mobile IP, there > > > > > > are 3 current > > > > > > > drafts in MIP4 that deal with this: > > > > > > > > > > > > > > - draft-ietf-mip4-vpn-problem-solution-02 (this one is > > > > pre-MOBIKE) > > > > > > > - draft-ietf-mip4-mobike-connectivity-00 > > > > > > > - draft-meghana-mip4-mobike-optimizations-00 > > > > > > > > > > > > > > So it's a stretch to say "don't do" MOBIKE and Mobile > > > > IP together. > > > > > > > > > > > > > > Yaron > > > > > > > > > > > > > > -----Original Message----- > > > > > > > From: Paul Hoffman [mailto:paul.hoffman@vpnc.org] > > > > > > > Sent: Wednesday, March 29, 2006 5:49 > > > > > > > To: mobike@machshav.com > > > > > > > Subject: [Mobike] Preliminary minutes from the WG > last week > > > > > > > > > > > > > > Please let me know if you have any changes. > > > > > > > > > > > > > > MOBIKE WG minutes > > > > > > > IETF 65 > > > > > > > > > > > > > > [deleted] > > > > > > > > > > > > > > James Kempf - discussion in Mobile IP group - what happens > > > > > > if you try to > > > > > > > use Mobile IP and MOBIKE together? Some people believe > > > > the answer is > > > > > > > "don't do that". May need an informational draft (as a new > > > > > > work item) to > > > > > > > address that. > > > > > > > > > > > > > > [deleted] > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > > > > Mobike mailing list > > > > > > > Mobike@machshav.com > > > > > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > > > Mobike mailing list > > > > > > Mobike@machshav.com > > > > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > > > > > _______________________________________________ > > > > > Mobike mailing list > > > > > Mobike@machshav.com > > > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > > > > > > > > > > > __________________________________________________ > > > > Do You Yahoo!? > > > > Tired of spam? Yahoo! Mail has the best spam protection around > > > > http://mail.yahoo.com > > > > > > > > > > > > > _______________________________________________ > > > Mobike mailing list > > > Mobike@machshav.com > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > > > > > > _______________________________________________ > Mobike mailing list > Mobike@machshav.com > https://www.machshav.com/mailman/listinfo.cgi/mobike > _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Tue Apr 04 03:00:58 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FQfLz-0003NB-Jl for mobike-archive@lists.ietf.org; Tue, 04 Apr 2006 02:49:27 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FQfBO-0005JY-Pu for mobike-archive@lists.ietf.org; Tue, 04 Apr 2006 02:38:32 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 824F8FB2BE; Tue, 4 Apr 2006 02:38:29 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from p130.piuha.net (p130.piuha.net [193.234.218.130]) by machshav.com (Postfix) with ESMTP id F246BFB2B7 for ; Tue, 4 Apr 2006 02:38:26 -0400 (EDT) Received: from p130.piuha.net (localhost [127.0.0.1]) by p130.piuha.net (Postfix) with ESMTP id A2D78898B6; Tue, 4 Apr 2006 09:38:20 +0300 (EEST) Received: from [127.0.0.1] (p130.piuha.net [193.234.218.130]) by p130.piuha.net (Postfix) with ESMTP id D9AD5898AB; Tue, 4 Apr 2006 09:38:19 +0300 (EEST) Message-ID: <4432143A.1050200@piuha.net> Date: Tue, 04 Apr 2006 09:37:46 +0300 From: Jari Arkko User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051013) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Vijay Devarapalli References: In-Reply-To: X-Virus-Scanned: ClamAV using ClamSMTP Cc: James Kempf , mobike@machshav.com Subject: Re: [Mobike] Preliminary minutes from the WG last week X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: 4adaf050708fb13be3316a9eee889caa Vijay Devarapalli wrote: >hi Jim, > >with Mobile IPv6, one can create an IPsec >protected Mobile IP tunnel between the mobile >node and the home agent. further, the binding >update is used as a trigger to update the IKE >SA too. so Mobile IPv6 provides a solution >similar to MOBIKE already. so that's why I don't >expect someone to use the two together between >the mobile node and the home agent. > > Personally, I am not as convinced as you are that they should never be used together to the same box. What if the client is on a v4 network? Or on two separate connections, including mixed v4/v6 and NATs. Popping up a level, it seems like some combination of IKE/MOBIKE/NAT-T, Mobile IPv6, Mobile IPv6 transition mechanisms, and MONAMI6 should be able to cover the following situations and combinations of them: - Having a separate SGW before you can reach your HA - Integrated SGW/HA - IPv4 access networks - IPv6 access networks - NATs and firewalls - Multihomed mobile nodes - Mobile nodes that you cannot fully trust (e.g. might need a RR before believing their new location) - Mobile IPv6 service that requires EAP authentication What exact combination of solutions we should use is less clear to me. But I confess that I haven't read the most recent documents on Mobile IPv6 transition mechanisms. Anyway, as Paul said maybe someone who cares needs to write a document about this... --Jari _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Tue Apr 04 03:45:03 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FQgDn-0000hy-1j for mobike-archive@lists.ietf.org; Tue, 04 Apr 2006 03:45:03 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FQgDj-00008J-Mv for mobike-archive@lists.ietf.org; Tue, 04 Apr 2006 03:45:03 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 21F1BFB2B5; Tue, 4 Apr 2006 03:44:58 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from bart.corp.azairenet.com (mail1.azairenet.com [66.92.223.4]) by machshav.com (Postfix) with ESMTP id CE12BFB297 for ; Tue, 4 Apr 2006 03:44:56 -0400 (EDT) X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Date: Tue, 4 Apr 2006 00:44:54 -0700 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [Mobike] Preliminary minutes from the WG last week Thread-Index: AcZXsl9ZdWVpG24tREmzuszhUDvp1wACNjkg From: "Vijay Devarapalli" To: "Jari Arkko" Cc: James Kempf , mobike@machshav.com Subject: Re: [Mobike] Preliminary minutes from the WG last week X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: 7baded97d9887f7a0c7e8a33c2e3ea1b > Personally, I am not as convinced as you are that they should never > be used together to the same box. What if the client is > on a v4 network? Or on two separate connections, including > mixed v4/v6 and NATs. ok. for this you would use DS-MIPv6 to setup an ESP protected IPv6-over-IPv4 tunnel between the mobile node and the home agent with UDP encapsulation for the ESP packets. DS-MIPv6 should be sufficient. the 'K' bit would work for the DS-MIPv6 tunnel too. it wouldn't matter if the outer source address is IPv4. > Popping up a level, it seems like > some combination of IKE/MOBIKE/NAT-T, Mobile IPv6, Mobile > IPv6 transition mechanisms, and MONAMI6 should be able > to cover the following situations and combinations of them: > > - Having a separate SGW before you can reach your HA > - Integrated SGW/HA > - IPv4 access networks > - IPv6 access networks > - NATs and firewalls > - Multihomed mobile nodes > - Mobile nodes that you cannot fully trust (e.g. might need > a RR before believing their new location) > - Mobile IPv6 service that requires EAP authentication > > What exact combination of solutions we should use > is less clear to me. here I am afraid we are getting to system specifications. not protocols anymore. Vijay _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Tue Apr 04 11:30:36 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FQnUK-0003DX-RN for mobike-archive@lists.ietf.org; Tue, 04 Apr 2006 11:30:36 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FQnUJ-0003MW-6l for mobike-archive@lists.ietf.org; Tue, 04 Apr 2006 11:30:36 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id C9BFBFB2BA; Tue, 4 Apr 2006 11:30:33 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from bart.corp.azairenet.com (mail1.azairenet.com [66.92.223.4]) by machshav.com (Postfix) with ESMTP id DDF6FFB2A7 for ; Tue, 4 Apr 2006 03:50:24 -0400 (EDT) X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Date: Tue, 4 Apr 2006 00:50:23 -0700 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: MOBIKE and MIP6 (was RE: [Mobike] Preliminary minutes from the WG last week) Thread-Index: AcZXX/mNO0g283j+RdS0YaFA1OgHBgANmiAgAAl9I4A= From: "Vijay Devarapalli" To: "Narayanan, Vidya" , "James Kempf" , "gabriel montenegro" , "Yaron Sheffer" , "Paul Hoffman" X-Mailman-Approved-At: Tue, 04 Apr 2006 11:30:32 -0400 Cc: mobike@machshav.com Subject: Re: [Mobike] MOBIKE and MIP6 (was RE: Preliminary minutes from the WG last week) X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: b5299d0955d21ceeb18e25a232290fec Hi Vidya, I think you should continue on the thread on the MIP6 mailing list. I don't think we should repeat arguments on two lists. Vijay > -----Original Message----- > From: Narayanan, Vidya [mailto:vidyan@qualcomm.com] > Sent: Monday, April 03, 2006 9:00 PM > To: James Kempf; Vijay Devarapalli; gabriel montenegro; Yaron > Sheffer; Paul Hoffman > Cc: mobike@machshav.com > Subject: MOBIKE and MIP6 (was RE: [Mobike] Preliminary > minutes from the WG last week) > > All, > Just catching up with this discussion - I do think that the > MOBIKE-MIP6 > interactions need more detail. I recap a gist of what I posted on the > MIP6 list on this topic (for those of you on both lists, I > apologize for > the repeat): > > There are two cases with respect to MOBIKE and MIP6: > > 1. MOBIKE (or IKEv2) and MIP6 have different endpoints - i.e., MOBIKE > between MN and VPN GW, MIP6 between MN and HA > > This is a valid model and has applicability in some markets > (where data > needs to be protected using IPsec in a VPN-over-MIP model). This would > be a reason to write a draft similar to the MIP4-MOBIKE one. I'm not > sure if there is a need to do the draft on this yet though (let the > users of those markets ask for it?). > > 2. MOBIKE (or IKEv2) and MIP6 endpoints are the same - i.e., both run > between the MN and HA > > In this model, the scope of the IKEv2 SA is important to > decide whether > MOBIKE or the 'K' bit in MIP6 is used to update the IP address of the > SA. A few different cases to look at here: > > a. The IKEv2 SA is used to create IPsec SAs solely for MIP6 signaling > protection > > b. The IKEv2 SA is used to create child SAs for applications > other than > MIP6 (e.g., SIP, data traffic protection, etc.) > > C. The IPsec SA created from the IKEv2 SA protects more than just MIP6 > signaling (i.e., the same IPsec SA protects SIP, etc.) > > In the case of a, it might be acceptable to let the 'K' bit do the > address update for IKEv2. For b and c, the fact that the > IKEv2 and IPsec > SAs have an applicability that is broader than MIP6 says that MIP6 > should not be updating those SAs. I think we would be > shortsighted to go > the route of using MIP6 in place of MOBIKE there - meshing MIP6 and > IKEv2 in those cases seems an architectural limitation waiting to be > unraveled. > > Vidya > > > > -----Original Message----- > > From: mobike-bounces@machshav.com > > [mailto:mobike-bounces@machshav.com] On Behalf Of James Kempf > > Sent: Monday, April 03, 2006 1:52 PM > > To: Vijay Devarapalli; gabriel montenegro; Yaron Sheffer; > Paul Hoffman > > Cc: mobike@machshav.com > > Subject: Re: [Mobike] Preliminary minutes from the WG last week > > > > OK, Vijay, I get the point. You don't think there is an > > issue. I do. We disagree. > > > > jak > > > > ----- Original Message ----- > > From: "Vijay Devarapalli" > > To: "James Kempf" ; "gabriel montenegro" > > ; "Yaron Sheffer" > > ; "Paul Hoffman" > > Cc: > > Sent: Monday, April 03, 2006 1:41 PM > > Subject: RE: [Mobike] Preliminary minutes from the WG last week > > > > > > > > > > > -----Original Message----- > > > From: James Kempf [mailto:kempf@docomolabs-usa.com] > > > Sent: Monday, April 03, 2006 1:34 PM > > > To: Vijay Devarapalli; gabriel montenegro; Yaron Sheffer; > > Paul Hoffman > > > Cc: mobike@machshav.com > > > Subject: Re: [Mobike] Preliminary minutes from the WG last week > > > > > > For example, listing cases where MOBIKE works with MIP > > > > Jim, let me know if you have a specific > > scenario in mind and if you see an issue. > > > > also please lookup RFC 4093. it is a > > problem statement for VPN traversal with > > MIPv4. > > > > > and > > > where not. And > > > what to do with route optimization. > > > > what about route optimization? > > > > Vijay > > > > > > > > jak > > > > > > ----- Original Message ----- > > > From: "Vijay Devarapalli" > > > To: "James Kempf" ; "gabriel montenegro" > > > ; "Yaron Sheffer" > > > ; "Paul Hoffman" > > > Cc: > > > Sent: Monday, April 03, 2006 1:14 PM > > > Subject: RE: [Mobike] Preliminary minutes from the WG last week > > > > > > > > > > I really think this needs further investigation, particularly > > > > in light of > > > > the MIP6 transition work. > > > > > > sure. but I don't see an issue. what are we > > > going to investigate? > > > > > > Vijay > > > > > > > > > > > jak > > > > > > > > > > > > ----- Original Message ----- > > > > From: "Vijay Devarapalli" > > > > To: "gabriel montenegro" ; > > > > "James Kempf" > > > > ; "Yaron Sheffer" > > > > ; "Paul > > > > Hoffman" > > > > Cc: > > > > Sent: Monday, April 03, 2006 12:23 PM > > > > Subject: RE: [Mobike] Preliminary minutes from the WG last week > > > > > > > > > > > > > > > > > I'm confused. In the 3GPP2 solution > > > > > (draft-ietf-mip4-mobike-connectivity-00) > > > > > MOBIKE is not used between MN-HA, right? The separation is: > > > > > > > > > > between MN-HA: mipv4 tunnel > > > > > between MN and VPN gateway: mobike+IPsec > > > > > > > > right. > > > > > > > > > Are you folks saying that the above is wrong/discouraged? > > > > > > > > nope. thats *a* solution for a network where > > > > there is a trusted network and an untrusted > > > > network with a MIPv4 HA inside the trusted > > > > network and a VPN GW in the DMZ. > > > > > > > > > Or are you saying that it is wrong/discouraged *only* if the > > > > > MN-HA is a MIP6/IPsec > > > > > tunnel? > > > > > > > > whats discourage is running MOBIKE and > > > > MIP6/IPsec tunnel to the same box. thats my > > > > personal opinion anyway. > > > > > > > > Vijay > > > > > > > > > > > > > > > > > > > -gabriel > > > > > > > > > > --- Vijay Devarapalli wrote: > > > > > > > > > > > hi Jim, > > > > > > > > > > > > with Mobile IPv6, one can create an IPsec > > > > > > protected Mobile IP tunnel between the mobile > > > > > > node and the home agent. further, the binding > > > > > > update is used as a trigger to update the IKE > > > > > > SA too. so Mobile IPv6 provides a solution > > > > > > similar to MOBIKE already. so that's why I don't > > > > > > expect someone to use the two together between > > > > > > the mobile node and the home agent. > > > > > > > > > > > > Mobile IPv4 does not use IPsec and is a very > > > > > > different protocol. > > > > > > > > > > > > Vijay > > > > > > > > > > > > ps: FYI, the solution described in > > > > > > draft-ietf-mip4-mobike-connectivity-00 has > > > > > > been adopted by 3GPP2 for their 3GPP2-WLAN > > > > > > interworking solution. > > > > > > > > > > > > > -----Original Message----- > > > > > > > From: mobike-bounces@machshav.com > > > > > > > [mailto:mobike-bounces@machshav.com] On Behalf Of > > James Kempf > > > > > > > Sent: Monday, April 03, 2006 9:41 AM > > > > > > > To: Yaron Sheffer; 'Paul Hoffman'; mobike@machshav.com > > > > > > > Subject: Re: [Mobike] Preliminary minutes from the WG > > > last week > > > > > > > > > > > > > > Yaron, > > > > > > > > > > > > > > Thanx for sending out pointers to these. > > > > > > > > > > > > > > In the MIP6 group, there was some discussion > about this, and > > > > > > > the message > > > > > > > that came up was, in fact, "don't do it". I'll post > > > > > > > references to these > > > > > > > drafts to the MIP6 list. > > > > > > > > > > > > > > jak > > > > > > > > > > > > > > ----- Original Message ----- > > > > > > > From: "Yaron Sheffer" > > > > > > > To: "'Paul Hoffman'" ; > > > > > > > > > > > > Sent: Sunday, April 02, 2006 3:38 AM > > > > > > > Subject: Re: [Mobike] Preliminary minutes from the WG > > > last week > > > > > > > > > > > > > > > > > > > > > > Regarding the combination of MOBIKE and Mobile IP, there > > > > > > > are 3 current > > > > > > > > drafts in MIP4 that deal with this: > > > > > > > > > > > > > > > > - draft-ietf-mip4-vpn-problem-solution-02 (this one is > > > > > pre-MOBIKE) > > > > > > > > - draft-ietf-mip4-mobike-connectivity-00 > > > > > > > > - draft-meghana-mip4-mobike-optimizations-00 > > > > > > > > > > > > > > > > So it's a stretch to say "don't do" MOBIKE and Mobile > > > > > IP together. > > > > > > > > > > > > > > > > Yaron > > > > > > > > > > > > > > > > -----Original Message----- > > > > > > > > From: Paul Hoffman [mailto:paul.hoffman@vpnc.org] > > > > > > > > Sent: Wednesday, March 29, 2006 5:49 > > > > > > > > To: mobike@machshav.com > > > > > > > > Subject: [Mobike] Preliminary minutes from the WG > > last week > > > > > > > > > > > > > > > > Please let me know if you have any changes. > > > > > > > > > > > > > > > > MOBIKE WG minutes > > > > > > > > IETF 65 > > > > > > > > > > > > > > > > [deleted] > > > > > > > > > > > > > > > > James Kempf - discussion in Mobile IP group - > what happens > > > > > > > if you try to > > > > > > > > use Mobile IP and MOBIKE together? Some people believe > > > > > the answer is > > > > > > > > "don't do that". May need an informational > draft (as a new > > > > > > > work item) to > > > > > > > > address that. > > > > > > > > > > > > > > > > [deleted] > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > > > > > Mobike mailing list > > > > > > > > Mobike@machshav.com > > > > > > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > > > > Mobike mailing list > > > > > > > Mobike@machshav.com > > > > > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > > > > > > > _______________________________________________ > > > > > > Mobike mailing list > > > > > > Mobike@machshav.com > > > > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > > > > > > > > > > > > > > > __________________________________________________ > > > > > Do You Yahoo!? > > > > > Tired of spam? Yahoo! Mail has the best spam > protection around > > > > > http://mail.yahoo.com > > > > > > > > > > > > > > > > > _______________________________________________ > > > > Mobike mailing list > > > > Mobike@machshav.com > > > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > > > > > > > > > > > > > > > > > _______________________________________________ > > Mobike mailing list > > Mobike@machshav.com > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > > _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Tue Apr 04 15:25:16 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FQr9Q-0000K5-7x for mobike-archive@lists.ietf.org; Tue, 04 Apr 2006 15:25:16 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FQr9O-0004oU-Sq for mobike-archive@lists.ietf.org; Tue, 04 Apr 2006 15:25:16 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 78713FB2B9; Tue, 4 Apr 2006 15:25:13 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from laposte.rennes.enst-bretagne.fr (laposte.rennes.enst-bretagne.fr [192.44.77.17]) by machshav.com (Postfix) with ESMTP id 14105FB2AE for ; Tue, 4 Apr 2006 15:25:10 -0400 (EDT) Received: from localhost (localhost.localdomain [127.0.0.1]) by laposte.rennes.enst-bretagne.fr (8.13.4/8.13.4/2004.10.03) with ESMTP id k34JP9cf002127; Tue, 4 Apr 2006 21:25:09 +0200 Received: from givry.rennes.enst-bretagne.fr (givry.rennes.enst-bretagne.fr [192.44.77.29]) by laposte.rennes.enst-bretagne.fr (8.13.4/8.13.4/2004.09.01) with ESMTP id k34JP4sQ002121; Tue, 4 Apr 2006 21:25:04 +0200 Received: from givry.rennes.enst-bretagne.fr (localhost.rennes.enst-bretagne.fr [127.0.0.1]) by givry.rennes.enst-bretagne.fr (8.13.1/8.13.1) with ESMTP id k34JP3IZ006692; Tue, 4 Apr 2006 21:25:03 +0200 (CEST) (envelope-from dupont@givry.rennes.enst-bretagne.fr) Message-Id: <200604041925.k34JP3IZ006692@givry.rennes.enst-bretagne.fr> From: Francis Dupont To: Paul Hoffman In-reply-to: Your message of Mon, 03 Apr 2006 17:46:07 -0800. Date: Tue, 04 Apr 2006 21:25:03 +0200 X-Virus-Scanned: amavisd-new at enst-bretagne.fr Cc: mobike@machshav.com Subject: Re: [Mobike] Proposal for revised charter X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: 798b2e660f1819ae38035ac1d8d5e3ab In your previous mail you wrote: So far, only one person on the list has spoken up in favor of revising the charter to include work for a transport-mode protocol. Is there interest from others? => I am in favor of applying *current* mechanisms to transport mode when it is possible, this includes updating transport mode SAs in some special cases but explicitely doesn't require to change the charter. Regards Francis.Dupont@point6.net PS: I'll try to update my old I-D about mobike & transport mode to include these special cases. If someone is interesting to participate just send a message to me. Of course as it won't specify new mechanism or protocol the goal is to publish it as an informational document. _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Fri Apr 07 11:54:26 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FRtI2-0007qi-Re for mobike-archive@lists.ietf.org; Fri, 07 Apr 2006 11:54:26 -0400 Received: from stsc1260-eth-s1-s1p1-vip.va.neustar.com ([156.154.16.129] helo=chiedprmail1.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FRtI2-0001Bk-QM for mobike-archive@lists.ietf.org; Fri, 07 Apr 2006 11:54:26 -0400 Received: from machshav.com ([147.28.0.16]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1FRtI0-0004lC-UE for mobike-archive@lists.ietf.org; Fri, 07 Apr 2006 11:54:26 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 31A29FB2C7; Fri, 7 Apr 2006 11:54:23 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from balder-227.proper.com (Balder-227.Proper.COM [192.245.12.227]) by machshav.com (Postfix) with ESMTP id 75086FB2B3 for ; Fri, 7 Apr 2006 11:54:21 -0400 (EDT) Received: from [10.20.30.249] (dsl2-63-249-108-169.cruzio.com [63.249.108.169]) (authenticated bits=0) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k37FsFR1068773; Fri, 7 Apr 2006 08:54:16 -0700 (MST) (envelope-from paul.hoffman@vpnc.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: <71AEE30A-12F9-4945-BD3E-13013DCD7CA3@nomadiclab.com> Date: Fri, 7 Apr 2006 08:54:14 -0700 To: From: Paul Hoffman Cc: Russ Housley Subject: Re: [Mobike] Proposal for revised charter X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: -1.8 (-) X-Scan-Signature: 856eb5f76e7a34990d1d457d8e8e5b7f There seems to be not enough interest in the WG to revise the charter: only two people spoke up. I assume that the people at the face-to-face meeting who wanted to see the charter revised wanted to see the work done, but didn't intend to help do it, which is understandable. Russ: please start the process to shut down the MOBIKE WG. I assume that Steve Bellovin, our mailing list host, will keep the list open indefinitely. If not, we can move it to VPNC. --Paul Hoffman, Director --VPN Consortium _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Mon Apr 10 09:04:40 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FSw4O-0001ht-3b for mobike-archive@lists.ietf.org; Mon, 10 Apr 2006 09:04:40 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FSw4L-0000WD-NU for mobike-archive@lists.ietf.org; Mon, 10 Apr 2006 09:04:40 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id E610DFB2A9; Mon, 10 Apr 2006 09:04:33 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from michael.checkpoint.com (michael.checkpoint.com [194.29.32.68]) by machshav.com (Postfix) with ESMTP id 4FC86FB2A7 for ; Mon, 10 Apr 2006 09:04:30 -0400 (EDT) Received: from ysheffer (localhost [127.0.0.1]) by michael.checkpoint.com (8.12.10+Sun/8.12.10) with ESMTP id k3AD4P4Q012316; Mon, 10 Apr 2006 16:04:26 +0300 (IDT) From: "Yaron Sheffer" To: "'Paul Hoffman'" , Date: Mon, 10 Apr 2006 16:04:29 +0300 Message-ID: <000601c65c9f$4d62bdb0$5d2e1dc2@ad.checkpoint.com> MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 11 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670 Thread-Index: AcZbpayKn55LuOUtTvqWpykutDYGRwA9jAYQ In-Reply-To: Cc: 'Russ Housley' Subject: Re: [Mobike] Proposal for revised charter X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: 82c9bddb247d9ba4471160a9a865a5f3 I realize that I'm a bit late, but still... I would like to propose two work items that I believe fall within MOBIKE's charter. 1. "Secure beacon": a secure way for a mobile client to determine whether it is inside or outside of the trusted network. In many cases, depending on network topology and local security policy, you might want to suspend IPsec once "inside the network". There are now similar solutions being discussed in the Mobile-IP+IPsec context, but a solution that's independent of Mobile IP would be preferable. 2. Short-term credentials assigned by one gateway, to allow a client to connect to another gateway without performing full EAP-based authentication (and entering a password). Although the need to connect to multiple IPsec gateways is not limited to the mobility case, it is amplified by mobility. For example, some of the gateways may not be accessible through different access methods, e.g. cellular/GPRS. I (and Check Point) obviously commit to work on these items if there is interest. Paul and Russ, I'd like to request a week to allow the group to support these proposals (or shoot them, anything is better than silence). Following that, we can reconsider group shut down. Thanks, Yaron -----Original Message----- From: Paul Hoffman [mailto:paul.hoffman@vpnc.org] Sent: Friday, April 7, 2006 18:54 To: mobike@machshav.com Cc: Russ Housley Subject: Re: [Mobike] Proposal for revised charter There seems to be not enough interest in the WG to revise the charter: only two people spoke up. I assume that the people at the face-to-face meeting who wanted to see the charter revised wanted to see the work done, but didn't intend to help do it, which is understandable. Russ: please start the process to shut down the MOBIKE WG. I assume that Steve Bellovin, our mailing list host, will keep the list open indefinitely. If not, we can move it to VPNC. --Paul Hoffman, Director --VPN Consortium _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Mon Apr 10 17:23:03 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FT3qh-0006pw-CL for mobike-archive@lists.ietf.org; Mon, 10 Apr 2006 17:23:03 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FT3qg-0004h1-0Q for mobike-archive@lists.ietf.org; Mon, 10 Apr 2006 17:23:03 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id A08F0FB2A6; Mon, 10 Apr 2006 17:23:00 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from mx.laposte.net (mx.laposte.net [81.255.54.11]) by machshav.com (Postfix) with ESMTP id 57451FB2A5 for ; Mon, 10 Apr 2006 17:22:58 -0400 (EDT) Received: from [10.48.4.185] (216.98.102.246) by mx.laposte.net (7.2.060.1) (authenticated as julien.laganier) id 442BB4E400CF077B; Mon, 10 Apr 2006 23:22:21 +0200 From: Julien Laganier To: mobike@machshav.com Date: Mon, 10 Apr 2006 23:22:13 +0200 User-Agent: KMail/1.8.2 References: <000601c65c9f$4d62bdb0$5d2e1dc2@ad.checkpoint.com> In-Reply-To: <000601c65c9f$4d62bdb0$5d2e1dc2@ad.checkpoint.com> MIME-Version: 1.0 Content-Disposition: inline Message-Id: <200604102322.14132.julien.IETF@laposte.net> Cc: 'Russ Housley' , 'Paul Hoffman' Subject: Re: [Mobike] Proposal for revised charter X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 1.1 (+) X-Scan-Signature: 41c17b4b16d1eedaa8395c26e9a251c4 Hi Yaron, I have few questions on your rechartering proposal. On Monday 10 April 2006 15:04, Yaron Sheffer wrote: > I realize that I'm a bit late, but still... > > I would like to propose two work items that I believe fall within > MOBIKE's charter. > 2. Short-term credentials assigned by one gateway, to allow a > client to connect to another gateway without performing full > EAP-based authentication (and entering a password). Although the > need to connect to multiple IPsec gateways is not limited to the > mobility case, it is amplified by mobility. For example, some of > the gateways may not be accessible through different access > methods, e.g. cellular/GPRS. What kind of short term credentials do you have in mind? Pre-shared key? Or certificates? Also, IIUC that would means that the keying material required to validate those credentials would need to be distributed amongst the multiple gateways. Would you like to include such a work item in MOBIKE charter? Finally, I guess the goal of your proposal is to reduce the delay of establishment of secure access upon inter-technology handover, right? Don't you think this goal could be achieved more simply via pre-authentication to the next gateway while still attached to the old gateway? Thanks. Best regards, --julien > -----Original Message----- > From: Paul Hoffman [mailto:paul.hoffman@vpnc.org] > Sent: Friday, April 7, 2006 18:54 > To: mobike@machshav.com > Cc: Russ Housley > Subject: Re: [Mobike] Proposal for revised charter > > There seems to be not enough interest in the WG to revise the > charter: only two people spoke up. I assume that the people at the > face-to-face meeting who wanted to see the charter revised wanted > to see the work done, but didn't intend to help do it, which is > understandable. > > > > Russ: please start the process to shut down the MOBIKE WG. I assume > that Steve Bellovin, our mailing list host, will keep the list open > indefinitely. If not, we can move it to VPNC. > > --Paul Hoffman, Director > --VPN Consortium > > > _______________________________________________ > Mobike mailing list > Mobike@machshav.com > https://www.machshav.com/mailman/listinfo.cgi/mobike _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Tue Apr 11 02:41:56 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FTCZY-000564-Am for mobike-archive@lists.ietf.org; Tue, 11 Apr 2006 02:41:56 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FTCZU-00034z-TG for mobike-archive@lists.ietf.org; Tue, 11 Apr 2006 02:41:56 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id AF977FB2AE; Tue, 11 Apr 2006 02:41:45 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from michael.checkpoint.com (michael.checkpoint.com [194.29.32.68]) by machshav.com (Postfix) with ESMTP id D995CFB2AB for ; Tue, 11 Apr 2006 02:41:42 -0400 (EDT) Received: from bono4.checkpoint.com (localhost [127.0.0.1]) by michael.checkpoint.com (8.12.10+Sun/8.12.10) with ESMTP id k3B6fd4Q025956; Tue, 11 Apr 2006 09:41:40 +0300 (IDT) From: "Ariel Shaqed (Scolnicov)" Organization: Check Point Software Technologies To: mobike@machshav.com Date: Tue, 11 Apr 2006 09:45:20 +0300 User-Agent: KMail/1.8.3 References: <000601c65c9f$4d62bdb0$5d2e1dc2@ad.checkpoint.com> <200604102322.14132.julien.IETF@laposte.net> In-Reply-To: <200604102322.14132.julien.IETF@laposte.net> X-Face: ?Ur+6jP$QHHf)!@{s&q-$_G>\C{[9.j_^uVm#*ZP&w8Q|?0; =c,GgmWA:=06lI.)&\"H)=?utf-8?q?0=0A=09D5oH=5Dk=3F?=@H%]T>)(!?5|f<9gn>r[V'+xo]PoI{V`Epv7^{V.`Ye1UVPuAy6c)=?utf-8?q?5lYQZa=5D=27t-=0A=09C?=@{R3M.zObhY0q_iE&D"biyvbBWg%G_WadS6k+,bA~B'?`Tft"j$'a8s; 1K!,=?utf-8?q?tuO=5F=5F2q7=23=0A=09GxoOc4?=>g4p^p!dN@LX\tM`:)]1]Y7OZ5eQ8$h MIME-Version: 1.0 Content-Disposition: inline Message-Id: <200604110945.23467@kmail-ckp> Cc: 'Russ Housley' , 'Paul Hoffman' Subject: Re: [Mobike] Proposal for revised charter X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: c3a18ef96977fc9bcc21a621cbf1174b On Tuesday 11 April 2006 00:22, Julien Laganier wrote: > Hi Yaron, > > I have few questions on your rechartering proposal. > > On Monday 10 April 2006 15:04, Yaron Sheffer wrote: > > I realize that I'm a bit late, but still... > > > > I would like to propose two work items that I believe fall within > > MOBIKE's charter. > > > > > 2. Short-term credentials assigned by one gateway, to allow a > > client to connect to another gateway without performing full > > EAP-based authentication (and entering a password). Although the > > need to connect to multiple IPsec gateways is not limited to the > > mobility case, it is amplified by mobility. For example, some of > > the gateways may not be accessible through different access > > methods, e.g. cellular/GPRS. > > What kind of short term credentials do you have in mind? Pre-shared > key? Or certificates? > > Also, IIUC that would means that the keying material required to > validate those credentials would need to be distributed amongst the > multiple gateways. Would you like to include such a work item in > MOBIKE charter? > > Finally, I guess the goal of your proposal is to reduce the delay of > establishment of secure access upon inter-technology handover, right? > Don't you think this goal could be achieved more simply via > pre-authentication to the next gateway while still attached to the > old gateway? Key exchange and authentication are distinct in remote access, even though they may occur in the same process. During roaming, you may need to exchange keys even if there is no need to re-authenticate. In many remote access scenarios, there is more to the handover than just delay. Some popular authentication technologies require user intervention to succeed. It would be desirable to provide an alternative to users having to re-enter credentials, e.g. from some token. Pre-authentication actually makes this worse, as the user's work is potentially wasted. > > Thanks. Best regards, > > --julien > > > -----Original Message----- > > From: Paul Hoffman [mailto:paul.hoffman@vpnc.org] > > Sent: Friday, April 7, 2006 18:54 > > To: mobike@machshav.com > > Cc: Russ Housley > > Subject: Re: [Mobike] Proposal for revised charter > > > > There seems to be not enough interest in the WG to revise the > > charter: only two people spoke up. I assume that the people at the > > face-to-face meeting who wanted to see the charter revised wanted > > to see the work done, but didn't intend to help do it, which is > > understandable. > > > > > > > > Russ: please start the process to shut down the MOBIKE WG. I assume > > that Steve Bellovin, our mailing list host, will keep the list open > > indefinitely. If not, we can move it to VPNC. > > > > --Paul Hoffman, Director > > --VPN Consortium > > > > > > _______________________________________________ > > Mobike mailing list > > Mobike@machshav.com > > https://www.machshav.com/mailman/listinfo.cgi/mobike > > _______________________________________________ > Mobike mailing list > Mobike@machshav.com > https://www.machshav.com/mailman/listinfo.cgi/mobike _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Wed Apr 12 14:36:37 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FTkCj-0007Dx-7t for mobike-archive@lists.ietf.org; Wed, 12 Apr 2006 14:36:37 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FTkCh-0008Jf-Si for mobike-archive@lists.ietf.org; Wed, 12 Apr 2006 14:36:37 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 26CCDFB2B7; Wed, 12 Apr 2006 14:36:34 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from trio.stoke.com (nat.stoke.com [209.78.40.100]) by machshav.com (Postfix) with ESMTP id 725FBFB2B6 for ; Wed, 12 Apr 2006 14:36:32 -0400 (EDT) Received: from us.stoke.com (minsk.us.stoke.com [172.16.4.20]) by trio.stoke.com (8.13.3/8.13.3) with ESMTP id k3CIaOVR093202 for ; Wed, 12 Apr 2006 11:36:24 -0700 (PDT) (envelope-from yafan@stoke.com) Content-class: urn:content-classes:message MIME-Version: 1.0 X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Date: Wed, 12 Apr 2006 11:36:24 -0700 Message-ID: <23EECEC9B06584478B1C9E38C253D35F573BDB@minsk.us.stoke.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [Mobike] Proposal for revised charter Thread-Index: AcZaW5LIh8g+qK1qQx2QNN1+DYzH2AEAhMFQ From: "Yafan An" To: "Paul Hoffman" , X-Virus-Scanned: ClamAV 0.88/1394/Wed Apr 12 06:45:54 2006 on trio.stoke.com X-Virus-Status: Clean Cc: Russ Housley Subject: Re: [Mobike] Proposal for revised charter X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: 3e15cc4fdc61d7bce84032741d11c8e5 Hello, I am not a regular reader of the MOBIKE list, and sorry I am late to make this proposal. But I bring it out anyway for your comments if interested. I think we should add more support in MOBIKE for allowing "simple redirect" from one server to another. Although the draft has stated clearly that load-balancing is not an objective, but simple redirect has much more uses than load-balancing, such as redirecting a client from the old server to a new one after moving to a new location. The value of this is that it enables redirection problem to be solved at the IKE level, in stead of having to resort to application level, which takes more roundtrips. I believe such enhancement can be achieved by defining new instruction parameters in the place of ADDITIONAL_IP?_ADDRESS, and complete the description of additional handlings. If this charter change is approved, I can spare some time to draft the changes for your review. Yafan An -----Original Message----- From: mobike-bounces@machshav.com [mailto:mobike-bounces@machshav.com] On Behalf Of Paul Hoffman Sent: Friday, April 07, 2006 8:54 AM To: mobike@machshav.com Cc: Russ Housley Subject: Re: [Mobike] Proposal for revised charter There seems to be not enough interest in the WG to revise the charter: only two people spoke up. I assume that the people at the face-to-face meeting who wanted to see the charter revised wanted to see the work done, but didn't intend to help do it, which is understandable. Russ: please start the process to shut down the MOBIKE WG. I assume that Steve Bellovin, our mailing list host, will keep the list open indefinitely. If not, we can move it to VPNC. --Paul Hoffman, Director --VPN Consortium _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Wed Apr 12 15:26:45 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FTkzF-0004UC-JX for mobike-archive@lists.ietf.org; Wed, 12 Apr 2006 15:26:45 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FTkzE-0001iF-7k for mobike-archive@lists.ietf.org; Wed, 12 Apr 2006 15:26:45 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 550D5FB2B7; Wed, 12 Apr 2006 15:26:43 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from mail.kivinen.iki.fi (fireball.acr.fi [83.145.195.1]) by machshav.com (Postfix) with ESMTP id AC5B4FB2B6 for ; Wed, 12 Apr 2006 15:26:41 -0400 (EDT) Received: from fireball.kivinen.iki.fi (localhost [IPv6:::1]) by mail.kivinen.iki.fi (8.13.5.20060308/8.12.10) with ESMTP id k3CJQQDV006103 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 12 Apr 2006 22:26:31 +0300 (EEST) Received: (from kivinen@localhost) by fireball.kivinen.iki.fi (8.13.5.20060308/8.12.11) id k3CJQP4d005550; Wed, 12 Apr 2006 22:26:25 +0300 (EEST) X-Authentication-Warning: fireball.kivinen.iki.fi: kivinen set sender to kivinen@iki.fi using -f MIME-Version: 1.0 Message-ID: <17469.21601.219399.872888@fireball.kivinen.iki.fi> Date: Wed, 12 Apr 2006 22:26:25 +0300 From: Tero Kivinen To: "Yafan An" In-Reply-To: <23EECEC9B06584478B1C9E38C253D35F573BDB@minsk.us.stoke.com> References: <23EECEC9B06584478B1C9E38C253D35F573BDB@minsk.us.stoke.com> X-Mailer: VM 7.19 under Emacs 21.4.1 X-Edit-Time: 9 min X-Total-Time: 9 min Cc: Russ Housley , mobike@machshav.com, Paul Hoffman Subject: Re: [Mobike] Proposal for revised charter X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.1 (/) X-Scan-Signature: c1c65599517f9ac32519d043c37c5336 Yafan An writes: > I am not a regular reader of the MOBIKE list, and sorry I am late to > make this proposal. But I bring it out anyway for your comments if > interested. > > I think we should add more support in MOBIKE for allowing "simple > redirect" from one server to another. Although the draft has stated > clearly that load-balancing is not an objective, but simple redirect has > much more uses than load-balancing, such as redirecting a client from > the old server to a new one after moving to a new location. The value of > this is that it enables redirection problem to be solved at the IKE > level, in stead of having to resort to application level, which takes > more roundtrips. > > I believe such enhancement can be achieved by defining new instruction > parameters in the place of ADDITIONAL_IP?_ADDRESS, and complete the > description of additional handlings. Such operation can already be done with the current protocol, but it is bit slow in case of NATs. I.e. the server will announce the new address in the N(ADDITIONAL_IP*_ADDRESS) notify of the initial exchange, and immediately after that it updates the list of additional addresses and removes the old address from the list. As the address used for that notification is included to the list implicitly then it needs to send that notify from the some other address than the old address it wants to get rid of. This means that if the initiator is behind restricted nat it cannot receive those messages as they arrive to the address it is not using. In case of the NAT the responder needs to wait for the initiator to start any IKE message to it, and not to reply to the old address, only to the new address (i.e drop all requests coming to old address, and wait for the initiator to switch to new address). This way the initiator will update the SAs to new address, and after that responder can send new notify and remove the old address from the address list. So this can already be done with the current protocol even if the other end does not know anything about this feature. There could be optimizations done to the protocol if we modify the protocol, but as the protocol is already in the rfc editor queue, we are not going to do it now. -- kivinen@safenet-inc.com _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Wed Apr 12 16:19:01 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FTlnp-0000Zq-Uq for mobike-archive@lists.ietf.org; Wed, 12 Apr 2006 16:19:01 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FTlno-0006GA-IQ for mobike-archive@lists.ietf.org; Wed, 12 Apr 2006 16:19:01 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 0E4F6FB2BB; Wed, 12 Apr 2006 16:18:59 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from trio.stoke.com (nat.stoke.com [209.78.40.100]) by machshav.com (Postfix) with ESMTP id 713E4FB2A7 for ; Wed, 12 Apr 2006 16:18:57 -0400 (EDT) Received: from us.stoke.com (minsk.us.stoke.com [172.16.4.20]) by trio.stoke.com (8.13.3/8.13.3) with ESMTP id k3CKIrmK095793 for ; Wed, 12 Apr 2006 13:18:53 -0700 (PDT) (envelope-from yafan@stoke.com) Content-class: urn:content-classes:message MIME-Version: 1.0 X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Date: Wed, 12 Apr 2006 13:18:52 -0700 Message-ID: <23EECEC9B06584478B1C9E38C253D35F573BFE@minsk.us.stoke.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [Mobike] Proposal for revised charter Thread-Index: AcZeZwr4vJbShaXJQ92rGqmScevmUwAAlOaA From: "Yafan An" To: "Tero Kivinen" X-Virus-Scanned: ClamAV 0.88/1395/Wed Apr 12 11:44:32 2006 on trio.stoke.com X-Virus-Status: Clean Cc: Russ Housley , mobike@machshav.com, Paul Hoffman Subject: Re: [Mobike] Proposal for revised charter X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: 41c17b4b16d1eedaa8395c26e9a251c4 Thanks for your detailed reply. Since it is already in RFC queue, maybe it is more appropriate to address this as a minor update later. Yes, NAT is a key reason for this need of optimization. As for the solution, allowing the responder (not the initiator) to notify NEW (instead of additional) addresses, using the old ip address-pair would solve the nat-t issue. (Of course there are additional handlings, such as cleanup and error cases.) Yafan -----Original Message----- From: Tero Kivinen [mailto:kivinen@iki.fi] Sent: Wednesday, April 12, 2006 12:26 PM To: Yafan An Cc: Paul Hoffman; mobike@machshav.com; Russ Housley Subject: Re: [Mobike] Proposal for revised charter Yafan An writes: > I am not a regular reader of the MOBIKE list, and sorry I am late to > make this proposal. But I bring it out anyway for your comments if > interested. > > I think we should add more support in MOBIKE for allowing "simple > redirect" from one server to another. Although the draft has stated > clearly that load-balancing is not an objective, but simple redirect has > much more uses than load-balancing, such as redirecting a client from > the old server to a new one after moving to a new location. The value of > this is that it enables redirection problem to be solved at the IKE > level, in stead of having to resort to application level, which takes > more roundtrips. > > I believe such enhancement can be achieved by defining new instruction > parameters in the place of ADDITIONAL_IP?_ADDRESS, and complete the > description of additional handlings. Such operation can already be done with the current protocol, but it is bit slow in case of NATs. I.e. the server will announce the new address in the N(ADDITIONAL_IP*_ADDRESS) notify of the initial exchange, and immediately after that it updates the list of additional addresses and removes the old address from the list. As the address used for that notification is included to the list implicitly then it needs to send that notify from the some other address than the old address it wants to get rid of. This means that if the initiator is behind restricted nat it cannot receive those messages as they arrive to the address it is not using. In case of the NAT the responder needs to wait for the initiator to start any IKE message to it, and not to reply to the old address, only to the new address (i.e drop all requests coming to old address, and wait for the initiator to switch to new address). This way the initiator will update the SAs to new address, and after that responder can send new notify and remove the old address from the address list. So this can already be done with the current protocol even if the other end does not know anything about this feature. There could be optimizations done to the protocol if we modify the protocol, but as the protocol is already in the rfc editor queue, we are not going to do it now. -- kivinen@safenet-inc.com _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Mon Apr 17 16:53:29 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FVaiv-0007iK-Gh for mobike-archive@lists.ietf.org; Mon, 17 Apr 2006 16:53:29 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FVaiu-0004et-5s for mobike-archive@lists.ietf.org; Mon, 17 Apr 2006 16:53:29 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 06689FB2DC; Mon, 17 Apr 2006 16:53:27 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from balder-227.proper.com (Balder-227.Proper.COM [192.245.12.227]) by machshav.com (Postfix) with ESMTP id A221CFB2D9 for ; Mon, 17 Apr 2006 16:53:24 -0400 (EDT) Received: from [10.20.30.249] (dsl2-63-249-108-169.cruzio.com [63.249.108.169]) (authenticated bits=0) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k3HKrFr0041637; Mon, 17 Apr 2006 13:53:15 -0700 (MST) (envelope-from paul.hoffman@vpnc.org) Mime-Version: 1.0 Message-Id: In-Reply-To: References: <71AEE30A-12F9-4945-BD3E-13013DCD7CA3@nomadiclab.com> Date: Mon, 17 Apr 2006 13:53:13 -0700 To: Russ Housley From: Paul Hoffman Cc: mobike@machshav.com Subject: Re: [Mobike] Proposal for revised charter X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: 7bac9cb154eb5790ae3b2913587a40de After more discussion last week, there still seems to be very little interest in rechartering the MOBIKE Working Group. However, it looks like you should expect some individual submissions over time. --Paul Hoffman, Director --VPN Consortium _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Tue Apr 18 06:28:18 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FVnRS-0004xX-EU for mobike-archive@lists.ietf.org; Tue, 18 Apr 2006 06:28:18 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FVnRR-0005TL-27 for mobike-archive@lists.ietf.org; Tue, 18 Apr 2006 06:28:18 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id D99D3FB298; Tue, 18 Apr 2006 06:28:15 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from p130.piuha.net (p130.piuha.net [193.234.218.130]) by machshav.com (Postfix) with ESMTP id BDDC3FB28E for ; Tue, 18 Apr 2006 06:28:13 -0400 (EDT) Received: from p130.piuha.net (localhost [127.0.0.1]) by p130.piuha.net (Postfix) with ESMTP id 14054898BC; Tue, 18 Apr 2006 13:28:09 +0300 (EEST) Received: from [127.0.0.1] (p130.piuha.net [193.234.218.130]) by p130.piuha.net (Postfix) with ESMTP id C306C898BA; Tue, 18 Apr 2006 13:28:08 +0300 (EEST) Message-ID: <4444BF38.6010507@piuha.net> Date: Tue, 18 Apr 2006 13:28:08 +0300 From: Jari Arkko User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051013) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Yaron Sheffer References: <000601c65c9f$4d62bdb0$5d2e1dc2@ad.checkpoint.com> In-Reply-To: <000601c65c9f$4d62bdb0$5d2e1dc2@ad.checkpoint.com> X-Virus-Scanned: ClamAV using ClamSMTP Cc: 'Russ Housley' , mobike@machshav.com, 'Paul Hoffman' Subject: Re: [Mobike] Proposal for revised charter X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.0 (/) X-Scan-Signature: 0bc60ec82efc80c84b8d02f4b0e4de22 Yaron Sheffer wrote: >2. Short-term credentials assigned by one gateway, to allow a client to >connect to another gateway without performing full EAP-based authentication >(and entering a password). Although the need to connect to multiple IPsec >gateways is not limited to the mobility case, it is amplified by mobility. >For example, some of the gateways may not be accessible through different >access methods, e.g. cellular/GPRS. > > MOBIKE was designed to handle the case where communication is between the same peers, but the peers' addresses change. When one of the peers change the problem becomes somewhat different. In IETF-65 there was a BoF, HOKEY, on handover keying, mainly focused on EAP-based access authentication. If you have needs for efficient handover from one SGW to another, it might be useful to work on your problem in the HOKEY space to ensure that IKEv2 EAP mode is one of the "accesses" where efficient handover works. --Jari _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike From mobike-bounces@machshav.com Fri Apr 21 16:00:18 2006 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FX1ne-0001Zs-Di for mobike-archive@lists.ietf.org; Fri, 21 Apr 2006 16:00:18 -0400 Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FX1nb-0003G7-29 for mobike-archive@lists.ietf.org; Fri, 21 Apr 2006 16:00:18 -0400 Received: from machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 9E808FB2D8; Fri, 21 Apr 2006 16:00:13 -0400 (EDT) X-Original-To: mobike@machshav.com Delivered-To: mobike@machshav.com Received: from cypress.neustar.com (cypress.neustar.com [209.173.57.84]) by machshav.com (Postfix) with ESMTP id 2C07FFB2B4 for ; Fri, 21 Apr 2006 16:00:12 -0400 (EDT) Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by cypress.neustar.com (8.12.8/8.12.8) with ESMTP id k3LK010e015640 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 21 Apr 2006 20:00:01 GMT Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1FX1nN-0007yQ-Gf; Fri, 21 Apr 2006 16:00:01 -0400 Mime-Version: 1.0 To: ietf-announce@ietf.org From: IESG Secretary Message-Id: Date: Fri, 21 Apr 2006 16:00:01 -0400 Cc: mobike@machshav.com, Paul Hoffman Subject: [Mobike] WG Action: Conclusion of IKEv2 Mobility and Multihoming WG (mobike) X-BeenThere: mobike@machshav.com X-Mailman-Version: 2.1.7 Precedence: list List-Id: Mobile/Multihoming IKEv2 IETF list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: mobike-bounces@machshav.com Errors-To: mobike-bounces@machshav.com X-Spam-Score: 0.1 (/) X-Scan-Signature: d6b246023072368de71562c0ab503126 The IKEv2 Mobility and Multihoming WG (mobike) in the Security Area has concluded. The IESG contact persons are Russ Housley and Sam Hartman. +++ After much discussion, the MOBIKE Working Group has decided not to develop a header reduction strategy or a PFKEY Extension for Address Updates document Having competed the other charter items, the MOBIKE Working Group is closing. All of the documents generated by the MOBIKE Working Group have been turned over to the IESG for evaluation and publication. The MOBIKE Working Group mailing list will remain active. _______________________________________________ Mobike mailing list Mobike@machshav.com https://www.machshav.com/mailman/listinfo.cgi/mobike